] The Mad Hacker [

online
mad hacker

Collecting all the news about Cybersecurity, computer security, cracking, hacking, infosec, netsec, & security vunerabilities in one convenient place

Whitehat, greyhat, blackhat, tinker, tailor, solider, spy
We trawl the web so you don't have to
Since 2000

the mad hacker overlay

Data Privacy Day 2021: Pandemic Response Data Must Align with Data Privacy Rules

(Thursday January 28, 2021)
Amid a pandemic, Data Privacy Day this year brings forth expanded responsibilities for organizations in the response to COVID-19.

Intercept SSM Agent Communications

(Thursday January 28, 2021)
Research on post-exploitation techniques against SSM Agent abusing send-command and start-session.

No, Java is not a Secure Programming Language

(Thursday January 28, 2021)
If you ask Google, you will be brought to a fantasy land of fairies, unicorns, and Java being the quintessential example of a secure programming language. Whoever are writing these web pages clearly do not live in the same world as me -- an Application Security Specialist (there is no acronym for that title, BTW)…

Smashing Security podcast #212: Dutch leaks, Peeping Toms, and researchers under fire

(Thursday January 28, 2021)
Google warns security researchers that North Korean hackers are pretending to be their buddies, sensitive information connected to Coronavirus testing is available for sale in the Netherlands, and is a Peeping Tom at your home security provider spying on you through CCTV? All this and much more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.

Arrest, Seizures Tied to Netwalker Ransomware

(Wednesday January 27, 2021)
U.S. and Bulgarian authorities this week seized the darkweb site used by the NetWalker ransomware cybercrime group to publish data stolen from its victims. In connection with the seizure, a Canadian national suspected of extorting more than $27 million through the spreading of NetWalker was charged in a Florida court.

World's 'most dangerous' criminal hacking network dismantled by international police

(Wednesday January 27, 2021)
International law enforcement agencies say they have dismantled a criminal hacking scheme used to steal billions of dollars from businesses and private citizens worldwide.

Intl. Law Enforcement Operation Disrupts Emotet Botnet

(Wednesday January 27, 2021)
Global law enforcement agencies have seized control of Emotet infrastructure, disrupting one of the world's most pervasive and dangerous cyber threats.

Critical Vulnerability Patched in 'sudo' Utility for Unix-Like OSes

(Wednesday January 27, 2021)
Flaw exists in versions of sudo going back nearly 10 years; USCYBERCOM recommends organizations patch immediately.

TeamTNT Cloaks Malware With Open-Source Tool

(Wednesday January 27, 2021)
The detection-evasion tool, libprocesshider, hides TeamTNT's malware from process-information programs.

FTC warns of scam website that promises refund for victims of online scams

(Wednesday January 27, 2021)
The Federal Trade Commission is warning computer users not to be fooled by a website that appears to have stolen the look-and-feel of the genuine FTC in an attempt to defraud consumers.

Reverse Engineering iMessage: Leveraging the Hardware to Protect the Software

(Wednesday January 27, 2021)
Our researcher reverse engineered Apple iMessage to explore extending it the secure messaging app to other systems. See how he fared.

Law enforcement takes over Emotet, one of the biggest botnets

(Wednesday January 27, 2021)
Law enforcement agencies from several countries collaborated in a joint operation that resulted in taking over the command-and-control infrastructure behind will be permanent remains to be seen, but it's a promising development according to security experts. [ How well do you know these ! ]

NetWalker Ransomware Suspect Charged: Tor Site Seized

(Wednesday January 27, 2021)
The suspect allegedly has extorted $27.6 million from ransomware victims, mostly in the healthcare sector.

Update your iPhone now to protect against vulnerabilities that hackers may have actively exploited

(Wednesday January 27, 2021)
Apple is encouraging owners of iPhones and iPads to update their devices to the latest version of iOS and iPadOS in order to protect against serious vulnerabilities that could have already been actively exploited by malicious hackers.

THREAT ALERT: Crypto miner attack from RinBot's server, a Discord bot. Chronicle of the investigation + how to mitigate the attack.

(Wednesday January 27, 2021)
The Sysdig Security Research team has recently identified crypto mining activities related to a Discord Bot called RinBot.

