POPULARITY
Dick O'Brien from Symantec's Threat Hunter team sits down with Dave to discuss their work on "Witchetty - Group Uses Updated Toolset in Attacks on Governments in Middle East." Their research has found that the group known as Witchetty aka LookingFrog, has been progressively updating its toolset, including the new tool, backdoor Trojan (Backdoor.Stegmap) to launch malware attacks on targets in the Middle East and Africa. The research states "The attackers exploited the ProxyShell and ProxyLogon vulnerabilities to install web shells on public-facing servers before stealing credentials, moving laterally across networks, and installing malware on other computers. The researchers describe more on the new tool being used and why this new group is a threat. The research can be found here: Witchetty: Group Uses Updated Toolset in Attacks on Governments in Middle East
Dick O'Brien from Symantec's Threat Hunter team sits down with Dave to discuss their work on "Witchetty - Group Uses Updated Toolset in Attacks on Governments in Middle East." Their research has found that the group known as Witchetty aka LookingFrog, has been progressively updating its toolset, including the new tool, backdoor Trojan (Backdoor.Stegmap) to launch malware attacks on targets in the Middle East and Africa. The research states "The attackers exploited the ProxyShell and ProxyLogon vulnerabilities to install web shells on public-facing servers before stealing credentials, moving laterally across networks, and installing malware on other computers. The researchers describe more on the new tool being used and why this new group is a threat. The research can be found here: Witchetty: Group Uses Updated Toolset in Attacks on Governments in Middle East
A daily look at the relevant information security news from overnight - 01 July, 2022Episode 256 - 01 June 2022Critical Gitlab Patch- https://portswigger.net/daily-swig/gitlab-patches-critical-rce-bug-in-latest-security-release Jenkins Janky Plugins - https://www.bleepingcomputer.com/news/security/jenkins-discloses-dozens-of-zero-day-bugs-in-multiple-plugins/WAP Fraud- https://www.zdnet.com/article/microsoft-this-android-malware-will-switch-off-your-wi-fi-empty-your-wallet/Macmillan Incident - https://www.securityweek.com/brocade-vulnerabilities-could-impact-storage-solutions-several-major-companiesMicrosoft Backdoor - https://thehackernews.com/2022/07/new-sessionmanager-backdoor-targeting.htmlDangling Chromium - https://portswigger.net/daily-swig/chromium-browsers-vulnerable-to-dangling-markup-injectionHi, I'm Paul Torgersen. It's Friday July 1st 2022, and this is a look at the information security news from overnight. From PortSwigger.netGitlab has patched a vulnerability that could allow remote code execution. The critical severity flaw affects all versions of GitLab. A fix has been released for this and a number of other vulnerabilities, including two separate cross-site scripting bugs. Link to the Gitlab advisory in the article. From BleepingComputer.com:Jenkins announced 34 security vulnerabilities affecting 29 plugins for the Jenkins open source automation server, 29 of the bugs being zero-days still waiting to be patched. Jenkins supports over 1,700 plugins, with those affected by this disclosure having more than 22,000 installs. Fortunately none of these are rated critical as there are no fixes as of yet for most of them. See the list of affected plugins in the article. From ZDNet.com:Microsoft shared its detailed technical analysis of what it says is one of the most prevalent types of Android malware. It's called 'toll billing', or Wireless Application Protocol fraud. This involves using an infected device to connect to payment pages of a premium service via a device's WAP connection. From there, payments are automatically charged to a device's phone bill. Details and a link to the analysis in the article. From BleepingComputer.comPublishing giant Macmillan was forced to shut down their network and offices while recovering from a security incident. In emails to customers, Macmillan stated the incident involves the encryption of certain files on their network, so this is almost certainly a ransomware attack. No word on the threat actor as Macmillian has slowly started to bring systems back online. And last today, from TheHackerNews.comA newly discovered malware called SessionManager, has backdoored Microsoft Exchange servers since at least March of 2021. If you recall, that was right after the ProxyLogon flaw was discovered. The malware masquerades as a module for Internet Information Services, with capabilities to read, write, and delete arbitrary files; execute binaries from the server; and establish communications with other endpoints in the network. That's all for me this week. Have a great Fourth of July long weekend, and until next time, be safe out there.
