当前节点:rss
时间节点
2022年6月22日 23:09Packet Storm
2022年6月22日 23:09Packet Storm
2022年6月22日 23:09Packet Storm
2022年6月22日 23:09Packet Storm
2022年6月22日 23:09malware.news
The Cybereason Global Security Operations Center (SOC) issues Cybereason Threat Alerts to inform customers of emerging impacting threats. The Alerts summarize these threats and provide practical recommendations for protecting against them.
Article Link: THREAT ALERT: Follina/MSDT Microsoft Office Vulnerability
1 post - 1 participant
Read full topic
Cybereason 全球安全操作中心(SOC)发布 Cybereason 威胁警报,通知客户新出现的影响威胁。警报总结了这些威胁,并提供了防范这些威胁的实用建议。
文章链接: 威胁警报: Follina/MSDT Microsoft Office 漏洞
1名1职参与者
阅读完整主题
2022年6月22日 23:09malware.news
I have written a fair amount over the years about the use which may be made of one’s social media posts. I am interested partly as a user, but mainly as a commentator on discovery / disclosure. Social media posts … Continue reading →
Article Link: In discovery as in life – explosive reactions when social media posts come to light | eDisclosure Information Project
1 post - 1 participant
Read full topic
这些年来,我写了很多关于社交媒体帖子的使用。我感兴趣的部分是作为一个用户,但主要是作为一个发现/披露的评论员。社交媒体帖子... 继续阅读→
文章链接: 当社交媒体上的帖子被曝光时,发现和生活中的爆炸性反应一样
1名1职参与者
阅读完整主题
2022年6月22日 22:39malware.news
Russian hackers continue their attempts to break into the systems of Ukrainian organisations, this time with phishing and fake emails.
Article Link: Ukrainian organizations warned of hacking attempts using CredoMap malware, Cobalt Strike beacons | ZDNet
1 post - 1 participant
Read full topic
俄罗斯黑客继续试图侵入乌克兰组织的系统,这次是通过网络钓鱼和伪造电子邮件。
文章链接: 乌克兰组织警告黑客企图使用 CredoMap 恶意软件 Cobalt Strike Beacon | ZDNet
1名1职参与者
阅读完整主题
2022年6月22日 22:09malware.news
Cybersecurity authorities from the United States, Australia, Canada, New Zealand and the U.K. recently released a joint Cybersecurity Advisory warning of increased cyber threats related to Russia’s invasion of Ukraine. As per the alert, attacks may occur as a response to the economic costs imposed on Russia as well as material support to Ukraine provided by the United States and U.S. allies and partners.
Given this rising threat, along with other factors, are we facing a perfect storm when it comes to cyberattacks?
Malicious Activity Coming from Russia
Evolving intelligence indicates the Russian government is exploring options for potential cyberattacks, the alert states. This message follows a recent White House statement warning about attacks coming from Russia that could impact the United States.
Russian state-sponsored cyber operations have included distributed-denial-of-service (DDoS) attacks and malware against the Ukrainian government and critical infrastructure entities. Other reports have pinned data
2022年6月22日 21:39malware.news
Ransomware is one of the most serious threats to businesses today. In fact, a recent survey found that 85% of enterprises are more concerned about the prospect of ransomware attacks than any other kind of attack. The decision of whether or not to pay the ransom or make a ransomware settlement should be carefully weighed...
The post The Million-Dollar Question: To Pay or Not to Pay Ransom? appeared first on Security Boulevard.
Article Link: The Million-Dollar Question: To Pay or Not to Pay Ransom? - Security Boulevard
1 post - 1 participant
Read full topic
勒索软件是当今企业面临的最严重威胁之一。事实上,最近的一项调查发现,85% 的企业更关心勒索软件攻击的前景比任何其他类型的攻击。决定是否支付赎金或者进行勒索应该仔细权衡。
《百万美元问题: 付还是不付赎金? 》首先出现在安全大道上。
文章链接: 百万美元的问题: 付还是不付赎金?-安全大道
1名1职参与者
阅读完整主题
2022年6月22日 21:39malware.news
One of the most popular zip programs around, 7-Zip, now offers support for “Mark of the Web” (MOTW), which gives users better protection from malicious files.
