controlgap.com

Posts about:

zeroday

Ransomware, [in]security, Bill C11, zeroday, AES

This Week's [in]Security - Issue 270

Welcome to This Week’s [in]Security. PCI and payments: Payments: New breaches: Pegasus Airlines, ACY Securities, Elasticsearch Buckets. New Ransomware, Follow-ups & Fall-out: largest breaches. Privacy: Consumer Trust, Tim Hortons. Laws & Regs - Canada: C-18, C-11. US: ethical hacking, privacy bill, right to repair. World: Crypto-AML. Defense - Tools & Techniques, Vulnerabilities, Advisories: CISA & FDA. Zerodays, dangerous Follina/MSDT, Confluence, Horde, ICS Doh! Patching. Other: Bulletproof TLS, MySQL, web-scraping. Vulnerability research: remote touchscreen control. Crypto-research: Quantum, AES. Cybercrime: Trends: WordPress Plugins, scams. Crime & Enforcement: Disrupting DDoS. Nation States and mercenaries. Other. Other Risks: General: bias, scammers. Health, Safety, Environment, Disinformation, Economy. Russia v. Ukraine. Innovation and more.

CG Blogger
Read More
Follina, zeroday, Microsoft

“Follina” – Critical Zero-Day Exploit for Microsoft Products

Background

Over the past holiday weekend, a tweet from Tokyo-based security researcher “nao_sec” first identified an interesting upload to antivirus platform VirusTotal[1]. The Microsoft Word (.docx) file, uploaded from an IP address originating in Belarus, was found to contain a novel mechanism for obtaining PowerShell command execution through Office documents via the Microsoft Support Diagnostic Tool (MS-MSDT) troubleshooting feature. This original malware sample is currently being analyzed by members of the cybersecurity community, including Kevin Beaumont, who posted his analysis on Sunday, May 29th and named the sample “Follina”[2].

Connor McMillan
Read More
COVID-19, IoT, NIST, Revil, [in]security, Cybercrime, Crypto, Magecart, OWASP, VoIP, zeroday

This Week's [in]Security - Issue 234 | insecurity | Control Gap

Welcome to This Week’s [in]Security. PCI and payments: Remote assessments, magecart. New breaches: Thai visitors, Event Builder, Exchange. New Ransomware: Alert, Exabyte. Major outages: voip.ms, Trello. Follow-ups & Fall-out: Revil FBI Sting & backdoor cheat, Epik. Privacy: Amazon, Ant, creepy? QR, ewwww! Laws & Regs: Canada: US: Infrastructure, Facebook, Warrants. World: China bans crypto, Huawei, USB-C. Standards: CISA IPv6, NIST drafts. Defense: SSNs, AppSec, Quad, Ransomware action, Medical IoT, passwordless, tools, Cyber-insurance, Autodiscover, Bug bounties. Vulnerabilities, Zerodays: record zerodays, IoT, IoS, MacOS. Chrome. Other Vulnerabilities: OWASP update, API credentials, Ryzen, hack a mainframe demo, OpenOffice, Cisco, smartphones, Nagios, VMware. SonicWall, Routers, ROT13-NG. Cybercrime: Trends: Nation States. Crime: Mafia, DeFi, undone. Other Risks: Quantum Risk, Health, Safety & Environment. Covid-19: Spread, Curves, Waves, and Variants; Response; Immunity; Impact; Covid Ugly; And more.

CG Blogger
Read More
COVID-19, Ransomware, NIST, [in]security, Skimmers, zeroday

This Week's [in]Security - Issue 210 | insecurity | Control Gap

Welcome to This Week’s [in]Security. PCI 3DS, New e-skimmers, Card breaches. EU's SCA. Big-Hacks: Facebook, Linkedin. New breaches: Clubhouse, Q Link Wireless. New Ransomware. Follow-ups & Fall-out. Privacy: Big Brother? Xcinex Venue. Laws & Regs: Bans, Breach law, Facial recognition, NIST & Hippa. Defense: Tools, Simplification, Resilience. Vulnerabilities: Cisco zeroday, Pwn2Own, SAP, Zoom, Carbon Black, Domain Time II, Moodle, medical devices, 802.11bf sensing. Cybercrime: Trends. Gigaset, Nation States. Cyber-war? Other Risks. Health, Safety & Environment. Covid-19: Spread, Curves, Waves, and Variants. The Good, Bad, and Ugly (Behaviour). And more.

CG Blogger
Read More
offensivesecurity, zeroday

The MS Exchange - World-Wide Exploitation | blog,zeroday,offensivesecurity | Control Gap

For organizations running on-premise Microsoft Exchange servers, we want to make you aware of four severe zero-day vulnerabilities announced on March 2nd, 2021. Attackers are using these vulnerabilities to obtain SYSTEM level access, execute arbitrary code, gain Domain level access, steal information, and install ransomware. The announced CVEs impact most versions of Exchange server but do not impact organizations utilizing Exchange Online or Microsoft 365 (M365). If your organization uses Microsoft Exchange 2010, 2013, 2016, or 2019, Microsoft strongly urges that you apply security patches immediately to reduce the threat of compromise [1].

Anthony Tam
Read More
COVID-19, NIST, [in]security, Skimmers, zeroday, HSM

This Week's [in]Security - Issue 202 | insecurity | Control Gap

Welcome to This Week’s [in]Security. PCI HSM Update RFC. Vampire Skimmer. New breaches: New Ransomware. Encryption and Breaches. SolarWinds. NIST. Zero Days. Defender. Drivers. TCP Stacks. SAP. SonicWall. WordPress. SuperMicro. Trends. Water Plant Hack. Nation States. Supply-Chain Attack. Arrests, etc. SIM Swappers. AI Manipulators. Ambivalence. Health, Safety & Environment. Covid-19: Spread, Curves, Spikes, Waves, & reinfections. New Variants. Immunity, Vaccines, and Vaccination. The Good, Bad, and Ugly (Behaviour). And more.

CG Blogger
Read More