A daily look at the relevant information security news from overnight - 27 June, 2022Episode 253 - 27 June 2022BBVA 2FA Clone- https://thehackernews.com/2022/06/new-android-banking-trojan-revive.html ICS ShadowPad - https://www.bleepingcomputer.com/news/security/microsoft-exchange-bug-abused-to-hack-building-automation-systems/LockBit Bounty- https://www.pcmag.com/news/ransomware-gang-offers-bug-bounty-promises-payouts-up-to-1-millionRaccoon 2.0 - https://www.bleepingcomputer.com/news/security/raccoon-stealer-is-back-with-a-new-version-to-steal-your-passwords/OpenSSL Bad Memory - https://www.theregister.com/2022/06/27/openssl_304_memory_corruption_bug/?td=rt-3aHi, I'm Paul Torgersen. It's Tuesday June 28th, 2022, and I want to say a quick thank you as I have just passed 100 subscribers on YouTube. Which is great, but let's not stop there. If you find this valuable, please share with your networks and colleagues. Let's see if we can't add a zero or two to that number. And now, this is a look at the information security news from overnight. From TheHackerNews.comA new Android banking trojan called Revive has been discovered specifically targeting users of the Spanish financial services company BBVA. Phishing campaigns push a look alike website where victims download an app which impersonates the bank's two factor authentication app. Italian cybersecurity firm Cleafy first spotted the malware in mid June, and says it appears to be in its early stages of development. From BleepingComputer.com:A new Chinese-speaking threat actor is hacking into the building automation systems of several Asian organizations and loading the ShadowPad backdoor. The group focused on devices that have not yet patched the Microsoft Exchange vulnerability collectively known as ProxyLogon. According to Dutch research, there are about 46,000 such machines. Kaspersky believes the group is ultimately hunting for sensitive information. From PCMag.com:In what seems to be a first, the LockBit ransomware group has launched a bug bounty program. Evidently they have been successful enough to be able to afford to buy new zero-days. Their current rates run from $1,000 to $1 million, although the million bucks for is you can dox the LockBit leader. If this is compelling to any of you, keep in mind that the main targets for this group are healthcare and education, two of the most vulnerable populations out there. Do you really want to help somebody like that? From BleepingComputer.com:I mentioned last week that the Raccoon Stealer group had temporarily shuttered operations after one of their leaders was killed in the Russian invasion of Ukraine. Well, they're back in action with 2.0, a new and completely re-coded version of their malware offering elevated password-stealing functionality and upgraded operational capacity. Details in the article. And last today, from TheRegister.comOpenSSL 3.0.4 was released on June 21 to address a command-injection vulnerability that they hadn't quite completely patched earlier. Unfortunately, the new release contains a memory corruption which can be triggered trivially by an attacker. This targets the Intel Advanced Vector Extensions 512, or AVX512. The researcher said that if this bug can be exploited remotely, and they are not certain yet that it can, it could be more severe than Heartbleed, at least from a purely technical point of view. Details in the link. That's all for me today. Have a great rest of your day. Like and subscribe, and until tomorrow, be safe out there.
