Security News

CERT-UA Warns of SmokeLoader and RoarBAT Malware Attacks Against Ukraine
2023-05-08 06:10

An ongoing phishing campaign with invoice-themed lures is being used to distribute the SmokeLoader malware in the form of a polyglot file, according to the Computer Emergency Response Team of Ukraine. In a related advisory, Ukraine's cybersecurity authority also revealed details of destructive attacks orchestrated by a group known as UAC-0165 against public sector organizations.

Google's big security cert log overhaul broke Android apps. Now it's hit undo
2023-02-16 22:26

Google this week reversed an overhaul of one of its security-related file formats after the transition broke Android apps. In November, 2021, Google announced changes to the format of its Chrome Certificate Transparency log list file and, in August, 2022, notified developers whose apps might be affected that it would stop publishing legacy log list files on October 17, 2022.

Emsisoft says hackers are spoofing its certs to breach networks
2023-02-15 17:01

A hacker is using fake code-signing certificates impersonating cybersecurity firm Emsisoft to target customers using its security products, hoping to bypass their defenses. In a new security advisory, Emsisoft warned that one of its customers was targeted by hackers using an executable signed by a spoofed Emsisoft certificate.

CERT-UA Alerts Ukrainian State Authorities of Remcos Software-Fueled Cyber Attacks
2023-02-08 06:16

The Computer Emergency Response Team of Ukraine has issued an alert warning of cyber attacks against state authorities in the country that deploy a legitimate remote access software named Remcos. The bogus emails that kick-start the infection sequence claim to be from Ukrainian telecom company Ukrtelecom and come bearing a decoy RAR archive.

Months after NSA disclosed Microsoft cert bug, datacenters remain unpatched
2023-01-26 02:07

Most Windows-powered datacenter systems and applications remain vulnerable to a spoofing bug in CryptoAPI that was disclosed by the NSA and the UK National Cyber Security Center and patched by Microsoft last year, according to Akamai's researchers. The bug isn't a remote code execution flaw; it's a vulnerability that allows someone to pretend to be another to an application or operating system, in the context of identity and certificate cryptography checks on Windows.

cert-manager: Automatically provision and manage TLS certificates in Kubernetes
2022-10-24 03:30

Cert-manager adds certificates and certificate issuers as resource types in Kubernetes clusters and simplifies the process of obtaining, renewing, and using those certificates. Cert-manager is an open-source project that automates the issuance and renewal of X.509 certificates for cloud-native Kubernetes or OpenShift environments.

Italian CERT: Hacktivists hit govt sites in ‘Slow HTTP’ DDoS attacks
2022-05-13 18:16

Italy's Computer Security Incident Response Team has disclosed recent DDoS attacks against crucial government sites in the country over the past couple of days. DDoS is an attack that aims to deplete a server's available resources, making it unable to respond to legitimate user requests and rendering the sites it hosts inaccessible.

Ukrainian CERT Warns Citizens of a New Wave of Attacks Distributing Jester Malware
2022-05-10 05:27

The Computer Emergency Response Team of Ukraine has warned of phishing attacks that deploy an information-stealing malware called Jester Stealer on compromised systems. The mass email campaign carries the subject line "Chemical attack" and contains a link to a macro-enabled Microsoft Excel file, opening which leads to computers getting infected with Jester Stealer.

Indian Govt Orders Organizations to Report Security Breaches Within 6 Hours to CERT-In
2022-04-30 00:59

India's computer and emergency response team, CERT-In, on Thursday published new guidelines that require service providers, intermediaries, data centers, and government entities to compulsorily report cybersecurity incidents, including data breaches, within six hours. "Any service provider, intermediary, data center, body corporate and Government organization shall mandatorily report cyber incidents to CERT-In within six hours of noticing such incidents or being brought to notice about such incidents," the government said in a release.

OpenSSL cert parsing bug causes infinite denial of service loop
2022-03-16 14:00

OpenSSL has released a security update to address a vulnerability in the library that, if exploited, activates an infinite loop function and leads to denial of service conditions. Certificates causing DoS. In this case, the high-severity OpenSLL problem lies in a bug on the BN mod sqrt() function, that if served a maliciously crafted certificate to parse, it will enter an infinite loop.