Remote Attackers Can Now Reach Protected Network Devices via NAT Slipstreaming

(Wednesday January 27, 2021)
A new version of NAT slipstreaming allows cybercriminals an easy path to devices that aren't connected to the internet.

North Korean hackers attempt to hack security researchers investigating zero-day vulnerabilities

(Wednesday January 27, 2021)
Threat experts at Google say that they have identified an ongoing hacking campaign that has targeted computer security experts, specifically those researching the very type of software vulnerabilities exploited by cybercriminals. Read more in my article on the Hot for Security blog.

CNCF - Cloud Native Security Whitepaper on GitHub

(Wednesday January 27, 2021)
PDF Document

Sudo Bug Gives Root Access to Mass Numbers of Linux Systems

(Wednesday January 27, 2021)
Qualys said the vuln gives any local user root access to systems running the most popular version of Sudo.

Microsoft Security Business Exceeds $10B in Revenue

(Wednesday January 27, 2021)
Microsoft's security division has grown more than 40% year-over-year, the company reports alongside security product updates.

ADT Security Camera Flaws Open Homes to Eavesdropping

(Wednesday January 27, 2021)
Researchers publicly disclosed flaws in ADT's LifeShield DIY HD Video Doorbell, which could have allowed local attackers to access credentials, video feeds and more.

Emotet Takedown Disrupts Vast Criminal Infrastructure; NetWalker Site Offline

(Wednesday January 27, 2021)
Hundreds of servers and 1 million Emotet infections have been dismantled globally, while authorities have taken NetWalker's Dark Web leaks site offline and charged a suspect.

The state of apps by Microsoft identity: Azure AD app gallery apps that made the most impact in 2020

(Wednesday January 27, 2021)
See what applications in the Azure AD app gallery powered the way we work, learn, and collaborate in 2020. The post The state of apps by Microsoft identity: Azure AD app gallery apps that made the most impact in 2020 [https://www.microsoft.com/security/blog/2021/01/27/the-state-of-apps-by-microsoft-identity-azure-ad-app-gallery-apps-that-made-the-most-impact-in-2020/] appeared first on Microsoft Security.

Announcing the general availability of Azure Defender for IoT

(Wednesday January 27, 2021)
As businesses increasingly rely on connected devices to optimize their operations, the number of IoT and Operational Technology (OT) endpoints is growing dramatically—industry analysts have estimated that CISOs will soon be responsible for an attack surface multiple times larger than just a few years ago. Today we are announcing that Azure Defender for IoT is… The post Announcing the general availability of Azure Defender for IoT [https://www.microsoft.com/security/blog/2021/01/27/announcing-the-general-availability-of-azure-defender-for-iot/] appeared first on Microsoft Security.

Protecting multi-cloud environments with Azure Security Center

(Wednesday January 27, 2021)
When we started developing Azure Security Center, our mission was clear: be the best solution to protect Azure Resources. The post Protecting multi-cloud environments with Azure Security Center [https://www.microsoft.com/security/blog/2021/01/27/protecting-multi-cloud-environments-with-azure-security-center/] appeared first on Microsoft Security.

Microsoft surpasses $10 billion in security business revenue, more than 40 percent year-over-year growth

(Wednesday January 27, 2021)
Microsoft empowers defenders to secure across platforms and clouds to make the world a safer place. The post Microsoft surpasses $10 billion in security business revenue, more than 40 percent year-over-year growth [https://www.microsoft.com/security/blog/2021/01/27/microsoft-surpasses-10-billion-in-security-business-revenue-more-than-40-percent-year-over-year-growth/] appeared first on Microsoft Security.

4 Clues to Spot a Bot Network

(Wednesday January 27, 2021)
Protect against misinformation and disinformation campaigns by learning how to identify the bot networks spreading falsehoods.

Many Cybersecurity Job Candidates Are Subpar, While On-the-Job Training Falls Short

(Wednesday January 27, 2021)
With demand for skilled cybersecurity workers so high, is it really surprising that most companies are seeing fewer qualified applicants?