On this week's show Patrick Gray and Adam Boileau discuss the week's security news, including: Spanish PM's phone infected by Pegasus Microsoft drops Ukraine research report We can't make heads or tails out of the FBI's transparency report France hit with coordinated fibre sabotage campaign Why Musk's algorithm pledge is meaningless Much, much more This week's sponsor interview is with ExtraHop Networks' CEO Patrick Dennis. He's joining us this week to talk about how you can turn “Shield's Up!” advice into something actionable. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that's your thing. Show notes Spyware attack targeted Spanish prime minister's phone - The Record by Recorded Future Over 200 Spanish mobile numbers ‘possible targets of Pegasus spyware' | Spain | The Guardian Russia's hackers and military went after the same targets in Ukraine, Microsoft says Russia Is Being Hacked at an Unprecedented Scale | WIRED Russia reroutes internet in occupied Ukrainian territory through Russian telcos - The Record by Recorded Future Russia cyber case prompted big portion of FBI's surveillance database searches in 2021 - The Record by Recorded Future 2022_ASTR_for_CY2020_FINAL.pdf Wyden: “Surveillance Transparency Report” Fails To Explain How Many Americans' Communications Are Searched By the FBI | U.S. Senator Ron Wyden of Oregon How the French fiber optic cable attacks accentuate critical infrastructure vulnerabilities Who tried to hack Hawaii's undersea cable? - The Record by Recorded Future Nauru police emails leaked to protest against Australia's offshore detention Fighting Fake EDRs With ‘Credit Ratings' for Police – Krebs on Security Twitter may have given user's private data to a ransomware hacker, who then ran a researcher offline Musk's plans to make Twitter's algorithms public raises disinformation conundrum Elon Musk's Plan to Open Source the Twitter Algorithm Won't Solve Anything | WIRED Kronos cyber attack sparks lawsuits against employers | BenefitsPRO German wind farm operator confirms cybersecurity incident - The Record by Recorded Future German library service struggling to recover from ransomware attack - The Record by Recorded Future Trinidad's largest supermarket chain crippled by cyberattack - The Record by Recorded Future Austin Peay State University becomes latest US school hit with ransomware - The Record by Recorded Future NC Prohibits Gov Entities from Paying Hacker Cybersecurity Ransoms Connecticut inches closer to becoming fifth state with data privacy law - The Record by Recorded Future Security alert: Attack campaign involving stolen OAuth user tokens issued to two third-party integrators | The GitHub Blog Google touts new tool that scans for malicious packages in popular open-source repositories - The Record by Recorded Future Log4Shell, ProxyLogon and Atlassian bug top CISA's list of routinely exploited vulnerabilities in 2021 - The Record by Recorded Future Widespread Exploitation of VMware Workspace ONE Access CVE-2022-22954 | Rapid7 Blog Microsoft finds Linux desktop flaw that gives root to untrusted users | Ars Technica More than $13 million stolen from DeFi platform Deus Finance - The Record by Recorded Future Binance freezes stolen Axie Infinity crypto after North Korean hackers move funds - The Record by Recorded Future Everscale blockchain wallet shutters web version after vulnerability found - The Record by Recorded Future Hackers steal $90 million from DeFi platforms Rari Capital and Saddle Finance - The Record by Recorded Future Crypto Hackers Stole More Than $370 Million In April Alone Airlock Digital Demo - YouTube Risky Business News | Patrick Gray | Substack
[Referências do Episódio] - Wiper usado contra a Ucrânia, Lituania e Letônia - https://www.bleepingcomputer.com/news/security/new-data-wiping-malware-used-in-destructive-attacks-on-ukraine/ - Detalhes dos recentes ataques DDoS contra a Ucrânia e a Rússia - https://blog.netlab.360.com/wo-men-kan-dao-de-wu-ke-lan-bei-ddosgong-ji-xi-jie/ - CISA aleta para exploração de falhas no Zabbix - https://thehackernews.com/2022/02/cisa-alerts-on-actively-exploited-flaws.html - Abuso das falhas do ProxyLogon e ProxyShell em campanha do UNC2596 - https://www.mandiant.com/resources/unc2596-cuba-ransomware [Ficha técnica] Roteiro e apresentação: Carlos Cabral Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia Projeto gráfico: Julian Prieto
