Jump to content

LSW

Moderators
  • Posts

    1,625
  • Joined

  • Last visited

  • Days Won

    28

Posts posted by LSW

  1. A New Free Monitoring Tool to Measure Your Dark Web Exposure

    https://thehackernews.com/2020/05/dark-web-monitoring-tool.html

    Quote

    This week, over 26 million user records, including plaintext passwords, stolen from LiveJournal appeared on a Dark Web marketplace for as low as $35. The present week is likewise sadly marked with a compromise of 31 SQL databases (with 1.6 million rows of client data) from webshop owners.

    There were 7,098 breaches reported in 2019, exposing over 15.1 billion records, a new worst year on record according to Risk Based Security report. Over 80% of data breaches within the hacking category involve usage of lost or stolen credentials, says the Data Breach Investigations Report 2020 by Verizon.

    While over 21 million of stolen login credentials from Fortune 500 companies were readily available for sale in the Dark Web, according to ImmuniWeb report from 2019.

     

  2. Zoom Caught in Cybersecurity Debate — Here's Everything You Need To Know

    https://thehackernews.com/2020/04/zoom-cybersecurity-hacking.html

    Quote

    The app has skyrocketed to 200 million daily users from an average of 10 million in December — along with a 535 percent increase in daily traffic to its download page in the last month — but it's also seen a massive uptick in Zoom's problems, all of which stem from sloppy design practices and security implementations.

    Zoom may never have designed its product beyond enterprise chat initially, but with the app now being used in a myriad number of ways and by regular consumers, the company's full scope of gaffes have come into sharp focus — something it was able to avoid all this time.

    ...

    To give credit where it's due, Zoom largely responded to these disclosures swiftly and transparently, and it has already patched a number of issues highlighted by the security community.

    In addition, the company has announced a 90-day freeze on releasing new features to "better identify, address, and fix issues proactively." It also aims to conduct a comprehensive review with third-party experts and release a transparency report that details information related to law enforcement requests for data, records, or content.

    Ultimately, it all boils down to this: should you be continuing to use Zoom? It would be easy to look at all of these flaws and say that people should simply stay away from Zoom. But it's not that simple...

     

  3. Quote

    Preying on public fears, the ongoing coronavirus outbreak is proving to be a goldmine of opportunity for attackers to stage a variety of malware attacks, phishing campaigns, and create scam sites and malicious tracker apps.

    Now in a fresh twist, third-party Android app developers too have begun to take advantage of the situation to use coronavirus-related keywords in their app names, descriptions, or in the package names so as to drop malware, perpetrate financial theft and rank higher in Google Play Store searches related to the topic.

    "Most malicious apps found are bundle threats that range from ransomware to SMS-sending malware, and even spyware designed to clean out the contents of victims' devices for personal or financial data," Bitdefender researchers said in a telemetry analysis report shared with The Hacker News.

    https://thehackernews.com/2020/03/coronavirus-covid-apps-android.html

  4. New Zoom Hack Lets Hackers Compromise Windows and Its Login Password

    Quote

    No doubt, Zoom is an efficient online video meeting solution that's helping people stay socially connected during these unprecedented times, but it's still not the best choice for everyone—especially those who really care about their privacy and security.

    According to cybersecurity expert @_g0dmode, the Zoom video conferencing software for Windows is vulnerable to a classic 'UNC path injection' vulnerability that could allow remote attackers to steal victims' Windows login credentials and even execute arbitrary commands on their systems.

    https://thehackernews.com/2020/04/zoom-windows-password.html

     

     

    COVID-19: Hackers Begin Exploiting Zoom's Overnight Success to Spread Malware

    Quote

    With over 74,000 customers and 13 million monthly active users, Zoom is one of the most popular cloud-based enterprise communication platforms that offers chat, video and audio conferencing, and options to host webinars and virtual meetings online.

