Security News

Researcher hijacks popular Packagist PHP packages to get a job
2023-05-03 15:30

The researcher reached out to BleepingComputer stating that by hijacking these packages he hopes to get a job. Yesterday, a researcher with the pseudonym 'neskafe3v1' reached out to BleepingComputer stating he had taken over fourteen Packagist packages, with one of them having over 500 million installs.

Researchers Uncover New BGP Flaws in Popular Internet Routing Protocol Software
2023-05-02 14:26

Cybersecurity researchers have uncovered weaknesses in a software implementation of the Border Gateway Protocol that could be weaponized to achieve a denial-of-service condition on vulnerable BGP peers. The three vulnerabilities reside in version 8.4 of FRRouting, a popular open source internet routing protocol suite for Linux and Unix platforms.

Google’s 2FA app update lacks end-to-end encryption, researchers find
2023-04-28 16:42

On April 25, security researchers Tommy Mysk and Talal Haj Bakry, who are known collectively on Twitter as Mysk, warned users of Google's Authenticator 2FA app to not turn on a new syncing feature. The change came about when Google enabled its 2FA Authenticator app to sync credentials across different devices.

Google leaking 2FA secrets – researchers advise against new “account sync” feature for now
2023-04-26 19:59

The Google Authenticator 2FA app has featured strongly in cybersecurity news stories lately, with Google adding a feature to let you backup your 2FA data into the cloud and then restore it onto other devices. The six-digit codes commonly generated by 2FA apps get calculated right on your phone, not on your laptop; they're based on a "Seed" or "Starting key" that's stored on your phone; and they're protected by the lock code on your phone, not by any passwords you routinely type in on your laptop.

Researchers discover sensitive corporate data on decommissioned routers
2023-04-19 08:05

"We would expect medium-sized to enterprise companies to have a strict set of security initiatives to decommission devices, but we found the opposite. Organizations need to be much more aware of what remains on the devices they put out to pasture, since a majority of the devices we obtained from the secondary market contained a digital blueprint of the company involved, including, but not limited to, core networking information, application data, corporate credentials, and information about partners, vendors, and customers," Camp continued. Organizations often recycle aging tech through third-party companies that are charged with verifying the secure destruction or recycling of digital equipment and the disposal of the data contained therein.

Researchers Discover Critical Remote Code Execution Flaw in vm2 Sandbox Library
2023-04-08 05:04

The maintainers of the vm2 JavaScript sandbox module have shipped a patch to address a critical flaw that could be abused to break out of security boundaries and execute arbitrary shellcode. The flaw, which affects all versions, including and prior to 3.9.14, was reported by researchers from South Korea-based KAIST WSP Lab on April 6, 2023, prompting vm2 to release a fix with version 3.9.15 on Friday.

Researchers Uncover Thriving Phishing Kit Market on Telegram Channels
2023-04-07 12:32

In yet another sign that Telegram is increasingly becoming a thriving hub for cybercrime, researchers have found that threat actors are using the messaging platform to peddle phishing kits and help set up phishing campaigns. "To promote their 'goods,' phishers create Telegram channels through which they educate their audience about phishing and entertain subscribers with polls like, 'What type of personal data do you prefer?'," Kaspersky web content analyst Olga Svistunova said in a report published this week.

Researchers claim they can bypass Wi-Fi encryption (briefly, at least)
2023-04-03 18:59

The answer, our researchers discovered, is that so-called active adversaries might be able to shake loose at least some queued-up data from at least least some access points. The researchers figured out various ways of tricking some access points into releasing those queued-up network packets.

Researchers Detail Severe "Super FabriXss" Vulnerability in Microsoft Azure SFX
2023-03-30 17:02

Details have emerged about a now-patched vulnerability in Azure Service Fabric Explorer that could lead to unauthenticated remote code execution. Tracked as CVE-2023-23383, the issue has been dubbed "Super FabriXss" by Orca Security, a nod to the FabriXss flaw that was fixed by Microsoft in October 2022.

Mélofée: Researchers Uncover New Linux Malware Linked to Chinese APT Groups
2023-03-29 12:01

An unknown Chinese state-sponsored hacking group has been linked to a novel piece of malware aimed at Linux servers. "The rootkit has a limited set of features, mainly installing a hook designed for hiding itself."