All about Security, News, Events and Incidents

Discussion in 'Security and Anti-Virus Software' started by Dr. AMK, Apr 26, 2018.

  1. Vasudev

    Vasudev Notebook Nobel Laureate

    Reputations:
    8,997
    Messages:
    10,837
    Likes Received:
    8,140
    Trophy Points:
    931
    Not seeing changelog in defender page https://docs.microsoft.com/en-us/wi...pdates-baselines-microsoft-defender-antivirus
     
    Dr. AMK likes this.
  2. Dr. AMK

    Dr. AMK Living with Hope

    Reputations:
    3,496
    Messages:
    2,111
    Likes Received:
    4,379
    Trophy Points:
    281
    A Patient Dies After Ransomware Attack Paralyzes German Hospital Systems

    German authorities last week disclosed that a ransomware attack on the University Hospital of Düsseldorf (UKD) caused a failure of IT systems, resulting in the death of a woman who had to be sent to another hospital that was 20 miles away. The incident marks the first recorded casualty as a ...

    Read More


    A Bug Could Let Attackers Hijack Firefox for Android via Wi-Fi Network

    Dear Android users, if you use the Firefox web browser on your smartphones, make sure it has been updated to version 80 or the latest available version on the Google Play Store. ESET security researcher Lukas Stefanko yesterday tweeted an alert demonstrating the exploitation of a recently disclosed ...

    Read More


    Researchers Uncover 6-Year Cyber Espionage Campaign Targeting Iranian Dissidents

    Capping off a busy week of charges and sanctions against Iranian hackers, a new research offers insight into what's a six-year-long ongoing surveillance campaign targeting Iranian expats and dissidents with an intention to pilfer sensitive information. The threat actor, suspected to be of Iranian ...

    Read More


    U.S. Treasury Sanctions Hacking Group Backed by Iranian Intelligence

    The U.S. government on Thursday imposed sweeping sanctions against an Iranian threat actor backed by the country's Ministry of Intelligence and Security (MOIS) for carrying out malware campaigns targeting Iranian dissidents, journalists, and international companies in the telecom and travel ...

    Read More


    Android 11 — 5 New Security and Privacy Features You Need to Know

    After a long wait and months of beta testing, Google last week finally released Android 11, the latest version of the Android mobile operating system—with features offering billions of its users more control over their data security and privacy. Android security is always a hot topic and almost ...

    Read More
     
    Last edited: Sep 21, 2020
    jclausius, cfe, Vasudev and 1 other person like this.
  3. Dr. AMK

    Dr. AMK Living with Hope

    Reputations:
    3,496
    Messages:
    2,111
    Likes Received:
    4,379
    Trophy Points:
    281
    Unsecured Microsoft Bing Server Exposed Users' Search Queries and Location

    A back-end server associated with Microsoft Bing exposed sensitive data of the search engine's mobile application users, including search queries, device details, and GPS coordinates, among others. The logging database, however, doesn't include any personal details such as names or addresses. The ...

    Read More


    British Hacker Sentenced to 5 Years for Blackmailing U.S. Companies

    A UK man who threatened to publicly release stolen confidential information unless the victims agreed to fulfill his digital extortion demands has finally pleaded guilty on Monday at U.S. federal district court in St. Louis, Missouri. Nathan Francis Wyatt , 39, who is a key member of the infamous ...

    Read More


    Researchers Uncover 6-Year Cyber Espionage Campaign Targeting Iranian Dissidents

    Capping off a busy week of charges and sanctions against Iranian hackers, a new research offers insight into what's a six-year-long ongoing surveillance campaign targeting Iranian expats and dissidents with an intention to pilfer sensitive information. The threat actor, suspected to be of Iranian ...

    Read More
     
    jclausius, Papusan, 6730b and 2 others like this.
  4. Papusan

    Papusan JOKEBOOKs Sucks! Dont waste your $$$ on FILTHY

    Reputations:
    31,807
    Messages:
    26,596
    Likes Received:
    49,002
    Trophy Points:
    931
    Blindside is a new Specter vulnerability: affects Intel and AMD en24news.com | Sept 21, 2020
    [​IMG]

    For the past two years, security flaws in processors have been a common concern in the technology industry. Processor manufacturers, where Intel has been most prevalent, have struggled to implement measures against deficiencies that in most cases are related to speculative executions in the Specter family. After a few months of lull, now the next vulnerability is emerging, affecting both Intel and AMD.

