Cyber security aggregate rss news

Cyber security aggregator - feeds history

image for Transatlantic Cable  ...

 News

We kick off this week’s edition of the Transatlantic Cable podcast by looking at an active scam in the UK. As if 2020 was not bad enough, now people need to be on the lookout for scams that are targeting them with travel and refunds that are more prevalent with everyone at home due to COVID-19 — and the impact   show more ...

on people’s wallets is continuing to get bigger. From there, we jump across the Atlantic to Springfield, Massachusetts, whose school system was hit with ransomware. The only ones happy in this story were the kids who got an impromptu snow day. We stay in the US for our third story, this about Google’s sharing of crime-related search data with law enforcement. To close things out, we take a look at some leaked source code from Microsoft. If you liked the podcast, please consider subscribing or sharing with your friends. For more information on the stories that we covered, please visit the links below: Scammers exploit COVID to steal from stressed bank customers Massachusetts school district shut down by ransomware attack Google is giving data to police based on search keywords, court docs show Windows XP and Server 2003 compiled from leaked source code

 Trends, Reports, Analysis

The Agari Cyber Intelligence Division published a study to better understand the operations of BEC attacks – in particular, the location of attackers and the money mules used for laundering funds.

 Malware and Vulnerabilities

An information disclosure flaw exists in the WebGL functionality of Chrome 83.0.4103.116 (Stable) (64-bit) and 86.0.4198.0 (Developer Build) (64-bit) that could be exploited by malicious requests.

 Threat Actors

While Microsoft warned that cybercriminals have started to incorporate exploits for the ZeroLogon vulnerability in their attacks, the DHS fears that the U.S election could on the target of the attackers.

 Malware and Vulnerabilities

Research from Microsoft found that a new Android ransomware has added unique TTPs to its arsenal, including a novel ransom note delivery system and an ML component that can be tweaked for various devices.

 Govt., Critical Infrastructure

In 2019 alone, more than 8,223 complaints from individuals and small businesses in North Carolina were filed with the FBI Internet Crime Complaint Center, with monetary losses totaling $48,425,764.

 Trends, Reports, Analysis

Nearly half the BEC scammers in the US are based in five states: California, Georgia, Florida, Texas, and New York, although evidence of BEC attack operations has been detected in 45 states by Agari.

 Companies to Watch

BlueVoyant, a cybersecurity services company, has acquired Managed Sentinel, a specialist in the deployment and management of Microsoft’s cloud-native security solutions.

 Breaches and Incidents

The Information Commissioner's Office said it will make enquiries into Klarna after scores of angry people questioned why it had their details despite never doing business with the payments firm.

 Feed

Red Hat Security Advisory 2020-4256-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 6, 7, and 8. Issues addressed include a memory leak vulnerability.

 Feed

Red Hat Security Advisory 2020-4257-01 - Red Hat JBoss Enterprise Application Platform 7.3 is a platform for Java applications based on the WildFly application runtime. This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.3. Issues addressed include a memory leak vulnerability.

 Feed

Red Hat Security Advisory 2020-4252-01 - This release of Red Hat build of Quarkus 1.7.5 includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section. Issues addressed include code execution and remote SQL injection vulnerabilities.

 Feed

Red Hat Security Advisory 2020-4251-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 32.0.0.445. Issues addressed include a code execution vulnerability.

 Feed

Ubuntu Security Notice 4580-1 - Hador Manor discovered that the DCCP protocol implementation in the Linux kernel improperly handled socket reuse, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

 Feed

Ubuntu Security Notice 4579-1 - Hador Manor discovered that the DCCP protocol implementation in the Linux kernel improperly handled socket reuse, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Wen Xu discovered that the XFS   show more ...

file system in the Linux kernel did not properly validate inode metadata in some situations. An attacker could use this to construct a malicious XFS image that, when mounted, could cause a denial of service. Various other issues were also addressed.

 Feed

Ubuntu Security Notice 4578-1 - Hador Manor discovered that the DCCP protocol implementation in the Linux kernel improperly handled socket reuse, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Wen Xu discovered that the XFS   show more ...

file system in the Linux kernel did not properly validate inode metadata in some situations. An attacker could use this to construct a malicious XFS image that, when mounted, could cause a denial of service. Various other issues were also addressed.

