Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history
image for Exclusive: Flaws in ...

 application security

A serious flaw in Zoom’s Keybase secure chat application left copies of images contained in secure communications on Keybase users’ computers after they were supposedly deleted. The post Exclusive: Flaws in Zoom’s Keybase App Kept Chat Images From Being Deleted appeared first on The Security Ledger. Related   show more ...

StoriesEpisode 201: Bug Hunting with Sick CodesEpisode 200: Sakura Samurai Wants To Make Hacking Groups Cool Again. And: Automating Our Way Out of PKI ChaosDHS Looking Into Cyber Risk from TCL Smart TVs

 Breaches and Incidents

NurseryCam said it did not believe the incident had involved any youngsters or staff being watched without their permission, but had shut down its server as a precautionary measure.

 Malware and Vulnerabilities

The method, known as Bring Your Own Interpreter (BYOI), involves use of an interpreter, not present on a system by default, to run malicious code of an interpreted programming or scripting language.

 Breaches and Incidents

While the deployment of backup systems will allow Beneteau’s activities to start again, production at some of its units, particularly in France, will have to slow down or stop for a few days.

 Malware and Vulnerabilities

WatchDog, the cryptomining malware, has been found to be running undetected for more than two years. The botnet has hijacked at least 476 Windows and Linux devices, to date.

 Feed

OpenDNSSEC is software that manages the security of domain names on the Internet. The project intends to drive adoption of Domain Name System Security Extensions (DNSSEC) to further enhance Internet security.

 Feed

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

 Feed

I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.

 Feed

Ubuntu Security Notice 4744-1 - Pasi Saarinen discovered that OpenLDAP incorrectly handled certain short timestamps. A remote attacker could possibly use this issue to cause OpenLDAP to crash, resulting in a denial of service.

 Feed

Ubuntu Security Notice 4743-1 - It was discovered that the GDK-PixBuf library did not properly handle certain GIF images. If an user or automated system were tricked into opening a specially crafted GIF file, a remote attacker could use this flaw to cause GDK-PixBuf to crash, resulting in a denial of service.

 Feed

Red Hat Security Advisory 2021-0617-01 - The xterm program is a terminal emulator for the X Window System. It provides DEC VT102 and Tektronix 4014 compatible terminals for programs that can't use the window system directly.

 Feed

Ubuntu Security Notice 4742-1 - It was discovered that Django incorrectly accepted semicolons as query parameters. A remote attacker could possibly use this issue to perform a Web Cache Poisoning attack.

 Feed

Red Hat Security Advisory 2021-0619-01 - Stunnel is a wrapper for network connections. It can be used to tunnel an unencrypted network connection over an encrypted connection or to provide an encrypted means of connecting to services that do not natively support encryption.

 Feed

Red Hat Security Advisory 2021-0618-01 - Stunnel is a wrapper for network connections. It can be used to tunnel an unencrypted network connection over an encrypted connection or to provide an encrypted means of connecting to services that do not natively support encryption.

 Feed

Red Hat Security Advisory 2021-0620-01 - Stunnel is a wrapper for network connections. It can be used to tunnel an unencrypted network connection over an encrypted connection or to provide an encrypted means of connecting to services that do not natively support encryption.

 Feed

Days after the first malware targeting Apple M1 chips were discovered in the wild, researchers have disclosed yet another previously undetected piece of malicious software that has already infected 29,139 Macs running Intel x86_64 and the iPhone maker's M1 processors. However, the ultimate goal of the operation remains something of a conundrum, what with the lack of a next-stage or final payload

 Feed

An ever-evolving and rampant form of cybercrime that targets emails as the potential medium to conduct fraud is known as Business Email Compromise. Targeting commercial, government as well as non-profit organizations, BEC can lead to huge amounts of data loss, security breach, and compromised financial assets. It is a common misconception that cybercriminals usually lay their focus on MNCs and

 Feed

On August 13, 2016, a hacking unit calling itself "The Shadow Brokers" announced that it had stolen malware tools and exploits used by the Equation Group, a sophisticated threat actor believed to be affiliated to the Tailored Access Operations (TAO) unit of the U.S. National Security Agency (NSA). Although the group has since signed off following the unprecedented disclosures, new "conclusive"

2021-02
Aggregator history
Monday, February 22
MON
TUE
WED
THU
FRI
SAT
SUN
FebruaryMarchApril