TikTok bug could have exposed millions of users’ data

(Wednesday January 27, 2021)
Research released on Tuesday revealed that a now-patched TikTok security flaw could have exposed millions of the app’s users and their associated phone numbers to attackers who could then use that data for malicious activity. The flaw only affected users who have their phone number linked to their accounts or use their phone numbers to […] The post TikTok bug could have exposed millions of users’ data [https://www.itsecurityguru.org/2021/01/27/tiktok-bug-could-have-exposed-millions-of-users-data/] appeared first on IT Security Guru [https://www.itsecurityguru.org].

More than 13,000 malware threats were detected every hour in 2020

(Wednesday January 27, 2021)
New research from Seqrite has found that in 2020 there were 13,733 malware threats detected every hour. The report showed that of all threats Trojan malware threats were the leaders quarter-on-quarter (QoQ) and year-on-year (YoY). According to the research out of the 113 million malware detections, the first quarter totalled the highest at 36 million […] The post More than 13,000 malware threats were detected every hour in 2020 [https://www.itsecurityguru.org/2021/01/27/more-than-13000-malware-threats-were-detected-every-hour-in-2020/] appeared first on IT Security Guru...

Apple Patches Three iOS Zero-Day Vulnerabilities

(Wednesday January 27, 2021)
New iOS 14.4 update available for iPhones and iPads.

New Docker Container Escape Bug Affects Microsoft Azure Functions

(Wednesday January 27, 2021)
Cybersecurity researcher Paul Litvak today disclosed an unpatched vulnerability in Microsoft Azure Functions that could be used by an attacker to escalate privileges and escape the Docker container used for hosting them. The findings come as part of Intezer Lab's investigations into the Azure compute infrastructure. Following disclosure to Microsoft, the Windows maker is said to have "determined

Connect, Share, and Learn at Imperva Amplify 2021

(Wednesday January 27, 2021)
On the heels of high-profile breaches, attacks (e.g., Sunburst, Raindrop) and COVID-19, rapid digital transformation places even more pressure on security. We’re seizing the opportunity to launch our first virtual user conference — Imperva Amplify — to share our knowledge so together, we can better protect our digital ecosystems from a range of complex, automated […] The post Connect, Share, and Learn at Imperva Amplify 2021 [https://www.imperva.com/blog/connect-share-and-learn-at-imperva-amplify-2021/] appeared first on Blog [https://www.imperva.com/blog].

Security's Inevitable Shift to the Edge

(Wednesday January 27, 2021)
As the edge becomes the place for DDoS mitigation, Web app security, and other controls, SASE is the management platform to handle them all.

Two Dutch Public Health Workers Arrested for Selling Coronavirus Patient Information

(Wednesday January 27, 2021)
Dutch police have arrested two Public Health Department (GGD) workers for allegedly stealing information on COVID-19 patients and offering to sell it online to various cybercriminals. The arrests resulted from a police investigation after RTL Nieuws, a local media outlet, discovered personal information from two GGD systems, storing coronavirus patient information, was being sold on […]

Sudo Heap-Based Buffer Overflow

(Wednesday January 27, 2021)
Qualys has released extensive research details regarding a heap-based buffer overflow vulnerability in sudo. The issue was introduced in July 2011 (commit 8255ed69), and affects all legacy versions from 1.8.2 to 1.8.31p2 and all stable versions from 1.9.0 to 1.9.5p1, in their default configuration.

STVS ProVision 5.9.10 Cross Site Request Forgery

(Wednesday January 27, 2021)
STVS ProVision version 5.9.10 suffers from a cross site request forgery vulnerability.

STVS ProVision 5.9.10 Cross Site Scripting

(Wednesday January 27, 2021)
STVS ProVision version 5.9.10 suffers from an authenticated reflective cross site scripting vulnerability.

STVS ProVision 5.9.10 File Disclosure

(Wednesday January 27, 2021)
STVS ProVision version 5.9.10 suffers from an authenticated file disclosure vulnerability in archive.rb.

International Action Targets Emotet Crimeware

(Wednesday January 27, 2021)
Authorities across Europe on Tuesday said they'd seized control over Emotet, a prolific malware strain and cybercrime-as-service operation. Investigators say the action could help quarantine more than a million Microsoft Windows systems currently compromised with malware tied to Emotet infections.

