How far have we come? The evolution of securing identities
(Tuesday April 13, 2021)
Announcing Malwatch, A new *nix web hosting malware scanning system created at Pagely.
(Tuesday April 13, 2021)
Malware is the bane of most site owners' online journey. New threats emerge daily and a successful attack can bring your operation down by defacement, tanking your SEO, or harvesting your private data. Pagely has created a new malware file scanning tool under our PressARMOR™ security framework that is not…
A helpful reminder about just how much Facebook stalks you on the internet
(Tuesday April 13, 2021)
Detecting the "Next" SolarWinds-Style Cyber Attack
(Tuesday April 13, 2021)
April 2021 Update Tuesday packages now available
(Tuesday April 13, 2021)
Synopsys Study reveals increase in Vulnerable, Outdated, and Abandoned Open Source Components in Commercial Software
(Tuesday April 13, 2021)
Synopsys, Inc. has released its 2021 Open Source Security and
Risk Analysis (OSSRA) report, which examines the result of more than
1,500 audits of commercial codebases. Produced by the Synopsys
Cybersecurity Research Center (CyRC) and performed by the Black
Duck® Audit Services team, the report highlights trends in open
source usage within commercial applications, while simultaneously
providing insights to help commercial and open source developers
better understand the interconnected software ecosystem they are
part of. It...
5 Objectives for Establishing an API-First Security Strategy
(Tuesday April 13, 2021)
With APIs predicted to be the most common attack vector by 2022, an
API-first security strategy is critical now more than ever.
Promising news: users are becoming more savvy to COVID-19 based phishing attacks finds KnowBe4
(Tuesday April 13, 2021)
IoT bug report claims “at least 100M devices” may be impacted
(Tuesday April 13, 2021)
Adobe Patches Slew of Critical Security Bugs in Bridge, Photoshop
(Tuesday April 13, 2021)
Tim Mackie takes lead channel role for Armis
(Tuesday April 13, 2021)
Secure unmanaged devices with Microsoft Defender for Endpoint now
(Tuesday April 13, 2021)
BrandPost: Healthcare Organizations: Moving to High Alert for Ransomware
(Tuesday April 13, 2021)
Red Hat Security Advisory 2021-1171-01
(Tuesday April 13, 2021)
Blitar Tourism 1.0 SQL Injection
(Tuesday April 13, 2021)
Chrome V8 JavaScript Engine Remote Code Execution
(Tuesday April 13, 2021)
Red Hat Security Advisory 2021-1173-01
(Tuesday April 13, 2021)
Red Hat Security Advisory 2021-1173-01 - This is a kernel live patch
module which is automatically loaded by the RPM post-install script to
modify the code of a running kernel. Issues addressed include buffer
overflow and out of bounds read vulnerabilities.
ExpressVPN VPN Router 1.0 Integer Overflow
(Tuesday April 13, 2021)
ExpressVPN VPN Router version 1.0 suffers from an integer overflow
vulnerability.
Red Hat Security Advisory 2021-1168-01
(Tuesday April 13, 2021)
Hiding malicious processes in containers exploiting ld.so.preload - How does it works - How to prevent - How to detect with Falco
(Tuesday April 13, 2021)
Simple Student Information System 1.0 SQL Injection
(Tuesday April 13, 2021)
Native Church Website 1.0 Shell Upload
(Tuesday April 13, 2021)
Native Church Website version 1.0 suffers from a remote shell upload
vulnerability.
BrandPost: Why Choose Open XDR? It's the Integration
(Tuesday April 13, 2021)
There are almost as many flavors of detection and response tools as
there are flavors at the local ice cream shop – OK, perhaps that’s
a slight exaggeration, but there are definitely a confusing number of
options these days. NDR (network detection and response), EDR
(endpoint detection and response), XDR (eXtended detection and
response), and even Open XDR – they’re all variations on a theme
of protecting endpoints, since they’re the first line of network
defense.
