Security News > 2022 > September

SpyCast is a cross-platform mDNS enumeration tool that can work either in active mode by recursively querying services or in passive mode by only listening to multicast packets. Simone Margaritelli, the tool's author, answered a few questions for Help Net Security readers.

U.S. businesses are at high risk for data security threats from increasingly effective phishing attempts and the lack of procedures to restrict data access, according to GetApp's 4th Annual Data Security Report. 68% of businesses allow employees more access to data than they need.

Microsoft next month will start phasing out Client Access Rules in Exchange Online - and will do away with this means for controlling access altogether within a year. CARs are being replaced with Continuous Access Evaluation for Azure Active Directory, which can apparently in "Near-real time" pick up changes to access controls, user accounts, and the network environment and enforce the latest rules and policies as needed, according to a notice this week from Microsoft's Exchange Team.

The Brute Ratel post-exploitation toolkit has been cracked and is now being shared for free across Russian-speaking and English-speaking hacking communities. Things are about to change, as cyber threat intelligence researcher Will Thomas has reported that a cracked copy of Brute Ratel is now circulating widely among threat actors in online hacking forums.

Four security researchers have identified five cryptographic vulnerabilities in code libraries that can be exploited to undermine Matrix encrypted chat clients. "Our perspective is that these attacks together show a rich attack surface in Matrix from both a protocol and implementation perspective," Benjamin Dowling, a lecturer in cybersecurity, told The Register this week.

Fast Company took its website offline after it was hacked to display stories and push out Apple News notifications containing obscene and racist comments. Today, the hacker shared how they allegedly breached the site.

Akamai reckons that, in the first half of 2022 alone, it flagged nearly 79 million newly observed domains as malicious. According to the internet infrastructure giant, that amounts to 13 million malicious domain detections per month, equal to 20 percent of all successfully resolving NODs.

The Internal Revenue Service warned Americans of an exponential rise in IRS-themed text message phishing attacks trying to steal their financial and personal information in the last few weeks. Such scam texts redirect U.S. taxpayers to phishing landing pages designed to collect sensitive information using various baits.

11,200,000 user records with name, date of birth, mobile nmber and ID 4,232,652 records included some sort of ID document number 3,664,598 of the IDs were from driving licences 10,000,000 address records with email, date of birth, ID and more 3,817,197 had ID document numbers 3,238,014 of the IDs were from driving licences The seller wrote, "Optus if you are reading! Price for us to not sale [sic] data is 1,000,000$US! We give you 1 week to decide." If the attacker's claim to have retrieved a total of more than 20,000,000 database records from two databases is to be believed, we're assuming [a] that Optus userid codes were easily computed or guessed, and [b] that no "Database access has hit unusual levels" warnings went off.

Authentication service provider and Okta subsidiary Auth0 has disclosed what it calls a "Security event" involving some of its code repositories."In late August, a third-party individual notified Okta that they possessed a copy of certain Auth0 code repositories dating from October 2020 and earlier," Auth0 revealed.