    The popularity of Zoom has shot up significantly in recent weeks as millions of students, business people, and even government employees across the world are forced to work and socialize from home during the coronavirus pandemic.

    https://thehackernews.com/2020/03/zoom-video-coronavirus.html

     

     

     

  5. Been away a while, when the state installed a new security software that blocked KillerSites. I don't even touch my laptop anymore, so I have not been in since work blocked it.

    But it is available again now so I am back. Security has fallen by the wayside as the state entity hamstrung my Divisions attempt at having their own security... me. Now I am back to work as a Programmer and training up in C#, .NET, & Azure, as we finally get away from Java and Oracle. So, as I am no longer doing Security, I will no longer be posting much there.

    Good to be back!

    • Like 1
  6. Kaspersky Antivirus Flaw Exposed Users to Cross-Site Tracking Online

    https://thehackernews.com/2019/08/kaspersky-antivirus-online-tracking.html

    Quote

     

    In this digital era, the success of almost every marketing, advertising, and analytics company drives through tracking users across the Internet to identify them and learn their interests to provide targeted ads.
     
    Most of these solutions rely on 3rd-party cookies, a cookie set on a domain other than the one you are browsing, which allows companies including Google and Facebook to fingerprint you in order to track your every move across multiple sites.
     
    However, if you're using Kaspersky Antivirus, a vulnerability in the security software had exposed a unique identifier associated with you to every website you visited in the past 4 years, which might have allowed those sites and other third-party services to track you across the web even if you have blocked or erased third-party cookies timely.

     

     

  7. 8 New HTTP/2 Implementation Flaws Expose Websites to DoS Attacks

    https://thehackernews.com/2019/08/http2-dos-vulnerability.html

    Quote

     

    Various implementations of HTTP/2, the latest version of the HTTP network protocol, have been found vulnerable to multiple security vulnerabilities affecting the most popular web server software, including Apache, Microsoft's IIS, and NGINX.
     
    Launched in May 2015, HTTP/2 has been designed for better security and improved online experience by speeding up page loads. Today, over hundreds of millions of websites, or some 40 percent of all the sites on the Internet, are running using HTTP/2 protocol.
     
    A total of eight high-severity HTTP/2 vulnerabilities, seven discovered by Jonathan Looney of Netflix and one by Piotr Sikora of Google, exist due to resource exhaustion when handling malicious input, allowing a client to overload server's queue management code.
     
    The vulnerabilities can be exploited to launch Denial of Service (DoS) attacks against millions of online services and websites that are running on a web server with the vulnerable implementation of HTTP/2, knocking them offline for everyone.

     

     

  8. 8 New HTTP/2 Implementation Flaws Expose Websites to DoS Attacks

    https://thehackernews.com/2019/08/http2-dos-vulnerability.html

    Quote

     

    Various implementations of HTTP/2, the latest version of the HTTP network protocol, have been found vulnerable to multiple security vulnerabilities affecting the most popular web server software, including Apache, Microsoft's IIS, and NGINX.
     
    Launched in May 2015, HTTP/2 has been designed for better security and improved online experience by speeding up page loads. Today, over hundreds of millions of websites, or some 40 percent of all the sites on the Internet, are running using HTTP/2 protocol.
     
    A total of eight high-severity HTTP/2 vulnerabilities, seven discovered by Jonathan Looney of Netflix and one by Piotr Sikora of Google, exist due to resource exhaustion when handling malicious input, allowing a client to overload server's queue management code.
     
    The vulnerabilities can be exploited to launch Denial of Service (DoS) attacks against millions of online services and websites that are running on a web server with the vulnerable implementation of HTTP/2, knocking them offline for everyone.

     

     

  9. Over 40 Drivers Could Let Hackers Install Persistent Backdoor On Windows PCs

    https://thehackernews.com/2019/08/windows-driver-vulnerability.html
     

    Quote

    If you own a device, or a hardware component, manufactured by ASUS, Toshiba, Intel, NVIDIA, Huawei, or other 15 other vendors listed below, you're probably screwed.

     
    A team of security researchers has discovered high-risk security vulnerabilities in more than 40 drivers from at least 20 different vendors that could allow attackers to gain most privileged permission on the system and hide malware in a way that remains undetected over time, sometimes for years.
     