Revive Adserver 5.1.0 Cross Site Scripting

(Wednesday January 27, 2021)
Revive Adserver versions 5.1.0 and below suffer from multiple reflective cross site scripting vulnerabilities.

Constructor.Win32.SpyNet.a Remote Password Leak

(Wednesday January 27, 2021)
Constructor.Win32.SpyNet.a malware suffers from a remote password leak vulnerability.

Backdoor.Win32.Wollf.14 Missing Authentication

(Wednesday January 27, 2021)
Backdoor.Win32.Wollf.14 malware has a backdoor on TCP/7614 that does not require any authentication.

Backdoor.Win32.DarkKomet.apbb Insecure Permissions

(Wednesday January 27, 2021)
Backdoor.Win32.DarkKomet.apbb malware suffers from an insecure permissions vulnerability.

Gentoo Linux Security Advisory 202101-33

(Wednesday January 27, 2021)
Gentoo Linux Security Advisory 202101-33 - Multiple vulnerabilities have been found in sudo, the worst of which could result in privilege escalation. Versions less than 1.9.5_p2 are affected.

Gentoo Linux Security Advisory 202101-32

(Wednesday January 27, 2021)
Gentoo Linux Security Advisory 202101-32 - A weakness was discovered in Mutt and NeoMutt's TLS handshake handling. Versions less than 2.0.2 are affected.

Gentoo Linux Security Advisory 202101-31

(Wednesday January 27, 2021)
Gentoo Linux Security Advisory 202101-31 - A vulnerability in Cacti could lead to remote code execution. Versions less than 1.2.16-r1 are affected.

Apple Security Advisory 2021-01-26-4

(Wednesday January 27, 2021)
Apple Security Advisory 2021-01-26-4 - Xcode 12.4 addresses a path handling issue.

Apple Security Advisory 2021-01-26-3

(Wednesday January 27, 2021)
Apple Security Advisory 2021-01-26-3 - watchOS 7.3 addresses a race condition vulnerability.

Apple Security Advisory 2021-01-26-2

(Wednesday January 27, 2021)
Apple Security Advisory 2021-01-26-2 - tvOS 14.4 addresses a race condition vulnerability.

Apple Security Advisory 2021-01-26-1

(Wednesday January 27, 2021)
Apple Security Advisory 2021-01-26-1 - iOS 14.4 and iPadOS 14.4 address race condition and arbitrary code execution vulnerabilities.

Red Hat Security Advisory 2021-0223-01

(Wednesday January 27, 2021)
Red Hat Security Advisory 2021-0223-01 - The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Issues addressed include a buffer overflow vulnerability.

Red Hat Security Advisory 2021-0222-01

(Wednesday January 27, 2021)
Red Hat Security Advisory 2021-0222-01 - The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Issues addressed include a buffer overflow vulnerability.

Red Hat Security Advisory 2021-0221-01

(Wednesday January 27, 2021)
Red Hat Security Advisory 2021-0221-01 - The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Issues addressed include a buffer overflow vulnerability.

Red Hat Security Advisory 2021-0224-01

(Wednesday January 27, 2021)
Red Hat Security Advisory 2021-0224-01 - The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Issues addressed include a buffer overflow vulnerability.

Red Hat Security Advisory 2021-0227-01

(Wednesday January 27, 2021)
Red Hat Security Advisory 2021-0227-01 - The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Issues addressed include a buffer overflow vulnerability.

Red Hat Security Advisory 2021-0219-01

(Wednesday January 27, 2021)
Red Hat Security Advisory 2021-0219-01 - The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Issues addressed include a buffer overflow vulnerability.

Red Hat Security Advisory 2021-0225-01

(Wednesday January 27, 2021)
Red Hat Security Advisory 2021-0225-01 - The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Issues addressed include a buffer overflow vulnerability.

Red Hat Security Advisory 2021-0218-01

(Wednesday January 27, 2021)
Red Hat Security Advisory 2021-0218-01 - The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Issues addressed include a buffer overflow vulnerability.

