Security News
The latest version of Firefox is now available and includes an important step forward for web browser security. Firefox, the little browser that could, continues chugging along.
Microsoft on Monday announced the seizure of 42 domains used by a China-based cyber espionage group that set its sights on organizations in the U.S. and 28 other countries pursuant to a legal warrant issued by a federal court in the U.S. state of Virginia. "Nickel has targeted organizations in both the private and public sectors, including diplomatic organizations and ministries of foreign affairs in North America, Central America, South America, the Caribbean, Europe and Africa," Microsoft's Corporate Vice President for Customer Security and Trust, Tom Burt, said.
Researchers have discovered 14 new types of cross-site data leakage attacks against a number of modern web browsers, including Tor Browser, Mozilla Firefox, Google Chrome, Microsoft Edge, Apple Safari, Opera, among others. "The purpose of the same-origin policy is to prevent information from being stolen from a trusted website. In the case of XS-Leaks, attackers can nevertheless recognize individual, small details of a website. If these details are tied to personal data, those data can be leaked."
IT security researchers from Ruhr-Universität Bochum and the Niederrhein University of Applied Sciences have discovered 14 new types of 'XS-Leak' cross-site leak attacks against modern web browsers, including Google Chrome, Microsoft Edge, Safari, and Mozilla Firefox. These types of side-channel attacks are called 'XS-Leaks,' and allow attacks to bypass the 'same-origin' policy in web browsers so that a malicious website can steal info in the background from a trusted website where the user enters information.
Cannazon, one of the largest dark web marketplaces for buying marijuana products, shut down last week after suffering a debilitating distributed denial of service attack. The admins posted that message on November 23, 2021, and today, Cannazon went offline, allegedly forever.
VMware has shipped updates to address two security vulnerabilities in vCenter Server and Cloud Foundation that could be abused by a remote attacker to gain access to sensitive information. The more severe of the issues concerns an arbitrary file read vulnerability in the vSphere Web Client.
A high-severity security vulnerability in CloudLinux's Imunify360 cybersecurity platform could lead to arbitrary code execution and web-server takeover, according to researchers. Imunify360 is a security platform for Linux-based web servers that allows users to configure various settings for real-time website protection and web-server security.
Security researchers have checked the web's public key infrastructure and have measured a long-known but little-analyzed security threat: hidden root Certificate Authorities. You can be reasonably confident that your bank website is actually your bank website when it presents your browser with an end-user or leaf certificate that's linked through a chain of trust to an intermediate certificate and ultimately the X.509 root certificate of a trusted CA. Each browser relies on a trust store consisting of a hundred or so root certificates that belong to a smaller set of organizations.
Security researchers discovered that attackers are also deploying a Linux backdoor on compromised e-commerce servers after injecting a credit card skimmer into online shops' websites. "After a day and a half, the attacker found a file upload vulnerability in one of the store's plugins. S/he then uploaded a webshell and modified the server code to intercept customer data."
Security researchers discovered that attackers are also deploying a Linux backdoor on compromised e-commerce servers after injecting a credit card skimmer into online shops' websites. "After a day and a half, the attacker found a file upload vulnerability in one of the store's plugins. S/he then uploaded a webshell and modified the server code to intercept customer data."