6 décembre 2021 - Au pays des ransomwares Shamelessplug Revoir le Byebye de la sécurité 2021 Hackfest Shop Join Hackfest/La French Connection Discord Conférence LePoint - 10 Février 2022 Shownotes and Links Nouvelles 20211206 - Lettre ouvertes ministres fédéraux sur le Rançongiciel Guide sur les rançongiciels ITSM.00.099 20211206 - CSE: More than half the ransomware attacks in Canada target critical infrastructure providers Ransomware screenshot - compagnie francophone: 20211103 - FBI: Cuba ransomware breached 49 US critical infrastructure orgs CEPEO: Cyberattaque au CEPEO: des milliers de personnes pourraient être touchées https://www.lesoleil.com/2021/12/01/ces-terrifiants-pirates-du-web-5736bcbb6dc4fb73c47bc75efda41c9e 150 modèles d'imprimantes HP vulnérables à un buffer overflow Projets de lois Desjardins, mauvaise clé remise à la police? 20211203 - Germany warns of ransomware attacks over Christmas, citing Emotet return, unpatched Exchange servers Enchainement: IKEA fait face à une attaque via son système Exchange Possiblement SquirrelWaffle Rappelons-nous que les correctifs pour ProxyShell et ProxyLogon sont disponibles depuis mai et juillet de cette année Teams permet le spam et le phishing as a feature! 196 millions volés sur un crypto exchange Des acteurs inconnus tentent de contrôler le réseau TOR en créant des centaines de nodes de sortie Une nouvelle arnaque autour de TSA Pre-check et Nexus: 20211201 - Former Ubiquiti employee charged with hacking and extorting company IrResponsible disclosure CAI - Achète une Certificat SSL le vendredi 27 novembre 2021, le site est annoncé “hors-ligne” le lundi 29 novembre 2021 vers 20h19 -> Certificat expiré….. Ils ne l'ont pas remplacé….. Seulement le lendemain matin ! Bonne nouvelle 1803 arrestations Crew Steve Waterhouse Patrick Mathieu Richer Dinelle Jacques Sauvé Vanessa Guillaume Morissette Crédits Montage audio par Hackfest Communication Musique par Cryomatter - Cryomatter - Reassembly Locaux virtuels par 8x8
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Simple YARA Rules for Office Maldocs https://isc.sans.edu/forums/diary/Simple+YARA+Rules+for+Office+Maldocs/28062/ Retailers Urged to Patch Magento https://www.theregister.com/2021/11/22/ncsc_magento_updates_black_friday_reminder/ PoC of CVE-2021-42321: pop mspaint.exe on the target https://gist.github.com/testanull/0188c1ae847f37a70fe536123d14f398 BeC Via Exchange Flaws https://www.trendmicro.com/en_us/research/21/k/Squirrelwaffle-Exploits-ProxyShell-and-ProxyLogon-to-Hijack-Email-Chains.html Windows Priv. Escalation PoC https://github.com/klinix5/InstallerFileTakeOver PHP deserialize vulnerablity in CloudLinux Imunity360 https://blog.talosintelligence.com/2021/11/vulnerability-spotlight-php-deserialize.html
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Simple YARA Rules for Office Maldocs https://isc.sans.edu/forums/diary/Simple+YARA+Rules+for+Office+Maldocs/28062/ Retailers Urged to Patch Magento https://www.theregister.com/2021/11/22/ncsc_magento_updates_black_friday_reminder/ PoC of CVE-2021-42321: pop mspaint.exe on the target https://gist.github.com/testanull/0188c1ae847f37a70fe536123d14f398 BeC Via Exchange Flaws https://www.trendmicro.com/en_us/research/21/k/Squirrelwaffle-Exploits-ProxyShell-and-ProxyLogon-to-Hijack-Email-Chains.html Windows Priv. Escalation PoC https://github.com/klinix5/InstallerFileTakeOver PHP deserialize vulnerablity in CloudLinux Imunity360 https://blog.talosintelligence.com/2021/11/vulnerability-spotlight-php-deserialize.html
Upozornění na zranitelnost MS Exchange Server a MS Excel: Národní úřad pro kybernetickou a informační bezpečnost - Upozornění na zranitelnost MS Exchange Server a MS Excel (nukib.cz) Kybernetické incidenty pohledem NÚKIB: říjen 2021: Národní úřad pro kybernetickou a informační bezpečnost - Kybernetické incidenty pohledem NÚKIB: říjen 2021 (nukib.cz) Útoční aktéři přesměrovávali zákazníky společnosti Angling Direct na web pro dospělé; Ministerstvo spravedlnosti Spojených států amerických oznámilo minulý týden v pondělí vznesení obvinění proti osobě z ransomwarové skupiny REvil; Útočníci zůstali neodhaleni na serveru dodavatele vody Queenslandu po dobu 9 měsíců; NÚKIB vydal zprávu Kybernetické incidenty pohledem NÚKIB za ŘÍJEN 2021.; Zero-day zranitelnosti postihující Microsoft Exchange Server (CVE-2021-42321) a Microsoft Excel (CVE-2021-42292) Sledujte nás na Twitteru @AlefSecurity a @Jk0pr.