    For sophisticated attackers, maintaining persistence after compromising a system is one of the most important tasks, and to achieve this, existing hardware vulnerabilities sometimes play an important role.
     
    One such component is a device driver, commonly known as a driver or hardware driver, a software program that controls a particular type of hardware device, helping it to communicate with the computer's operating system properly.

     

     

  10. New Flaws in Qualcomm Chips Expose Millions of Android Devices to Hacking

    https://thehackernews.com/2019/08/android-qualcomm-vulnerability.html

    Quote

     

    A series of critical vulnerabilities have been discovered in Qualcomm chipsets that could allow hackers to compromise Android devices remotely just by sending malicious packets over-the-air with no user interaction.
     
    Discovered by security researchers from Tencent's Blade team, the vulnerabilities, collectively known as QualPwn, reside in the WLAN and modem firmware of Qualcomm chipsets that powers hundreds of millions of Android smartphones and tablets.
     
    According to researchers, there are primarily two critical vulnerabilities in Qualcomm chipsets and one in the Qualcomm's Linux kernel driver for Android which if chained together could allow attackers to take complete control over targeted Android devices within their Wi-Fi range.

     

     

  11. Viral FaceApp Unnecessarily Requests Access to Users' Facebook Friends List

    https://thehackernews.com/2019/07/faceapp-facebook-privacy.html

    Quote

    FaceApp—the AI-powered photo-morphing app that recently gone viral for its age filter but hit the headlines for its controversial privacy policy—has been found collecting the list of your Facebook friends for no reason.

    The Russian-made FaceApp has been around since the spring of 2017 but taken social media by storm over the course of the past few weeks as millions of people downloaded the app to see how they would look when they are older or younger, or swap genders.

    The app also contains a feature that allows users to download and edit photos from their Facebook accounts, which only works when a user enables FaceApp to access the social media account via the 'Login with Facebook' option.

     

  12. Beware! Playing Untrusted Videos On VLC Player Could Hack Your Computer

    https://thehackernews.com/2019/06/vlc-media-player-hacking.html

    Quote

     

    If you use VLC media player on your computer and haven't updated it recently, don't you even dare to play any untrusted, randomly downloaded video file on it.
    Doing so could allow hackers to remotely take full control over your computer system.
     
    That's because VLC media player software versions prior to 3.0.7 contain two high-risk security vulnerabilities, besides many other medium- and low-severity security flaws, that could potentially lead to arbitrary code execution attacks.
     
    With more than 3 billion downloads, VLC is a hugely popular open-source media player software that is currently being used by hundreds of millions of users worldwide on all major platforms, including Windows, macOS, Linux, as well as Android and iOS mobile platforms.

     

     

  13. Firefox 67.0.4 Released — Mozilla Patches Second 0-Day Flaw This Week

    https://thehackernews.com/2019/06/firefox-0day-vulnerability.html

    Quote

     

    Okay, folks, it's time to update your Firefox web browser once again—yes, for the second time this week.
     
    After patching a critical actively-exploited vulnerability in Firefox 67.0.3 earlier this week, Mozilla is now warning millions of its users about a second zero-day vulnerability that attackers have been found exploiting in the wild.
     
    The newly patched issue (CVE-2019-11708) is a "sandbox escape" vulnerability, which if chained together with the previously patched "type confusion" bug (CVE-2019-11707), allows a remote attacker to execute arbitrary code on victims' computers just by convincing them into visiting a malicious website.

     

     

  14. Tor Browser 8.5.2 Released — Update to Fix Critical Firefox Vulnerability

    https://thehackernews.com/2019/06/tor-browser-firefox-hack.html

    Quote

     

         Following the latest critical update for Firefox, the Tor Project today released an updated version of its anonymity and privacy browser to patch the same Firefox vulnerability in its bundle.
         Earlier this week, Mozilla released Firefox 67.0.3 and Firefox ESR 60.7.1 versions to patch a critical actively-exploited vulnerability (CVE-2019-11707) that could allow attackers to remotely take full control over systems running the vulnerable browser versions.
         Besides updating Firefox, the latest Tor Browser 8.5.2 for desktops also includes updated NoScript version 10.6.3 that fixes a few known issues.
         According to the Tor Project Team, if you are already using Tor browser with "safer" and "safest" security levels, the flaw doesn't affect you.