This is good news. But what does that actually mean?
In the bad old days, opening up a downloaded document could be a fraught exercise. Malicious files would often have full permission from the system to do whatever they wanted. Compromised PCs were the inevitable end result, and infected attachments were extremely popular. Outside of regular security tools, there often wasn’t much else available to help stop the flow.
Microsoft’s file block feature in 2007 meant network administrators could lock down any attempt to open specific file types. Unfortunately, this was a little too restrictive for some users. Files couldn’t be opened, even in cases where the user knew they were safe.
Microsoft changed things up a little in 2010, with Protected View.
Protected View: what is it?
Every time you download a spreadsheet or Word document and open it up, some check
2022年6月22日 21:37WordPress › Error
Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The first series is curated by Mariem, better known as PentesterLand. Every week, she keeps us up to date with a comprehensive list of write-ups, tools, tutorials and resources. This issue covers the weeks from June 13 to 20. Special announcement […]
The post Bug Bytes #175 – 60 RCEs in 60min, Free Google Play Store ebooks & How to easily parse Burp Project files appeared first on Intigriti.
Bug Bytes 是由 Bug 赏金社区成员策划的每周通讯。第一季由 Mariem 策划,也就是著名的 PentesterLand。每周,她都会向我们提供一个详尽的写作清单、工具、教程和资源。本期涵盖6月13日至20日的数星期。特别通告[ ... ]
后 Bug 字节 # 175-60 RCEs 在60分钟,免费谷歌播放商店电子书 & 如何轻松解析打嗝项目文件首先出现在 Intigriti。
2022年6月22日 21:36burp
We recently launched a new version of DOM Invader that can find Client-Side Prototype Pollution (CSPP). If you're not already familiar with Client-Side Prototype Pollution, check out the post above. J
我们最近发布了一个新版本的 DOM Invader,它可以查找客户端原型污染(CSPP)。如果您还不熟悉客户端原型污染,请查看上面的帖子。J
2022年6月22日 21:09malware.news
Introduction
Cloud environments are becoming increasingly complex and challenging to manage from a security standpoint. In a cloud-native application infrastructure, “workloads” are built by developers using code (infrastructure as code, or IaC) and controlled by DevOps using automated “pipelines.” The new infrastructure is constantly evolving, while the security implications of the environmental changes are often easy to neglect.
As a result, security admins find it challenging to answer basic questions when it comes to their cloud environments, such as:
Who are my powerful identities, human and non-human, and where do my overprivileged identities pose an immediate risk? Which of my publicly-facing workloads are at the highest risk due to misconfigurations of services and privileges? Which of my workload instances runs the unpatched OS and common libraries, and where does it matter the most? Do the developers that create the environment (with IaC) create risky configurations they are unaware of?
As defenders
2022年6月22日 21:09malware.news
Qatar is one of the wealthiest countries in the world. As cyber threats worldwide proliferate, shielding Qatar’s critical ICT infrastructure and systems has become a top priority for the Ministry [more]
The post <strong>National Information Assurance (NIA) Policy V2.0 –Qatar</strong> appeared first on Checkmate.
Article Link: National Information Assurance (NIA) Policy V2.0 –Qatar - Checkmate
1 post - 1 participant
Read full topic
卡塔尔是世界上最富有的国家之一。随着全球网络威胁的激增,保护卡塔尔关键的 ICT 基础设施和系统已成为该部的首要任务
国家信息保证(NIA)政策 V2.0-卡塔尔 </强 > 首先出现在将军会上。
文章链接: 国家信息保证(NIA)政策 V2.0-卡塔尔-将军
1名1职参与者
阅读完整主题
2022年6月22日 21:09malware.news
Microsoft is targeting human-operated ransomware operations.
