Security Leftovers
-
Pen Test Partners ☛ Cockpit door lock auto-unlock is no surprise
TL;DR Through reverse engineering a cockpit door lock controller several years ago, we’ve known about the auto-unlatch issue We couldn’t publish owing to the risk to flight safety [...]
-
Security Week ☛ SAP’s First Patches of 2024 Resolve Critical Vulnerabilities
SAP has released patches for critical vulnerabilities in Business Application Studio, Web IDE, and Edge Integration Cell.
-
Security Week ☛ Kyocera Device Manager Vulnerability Exposes Enterprise Credentials
An improper input validation flaw in Kyocera Device Manager allows attackers to capture credentials, compromise accounts.
-
Security Week ☛ Volexity Catches Chinese Hackers Exploiting Ivanti VPN Zero-Days
Ivanti confirms active zero-day exploits, ships pre-patch mitigations, but says comprehensive fixes won't be available until January 22.
-
Security Week ☛ Android’s January 2024 Security Update Patches 58 Vulnerabilities
Android’s first security update of 2024 resolves high-severity elevation of privilege and information disclosure vulnerabilities.
-
Security Week ☛ French Computer Hacker Jailed in US
A computer hacker who was part of a criminal gang that stole data from hundreds of millions of people and sold it on the dark web was jailed in the United States on Tuesday.
-
Security Week ☛ China Says State-Backed Experts Crack Apple’s AirDrop
Chinese state-backed experts have found a way to identify people who use Apple's encrypted AirDrop messaging service, according to the Beijing municipal government.
-
IT Wire ☛ Volexity finds two zero-days being exploited in Ivanti Connect Secure VPN
In a detailed blog post, the company said it had discovered the exploitation during the second week of December 2023, through one of its Network Security Monitoring service customers.
Having found suspicious lateral movement, Volexity researchers Matthew Meltzer, Robert Jan Mora, Sean Koessel, Steven Adair and Thomas Lancaster wrote closer inspection had found an attacker placing webshells on multiple internal and external-facing Web servers.
"These detections kicked off an incident response investigation across multiple systems that Volexity ultimately tracked back to the organisation's internet-facing Ivanti Connect Secure VPN appliance (formerly known as Pulse Connect Secure, or simply Pulse Secure)," they wrote.
-
Security Week ☛ HMG Healthcare Says Data Breach Impacts 40 Facilities
The compromised information includes names, contact information, dates of birth, health information, medical treatment details, Social Security numbers, and employee records.
-
Bleeping Computer ☛ Microsoft January 2024 Patch Tuesday fixes 49 flaws, 12 RCE bugs
Today is Microsoft’s January 2024 Patch Tuesday, which includes security updates for a total of 49 flaws and 12 remote code execution vulnerabilities.
-
Security Week ☛ Dutch Engineer Used Water Pump to Get Billion-Dollar Stuxnet Malware Into Iranian Nuclear Facility: Report
An engineer recruited by intelligence services used a water pump to deliver Stuxnet, which reportedly cost $1-2 billion to develop.
-
Silicon Angle ☛ Cybersecurity concerns for big data: Apache Hadoop and Flink targeted by hackers
A new report released today by researchers at cloud-native security company Aqua Security Software Ltd. warns of a new attack targeting Apache Hadoop and Flink applications.
-
Silicon Angle ☛ Research reveals a third of public companies aren’t prepared for new bulk email security rules [Ed: So goodbye, newsletters, in the name of "security" of course; use RSS feeds instead]
New research published today by cloud email security and brand protection startup Redsift Ltd. has found that 33% of publicly listed companies are not ready for new bulk email sending requirements that come into place in February.
-
Silicon Angle ☛ Unencrypted medical records compromised in breach of Texas-based HMG Healthcare
Texas-based healthcare services provider HMG Healthcare LLC is the latest company to be hacked as a data breach resulted in the theft of personally identifiable information and medical records.
-
Medevel ☛ w3af is an Open-source free Web Application Attack and Audit Framework
w3af is an open source web application security scanner which helps developers and penetration testers identify and exploit vulnerabilities in their web applications.
-
IT Jungle ☛ IBM Patches a Slew of Security Vulns in Db2 Web Query
If you haven’t started your migration off Db2 Web Query, you might want to accelerate your planning, as I.B.M. last week disclosed a slew of security vulnerabilities in the soon-to-be-discontinued product, two of which are the critical variety and four of which have high severity ratings. I.B.M. has issued patches for all of the flaws for the product running on I.B.M. i 7.4 and 7.5.