Security Leftovers
-
Security Week ☛ Google Patches Chromecast Vulnerabilities Exploited at Hacking Contest
Google has patched several high and moderate-severity Chromecast vulnerabilities demonstrated earlier this year at a hacking competition.
-
Security Week ☛ North Korean Hackers Developing Malware in Dlang Programming Language
North Korean hackers have used Dlang-based malware in attacks against manufacturing, agriculture, and physical security organizations.
-
Silicon Angle ☛ North Korean hackers Lazarus Group takes new Telegram tactics
Cisco Systems Inc.’s Talos Intelligence unit posted today new findings about the North Korean hacking group called Lazarus that outline new ways it’s targeting attacks. “We have observed Lazarus target companies in the manufacturing, agricultural and physical security sectors,” their analysts wrote in the post.
-
Silicon Angle ☛ Alleged Chinese cyberattacks target US power and water systems
U.S. government officers and cybersecurity experts are warning that the Chinese military is allegedly attempting to infiltrate critical infrastructure, including power and water utilities and transportation systems in the U.S.
-
Security Week ☛ Top White House Cyber Aide Says Recent Iran Hack on Water System Is Call to Tighten Cybersecurity [Ed: This is a Windows issue]
A top White House national security official said recent cyber attacks by Iranian hackers on US water authorities should be seen as a call to action by utilities and industry to tighten cybersecurity.
-
Security Week ☛ Apache Patches Critical RCE Vulnerability in Struts 2
Apache has addressed a critical-severity Struts 2 file upload vulnerability that could lead to remote code execution.
-
Security Week ☛ ‘5Ghoul’ Vulnerabilities Haunt Qualcomm, MediaTek 5G Modems
Researchers call attention to 14 security defects that can be exploited to drop and freeze 5G connections on smartphones and routers.
-
OpenSSF (Linux Foundation) ☛ OpenSSF Responds to the CISA RFC on Software Identification Ecosystem Analysis
The OpenSSF has submitted a response to the Software Identification Ecosystem Option Analysis by the US Cybersecurity and Infrastructure Security Agency (CISA). This comes in light of CISA's announcement regarding the publication of the "Software Identification Ecosystem Option Analysis," a white paper delving into options for software identification.
-
Security Week ☛ Flaws in Delta OT Monitoring Product Can Allow Hackers to Hide Destructive Activities
Critical vulnerabilities in a Delta OT monitoring product can allow hackers to hide their destructive activities from the victim.
-
Pen Test Partners ☛ Intercepting MFA. Phishing and Adversary in The Middle attacks
3 of my last 5 business email compromise investigations have involved an Adversary in The Middle (AiTM) attack.
-
Silicon Angle ☛ Data breaches reach all-time high, according to a new report from MIT
Threats and data breaches are increasing at an alarming rate across the board, according to a new study commissioned by Fashion Company Apple Inc.
-
Security Week ☛ Apple Ships iOS 17.2 With Urgent Security Patches
Cupertino’s flagship mobile OS vulnerable to arbitrary code execution and data exposure security vulnerabilities.
-
SANS ☛ Apple Patches Everything, (Mon, Dec 11th)
Apple today released updates for iOS, macOS, tvOS and watchOS. This updates 43 vulnerabilities. Two of the vulnerabilities are already being exploited. Last week, these two vulnerabilities received patches for current versions of iOS and macOS. This new update covers older iOS and macOS versions as well.
-
Security Week ☛ Norton Healthcare Ransomware Hack: 2.5 Million Personal Records Stolen
Compromised data includes names, dates of birth, Social Security numbers, health and insurance information, and driver’s license numbers.
-
SANS ☛ What is sitemap.xml, and Why a Pentester Should Care, (Mon, Dec 11th)
Everyone seems to be familiar with robots.txt - the contents of that file are normally used to tell search engines what branches of your site to NOT index, or in some misguided cases folks think that this can be used to "secure" your pages for some reason.