Article Link: How Microsoft's AI spots ransomware attacks before they even get started | ZDNet
1 post - 1 participant
Read full topic
微软的目标是人工操作的勒索软件。
文章链接: 微软的人工智能如何在勒索软件攻击开始之前就发现它们
1名1职参与者
阅读完整主题
2022年6月22日 19:39malware.news
Public proofs-of-concept of web shell exploits coincide with major spikes in attacks.
Article Link: Active Adversary Playbook 2022 Insights: Web Shells – Sophos News
1 post - 1 participant
Read full topic
Web shell 漏洞的概念公开证明与攻击的主要峰值相吻合。
文章链接: 主动对手剧本2022洞察力: 网络壳牌-Sophos 新闻
1名1职参与者
阅读完整主题
2022年6月22日 19:09malware.news
Can’t see all the ‘Stop’ signs in the grid of photos? Apple might have the answer for you.
Article Link: Apple's iOS 16 will give you an alternative to irritating CAPTCHA tests | ZDNet
1 post - 1 participant
Read full topic
看不到照片网格中所有的“停止”标志吗? 苹果可能会给你答案。
文章链接: 苹果的 iOS16将给你一个替代品,而不是让你烦恼的验证码测试 | ZDNet
1名1职参与者
阅读完整主题
2022年6月22日 19:09malware.news
Police said criminal network managed to steal several million euros.
Article Link: Phishing gang that stole millions by luring victims to fake bank websites is broken up by police | ZDNet
1 post - 1 participant
Read full topic
警方表示,犯罪网络设法窃取了数百万欧元。
文章链接: 通过诱骗受害者使用假银行网站盗取数百万美元的钓鱼团伙被警方瓦解
1名1职参与者
阅读完整主题
2022年6月22日 18:39malware.news
Healthcare organizations have not had the best couple of years when it comes to cybersecurity. 2015 was considered the year of the healthcare breach. Blue Cross Blue Shield, Anthem, and over a dozen more healthcare providers were hacked, resulting in over 100M records leaked. Yet the risk of cybersecurity compromise has only continued to increase for healthcare companies.
Article Link: How MDR Services Can Help Vulnerable Healthcare Organizations
1 post - 1 participant
Read full topic
在网络安全方面,医疗保健组织过去几年的表现并不理想。2015年被认为是医保违约之年。蓝十字蓝盾,国歌,以及十几家医疗服务提供商被黑客入侵,导致超过1亿条记录泄露。然而,对于医疗保健公司而言,网络安全受到威胁的风险只会继续增加。
文章链接: MDR 服务如何帮助脆弱的医疗机构
1名1职参与者
阅读完整主题
2022年6月22日 18:09checkpoint research
Executive Summary In this article, Check Point Research shares findings on a group / activity cluster with ties to Tropic Trooper: The infection chain includes a previously undescribed loader (dubbed “Nimbda”) written in Nim language. This loader was observed bundled with a Chinese language greyware “SMS Bomber” tool that is most likely illegally distributed in... Click to Read More
The post Chinese actor takes aim, armed with Nim Language and Bizarro AES appeared first on Check Point Research.
在这篇文章中,Check Point Research 分享了一个团队/活动集群的发现,这个集群与热带骑兵有关: 感染链包括一个以前未被描述的用尼姆语写的加载程序(称为“ Nimbda”)。这个装载机被观察到捆绑了一个中文的灰色软件“短信炸弹”工具,很可能是非法分发在... 点击阅读更多
后中国演员采取目标,与尼姆语言和毕扎罗 AES 武装首次出现在检查点研究。
2022年6月22日 18:09malware.news
Executive Summary
In this article, Check Point Research shares findings on a group / activity cluster with ties to Tropic Trooper:
The infection chain includes a previously undescribed loader (dubbed “Nimbda”) written in Nim language.
This loader was observed bundled with a Chinese language greyware “SMS Bomber” tool that is most likely illegally distributed in the Chinese-speaking web.
A new variant of the ‘Yahoyah’ Trojan focused on collecting information about local wireless networks.
Carefully modified AES cipher shows cryptographic know-how on part of attackers.
Insights on the campaign infrastructure.
