Security Leftovers
-
Security Week ☛ Microsoft Warns of ‘Dirty Stream’ Vulnerability in Popular Android Apps [Ed: Microsoft is trying to shift attention to other platforms when its own core infrastructure gets completely cracked all the time, by multiple actors or nations]
Microsoft has uncovered a new type of attack called Dirty Stream that impacted Android apps with billions of installations.
-
Security Week ☛ US Says North Korean Hackers Exploiting Weak DMARC Settings
The US government warns of a North Korean threat actor abusing weak email DMARC settings to hide spear-phishing attacks.
-
Security Week ☛ ArcaneDoor Espionage Campaign Targeting Cisco Firewalls Linked to China
An analysis of IoCs suggests that a Chinese threat group may be behind the recent ArcaneDoor espionage campaign targeting Cisco firewalls.
-
Netcraft ☛ RSA Conference 2024 – Where it all started and where to find our team
On Monday 6th May, Netcraft will be heading to San Francisco along with thousands of other cyber security professionals for RSA Conference 2024. If you’re attending too, we thought we’d share a few insights into how it all started. Use them in line for coffee or at an evening event to show off your extensive knowledge of asymmetric cryptography algorithms (that’s a mouth full). If you’re at the event and would like to say hello, visit us at booth 362 in the South Expo Hall or register here and we’ll reach out.
-
SANS ☛ nslookup's Debug Options, (Sun, May 5th)
A friend was having unexpected results with DNS queries on a backdoored Windows machine.
-
Security Week ☛ In Other News: Locked Shields 2024, Data Exposure Bugs, NVIDIA Patches
Noteworthy stories that might have slipped under the radar: 4,000 take part in Locked Shields 2024 exercise, Qantas and JP Morgan hit by data exposure bugs, NVIDIA patches critical flaw.
-
Security Week ☛ CISA, FBI Urge Organizations to Eliminate Path Traversal Vulnerabilities
CISA and the FBI warn of threat actors abusing path traversal software vulnerabilities in attacks targeting critical infrastructure.
-
Security Week ☛ French Cyberwarriors Ready to Test Their Defense Against Hackers and Malware During the Olympics
Vincent Strubel, who heads France’s national cybersecurity agency, called the cyberthreats level facing the Olympic Games unprecedented.
-
Medevel ☛ Exploring TheFatRat: An Educational Open-source Tool for Understanding Malware Dynamics
What is the FatRat?
TheFatRat is an exploitation and pentesting tool designed for educational purposes. It has the capability to compile malware with popular payloads, which can then be executed on various platforms including Windows, Linux, Mac, and Android.