Security News
As many as 300,000 servers or devices on the public internet are thought to be vulnerable right now to the recently disclosed Loop Denial-of-Service technique that works against some UDP-based application-level services. It's pretty trivial, and basically relies on sending an error message to, let's say, vulnerable server A in such a way, using IP address source spoofing, that server A responds with an error message to vulnerable server B, which sends an error message to A, which responds to B, which responds to A, over and over again in an infinite loop.
A new large-scale StrelaStealer malware campaign has impacted over a hundred organizations across the United States and Europe, attempting to steal email account credentials. StrelaStealer was first documented in November 2022 as a new information-stealing malware that steals email account credentials from Outlook and Thunderbird.
In an email to customers, the Vans and North Face parent promised that crooks didn't swipe their credit card or bank account details. "VF never collects or retains any detailed payment or financial information, such as bank account or credit card information, so no such information was exposed to the threat actors. Furthermore, no consumers' passwords were compromised. Please note that formal investigations by competent authorities are still ongoing. For this reason, we are unable to provide further details."
Lynis: Open-source security auditing toolLynis is a comprehensive open-source security auditing tool for UNIX-based systems, including Linux, macOS, and BSD. WebCopilot: Open-source automation tool enumerates subdomains, detects bugsWebCopilot is an open-source automation tool that enumerates a target's subdomains and discovers bugs using various free tools. NIST's NVD has encountered a problemWhether the cause is insurmountable technical debt, lack of funds, a third reason or all of them, NIST's National Vulnerability Database is struggling, and it's affecting vulnerability management efforts.
The North Korea-linked threat actor known as Kimsuky (aka Black Banshee, Emerald Sleet, or Springtail) has been observed shifting its tactics, leveraging Compiled HTML Help (CHM) files as vectors...
German authorities have announced the takedown of an illicit underground marketplace called Nemesis Market that peddled narcotics, stolen data, and various cybercrime services. The Federal...
With iOS 17.4, Apple introduced a new choice screen that asks EU users to select a default web browser from a list of randomly listed browsers, including Opera. Google also rolled out a similar browser choice screen to Android users on March 6th, which will be shown during the initial setup of an Android smartphone or tablet.
Microsoft plans to limit access to over fifty cloud products for Russian organizations by the end of March as part of the sanctions requirements against the country issued by EU regulators last December. "After March 20, 2024, you will not be able to access those Microsoft products or services, or any data stored in them." - Microsoft.
The Kremlin's cyberspies targeted German political parties in a phishing campaign that used emails disguised as dinner party invitations, according to Mandiant. Russia's Cozy Bear, also known as APT29 and Midnight Blizzard, engineered the messages to infect marks' Windows PCs with a backdoor first observed in January and dubbed WINELOADER. These were intended to provide long-term access to the political parties' networks and data, the Google-backed security biz asserted on Friday.
The WINELOADER backdoor used in recent cyber attacks targeting diplomatic entities with wine-tasting phishing lures has been attributed as the handiwork of a hacking group with links to Russia's...