Which option to pick? As a ReliaQuest customer recently related to us
with a smile on his face, cybersecurity vendors...
Cisco + The NFL = The Connected League
(Tuesday April 13, 2021)
Cisco has been named an Official Technology Partner of the NFL.
Together, Cisco and the NFL are committed to creating a new chapter in
the sports and entertainment industry by developing the first ever
Connected League – where a unified, intent-based networking
architecture will connect all 30 venues. This network will allow the
league to support all facets of gameday operations, but also deliver
new experiences to teams and fans alike.
Clear & Present Danger: Data Hoarding Undermines Better Security
(Tuesday April 13, 2021)
Chrome Zero-Day Exploit Posted on Twitter
(Tuesday April 13, 2021)
New NAME:WRECK Vulnerabilities Impact Nearly 100 Million IoT Devices
(Tuesday April 13, 2021)
Bad Bot Report 2021: The Pandemic of the Internet
(Tuesday April 13, 2021)
The 8th Annual Bad Bot Report is now available from Imperva. Created
using data from Imperva’s Threat Research Lab, it provides a
comprehensive look at the bad bot landscape and the impact that this
malicious traffic has across multiple industries. Bad bot traffic
amounted to 25.6 percent of all website traffic in 2020. This means
[…]
The post Bad Bot Report 2021: The Pandemic of the Internet
[https://www.imperva.com/blog/bad-bot-report-2021-the-pandemic-of-the-internet/]
appeared first on Blog [https://www.imperva.com/blog].
Hackers Using Website's Contact Forms to Deliver IcedID Malware
(Tuesday April 13, 2021)
Cisco RV34X Series - Authentication Bypass and Remote Command Execution
(Tuesday April 13, 2021)
DOJ Charges Texas Resident for Allegedly Planning to ‘Kill About 70% of The Internet”
(Tuesday April 13, 2021)
Last Thursday, a Wichita Falls resident was arrested for allegedly
attempting to bomb an AWS data center in Virginia. According to the US
Department of Justice (DOJ), 28-year Seth Aaron Pendley was detained
after a concerned citizen alerted authorities to disturbing statements
posted on the MyMilitia.com forum. On March 31, with the help of a
[…]6 tips for receiving and responding to third-party security disclosures
(Tuesday April 13, 2021)
7 new social engineering tactics threat actors are using now
(Tuesday April 13, 2021)
It’s been a boom time for . Pandemic panic, desperation as income
concerns grew, and worry over health and wellness made it easier for
criminals to tap into fear.
Social engineering, of course, means attacking the user rather than
the computing system itself, trying to extract information or incite
an action that will lead to compromise. It's as old as lying, with a
new name for the computing age—and that's a perfect metaphor for how
social engineering tactics evolve.
[ Learn . ]
BRATA Malware Poses as Android Security Scanners on Google Play Store
(Tuesday April 13, 2021)
RCE Exploit Released for Unpatched Chrome, Opera, and Brave Browsers
(Tuesday April 13, 2021)
Hackers Tampered With APKPure Store to Distribute Malware Apps
(Tuesday April 13, 2021)
Windows, Ubuntu, Zoom, Safari, MS Exchange Hacked at Pwn2Own 2021
(Tuesday April 13, 2021)
Hackers Exploit Unpatched VPNs to Install Ransomware on Industrial Targets
(Tuesday April 13, 2021)
Data Breaches, Class Actions and Ambulance Chasing
(Tuesday April 13, 2021)
. Their message began as follows:
> I am currently in the process of claiming compensation for a severe
> data breach
Pokies shut down by hacker ransomware attack
(Tuesday April 13, 2021)
Remove the write access barrier to allow for more low privilege exploitation of search order/binplants/etc...
(Monday April 12, 2021)
Valve Steam through 2021-04-10, when a Source engine game is installed, allows remote authenticated users to execute arbitrary code because of a buffer overflow that occurs for a Steam invite after one click.