Red Hat Security Advisory 2021-0220-01

(Wednesday January 27, 2021)
Red Hat Security Advisory 2021-0220-01 - The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Issues addressed include a buffer overflow vulnerability.

Red Hat Security Advisory 2021-0226-01

(Wednesday January 27, 2021)
Red Hat Security Advisory 2021-0226-01 - The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Issues addressed include a buffer overflow vulnerability.

Insurers Defend Covering Ransomware Payments

(Wednesday January 27, 2021)

Warning Issued Over Hackable ADT's LifeShield Home Security Cameras

(Wednesday January 27, 2021)
Newly discovered security vulnerabilities in ADT's Blue (formerly LifeShield) home security cameras could have been exploited to hijack both audio and video streams. The vulnerabilities (tracked as CVE-2020-8101) were identified in the video doorbell camera by Bitdefender researchers in February 2020 before they were eventually addressed on August 17, 2020. LifeShield was acquired by

The cross-platform Nim language is starting to become a thing in offsec... here's a new RAT/agent, written in Nim, which communicates to a C2 over multiple protocols (http, tcp, udp)..

(Wednesday January 27, 2021)
A cross-platform Nim implant for Prelude Operator. Contribute to VVX7/nicodemus development by creating an account on GitHub.

Apple critical patches fix in-the-wild iPhone exploits – update now!

(Wednesday January 27, 2021)
Apple says. "Additional details available soon", which you can translate as "this one took us by surprise". So patch now!

NAT Slipstreaming v2.0: New Attack Variant Can Expose All Internal Network Devices to The Internet

(Wednesday January 27, 2021)
Armis and security researcher Samy Kamkar identify NAT Slipstreaming v2.0, a new Attack Variant That Can Expose All Internal Network Devices to The Internet.

Retail giant falls Victim to REvil Ransomware Attack

(Wednesday January 27, 2021)
Around January 14th, 2021, the retail giant Dairy Farm was attacked by the REvil ransomware operation. The attackers demanded a $30 million ransom. The ransomware group compromised Dairy Farm’s network and encrypted devices. Allegedly the attackers had access to information up until 7 days after the attack. Dairy Farm is a massive pan-Asian retail chain […] The post Retail giant falls Victim to REvil Ransomware Attack [https://www.itsecurityguru.org/2021/01/27/retail-giant-falls-victim-to-revil-ransomware-attack/] appeared first on IT Security Guru [https://www.itsecurityguru.org].

New Attack Could Let Remote Hackers Target Devices On Internal Networks

(Wednesday January 27, 2021)
A newly devised variant of the NAT Slipstreaming attack can be leveraged to compromise and expose any device in an internal network, according to the latest research. Detailed by enterprise IoT security firm Armis, the new attack (CVE-2020-16043 and CVE-2021-23961) builds on the previously disclosed technique to bypass routers and firewalls and reach any unmanaged device within the internal

iOS 14.4 Released to Fix Three Security Bugs

(Wednesday January 27, 2021)
The new update has been released with security fixes for three vulnerabilities that had affected iPhones and iPads. Apple admitted that the three bugs “may have been actively exploited” by hackers. Apple has refused any further commentary, leaving details of the security vulnerabilities scarce. It is unknown who started the attack and who was targeted, […] The post iOS 14.4 Released to Fix Three Security Bugs [https://www.itsecurityguru.org/2021/01/27/ios-14-4-released-to-fix-three-security-bugs/] appeared first on IT Security Guru [https://www.itsecurityguru.org].

Apple Patches Three Actively Exploited Zero-Days, Part of iOS Emergency Update

(Wednesday January 27, 2021)
An anonymous researcher identified bugs in the software’s kernel and WebKit browser engine that are likely part of an exploit chain.

World’s most dangerous malware EMOTET disrupted through global action

(Wednesday January 27, 2021)
Law enforcement and judicial authorities worldwide have this week disrupted one of most significant botnets of the past decade: EMOTET. Investigators have now taken control of its infrastructure in an international coordinated action.  Law enforcement and judicial authorities worldwide have this week disrupted one of most significant botnets of the past decade: EMOTET. Investigators have now taken control of its infrastructure in an international coordinated action. 