 Feed

Ubuntu Security Notice 4577-1 - Hador Manor discovered that the DCCP protocol implementation in the Linux kernel improperly handled socket reuse, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Giuseppe Scrivano discovered that   show more ...

the overlay file system in the Linux kernel did not properly perform permission checks in some situations. A local attacker could possibly use this to bypass intended restrictions and gain read access to restricted files. Various other issues were also addressed.

 Feed

Ubuntu Security Notice 4576-1 - Hador Manor discovered that the DCCP protocol implementation in the Linux kernel improperly handled socket reuse, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Jay Shin discovered that the ext4   show more ...

file system implementation in the Linux kernel did not properly handle directory access with broken indexing, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

 Feed

Ubuntu Security Notice 4575-1 - It was discovered that dom4j incorrectly handled reading XML data. A remote attacker could exploit this with a crafted XML file to expose sensitive data or possibly execute arbitrary code.

 Feed

It was discovered that the F2FS file system implementation in the Linux kernel did not properly perform bounds checking on xattrs in some situations. A local attacker could possibly use this to expose sensitive information (kernel memory). It was discovered that the Serial CAN interface driver in the Linux kernel did   show more ...

not properly initialize data. A local attacker could use this to expose sensitive information (kernel memory). Other issues where also addressed.

 Feed

Ubuntu Security Notice 4583-1 - It was discovered that PHP incorrectly handled certain encrypt ciphers. An attacker could possibly use this issue to decrease security or cause incorrect encryption data. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. It was discovered that PHP incorrectly handled   show more ...

certain HTTP cookies. An attacker could possibly use this issue to forge cookie which is supposed to be secure. Various other issues were also addressed.

 Feed

Ubuntu Security Notice 4582-1 - It was discovered that Vim incorrectly handled permissions on the .swp file. A local attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 16.04 LTS. It was discovered that Vim incorrectly handled restricted mode. A local attacker could   show more ...

possibly use this issue to bypass restricted mode and execute arbitrary commands. Note: This update only makes executing shell commands more difficult. Restricted mode should not be considered a complete security measure. Various other issues were also addressed.

 Feed

Ubuntu Security Notice 4581-1 - It was discovered that Python incorrectly handled certain character sequences. A remote attacker could possibly use this issue to perform CRLF injection.

 Feed

Taken is a script that enables you to actively attempt to take over priorly assigned DNS to a given EC2 instance.

 Feed

Sifter is a osint, recon, and vulnerability scanner. It combines a plethora of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the blue vulnerabilities within Microsoft systems and if unpatched, exploits them.

 Feed

A financially-motivated threat actor known for its malware distribution campaigns has evolved its tactics to focus on ransomware and extortion. According to FireEye's Mandiant threat intelligence team, the collective — known as FIN11 — has engaged in a pattern of cybercrime campaigns at least since 2016 that involves monetizing their access to organizations' networks, in addition to deploying

 Feed

Managed Security Services Providers (MSSPs) have it rough. They have the burden of protecting their client organizations from cyberattacks, with clients from different industries, different security stacks, and different support requirements. And everything is in a constant state of flux. MSSPs are turning to multitenant solutions to help reduce the complexity of managing multiple security

 Feed

Microsoft on Tuesday issued fixes for 87 newly discovered security vulnerabilities as part of its October 2020 Patch Tuesday, including two critical remote code execution (RCE) flaws in Windows TCP/IP stack and Microsoft Outlook. The flaws, 11 of which are categorized as Critical, 75 are ranked Important, and one is classified Moderate in severity, affect Windows, Office and Office Services and

 Feed

German investigating authorities have raided the offices of Munich-based company FinFisher that sells the infamous commercial surveillance spyware dubbed 'FinSpy,' reportedly in suspicion of illegally exporting the software to abroad without the required authorization. Investigators from the German Customs Investigation Bureau (ZKA), ordered by the Munich Public Prosecutor's Office, searched a

2020-10
Aggregator history
Wednesday, October 14
THU
FRI
SAT
SUN
MON
TUE
WED
OctoberNovemberDecember