(Monday April 12, 2021)
[NVD Logo]
__CVE-2021-30481 DETAIL
UNDERGOING ANALYSIS
This vulnerability is currently undergoing analysis and not all
information is available. Please check back soon to view the completed
vulnerability summary.
DESCRIPTION
Valve Steam through 2021-04-10, when a Source engine game is
installed, allows remote authenticated users to execute arbitrary code
because of a buffer overflow that occurs for a Steam invite after one
click.
SEVERITY
CVSS Version 3.x CVSS Version...
ParkMobile Breach Exposes License Plate Data, Mobile Numbers of 21M Users
(Monday April 12, 2021)
Biden Nominates Former NSA Officials for Top Cybersecurity Roles
(Monday April 12, 2021)
President Biden has nominated Jen Easterly as the new director of CISA
and is expected to nominate Chris Inglis as the first national cyber
director.
1.3M Clubhouse Users’ Data Dumped in Hacker Forum for Free
(Monday April 12, 2021)
Microsoft Warns of Malware Delivery via Google URLs
(Monday April 12, 2021)
Man Arrested for AWS Bomb Plot
(Monday April 12, 2021)
Federal Reserve Chairman Says Cyber-Risk a Top Threat to National Economy
(Monday April 12, 2021)
Jerome Powell tells 60 Minutes that cyberattacks have the potential to
do major damage to US financial system.
Apple and Google block official UK COVID-19 app update
(Monday April 12, 2021)
Zero Trust: The Mobile Dimension
(Monday April 12, 2021)
Hank Schless, senior security solutions manager at Lookout, discusses
how to secure remote working via mobile devices.
IcedID Circulates Via Web Forms, Google URLs
(Monday April 12, 2021)
Attackers are filling out and submitting web-based "contact us" forms,
thus evading email spam filters.
Upstox warns of serious data breach, resets passwords
(Monday April 12, 2021)
Security Researchers Find Critical Zero-Day Exploit in Zoom Messenger
(Monday April 12, 2021)
[SERT Points Russia as Leader in Exploit Kit Development]A couple of
security researchers have identified a critical, zero-day
vulnerability in Zoom that allowed them to take control of the remote
devices without user interaction. Taking over a remote device, via
network, with any input from the victim usually means that it’s a
critical vulnerability. Since researchers just demonstrated the
exploit chain, no information […]Falco 0.28.0
(Monday April 12, 2021)
Sysdig Falco is a behavioral activity monitoring agent that is open
source and comes with native support for containers. Falco lets you
define highly granular rules to check for activities involving file
and network activity, process execution, IPC, and much more, using a
flexible syntax. Falco will notify you when these rules are violated.
You can think about falco as a mix between snort, ossec and strace.
Ubuntu Security Notice USN-4899-2
(Monday April 12, 2021)
Ubuntu Security Notice 4899-2 - USN-4899-1 fixed a vulnerability in
SpamAssassin. This update provides the corresponding update for Ubuntu
14.04 ESM. Damian Lukowski discovered that SpamAssassin incorrectly
handled certain CF files. If a user or automated system were tricked
into using a specially- crafted CF file, a remote attacker could
possibly run arbitrary code. Various other issues were also addressed.
ZeroNights 2021 Call For Papers
(Monday April 12, 2021)
The ZeroNights 2021 Call For Papers has been announced. It will be
held in Saint-Petersburg, Russia on June 30th, 2021.