    The security researchers conclude their report by stating that the progress made in recent years on measures against speculative execution is not as stable and comprehensive as the industry might have suggested. With Blindside, they show that speculative execution can still be exploited with easily accessible software methods. The report does not mention whether modern Intel architectures, such as Comet Lake and Ice Lake, are also vulnerable. It remains to be seen if AMD’s upcoming Zen 3 is as vulnerable as its predecessor.

    ...........................................................................................................................

    Was first time mentioned by Zdnet.com last week... https://www.zdnet.com/article/new-blindside-attack-uses-speculative-execution-to-bypass-aslr/

    Academics have developed a new technique for attacking secure computer systems by abusing speculative execution, a CPU mechanism that's normally used for performance optimizations.

    The technique, named BlindSide, was detailed in a paper [PDF] published last week by a team of academics from the Stevens Institute of Technology in New Jersey, ETH Zurich, and the Vrije University in Amsterdam.

    BlindSide attacks also work regardless of architecture, being tested on both Intel and AMD CPUs alike.

    In addition, BlindSide attacks also work despite the recent mitigations that CPU vendors have added against speculative execution attacks like Spectre, Meltdown, and others.

    The team's research paper proposes several mitigations that OS makers could deploy to counter BlindSide attacks.

     
    jclausius, Vasudev and Dr. AMK like this.
  5. Dr. AMK

    Dr. AMK Living with Hope

    Reputations:
    3,496
    Messages:
    2,111
    Likes Received:
    4,379
    Trophy Points:
    281
    Researchers Uncover Cyber Espionage Operation Aimed At Indian Army

    Cybersecurity researchers uncovered fresh evidence of an ongoing cyberespionage campaign against Indian defense units and armed forces personnel at least since 2019 with an aim to steal sensitive information. Dubbed "Operation SideCopy" by Indian cybersecurity firm Quick Heal, the attacks have been ...

    Read More


    Red Team — Automation or Simulation?

    What is the difference between a penetration test and a red team exercise? The common understanding is that a red team exercise is a pen-test on steroids, but what does that mean? While both programs are performed by ethical hackers, whether they are in-house residents or contracted externally, the ...

    Read More


    FinSpy Spyware for Mac and Linux OS Targets Egyptian Organisations

    Amnesty International today exposed details of a new surveillance campaign that targeted Egyptian civil society organizations with previously undisclosed versions of FinSpy spyware designed to target Linux and macOS systems. Developed by a German company, FinSpy is extremely powerful spying ...

    Read More


    Microsoft Windows XP Source Code Reportedly Leaked Online

    Microsoft's long-lived operating system Windows XP—that still powers over 1% of all laptops and desktop computers worldwide—has had its source code leaked online, allegedly, along with Windows Server 2003. Yes, you heard that right. The source code for Microsoft's 19-year-old operating system was ...

    Read More


    Fortinet VPN with Default Settings Leave 200,000 Businesses Open to Hackers

    As the pandemic continues to accelerate the shift towards working from home, a slew of digital threats have capitalized on the health concern to exploit weaknesses in the remote work infrastructure and carry out malicious attacks. Now according to network security platform provider SAM Seamless ...

    Read More
     
    Vasudev, jclausius and Papusan like this.
  6. Papusan

    Papusan JOKEBOOKs Sucks! Dont waste your $$$ on FILTHY

    Reputations:
    31,807
    Messages:
    26,596
    Likes Received:
    49,002
    Trophy Points:
    931
    A security hole in the Apple T2 chip endangers Mac users, a patch is not possible notebookcheck.com
    [​IMG]
    The T2 chip is responsible for the security of Macs - it is all the more annoying that it is now precisely this chip that offers a target for attack. (Image: Apple).

    Security researchers have released new information about a vulnerability in Apple's T2 chip, according to which two different exploits can be used to manipulate the behavior of the chip and to smuggle in malware - the problem cannot be fixed with a software update.