Introduction
Check Point Research has recently been tracking a cluster of malicious activity that has been going on for the past several years. The observed activity has strong connections to the Tropic Trooper cluster of activity, as documented by Trend Micro, based on shared infrastructure, tools, and coding practices. Tropic Trooper was previously observed targeting Philippines, Hong Kong and Taiwan; wh
2022年6月22日 17:39malware.news
A phishing campaign is using voicemail notification messages to go after victims’ Office 365 credentials.
According to researchers at ZScaler, the campaign uses spoofed emails with an HTML attachment that contains encoded javascript.
The email claims that you have a new voicemail and that you can listen to the message by clicking on the attachment. To add credibility, the name of the attachment starts with a music note character like f.e. ♫ to make it look like a sound clip. In reality, it is an HTML file with obfuscated javascript embedded.
The javascript uses the windows.location.replace method to redirect the target to a specially crafted phishing page. The access to the page is behind a reCAPTCHA, probably to keep out the bots, particularly any automated URL analysis tools.
Spoofed email
Email spoofing basically comes down to sending emails with a false sender address. This can be used in various ways by attackers. Obviously pretending to be someone else can have its advantages especially if that someone 
2022年6月22日 16:39malware.news
Hi! According to the official documentation, Semgrep […]
The post Semgrep rules for PHP security assessment appeared first on hn security.
Article Link: Semgrep rules for PHP security assessment - hn security
1 post - 1 participant
Read full topic
嗨! 根据官方文件,Semgrep [ ... ]
用于 PHP 安全性评估的 Semgrep 规则首先出现在 hn 安全性上。
文章链接: 用于 PHP 安全性评估的 Semgrep 规则-hn 安全性
1名1职参与者
阅读完整主题
2022年6月22日 15:39malware.news
I was checking the 2017 ShadowBrokers leaks when I noticed that one of the EQUATION GROUP tools leaked back then has no public references/analysis (at least as far as I can tell). So, here is what this software implant does and how it works. This was in a directory titled suaveeyeful_i386-unknown-mirapoint3.4.3 and it reveals lots […]
Article Link: The forgotten SUAVEEYEFUL FreeBSD software implant of the EQUATION GROUP | xorl %eax, %eax
1 post - 1 participant
Read full topic
我正在检查2017年 ShadowBrokers 泄漏时,我注意到一个方程组工具泄漏当时没有公共参考/分析(至少我可以告诉)。这就是这个植入式软件的功能和工作原理。这是在一个名为 suaveeyful _ i386-known-mirapoint3.4.3的目录中,它显示了很多[ ... ]
文章链接: 被遗忘的 SUAVEEYEFUL FreeBSD 软件植入的方程组 | xorl% eax,% eax
1名1职参与者
阅读完整主题
2022年6月22日 15:34Data Breach – Security Affairs
US Flagstar Bank disclosed a data breach that exposed files containing the personal information of 1.5 million individuals. US-based Flagstar Bank disclosed a data breach that impacted roughly 1.5 million individuals, but the company did not share details about the attack. The security breach took place in early December 2021, and the investigation that was […]
The post Flagstar Bank discloses a data breach that impacted 1.5 Million individuals appeared first on Security Affairs.
美国旗星银行披露了一起数据泄露事件,泄露了包含150万个人个人信息的文件。总部位于美国的旗星银行(Flagstar Bank)披露了一起影响约150万人的数据泄露事件,但该公司没有透露攻击的细节。安全漏洞发生在2021年12月初,调查是[ ... ]
旗星银行(Flagstar Bank)披露了一起影响到150万人的数据泄露事件,该事件首先出现在《安全事务》(Security Affairs)杂志上。
2022年6月22日 15:31360漏洞预警
360-CERT每日安全简报
2022年6月22日 14:09malware.news
While hunting, I found an interesting PowerShell script. After a quick check, my first conclusion was that it is again a simple info stealer. After reading the code more carefully, the conclusion was different: It targets crypto-currency browser apps or extensions. The script has a very low score on VT: 1/53[1].