vsftpd 2.3.4 Backdoor Command Execution
(Monday April 12, 2021)
Stuxnet Sibling Theory Surges After Iran Says Nuke Facility Shut Down By Electrical Fault
(Monday April 12, 2021)
Indian Brokerage Firm Upstox Suffers Data Breach Leaking 2.5 Millions Users' Data
(Monday April 12, 2021)
Microsoft Uses Machine Learning to Predict Attackers' Next Steps
(Monday April 12, 2021)
ELECTRIC CHROME: Exploiting CVE-2020-6418 on Tesla Model 3
(Monday April 12, 2021)
Tweet Chat: The Social Dilemma
(Monday April 12, 2021)
Released in 2020, the documentary-drama, ‘The Social Dilemma’,
offers a thought-provoking and alarming depiction of our reality
today. The film exposes the ruthless nature of tech giants seeking to
reinforce marketing algorithms for monetary gain and the consequences
that have emerged as a result; from eliciting mental health issues and
nurturing addictions to promoting the […]
The post Tweet Chat: The Social Dilemma
[https://www.itsecurityguru.org/2021/04/12/tweet-chat-the-social-dilemma/]
appeared first on IT Security Guru [https://www.itsecurityguru.org].
New Malware Downloader Spotted in Targeted Campaigns
(Monday April 12, 2021)
Saint Bot is being used to drop stealers on compromised systems but
could be used to deliver any malware.
MIPS-Reverse - Generate automatically MIPS reverse shell shellcodes (custom IP, port and shell)
(Monday April 12, 2021)
Generate MIPS reverse shell shellcodes easily ! Contribute to Rog3rSm1th/MIPS-Reverse development by creating an account on GitHub.
At last – Thinking outside the SCIF
(Monday April 12, 2021)
Q1/21 a symposium was hosted in the US under the title ‘Thinking
Outside the SCIF’ (Sensitive Compartmented Information Facility) to
put forward the case for the utilisation of OSINT (Open Source) within
the US Military and Intelligence Communities. John McLaughlin (CIA)
kicked off day one by correctly pointing out that there was nothing
new about […]
The post At last – Thinking outside the SCIF
[https://www.itsecurityguru.org/2021/04/12/at-last-thinking-outside-the-scif/]
appeared first on IT Security Guru [https://www.itsecurityguru.org].
Wake Up and Smell the JavaScript
(Monday April 12, 2021)
The SolarWinds attack showed the true meaning of a supply chain
breach. And it's the canary in the coal mine for sensitive data on the
Web.
Microsofts new cyberattack simulator can help test your defences
(Monday April 12, 2021)
Nation-state attackers are increasingly targeting businesses
(Monday April 12, 2021)
A new report by criminologists at the University of Surrey and
cybersecurity researchers at HP has found that nation-state attacks
have risen considerably in the last three years. The report also
revealed that both enterprises and businesses are amongst the most
targetted organisations by nation-state attackers. The research
analyses nation-state attacks taking place between 2017 […]
The post Nation-state attackers are increasingly targeting businesses
[https://www.itsecurityguru.org/2021/04/12/nation-state-attackers-are-increasingly-targeting-businesses/]
appeared first on IT Security...
Israel allegedly takes responsibility for Iran cyberattack
(Monday April 12, 2021)
Iran’s main nuclear facility suffered a cyberattack on Sunday,
leading to a large scale blackout at Natanz, which Israel now appears
to be taking responsibility for. Tehran’s nuclear energy chief
described the attack as an act of terrorism, and demands a response
against the perpetrators. The incident occurred shortly after the
official restarted spinning advanced […]
The post Israel allegedly takes responsibility for Iran cyberattack
[https://www.itsecurityguru.org/2021/04/12/israel-allegedly-takes-responsibility-for-iran-cyberattack/]
appeared first on IT Security Guru...
Omdia Research Spotlight: XDR
(Monday April 12, 2021)
Few emerging cybersecurity market segments are garnering more
attention than XDR. Here, Omdia highlights its recent research on XDR.
It’s Never Too Late To Teach Your Kids About Good Digital Practices
(Monday April 12, 2021)
Online habits have changed dramatically over the past year, and adults
are not the only ones spending more time online. Since the pandemic
hit, limits on screen time for kids were tossed out as they turned to
online platforms for school classes, activities, games and
entertainment. This increased digital time helped spawn new cyber
threats […]What Does It Take To Be a Cybersecurity Researcher?