     

     

  15. Firefox Releases Critical Patch Update to Stop Ongoing Zero-Day Attacks

    https://thehackernews.com/2019/06/mozilla-firefox-patch-update.html

    Quote

    If you use the Firefox web browser, you need to update it right now.

    Mozilla earlier today released Firefox 67.0.3 and Firefox ESR 60.7.1 versions to patch a critical zero-day vulnerability in the browsing software that hackers have been found exploiting in the wild.

    Discovered and reported by Samuel Groß, a cybersecurity researcher at Google Project Zero, the vulnerability could allow attackers to remotely execute arbitrary code on machines running vulnerable Firefox versions and take full control of them.

     

  16. Adobe Issues Critical Patches for ColdFusion, Flash Player, Campaign

    https://thehackernews.com/2019/06/adobe-patch-june.html

    Quote

     

    Adobe has just released the latest June 2019 software updates to address a total 11 security vulnerabilities in its three widely-used products Adobe ColdFusion, Flash Player, and Adobe Campaign.
     

    Out of these, three vulnerabilities affect Adobe ColdFusion, a commercial rapid web application development platform—all critical in severity—that could lead to arbitrary code execution attacks.

     

  17. Microsoft Releases June 2019 Security Updates to Patch 88 Vulnerabilities

    https://thehackernews.com/2019/06/windows-june-updates.html

    Quote

    This month's security updates include patches for a total of 88 vulnerabilities, 21 are rated Critical, 66 are Important, and one is rated Moderate in severity.

    The June 2019 updates include patches Windows OS, Internet Explorer, Microsoft Edge browser, Microsoft Office and Services, ChakraCore, Skype for Business, Microsoft Lync, Microsoft Exchange Server, and Azure.

    Four of the security vulnerabilities, all rated important and could allow attackers to escalate privileges, patched by the tech giant this month were disclosed publicly, of which none were found exploited in the wild.

  18. In case we have many Linux users here, I thought this article may be of interest to you as well. Forgive me for paraphrasing Sting's song, but I was part of the cold war in Berlin!

    Russian military moves closer to replacing Windows with Astra Linux

    https://www.zdnet.com/article/russian-military-moves-closer-to-replacing-windows-with-astra-linux/

    Quote

     

    Russian authorities have moved closer to implementing their plan of replacing the Windows OS on military systems with a locally-developed operating system named Astra Linux.

    Last month, the Russian Federal Service for Technical and Export Control (FSTEC) granted Astra Linux the security clearance of “special importance,” which means the OS can now be used to handle Russian government information of the highest degree of secrecy.

    Until now, the Russian government had only used special versions of Windows that had been modified, checked, and approved for use by the FSB.

     

     

  19. Hackers Infect 50,000 MS-SQL and PHPMyAdmin Servers with Rootkit Malware

    https://thehackernews.com/2019/05/hacking-mysql-phpmyadmin.html

    Quote

     

    Cyber Security researchers at Guardicore Labs today published a detailed report on a widespread cryptojacking campaign attacking Windows MS-SQL and PHPMyAdmin servers worldwide.
     
    Dubbed Nansh0u, the malicious campaign is reportedly being carried out by an APT-style Chinese hacking group who has already infected nearly 50,000 servers and are installing a sophisticated kernel-mode rootkit on compromised systems to prevent the malware from being terminated.
     
    The campaign, which dates back to February 26 but was first detected in early-April, has been found delivering 20 different payload versions hosted on various hosting providers.