Article Link: InfoSec Handlers Diary Blog - SANS Internet Storm Center
1 post - 1 participant
Read full topic
在打猎时,我发现了一个有趣的 PowerShell 脚本。经过快速检查,我的第一个结论是,它再次是一个简单的信息窃取。在更仔细地阅读代码之后,得出的结论是不同的: 它针对的是加密货币浏览器应用程序或扩展。该脚本在 VT 上的得分非常低: 1/53[1]。
文章链接: InfoSec 处理者日记博客-SANS 互联网风暴中心
1名1职参与者
阅读完整主题
2022年6月22日 13:33Marco Ramilli Web Corner
Today a simple update from my Cyber Threats Observatory (available HERE). Six months of this crazy year are over and it’s time to check some cyber threats trends. Once upon a time there was Emotet. It was on the TOP 5 on every ranking list, it reached the 5th epoch and it was able to […]
今天,我的网络威胁观察站提供了一个简单的更新(点击这里)。这疯狂的一年已经过去了六个月,是时候检查一些网络威胁趋势了。很久很久以前,有个叫埃莫泰的人。它在每个排名的前5名,它达到了第5纪元,它能够[ ... ]
2022年6月22日 12:39Exploitalert
WordPress Ninja Forms Code Injection
2022年6月22日 12:39Exploitalert
SoftGuard SNMP Network Management Extension HTML Injection / File Download
2022年6月22日 12:39Exploitalert
Verbatim Executive Fingerprint Secure SSD GDMSFE01-INI3637-C VER1.1 Missing Trust
逐字执行指纹安全 SSD GDMSFE01-INI3637-C VER1.1缺少信任
2022年6月22日 12:39Exploitalert
Verbatim Fingerprint Secure Portable Hard Drive Insufficient Verification
2022年6月22日 12:39Exploitalert
Pandora FMS 7.0NG.742 Remote Code Execution
2022年6月22日 12:39Exploitalert
Verbatim Store N Go Secure Portable HDD GD25LK01-3637-C VER4.0 Behavior Violation
逐字存储 N 去安全便携式硬盘驱动器 GD25LK01-3637-C VER4.0行为违规
2022年6月22日 12:39Exploitalert
Old Age Home Management System 1.0 SQL Injection
2022年6月22日 12:39Exploitalert
PhpIPAM 1.4.5 Remote Code Execution
远程代码执行
2022年6月22日 12:39Exploitalert
Nexans FTTO GigaSwitch Outdated Components / Hardcoded Backdoor
过时的组件/硬编码后门
2022年6月22日 12:39Exploitalert
SolarView Compact 6.00 Cross Site Scripting
2022年6月22日 12:39malware.news
Microsoft said a day-long service outage affecting the Exchange Online service has ended following hours of complaints from users about connection issues.
On Monday evening, Microsoft explained that it was investigating problems with the service after users said they were “experiencing delays or connection issues when accessing the Exchange Online service.”
Two hours later, the company said its traffic management infrastructure was not working and attempted to reroute traffic in an effort to end the outage.
It took another nine hours before service was fully back to normal.
“Rerouting traffic combined with targeted infrastructure restarts has successfully restored service access and functionality,” the company said in a series of tweets on Tuesday.
Rerouting traffic combined with targeted infrastructure restarts has successfully restored service access and functionality. Please refer to EX394347 and MO394389 in the Microsoft 365 admin center for additional details.
— Microsoft 365 Status (@MSFT365Status) June
2022年6月22日 12:39malware.news
Article Link: InfoSec Handlers Diary Blog - SANS Internet Storm Center
1 post - 1 participant
Read full topic
文章链接: InfoSec 处理者日记博客-SANS 互联网风暴中心
1名1职参与者
阅读完整主题
2022年6月22日 11:38绿盟科技博客
针对由于命名要求不严、所有权更改和生存期极长导致证书颁发者机构与实际控制机构不一致的问题,探索如何修正CA证书运营商。
2022年6月22日 10:39跳跳糖
2022年6月22日 05:33Trustwave Blog
The Managed Detection and Response (MDR) solutions offered by security firms today are a far cry from those first deployed by vendors. To better understand how MDR has grown over the years and the changes Trustwave has implemented to stay ahead of the curve, we spoke with Trustwave's Jesse Emerson, Vice President, Solution Architecture & Engineering.