(Monday April 12, 2021)
Apple and Google block NHS Covid-19 App update
(Monday April 12, 2021)
Naked Security Live – How to spot “government” scammers
(Monday April 12, 2021)
Latest episode - watch now, and please share with your friends and
family!
5 perspectives on modern data analytics
(Monday April 12, 2021)
You can't navigate business challenges without the right instruments.
Done right, analytics initiatives deliver the essential insights you
need, as these five articles explore.
How data poisoning attacks corrupt machine learning models
(Monday April 12, 2021)
Zero days explained: How unknown vulnerabilities become gateways for attackers
(Monday April 12, 2021)
The Risks and Dangers of Amplified Routing Loops by Andree Toonk
(Monday April 12, 2021)
In this article will take a closer look at network loops and how they
can be abused as part of DDoS attacks.
Andree Toonk [/../author/andree/index.html]
13 Apr 2021 • 7 min read Share:
[The Risks and Dangers of Amplified Routing Loops.]
_THIS BLOG IS ALSO A CALL TO ACTION FOR ALL NETWORK ENGINEERS TO CLEAN
UP THOSE LINGERING NETWORK LOOPS AS THEY AREN’T JUST BAD HYGIENE BUT
A SIGNIFICANT OPERATIONAL DDOS RISK._
NETWORK LOOPS
All network engineers are familiar with network...
Alert — There's A New Malware Out There Snatching Users' Passwords
(Monday April 12, 2021)
PoW Shield planned features are now completed(v1.3.2), consisting of PoW spam/DDoS filter, IP & sessioin blacklisting/ratelimiting and WAF integration. The application is dockerized for rapid and lightweight(45MB) deployment.
(Monday April 12, 2021)
Project dedicated to fight DDoS and spam with proof of work, featuring an additional WAF. Docker images available for rapid and lightweight deployment. - RuiSiang/PoW-Shield
How to Exploit Google Photos’ Algorithm for People Tracking and Exploring
(Sunday April 11, 2021)
DivideAndScan – Organize your port scanning routine fast and efficiently
(Sunday April 11, 2021)
Divide full port scan results and use it for targeted Nmap runs - snovvcrash/DivideAndScan
Working Around the Inherent Slowness of Debugger Conditional Breakpoints
(Sunday April 11, 2021)
Extracting VOIP Calls from network traffic - BruteShark (v1.2.1) is now capable of extracting Voip Calls among credentials, hashes, DNS and files and more. P.S: I would love for people to join the project!
(Sunday April 11, 2021)
Network Analysis Tool. Contribute to odedshimon/BruteShark development by creating an account on GitHub.
Exploiting Windows RPC to bypass CFG mitigation: analysis of CVE-2021-26411 in-the-wild sample
(Sunday April 11, 2021)
Looney Tunes: Exposing the Lack of DRM Protection in Indian Music Streaming Services
(Sunday April 11, 2021)
arXivLabs is a framework that allows collaborators to develop and
share new arXiv features directly on our website.
Both individuals and organizations that work with arXivLabs have
embraced and accepted our values of openness, community, excellence,
and user data privacy. arXiv is committed to these values and only
works with partners that adhere to them.
Have an idea for a project that will add value for arXiv's community?
Which authors of this paper are...
New CVE: Memory corruption vulnerability in QNAP QTS’s Surveillance Station plugin leads to a pre-auth RCE
(Sunday April 11, 2021)
GodSpeed - an intuitive manager for multiple reverse shells, written in Golang
(Saturday April 10, 2021)
Fast and intuitive manager for multiple reverse shells - redcode-labs/GodSpeed
Rainbow Tables (probably) aren’t what you think - An explanation of how rainbow tables differ from lookup tables
(Saturday April 10, 2021)
Weekly Update 238
(Saturday April 10, 2021)
Unofficial Android App Store APKPure Infected With Malware
(Friday April 09, 2021)