    The bad news: The ROM of the T2 chip cannot be changed by software updates, so Apple cannot do anything about this exploit - ironically, this is a security precaution. However, it can be assumed that future hardware revisions will improve this. Yeah, that will certainly help the users who won't upgrade each year:)
     
    Vasudev, jclausius and Dr. AMK like this.
  7. Vasudev

    Vasudev Notebook Nobel Laureate

    Reputations:
    8,997
    Messages:
    10,837
    Likes Received:
    8,140
    Trophy Points:
    931
    Even Pre-iphone 8 models are affected by security exploit in secure enclave.
    Maybe donations from users after buying new Macs can fix T2 chip exploit with newer T3 chips which doesn't have this exploitable security hole when a Mac is nearby a hacker.
     
    Dr. AMK and Papusan like this.
  8. Papusan

    Papusan JOKEBOOKs Sucks! Dont waste your $$$ on FILTHY

    Reputations:
    31,807
    Messages:
    26,596
    Likes Received:
    49,002
    Trophy Points:
    931
    AMD Graphics Drivers Have a CreateAllocation Security Vulnerability techpowerup.com Yesterday, 09:29

    Discovering vulnerabilities in software is not an easy thing to do. There are many use cases and states that need to be tested to see a possible vulnerability. Still, security researchers know how to find those and they usually report it to the company that made the software. Today, AMD has disclosed that there is a vulnerability present in the company graphics driver powering the GPUs and making them work on systems. Called CreateAllocation (CVE-2020-12911), the vulnerability is marked with a score of 7.1 in the CVSSv3 test results, meaning that it is not a top priority, however, it still represents a big problem.

    "A denial-of-service vulnerability exists in the D3DKMTCreateAllocation handler functionality of AMD ATIKMDAG.SYS 26.20.15029.27017. A specially crafted D3DKMTCreateAllocation API request can cause an out-of-bounds read and denial of service (BSOD). This vulnerability can be triggered from a guest account, " says the report about the vulnerability. AMD states that a temporary fix is implemented by simply restarting your computer if a BSOD happens. The company also declares that "confidential information and long-term system functionality are not impacted". AMD plans to release a fix for this software problem sometime in 2021 with the new driver release. You can read more about it here.
     
    cfe, jclausius, Vasudev and 1 other person like this.
  9. Dr. AMK

    Dr. AMK Living with Hope

    Reputations:
    3,496
    Messages:
    2,111
    Likes Received:
    4,379
    Trophy Points:
    281
    55 New Security Flaws Reported in Apple Software and Services
    A team of five security researchers analyzed several Apple online services for three months and found as many as 55 vulnerabilities, 11 of which are critical in severity. The flaws — including 29 high severity, 13 medium severity, and 2 low severity vulnerabilities — could have allowed an attacker ...

    Read More


    Researchers Find Vulnerabilities in Microsoft Azure Cloud Service
    As businesses are increasingly migrating to the cloud, securing the infrastructure has never been more important. Now according to the latest research, two security flaws in Microsoft's Azure App Services could have enabled a bad actor to carry out server-side request forgery (SSRF) attacks or ...

    Read More


    A Handy Guide for Choosing a Managed Detection & Response (MDR) Service
    Every company needs help with cybersecurity. No CISO ever said, "I have everything I need and am fully confident that our organization is fully protected against breaches." This is especially true for small and mid-sized enterprises that don't have the luxury of enormous cybersecurity budgets and a ...

    Read More


    ALERT! Hackers targeting IoT devices with a new P2P botnet malware
    Cybersecurity researchers have taken the wraps off a new botnet hijacking Internet-connected smart devices in the wild to perform nefarious tasks, mostly DDoS attacks, and illicit cryptocurrency coin mining. Discovered by Qihoo 360's Netlab security team, the HEH Botnet — written in Go language and ...

    Read More


    New 'MosaicRegressor' UEFI Bootkit Malware Found Active in the Wild
    Cybersecurity researchers have spotted a rare kind of potentially dangerous malware that targets a machine's booting process to drop persistent malware. The campaign involved the use of a compromised UEFI (or Unified Extensible Firmware Interface) containing a malicious implant, making it ...

    Read More
     
    Vasudev and jclausius like this.
  10. Papusan

    Papusan JOKEBOOKs Sucks! Dont waste your $$$ on FILTHY

    Reputations:
    31,807
    Messages:
    26,596
    Likes Received:
    49,002
    Trophy Points:
    931
    Vasudev, jclausius and Dr. AMK like this.
Loading...

Share This Page