安全公司目前提供的管理检测和响应(MDR)解决方案与供应商最初部署的解决方案相去甚远。为了更好地理解多年来 MDR 是如何发展的,以及 Trustwave 是如何实现变革以保持领先地位的,我们采访了 Trustwave 的解决方案架构和工程副总裁 Jesse Emerson。
2022年6月22日 05:08malware.news
Agency advisors are set to vote on a host of draft recommendations which include reviewing the security clearance process for inefficiency.
Article Link: CISA Plans to Hire Chief People Officer to Boost Cyber Workforce - Nextgov
1 post - 1 participant
Read full topic
英国政府机构顾问将对一系列建议草案进行投票,其中包括审查安全许可效率低下的程序。
文章链接: CISA 计划聘请首席人事官来提高网络工作人员-Nextgov
1名1职参与者
阅读完整主题
2022年6月22日 04:38malware.news
Nine people were arrested on Tuesday during raids on 24 homes across the Netherlands as Belgian and Dutch police partnered with Europol to shut down an alleged criminal gang involved in lucrative phishing scams.
In a statement, Europol said the raids “dismantled” an organized crime group that conducted a range of fraud, scams and money laundering.
Guns, ammunition, jewelry, electronic devices, thousands of euros and cryptocurrency were seized during the operation.
Dutch Police released their own statement on the raids, which it said were conducted in Amsterdam, Central Netherlands, West Brabant, Rotterdam, Eastern Netherlands and The Hague.
The law enforcement agency said officers arrested eight men between the ages of 25 and 36, all of whom are from Amsterdam, Almere, Rotterdam and Spijkenisse. They also arrested a 25-year-old woman from Deventer.
“They are suspected of phishing, internet scams and money laundering. According to Belgian police, dozens of Belgian victims are known. They were approached via em
2022年6月22日 04:09Packet Storm
SAP Focused Run versions 2.00 and 3.00 suffer from a cross site scripting vulnerability.
SAP Focus Run 2.00和3.00版本存在跨网站脚本漏洞。
2022年6月22日 04:09Packet Storm
SAP Focused Run Simple Diagnostics Agent version 1.0 suffers from a missing authentication vulnerability.
SAP Focus Run Simple Diagnostics Agent 版本1.0缺少身份验证漏洞。
2022年6月22日 04:09Packet Storm
The SAP Fiori launchpad suffers from a cross site scripting vulnerability. Various component versions are affected.
SAP Fiori 启动平台存在跨网站脚本漏洞,各种组件版本都会受到影响。
2022年6月22日 04:09Packet Storm
SAP Focused Run Simple Diagnostics Agent version 1.0 suffers from an information disclosure vulnerability.
SAP Focus Run Simple Diagnostics Agent 1.0版存在信息披露漏洞。
2022年6月22日 04:09Packet Storm
SAP Focused Run Simple Diagnostics Agent version 1.0 suffers from a directory traversal vulnerability.
SAP Focus Run Simple Diagnostics Agent 版本1.0存在目录遍历漏洞。
2022年6月22日 04:09Packet Storm
Ubuntu Security Notice 5488-1 - Chancen and Daniel Fiala discovered that OpenSSL incorrectly handled the c_rehash script. A local attacker could possibly use this issue to execute arbitrary commands when c_rehash is run.
Ubuntu 安全通知5488-1-Chancen 和 Daniel Fiala 发现 OpenSSL 错误地处理了 c _ rehash 脚本。当 c _ rehash 运行时,本地攻击者可能会使用这个问题来执行任意命令。
2022年6月22日 04:09Packet Storm
Ubuntu Security Notice 5489-1 - Alexander Bulekov discovered that QEMU incorrectly handled floppy disk emulation. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly leak sensitive information. It was discovered that QEMU incorrectly handled NVME controller emulation. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS.