In this episode, Brad and Evan discuss state government security issues and working with the Carolina Cyber Center, to provide higher education students with hands-on practical experience using SecurityStudio to deliver information security risk assessments to SMBs.Also included in episode 148 is a conversation about PDEIS at the Cybersecurity Summit and updates about the future of the Unsecurity Podcast!As always, they review some industry news, including a bug in Microsoft Exchange leaking 372,000 domain credentials, 100M IoT devices that were exposed by a zero-day bug, and a hacking group that used ProxyLogon exploits to breach hotels worldwide. Give episode 148 a listen or watch and send any questions, comments, or feedback to unsecurity@protonmail.com Don't forget to like and subscribe!A bug in Microsoft Exchange Autodiscover feature leaks +372K of domain credentialshttps://securityaffairs.co/wordpress/122510/hacking/microsoft-exchange-autodiscover-feature-bug.html100M IoT Devices Exposed By Zero-Day Bug https://threatpost.com/100m-iot-devices-zero-day-bug/174963/Hacking group used ProxyLogon exploits to breach hotels worldwidehttps://www.bleepingcomputer.com/news/security/hacking-group-used-proxylogon-exploits-to-breach-hotels-worldwide/
Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 438 It is Friday September 24th 2021. I am your host Scott Gombar and Farm Co-ops Are Being Targeted, What's the Impact? Cisco Releases Security Updates for Multiple Products Apple Releases Security Updates CISA Releases Guidance: IPv6 Considerations for TIC 3.0 Hacking group used ProxyLogon exploits to breach hotels worldwide Crystal Valley Farm Coop Hit with Ransomware Ransomware Attacks Reported by Family Medical Center of Michigan & Buddhist Tzu Chi Medical Foundation
This week Mike & John discuss: BlackBerry addresses BadAlloc bugs, glibc fixes a fix, more snprintf misuse that leads to command injection, ProxyLogon technical details, & more in the AppSec News! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw163
This week, we welcome Shubhra Kar, Global CTO and GM of Products & IT at The Linux Foundation, to discuss Challenges in Open Source Application Security! In the AppSec News: BlackBerry addresses BadAlloc bugs, glibc fixes a fix, more snprintf misuse that leads to command injection, ProxyLogon technical details, & more! Show Notes: https://securityweekly.com/asw163 Visit https://www.securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Shubhra Kar, Global CTO and GM of Products & IT at The Linux Foundation, to discuss Challenges in Open Source Application Security! In the AppSec News: BlackBerry addresses BadAlloc bugs, glibc fixes a fix, more snprintf misuse that leads to command injection, ProxyLogon technical details, & more! Show Notes: https://securityweekly.com/asw163 Visit https://www.securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week Mike & John discuss: BlackBerry addresses BadAlloc bugs, glibc fixes a fix, more snprintf misuse that leads to command injection, ProxyLogon technical details, & more in the AppSec News! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw163
On this week's show Patrick Gray and Adam Boileau discuss recent security news, including: The United States backing away from “releasing the hounds” Apple has dropped its lawsuit against Corellium “Activists” dox Belarusian security apparatus Another sign hiding IR reports behind legal privilege is looking shaky Apple implements new child protection tech Much, much more After this week's news we'll hear from Matt Cauthorn from ExtraHop Networks in this week's sponsor interview. We'll be talking about ransomware hack and leak and about how ransomware crews are losing credibility. You used to be able to actually trust them to just unlock you or keep your data private, but that's not so much the case anymore. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that's your thing. Show notes Srsly Risky Biz: Thursday 8 August - by Tom Uren - Seriously Risky Business Disgruntled ransomware affiliate leaks the Conti gang's technical manuals - The Record by Recorded Future Step 1: Do a Google search. Ransomware hacker goes rogue, leaks gang's plan. Meet Prometheus, the secret TDS behind some of today's malware campaigns - The Record by Recorded Future Ransomware Gangs and the Name Game Distraction – Krebs on Security Motherboard vendor GIGABYTE hit by RansomExx ransomware gang - The Record by Recorded Future Wuhan lab: In Covid origins hunt, US intel agencies scour reams of genetic data from China - CNNPolitics Chinese cyber spies targeted Israel posing as Iranian hackers - The Record by Recorded Future Tadeusz Giczan on Twitter: "A short thread about what is perhaps the most successful cyber attack in the history of any nation state conducted by a group called “Belarusian Cyber-partisans”. Last month they hacked the servers of Belarusian police and the Interior Ministry. 1/6 https://t.co/3QPaEYHten" / Twitter Belarusian Cyber-Partisans (@cpartisans) / Twitter Seeking Change, Anti-Lukashenka Hackers Seize Senior Belarusian Officials' Personal Data Courts order handover of breach forensic reports in trend welcomed by consumers, feared by defendants Surprise Capital One court decision spells trouble for incident response - Risky Business Scammers Will Ban Anyone From Instagram For $60 Instagram Shuts Down Fake Likes Factory Apple will reject demands to use CSAM system for surveillance Edward Snowden on Twitter: "@alexstamos @matthew_d_green Step 1.6 is NCMEC shrugging, deflecting by saying "hash collision?" And then the FBI makes an arrest since, by asking WTF, your company just confirmed a hit on the hash (since otherwise you wouldn't have been able to see the image was BS)." / Twitter Apple drops copyright lawsuit against Corellium - 9to5Mac Routers and modems running Arcadyan firmware are under attack - The Record by Recorded Future Microsoft announces new 'Super Duper Secure Mode' for Edge - The Record by Recorded Future Apple fixes AWDL bug that could be used to escape air-gapped networks - The Record by Recorded Future Microsoft to require admin rights before using Windows Point and Print feature - The Record by Recorded Future Critical Cobalt Strike bug leaves botnet servers vulnerable to takedown | Ars Technica Amazon Kindle Hack Needs Just One Evil Ebook To Take Over Your Ereader—And Maybe Your Amazon Account Too ‘A whole new attack surface' – Researcher Orange Tsai documents ProxyLogon exploits against Microsoft Exchange Server | The Daily Swig Black Hat USA: Downgrade attack against Let's Encrypt lowers the bar for printing fraudulent SSL certificates | The Daily Swig Messaging Apps Have an Eavesdropping Problem | WIRED Black Hat USA: HTTP/2 flaws expose organizations to fresh wave of request smuggling attacks | The Daily Swig Black Hat USA 2021: Lessons to learn from the aviation sector after Biden mandates cyber-attack investigatory body | The Daily Swig Amazon and Google patch major bug in their DNS-as-a-Service platforms - The Record by Recorded Future Newsmax, OANN sued by maker of voting machines Robᵉʳᵗ Graham @ Sioux Falls cyber symposium on Twitter: "1/n If you are wondering if there will be anybody at Mike Lindell's cybersymposium who can confirm or refute his "packet captures", well, there's going to be me. I'm a well-known expert on packet captures, and somewhat knowledgeable about election systems. https://t.co/PGioDBZ47B" / Twitter
Source: https://cyberpolygon.com/materials/okhota-na-ataki-ms-exchange-chast-1-proxylogon/ Sponsor by SEC Playground แบบสอบถามเพื่อปรับปรุง Chill Chill Security Channel: https://forms.gle/e5K396JAox2rZFp19 Music by https://www.bensound.com/ --- Support this podcast: https://anchor.fm/chillchillsecurity/support
Sommaire : Microsoft dans le domaine de la santé Les salariés de Blade (Shadow) sont candidats à sa reprise avec le soutien d'Iliad Le FBI nettoie discrètement les serveurs Exchange Le chiffre clé : 17,75 euros en moyenne pour un forfait illimité Pratique : Comment bien choisir votre PC pour un usage mixte ?
