Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history
image for UPDATE DEF CON DOOM ...

 Agriculture

A researcher presented the results of a year-long effort to reverse engineer John Deere hardware to run a version of the DOOM first person shooter. He also discovered a number of security flaws along the way. The post UPDATE DEF CON DOOM Patrol: Deere Jailbreak Raises Questions on Security, Competition appeared first   show more ...

on The Security Ledger with...Read the whole entry... » Related StoriesFeel Good Ukraine Tractor Story Highlights Ag Cyber RiskDEF CON: Security Holes in Deere, Case IH Shine Spotlight on Agriculture Cyber RiskCyber Attack Halts Production at Ag Equipment Maker AGCO Fendt

 Trends, Reports, Analysis

While phishing continued to be the vector used for initial access, there was a vast increase in external remote services (such as VPNs and RDP environments) being compromised, up 700%, according to a Kroll report.

 Threat Actors

Hive is a relatively new RaaS group first observed in June 2021. However, its aggressive tactics and regular variant upgrades have made it a formidable adversary in the space.

 Malware and Vulnerabilities

Researchers from hardware security firm Eclypsium have discovered a vulnerability in three signed third-party Unified Extensible Firmware Interface (UEFI) boot loaders that can be exploited to bypass the UEFI Secure Boot feature.

 Trends, Reports, Analysis

Ransomware-wielding attackers continue to seek new ways to maximize profits with minimal effort. Some of their top tactics include tapping initial access brokers, working with botnet operators and testing new monetization models.

 Feed

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals   show more ...

to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs). This is the source code release.

 Feed

The BlueSky Win32.Ransom.BlueSky ransomware looks for and executes arbitrary DLLs in its current working directory. Therefore, we can hijack a DLL, execute our own code, and control and terminate the malware pre-encryption. The exploit DLL checks if the current directory is "C:WindowsSystem32" and if not we   show more ...

grab our own process ID and terminate. All basic tests were conducted successfully in a virtual machine environment.

 Feed

Ubuntu Security Notice 5568-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

 Feed

Red Hat Security Advisory 2022-6057-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 3.1.422 and .NET Runtime 3.1.28.

 Feed

Red Hat Security Advisory 2022-6058-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.108 and .NET Runtime 6.0.8.

 Feed

Gentoo Linux Security Advisory 202208-31 - Multiple vulnerabilities have been found in GStreamer and its plugins, the worst of which could result in arbitrary code execution. Versions less than 1.16.3 are affected.

 Feed

Gentoo Linux Security Advisory 202208-27 - Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape). Versions less than 7.0.0 are affected.

 Feed

Gentoo Linux Security Advisory 202208-23 - Multiple vulnerabilities have been discovered in Xen, the worst of which could result in remote code execution (guest sandbox escape). Versions less than 4.15.3 are affected.

 Feed

Gentoo Linux Security Advisory 202208-25 - Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions less than 5.15.5_p20220618>= are affected.

 Feed

A now-removed rogue package pushed to the official third-party software repository for Python has been found to deploy cryptominers on Linux systems. The module, named "secretslib" and downloaded 93 times prior to its deletion, was released to the Python Package Index (PyPI) on August 6, 2022 and is described as "secrets matching and verification made easy." "On a closer

 Feed

The SOVA Android banking trojan is continuing to be actively developed with upgraded capabilities to target no less than 200 mobile applications, including banking apps and crypto exchanges and wallets, up from 90 apps when it started out. That's according to the latest findings from Italian cybersecurity firm Cleafy, which found newer versions of the malware sporting functionality to intercept

 Feed

Credential theft is clearly still a problem. Even after years of warnings, changing password requirements, and multiple forms of authentication, password stealing remains a top attack method used by cyber criminals. The latest report from the Ponemon Institute shares that 54% of security incidents were caused by credential theft, followed by ransomware and DDoS attacks. 59% of organizations

2022-08
Aggregator history
Monday, August 15
MON
TUE
WED
THU
FRI
SAT
SUN
AugustSeptemberOctober