Western intelligence agencies are investigating a cyberattack by unidentified hackers that disrupted broadband satellite internet access in Ukraine coinciding with Russia's invasion, according to three people with direct knowledge of the incident.
Vulnerabilities found in widely-used Uninterruptible Power Supplies could allow attackers to bypass security features and remotely take over or damage critical industrial, medical, and enterprise devices
They’re accused of colluding to carve up the advertising market between them
On the Effectiveness of Hardware Mitigations Against Cross-Privilege Spectre-v2 Attacks
BHI (or Spectre-BHB) is a revival of cross-privilege Spectre-v2 attacks on modern systems deploying in-hardware defenses. And we have a very neat end-to-end exploit leaking arbitrary kernel memory on modern Intel CPUs to prove it (PoC||GTFO right?).
The Danish data protection authority ('Datatilsynet') announced, on 9 March 2022, that it had published a new guide on the use of cloud services, as well as a short overview of frequently asked questions ('FAQs'). In particular, the Datatilsynet stated that the new guide is targeted at data controllers and notes the considerations which data controllers must keep in mind when using a cloud service, including an outline of the pitfalls, opportunities, and obligations that arise when using such technologies.
Document PDF
Cisco Talos has observed new cyber attacks targeting Turkey and other Asian countries we believe with high confidence are from groups operating under the MuddyWater umbrella of APT groups. U.S. Cyber Command recently connected MuddyWater to Iran's Ministry of Intelligence and Security (MOIS).
Geneva is a genetic algorithm that automatically learns how to evade nation state censors.
A new reflection/amplification distributed denial of service (DDoS) vector with a record-breaking potential amplification ratio of 4,294,967,296:1 has been abused by attackers in the wild to launch multiple high-impact DDoS attacks.
New method also stretches out DDoS durations to 14 hours.
Belarus conducted widespread phishing attacks against members of the Polish military as well as Ukrainian officials, security researchers said Monday, providing more evidence that its role in Russia’s invasion of Ukraine has gone beyond serving as a staging area for Russian troops
The National Security Agency (NSA) has released a new Cybersecurity Technical Report (CTR): Network Infrastructure Security Guidance. The report captures best practices based on the depth and breadth of experience in supporting customers and responding to threats.
Recommendations include perimeter and internal network defenses to improve monitoring and access controls throughout the network.
Online security is extremely important for people in Ukraine and the surrounding region right now. Government agencies, independent newspapers and public service providers need it to function and individuals need to communicate safely. Google’s Threat Analysis Group (TAG) has been working around the clock, focusing on the safety and security of our users and the platforms that help them access and share important information.
Mozilla has pushed out-of-band software updates to its Firefox web browser to contain two high-impact security vulnerabilities, both of which it says are being actively exploited in the wild.
Samsung Electronics confirmed on Monday that its network was breached and the hackers stole confidential information, including source code present in Galaxy smartphones.
This is the story of CVE-2022-0847, a vulnerability in the Linux kernel since 5.8 which allows overwriting data in arbitrary read-only files. This leads to privilege escalation because unprivileged processes can inject code into root processes.
It is similar to CVE-2016-5195 “Dirty Cow” but is easier to exploit.
The vulnerability was fixed in Linux 5.16.11, 5.15.25 and 5.10.102.
Despite the fact that it is not a 'real' vulnerability, escaping privileged Docker containers is nevertheless pretty funny. And because there will always be people who will come up with reasons or excuses to run a privileged container (even though you really shouldn't), this could really be handy at some point in the future
The Lapsus$ data extortion group leaked today a huge collection of confidential data they claim to be from Samsung Electronics, the South Korean giant consumer electronics company.
Chipmaker has until Friday to comply or see its crown-jewel source code released.
Threat actors are using stolen NVIDIA code signing certificates to sign malware to appear trustworthy and allow malicious drivers to be loaded in Windows.
This week, NVIDIA confirmed that they suffered a cyberattack that allowed threat actors to steal employee credentials and proprietary data.
If you use an Apple Macbook, it’s likely that you have a secret enclave for important secrets — such as your encryption keys. These keys define the core of the trust infrastructure on the device — and protect applications from stealing these secrets. The TEE also allows isolation between code which is fully trusted, and code that cannot be fully trusted. If this did not happen, we could install applications on our computer which would discover our login password and steal the encryption used used to key things secret and trusted.