     

     

  20. Flipboard Database Hacked — Users' Account Information Exposed

    https://thehackernews.com/2019/05/flipboard-data-breach-hacking.html

    Quote

     

    Flipboard, a popular social sharing and news aggregator service used by over 150 million people, has disclosed that its databases containing account information of certain users have been hacked.
     
    According to a public note published yesterday by the company, unknown hackers managed to gain unauthorized access to its systems for nearly 10 months—between June 2, 2018, and March 23, 2019, and then again on April 21-22, 2019.
     
    The hackers then potentially downloaded database containing Flipboard users' real name, usernames, cryptographically (salted hash) protected passwords and email addresses, including digital tokens for users who linked their Flipboard account to a third-party social media service.

     

     

  21. https://www.theverge.com/2019/5/29/18643857/microsoft-windows-lite-modern-operating-system-computex-2019-hints

    Quote

     

    Microsoft still hasn’t officially confirmed the existence of its rumored Windows Lite operating system, but the software giant is dropping some pretty big hints about the future of Windows today. Nick Parker, Microsoft’s corporate vice president of consumer and device sales, appeared on stage at Computex today to detail the company’s vision for a modern operating system. While Parker didn’t unveil Windows Lite, a rumored lightweight version of Windows for dual-screen and Chromebook-like devices, he did reveal how Microsoft is preparing for new device types.
     
    These new devices will require what Microsoft calls a “modern OS,” that includes a bunch of “enablers” like seamless updates. We’ve seen various promises about Windows Updates being improved over the years, but Microsoft is now promising that “modern OS updates are invisibly done in the background; the update experience is deterministic, reliable, and instant with no interruptions!” No interruptions and done in the background sounds very different from the Windows Update experience available on Windows 10 today, and it sounds far more Chrome OS-like.

     

     

  22. Windows 10 Update Bricks PCs, Microsoft Offers Work-a-rounds

    https://threatpost.com/windows-10-update-bricks-pcs/144897/

    Quote

     

    Microsoft has acknowledged that a Windows 10 bug is causing some users’ systems to freeze after using their System Restore feature.
     
    The issue arose after users complained that when they updated Windows 10 and attempted to restart their system, they were met with a “Stop error” that blocked them from booting up. Microsoft for its part said in its advisory that “this is a known issue in Windows 10” and offered workarounds to the problem.
     
    “In this scenario, the system is not restored to the ‘R1’ restore point. Instead, the computer experiences a Stop error (0xc000021a). You restart the computer, but the system cannot return to the Windows desktop,” according to a Friday Microsoft advisory.

     

     

  23. New Class of CPU Flaws Affect Almost Every Intel Processor Since 2011

    https://thehackernews.com/2019/05/intel-processor-vulnerabilities.html

    Quote

     

    Academic researchers today disclosed details of the newest class of speculative execution side-channel vulnerabilities in Intel processors that impacts all modern chips, including the chips used in Apple devices.
     
    After the discovery of Spectre and Meltdown processor vulnerabilities earlier last year that put practically every computer in the world at risk, different classes of Spectre and Meltdown variations surfaced again and again.
     
    Now, a team of security researchers from multiple universities and security firms has discovered different but more dangerous speculative execution side-channel vulnerabilities in Intel CPUs.
     
    The newly discovered flaws could allow attackers to directly steal user-level, as well as system-level secrets from CPU buffers, including user keys, passwords, and disk encryption keys.

     

     

  24. Adobe Releases Critical Patches for Flash, Acrobat Reader, and Media Encoder

    https://thehackernews.com/2019/05/adobe-software-updates.html

    Quote

    Adobe today released its monthly software updates to patch a total of 87 security vulnerabilities in its Adobe Acrobat and Reader, Flash Player and Media Encoder, most of which could lead to arbitrary code execution attacks or worse.

     
    None of the flaws patched this month in Adobe products has been found exploited in the wild.
     
    Out of 87 total flaws, a whopping number of vulnerabilities (i.e., 84 in total) affect Adobe Acrobat and Reader applications alone, where 42 of them are critical and rest 42 are important in severity.

     

     

×
×
  • Create New...