Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history

 Trends, Reports, Analysis

Proofpoint identified three state-sponsored threat actors from India, Russia, and China adopting RTF template injection methods in their phishing campaigns. The adoption of this technique has made attacks from the group much harder to detect and prevent. Therefore, organizations are suggested to deploy network/host intrusion prevention systems and reliable anti-malware to stay protected.

 Malware and Vulnerabilities

Threat actors behind Emotet are penetrating inside networks through malicious Windows App Installer packages by imitating Adobe PDF software. The campaign uses stolen reply-chain emails that seem to be a reply to an existing conversation. Once the install button is clicked, the installer downloads/installs an appx   show more ...

bundle hosted on Microsoft Azure. Kindly use reliable anti-phishing, network firewall, and anti-malware to stay protected.

 Threat Actors

Researchers suspect that the stealthy hacking group called WIRTE has been conducting attacks against government and diplomatic entities in the Middle East, since at least 2019. The group has targeted victims in multiple regions, including Armenia, Cyprus, Egypt, Jordan, Lebanon, Palestine, Syria, and Turkey. Organizations in targeted regions need to watch against such attacks.

 Malware and Vulnerabilities

Hackers infected over 300,000 devices via four malicious apps loaded with banking trojans. The malicious apps posed as utility apps and attempted to take full control of the infected devices. Experts recommend using a reliable anti-malware app on the smartphone and monitoring app behavior after installation.

 Feed

Ubuntu Security Notice 5173-1 - It was discovered that libmodbus incorrectly handled inputs. An attacker could possibly use this issue to cause a denial of service or other unspecified impact.

 Feed

RedTeam Pentesting discovered several backdoors in the firmware for the Auerswald COMpact 5500R PBX. These backdoors allow attackers who are able to access the web-based management application full administrative access to the device. Versions 8.0B and below are affected.

 Feed

Ubuntu Security Notice 5172-1 - It was discovered that uriparser mishandled certain input. An attacker could use this vulnerability to cause uriparser to crash or possibly execute arbitrary code. It was discovered that uriparser incorrectly handled certain URIs. An attacker could use this vulnerability to cause a crash or possibly leak sensitive information.

 Feed

RedTeam Pentesting discovered a vulnerability in the web-based management interface of the Auerswald COMpact 5500R PBX which allows users with the "sub-admin" privilege to access any files on the PBX's file system. Versions 8.0B and below are affected.

 Feed

Ubuntu Security Notice 5171-1 - It was discovered that Long Range ZIP incorrectly handled certain specially crafted lrz files. A remote attacker could possibly use this issue to cause a denial of service or other unspecified impact.

 Feed

RedTeam Pentesting discovered a vulnerability in the web-based management interface of the Auerswald COMpact 5500R PBX which allows low-privileged users to access passwords of administrative user accounts. Affected versions include 8.0B and below.

 Feed

RedTeam Pentesting discovered a vulnerability in the web-based configuration management interface of the Auerswald COMfortel 1400 and 2600 IP desktop phones. The vulnerability allows accessing configuration data and settings in the web-based management interface without authentication. Versions 2.8F and below are affected.

 Feed

Ubuntu Security Notice 5174-1 - Stefan Metzmacher discovered that Samba incorrectly handled SMB1 client connections. A remote attacker could possibly use this issue to downgrade connections to plaintext authentication. Andrew Bartlett discovered that Samba incorrectly mapping domain users to local users. An   show more ...

authenticated attacker could possibly use this issue to become root on domain members. Andrew Bartlett discovered that Samba did not properly check sensitive attributes. An authenticated attacker could possibly use this issue to escalate privileges. Various other issues were also addressed.

 Feed

Cryptocurrency trading platform BitMart has disclosed a "large-scale security breach" that it blamed on a stolen private key, resulting in the theft of more than $150 million in various cryptocurrencies. The breach is said to have impacted two of its hot wallets on the Ethereum (ETH) blockchain and the Binance smart chain (BSC). The company noted that the wallets carried only a "small percentage

 Feed

Researchers have discovered 14 new types of cross-site data leakage attacks against a number of modern web browsers, including Tor Browser, Mozilla Firefox, Google Chrome, Microsoft Edge, Apple Safari, and Opera, among others. Collectively known as "XS-Leaks," the browser bugs enable a malicious website to harvest personal data from its visitors as they interact with other websites in the

 Feed

Users looking to activate Windows without using a digital license or a product key are being targeted by tainted installers to deploy malware designed to plunder credentials and other information in cryptocurrency wallets. The malware, dubbed "CryptBot," is an information stealer capable of obtaining credentials for browsers, cryptocurrency wallets, browser cookies, credit cards, and capturing

 Feed

So you've decided to set up a vulnerability scanning programme, great. That's one of the best ways to avoid data breaches. How often you should run your scans, though, isn't such a simple question. The answers aren't the same for every type of organization or every type of system you're scanning. This guide will help you understand the questions you should be asking and help you come up with the

 Feed only

Graham Cluley Security News is sponsored this week by the folks at Recorded Future. Thanks to the great team there for their support! Ransomware attacks dominate the cybersecurity news headlines, with businesses all over the world wondering if they will be the next victim. It’s a legitimate, and growing fear, as the   show more ...

attackers get more … Continue reading "Ransomware – how to stop it, and how to survive an attack. Free eBook by Recorded Future"

2021-12
Aggregator history
Monday, December 06
WED
THU
FRI
SAT
SUN
MON
TUE
DecemberJanuaryFebruary