RCE Exploit for Windows RDP Gateway Demoed by Researcher
Cisco Webex bug allowed anyone to join a password-protected meeting
www.theregister.co.uk/2020/01/27/cisco_webex_bug_let_anyone_join_a_passwordprotected_meeting/ Patched vuln was ‘in active use’, firm reveals. Cisco has confessed to a vulnerability in its Webex Meetings Suite sites and Webex Meetings Online sites that allowed an “unauthenticated” attendee sitting on a workstation far, far away to join a “password-protected meeting without providing the meeting password”.
FBI Releases Alert on Iranian Hackers’ Defacement Techniques
www.bleepingcomputer.com/news/security/fbi-releases-alert-on-iranian-hackers-defacement-techniques/ The FBI Cyber Division issued a flash security alert earlier this month with additional indicators of compromise from recent defacement attacks operated by Iranian threat actors and info on attackers’ TTPs to help administrators and users to protect their websites.
Tampa Bay Times hit with Ryuk ransomware attack
blog.malwarebytes.com/ransomware/2020/01/tampa-bay-times-hit-with-ryuk-ransomware-attack/ Florida newspaper The Tampa Bay Times suffered a Ryuk ransomware attack Thursday, making it the latest major victim of the notorious ransomware family that continues to rise in popularity.. [Article refers to the campaign known as SeaTurtle]
Russian Cybercrime Boss Burkov Pleads Guilty
krebsonsecurity.com/2020/01/russian-cybercrime-boss-burkov-pleads-guilty/ Aleksei Burkov, an ultra-connected Russian hacker once described as an asset of supreme importance to Moscow, has pleaded guilty in a U.S. court to running a site that sold stolen payment card data and to administering a highly secretive crime forum that counted among its members some of the most elite Russian cybercrooks.
Leaking Data on Intel CPUs via Cache Evictions
cacheoutattack.com/ We present CacheOut, a new speculative execution attack that is capable of leaking data from Intel CPUs across many security boundaries. We show that despite Intel’s attempts to address previous generations of speculative execution attacks, CPUs are still vulnerable, allowing attackers to exploit these vulnerabilities to leak sensitive data.. report:
[UK] Government to strengthen security of internet-connected products
www.gov.uk/government/news/government-to-strengthen-security-of-internet-connected-products New legislation to improve security standards of internet-connected household devices
Toimittaja testasi: Kännykkäni laverteli minusta melkein kaiken datakauppiaille kahdessa viikossa Koetin jäljittää, mitä tiedoilleni tapahtui
Intel Is Patching the Patch for the Patch for Its Zombieload Flaw
www.wired.com/story/intel-zombieload-third-patch-speculative-execution/ Intel’s made two attempts to fix the microprocessor vulnerability it was warned about 18 months ago. Third times the charm?. Intel’s made two attempts to fix the microprocessor vulnerability it was warned about 18 months ago. Third times the charm?
Exclusive: Hackers acting in Turkey’s interests believed to be behind recent cyberattacks – sources
www.reuters.com/article/us-cyber-attack-hijack-exclusive-idUSKBN1ZQ10X Sweeping cyberattacks targeting governments and other organizations in Europe and the Middle East are believed to be the work of hackers acting in the interests of the Turkish government, three senior Western security officials said.. [Article refers to the campaign known as SeaTurtle]
Watch six decade-long disinformation operations unfold in six minutes
firstname.lastname@example.org/watch-six-decade-long-disinformation-operations-unfold-in-six-minutes-5f69a7e75fb3 Heres a birds eye view of six state-backed information operations on Twitter, and how they evolved over the last decade. This research was funded by the Mozilla Foundation by an Open Source Support Award.
The duke of URL: Zoom meetups’ info leaked out through eavesdrop hole
www.theregister.co.uk/2020/01/28/zoom_eavesdrop_hack/ Video-conferencing outfit Zoom had a major vulnerability in its URL scheme that miscreants could exploit to eavesdrop on private meetings.. report:
OurMine Hackers Are Back, Hijack NFL Teams’ Social Accounts
www.bleepingcomputer.com/news/security/ourmine-hackers-are-back-hijack-nfl-teams-social-accounts/ It looks like the OurMine crew is back and they’re on a hacking spree, taking brief control of the social media accounts of high-profile individuals.
Ragnarok Ransomware Targets Citrix ADC, Disables Windows Defender
www.bleepingcomputer.com/news/security/ragnarok-ransomware-targets-citrix-adc-disables-windows-defender/ A new ransomware called Ragnarok has been detected being used in targeted attacks against unpatched Citrix ADC servers vulnerable to the CVE-2019-19781 exploit.. When attackers are able to compromise a Citrix ADC device, various scripts would be downloaded and executed that scan for Windows computers vulnerable to the EternalBlue vulnerability.
The average ransom demand for a REvil ransomware infection is a whopping $260,000
www.zdnet.com/article/the-average-ransom-demand-for-a-revil-ransomware-infection-is-a-whopping-260000/ Security researchers sinkhole the REvil ransomware servers and gain an insight into the operation of today’s biggest ransomware gang.. report: www.kpn.com/security-blogs/Tracking-REvil.htm
LoRaWAN Encryption Keys Easy to Crack, Jeopardizing Security of IoT Networks
threatpost.com/lorawan-encryption-keys-easy-to-crack-jeopardizing-security-of-iot-networks/152276/ New research from IOActive has found that blindly trusting the encryption of the widely adopted device protocol can lead to DDoS, sending of false data and other cyber attacks.
New ‘CacheOut’ Attack Leaks Data from Intel CPUs, VMs and SGX Enclave
thehackernews.com/2020/01/new-cacheout-attack-leaks-data-from.html Researchers at the universities of Adelaide and Michigan demonstrated:. the effectiveness of CacheOut in violating process isolation by recovering AES keys and plaintexts from an OpenSSL-based victim