In today's podcast we cover four crucial cyber and technology topics, including: 1. Researchers find attackers exploit ProxyLogon to mine Monero 2. WhatsApp flaws could expose user sessions 3. Houston Rockets suffer ransomware, data theft 4. Michigan man sues police after facial recognition leads to false arrest I'd love feedback, feel free to send your comments and feedback to | cyberandtechwithmike@gmail.com
In today's podcast we cover four crucial cyber and technology topics, including: 1. Tanzania Casinos impacted by ransomware 2. Researchers uncover 9 vulnerabilities in DNS communication stacks 3. U.S. Judge grants FBI authority to login into nation state backdoors, uninstall malware 4. Sweden accuses Russian GRU of 2017-2018 hack, lacks prosecution capability I'd love feedback, feel free to send your comments and feedback to | cyberandtechwithmike@gmail.com
V dnešní epizodě se mimo jiné podíváme na report od společnosti PaloAlto a Crypsis, který se týká analýzy ransomware útoků, na posun v zabezpečování Microsoft Exchange serverů a na záplaty v produktech spol. Cisco.
Marc en Seppe bespreken de nieuwigheden van de afgelopen maand. We kunnen Hafnium en hun ProxyLogon niet uit de weg gaan (helaas), maar we bespreken ook een positief nieuwtje komende van Microsoft: Mesh, en schakelen dan over naar de wereld van de spelletjes. Want Roblox en Dungeon Alchemist bewijzen dat ook daar veel in beweging is.
Man geht von hunderttausenden Nutzer:innen und Firmen aus, die von einer massiven Sicherheitslücke in Microsofts Exchange Server betroffen sind. Was ist genau passiert und wer steckt hinter einem der größten Exploits der letzten Jahre? Darüber sprechen Lisa und Christoph in dieser Sondersendung.
UDP DDoS amplifiointi hommiahttps://arstechnica.com/gadgets/2021/03/mainstream-ddosers-are-abusing-d-tls-servers-to-up-the-potency-of-attacks/https://www.netscout.com/blog/asert/datagram-transport-layer-security-dtls-reflectionamplificationSupon tiedote Kiinaan liitetyn APT31 kybervakoiluoperaatio eduskunnassahttps://supo.fi/-/suojelupoliisi-tunnisti-eduskuntaan-kohdistuneen-kybervakoiluoperaation-apt31-ksiViime vuoden Twitteriin kohdistuneesta tietomurrosta annettu ensimmäiset tuoiothttps://www.hackread.com/twitter-hack-mastermind-jailed-2020-celebrity-hack/Solarwinds saaga jatkuu - tällä kertaa Mimecast tullut julkisuuteen olleensa kyberhyökkäyksen uhrihttps://threatpost.com/mimecast-solarwinds-attackers-stole-source-code/164847/Metasploit-moduuli viime viikkoina villinä riehuneiden Exchange-haavoittuvuuden hyökkäystä vartenhttps://github.com/rapid7/metasploit-framework/blob/e5c76bfe13acddc4220d7735fdc3434d9c64736e/modules/exploits/windows/http/exchange_proxylogon_rce.rbTekstiviestien turvattomuudestahttps://krebsonsecurity.com/2021/03/can-we-stop-pretending-sms-is-secure-now/https://www.vice.com/amp/en/article/y3g8wb/hacker-got-my-texts-16-dollars-sakari-netnumber?__twitter_impression=truehttps://en.wikipedia.org/wiki/SIM_swap_scamSakarin villapaitapeli (video)https://www.youtube.com/watch?v=CrHgk1_zlEs
Sponsor by SEC Playground แบบสอบถามเพื่อปรับปรุง Chill Chill Security Channel: https://forms.gle/e5K396JAox2rZFp19 Music by https://www.bensound.com/ --- Support this podcast: https://anchor.fm/chillchillsecurity/support