Ubuntu 安全通知5489-1-Alexander Bulekov 发现 QEMU 错误地处理了软盘仿真。客户端内部的特权攻击者可能会利用这个问题导致 QEMU 崩溃,从而导致分布式拒绝服务攻击或可能泄漏敏感信息。发现 QEMU 错误地处理了 NVME 控制器仿真。客户端内部的攻击者可以利用这个问题导致 QEMU 崩溃,导致分布式拒绝服务攻击,或者可能执行任意代码。这个问题只影响了 Ubuntu 22.04 LTS。
2022年6月22日 04:08malware.news
While it is premature to sound the death knell for current key cryptography, there is a need now to build up skillsets in quantum computing to ensure nations have the right knowledge to combat potential threats when the technology becomes viable, says Dell CTO.
Article Link: Cryptography safe for now, but urgent need to build quantum skills | ZDNet
1 post - 1 participant
Read full topic
戴尔首席技术官表示,虽然现在为当前的密钥加密敲响丧钟还为时过早,但现在需要在量子计算领域建立技能组合,以确保各国拥有正确的知识,在该技术可行时应对潜在威胁。
文章链接: 目前密码学安全,但迫切需要建立量子技能 | ZDNet
1名1职参与者
阅读完整主题
2022年6月22日 03:35Black Hills Information Securi
ORIGINALLY AIRED ON JUNE 6, 2022 Articles discussed in this episode: 00:00 – PreShow Banter™ — Boat Facts 01:38 – BHIS – Talkin’ Bout [infosec] News 2022-06-06 03:51 – Story # 1: Elon Musk threatens to scrap Twitter deal – https://www.theverge.com/2022/6/6/23156233/elon-musk-twitter-bots-merger-agreement-termination-threat 07:02 – Story # 2: Confluence Server and Data Center CVE – https://github.com/Nwqda/CVE-2022-26134 13:51 […]
The post Talkin’ About Infosec News – 6/6/2022 appeared first on Black Hills Information Security.
2022年6月6日首播本期讨论的文章: 00:00-PreShow BanterTM ーー船的事实01:38-bHIS-Talkin’Bout [ infosec ] News 2022-06-0603:51-Story # 1: Elon Musk 威胁废除 Twitter 协议- https://www.theverge.com/2022/6/6/23156233/Elon-Musk-Twitter-bots-merger-agreement-termination-threat 07:02-Story # 2: Confluence Server and Data Center cVE-Https://github.com/nwqda/cve-2022-2613413:51[ ... ]
2022年6月6日《谈论信息安全新闻》一文最早出现在布莱克山信息安全网站上。
2022年6月22日 03:10malware.news
Through new enforcement and reporting efforts, the Justice Department is attempting to curb online harassment, especially related to vulnerable populations.
Article Link: DOJ Ramps Up Efforts To Halt Cybercrime - Nextgov
1 post - 1 participant
Read full topic
通过新的执法和报告工作,司法部正试图遏制网络骚扰,尤其是针对弱势群体的骚扰。
文章链接: 美国司法部加大打击网络犯罪的力度
1名1职参与者
阅读完整主题
2022年6月22日 03:10malware.news
Authored by Lakshya Mathur
An LNK file is a Windows Shortcut that serves as a pointer to open a file, folder, or application. LNK files are based on the Shell Link binary file format, which holds information used to access another data object. These files can be created manually using the standard right-click create shortcut option or sometimes they are created automatically while running an application. There are many tools also available to build LNK files, also many people have built “lnkbombs” tools specifically for malicious purposes.
During the second quarter of 2022, McAfee Labs has seen a rise in malware being delivered using LNK files. Attackers are exploiting the ease of LNK, and are using it to deliver malware like Emotet, Qakbot, IcedID, Bazarloaders, etc.
Figure 1 – Apr to May month geolocation of the LNK attacks
In this blog, we will see how LNK files are being used to deliver malware such as Emotet, Qakbot, and IcedID.