LogoKit Group Aims for Simple Yet Effective Phishing

(Wednesday January 27, 2021)
A phishing kit that uses embedded JavaScript targeted the users of more than 300 sites in the past week, aiming to grab credentials for SharePoint, Adobe Document Cloud, and OneDrive.

Top Cyber Attacks of 2020

(Wednesday January 27, 2021)
With so much of the world transitioning to working, shopping, studying, and streaming online during the coronavirus pandemic, cybercriminals now have access to a larger base of potential victims than ever before. "Zoombomb" became the new photobomb—hackers would gain access to a private meeting or online class hosted on Zoom and shout profanities and racial slurs or flash pornographic images.

The Hacked and Yet to Be Hacked: SolarWinds Breach Shows Detection is Key to Reducing Risk and Damage

(Wednesday January 27, 2021)
Several years back, a number of security industry leaders began declaring that there are only two types of organizations, those that have been hacked and those that don’t yet know it. Industry analyst firm Gartner agreed and shortly thereafter began advising organizations to build out security strategies that could respond to this fact of digital […] The post The Hacked and Yet to Be Hacked: SolarWinds Breach Shows Detection is Key to Reducing Risk and Damage [https://www.itsecurityguru.org/2021/01/27/the-hacked-and-yet-to-be-hacked-solarwinds-breach-shows-detection-is-key-to-reducing-ris

Beware — A New Wormable Android Malware Spreading Through WhatsApp

(Wednesday January 27, 2021)
A newly discovered Android malware has been found to propagate itself through WhatsApp messages to other contacts in order to expand what appears to be an adware campaign. "This malware spreads via victim's WhatsApp by automatically replying to any received WhatsApp message notification with a link to [a] malicious Huawei Mobile app," ESET researcher Lukas Stefanko said. The link to the fake

Using the Manager Attribute in Active Directory (AD) for Password Resets

(Wednesday January 27, 2021)
Creating workflows around verifying password resets can be challenging for organizations, especially since many have shifted work due to the COVID-19 global pandemic. With the numbers of cyberattacks against businesses exploding and compromised credentials often being the culprit, companies have to bolster security around resetting passwords on user accounts. How can organizations bolster the

Tips to harden Active Directory against SolarWinds-type attacks

(Wednesday January 27, 2021)
The SolarWinds/Solorigate attacks used some concerning methodologies. One of them has been what is called ) enables the exchange of authentication and authorization information between trusted parties. The Golden SAML technique allows attackers to generate their own SAML response to gain access or control. To do so, they must first gain privileged access to a network to access the certificates used to sign SAML objects. (Insider Story)

How Bitdefender Protects You from Ransomware (Part 2)

(Wednesday January 27, 2021)
Ransomware attacks are among the greatest security threats we face in the digital world, a trend that has continued to expand and grow in sophistication over the past years. The threat actor’s goal is simple: Find an opportunistic target and lure it into accessing, downloading or installing malicious software onto their device so it can […]

Apple Warns of 3 iOS Zero-Day Security Vulnerabilities Exploited in the Wild

(Wednesday January 27, 2021)
Apple on Tuesday released updates for iOS, iPadOS, and tvOS with fixes for three security vulnerabilities that it says may have been actively exploited in the wild. Reported by an anonymous researcher, the three zero-day flaws — CVE-2021-1782, CVE-2021-1870, and CVE-2021-1871 — could have allowed an attacker to elevate privileges and achieve remote code execution. The iPhone maker did not

TikTok Bug Could Have Exposed Users' Profile Data and Phone Numbers

(Wednesday January 27, 2021)
Cybersecurity researchers on Tuesday disclosed a now-patched security flaw in TikTok that could have potentially enabled an attacker to build a database of the app's users and their associated phone numbers for future malicious activity. Although this flaw only impacts those users who have linked a phone number with their account or logged in with a phone number, a successful exploitation of the

In the Wake of the SolarWinds Hack, Here's How Businesses Should Respond

(Wednesday January 27, 2021)
Throughout 2020, businesses, in general, have had their hands full with IT challenges. They had to rush to accommodate a sudden shift to remote work. Then they had to navigate a rapid adoption of automation technologies. And as the year came to a close, more businesses began trying to assemble the safety infrastructure required to return to some semblance of normal in 2021. But at the end of the