Below is a screenshot of how these shortcut files look to a normal user.
Fig
2022年6月22日 02:40malware.news
ORIGINALLY AIRED ON JUNE 6, 2022 Articles discussed in this episode: 00:00 – PreShow Banter™ — Boat Facts 01:38 – BHIS – Talkin’ Bout [infosec] News 2022-06-06 03:51 – Story # 1: Elon Musk threatens to scrap Twitter deal – https://www.theverge.com/2022/6/6/23156233/elon-musk-twitter-bots-merger-agreement-termination-threat 07:02 – Story # 2: Confluence Server and Data Center CVE – https://github.com/Nwqda/CVE-2022-26134 13:51 […]
The post Talkin’ About Infosec News – 6/6/2022 appeared first on Black Hills Information Security.
Article Link: Talkin’ About Infosec News - 6/6/2022 - Black Hills Information Security
1 post - 1 participant
Read full topic
2022年6月6日首播本期讨论的文章: 00:00-PreShow BanterTM ーー船的事实01:38-bHIS-Talkin’Bout [ infosec ] News 2022-06-0603:51-Story # 1: Elon Musk 威胁废除 Twitter 协议- https://www.theverge.com/2022/6/6/23156233/Elon-Musk-Twitter-bots-merger-agreement-termination-threat 07:02-Story # 2: Confluence Server and Data Center cVE-Https://github.com/nwqda/cve-2022-2613413:51[ ... ]
2022年6月6日《谈论信
2022年6月22日 02:10malware.news
Last September, Nigerian university student Alowonle Aaliyah woke up to a debit alert of 10,000 naira ($24).
She didn’t recognize the transaction and it was vaguely tagged “WEB/POS” — indicating the transaction could either be from a purchase online or at a store.
The transaction went through although Aaliyah only had 2,000 naira, leaving her account 8,000 naira in the negative, she told The Record.
When she went to complain at the bank, the customer care representative told her she had used her debit card at a fraudulent point of sale (POS) terminal that scraped her details and used it for a fraudulent transaction. They told her to be careful of the POS terminals she used.
“They did not say anything about returning the funds. They said the money was gone, and I should be watchful of POS I use,” she said.
At that time, Aaliyah depended on her parents for income, earning an allowance of 15,000 naira monthly. To recover from the loss, she halved her expenditure for a month.
Aaliyah appears to be victim of a spi
2022年6月22日 01:40malware.news
Flagstar Bank admitted that the names and Social Security numbers of more than 1.5 million customers were leaked during a data breach that started on December 3.
In letters sent out to victims on Friday, the bank said hackers broke into its systems on December 3 and December 4 last year, but they only realized sensitive customer information was accessed on June 2.
“Upon learning of the incident, we promptly activated our incident response plan, engaged external cybersecurity professionals experienced in handling these types of incidents, and reported the matter to federal law enforcement,” the bank said.
Documents filed with the Attorney General of Maine said 1,547,169 people were affected by the breach.
Flagstar Bank said it is offering victims two years of free identity monitoring through Kroll. The services include credit monitoring, fraud consultation and identity theft restoration.
Flagstar Bank, which is based in Michigan, did not respond to requests for comment about why it took them six months to noti
2022年6月22日 01:40malware.news
President Joe Biden on Tuesday signed into law two pieces of legislation that will enhance cyber coordination to state and local governments and strengthen the federal cyber workforce, the White House announced.
The measures are the latest attempt by policymakers to tackle the fallout from the massive SolarWinds hack and the high-profile ransomware attacks on the Colonial Pipeline and others that marked 2021.
The bipartisan State and Local Government Cybersecurity Act will allow the Cybersecurity and Infrastructure Security Agency (CISA) to offer state and local actors access to upgrade digital security tools and procedures. It also boosts the Multi-State Information Sharing and Analysis Center to help prevent and respond to future digital incidents.
The president also signed off on the bipartisan Federal Rotational Cyber Workforce Program Act, which establishes a rotational cyber workforce development program across several government agencies in an effort to compete with the usually more lucrative private s