N. Korean Hackers Targeting Security Experts to Steal Undisclosed Researches

(Wednesday January 27, 2021)
Google on Monday disclosed details about an ongoing campaign carried out by a government-backed threat actor from North Korea that has targeted security researchers working on vulnerability research and development. The internet giant's Threat Analysis Group (TAG) said the adversary created a research blog and multiple profiles on various social media platforms such as Twitter, Twitter, LinkedIn

Ransomware Disrupts Operations at Packaging Giant WestRock

(Wednesday January 27, 2021)
Incident is another reminder of how vulnerable OT environments are to attack, security experts say.

Pay-or-Get-Breached Ransomware Schemes Take Off

(Tuesday January 26, 2021)
In 2020, ransomware attackers moved quickly to adopt so-called "double extortion" schemes, with more than 550 incidents in the fourth quarter alone.

North Korean Attackers Target Security Researchers via Social Media: Google

(Tuesday January 26, 2021)
Google TAG warns the infosec community of unsolicited requests from individuals seeking collaboration on vulnerability research.

Nvidia Squashes High-Severity Jetson DoS Flaw

(Tuesday January 26, 2021)
If exploited, the most serious of these flaws could lead to a denial-of-service condition for Jetson products.

DanaBot Malware Roars Back into Relevancy

(Tuesday January 26, 2021)
Sophisticated and dangerous, DanaBot has resurfaced after laying dormant for seven months.

Heap-based buffer overflow in Sudo (CVE-2021-3156) - obtained full root privileges on Ubuntu 20.04 (Sudo 1.8.31), Debian 10 (Sudo 1.8.27), and Fedora 33 (Sudo 1.9.2)

(Tuesday January 26, 2021)
Qualys Security Advisory Baron Samedit: Heap-based buffer overflow in Sudo (CVE-2021-3156) ======================================================================== Contents ======================================================================== Summary Analysis Exploitation Acknowledgments Timeline ======================================================================== Summary ======================================================================== We discovered a heap-based buffer overflow...

Privacy Teams Helped Navigate the Pivot to Work-from-Home

(Tuesday January 26, 2021)
Annual Cisco privacy study also reports that 90% of organizations say their customers won't buy from them if they are not clear about data policy practices.

Ghost hack – criminals use deceased employee’s account to wreak havoc

(Tuesday January 26, 2021)
Most companies are quick to remove ex-staff from the payroll, but often not so quick to shut down their network access.

Online fraud at an all-time high amidst the global pandemic

(Tuesday January 26, 2021)
Client-side attacks have become significantly more prominent in recent years, gaining popularity since 2015. As online activity rises due to the global pandemic, 2020 has been no exception, with the most susceptible target, e-commerce, becoming more lucrative than ever. The Client-Side Problem Explained When interacting with a web application, numerous actions take place in the […] The post Online fraud at an all-time high amidst the global pandemic [https://www.imperva.com/blog/online-fraud-at-an-all-time-high-amidst-the-global-pandemic/] appeared first on Blog...

Mimecast: Recent Certificate Compromise Tied to SolarWinds Attacks

(Tuesday January 26, 2021)
Yet another security firm hit in the sweeping attack campaign believed to be out of Russia.

CVE-2021-3156: Heap-Based Buffer Overflow in Sudo

(Tuesday January 26, 2021)
The Qualys Research Team has discovered a heap overflow vulnerability in sudo, a near-ubiquitous utility available on major Unix-like operating systems.

23M Gamer Records Exposed in VIPGames Leak

(Tuesday January 26, 2021)
The personal data of 66,000 users was left wide open on a misconfigured Elasticsearch server, joining a growing list of companies with leaky clouds.

BEC Scammers Find New Ways to Navigate Microsoft 365

(Tuesday January 26, 2021)
Their techniques made use of out-of-office replies and automatic responses during the 2020 holiday season, researchers report.

Cartoon Caption Winner: Before I Go ...

(Tuesday January 26, 2021)
And the winner of The Edge's January cartoon caption contest is ...