Fuzzilli - A JavaScript Engine Fuzzer
A (coverage-)guided fuzzer for dynamic language interpreters based on a custom intermediate language ("FuzzIL") which can be mutated and translated to JavaScript. Usage The basic steps to use this fuzzer are: Download the source code for one of the supported JavaScript engines. See the Targets/...
9.8CVSS
8.7AI Score
0.961EPSS
Robot Vacuums Suck Up Sensitive Audio in ‘LidarPhone’ Hack
Researchers have uncovered a new attack that lets bad actors snoop in on homeowners’ private conversations – through their robot vacuums. The vacuums, which utilize smart sensors in order to autonomously operate, have gained traction over the past few years. The attack, called “LidarPhone” by...
0.1AI Score
Holidays Are Coming – the State of Security for E-commerce in 2020
With the Coronavirus pandemic driving consumers online, a new report from Imperva reveals how this year’s holiday shopping season will present online retailers with a level of traffic - and cyber-attack threats - like they’ve never seen before. Among the many effects of COVID-19 has been a huge...
-0.2AI Score
Trojanized Security Software Hits South Korea Users in Supply-Chain Attack
Cybersecurity researchers took the wraps off a novel supply chain attack in South Korea that abuses legitimate security software and stolen digital certificates to distribute remote administration tools (RATs) on target systems. Attributing the operation to the Lazarus Group, also known as Hidden.....
1AI Score
From Triton to Stuxnet: Preparing for OT Incident Response
From an irked former contractor in Australia sabotaging a sewage plant in 2000, to the more high-level 2017 Triton malware attacks on Saudi Arabian petrochemical plants, operational technology (OT) for critical infrastructure has increasingly been a cybersecurity concern. But now, the COVID-19...
0.6AI Score
RegretLocker, new ransomware, can encrypt Windows virtual hard disks
Cybersecurity researchers discovered a new ransomware last month called RegretLocker that, despite a no-frills package, can do serious damage to virtual hard disks on Windows machines. Through a clever trick, RegretLocker can bypass the often-long encryption times required when encrypting a...
6.9AI Score
New Book! The Best of TaoSecurity Blog, Volume 3
Introduction I published a new book! The Best of TaoSecurity Blog, Volume 3: Current Events, Law, Wise People, History, and Appendices is the third title in the TaoSecurity Blog series. It's in the Kindle Store, and if you have an Unlimited account, it's free. I also published a print edition,...
6.6AI Score
ShowStopper - Anti-Debug tricks exploration tool
The ShowStopper project is a tool to help malware researchers explore and test anti-debug techniques or verify debugger plugins or other solutions that clash with standard anti-debug methods. With this tool, you can attach a debugger to its process and research the debugger’s behavior for the...
7.3AI Score
OpenSSL 0.9.8 Information Disclosure Vulnerability
OpenSSL is prone to an information disclosure...
6.2AI Score
0.001EPSS
Ransomware Activity Targeting the Healthcare and Public Health Sector
Summary This advisory was updated to include information on Conti, TrickBot, and BazarLoader, including new IOCs and Yara Rules for detection. This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) version 7 framework. See the ATT&CK for Enterprise version 7...
9.4AI Score
Is It Worth It to Defend Your Service from Video Piracy?
The answer isn't obvious. From headcount to vendor spend, combating video piracy is expensive. And piracy has been a part of the entertainment industry since the silent movie era. It's not crazy to say, "Maybe it's just a cost of doing show business." So let's start with a different question. ...
0.4AI Score
North Korea-Backed Spy Group Poses as Reporters in Spearphishing Attacks, Feds Warn
The North Korean advanced persistent threat (APT) group known as Kimsuky is actively attacking commercial-sector businesses, often by posing as South Korean reporters, according to an alert from the U.S. Cybersecurity and Infrastructure Security Agency (CISA). Kimsuky (a.k.a. Hidden Cobra) has...
-0.1AI Score
Keeping ransomware cash away from your business
A ransomware gang has made headlines for donating a big chunk of stolen funds to two charities. Two separate donations given to Children International and The Water Project rang tills to the tune of $10,000 each. Their reason was that they’re targeting “only large profitable corporations, we think....
6.8AI Score
Summary This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise frameworks for all referenced threat actor techniques. This product was written by the Cybersecurity and Infrastructure Security Agency (CISA) with...
7.8CVSS
9.3AI Score
0.974EPSS
Summary This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques. This product was written by the Cybersecurity and Infrastructure Security Agency (CISA) and the...
9.6AI Score
Why we invite security researchers to hack Azure Sphere
Fighting the security battle so our customers don’t have to IoT devices are becoming more prevalent in almost every aspect of our lives—we will rely on them in our homes, our businesses, as well as our infrastructure. In February, Microsoft announced the general availability of Azure Sphere, an...
-0.2AI Score
EXECUTIVE SUMMARY CVSS v3 2.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Yokogawa Equipment: Main equipment Vulnerability: Buffer Copy Without Checking Size of Input 2. RISK EVALUATION Successful exploitation of this vulnerability could terminate the program...
9.8CVSS
9.8AI Score
0.002EPSS
An overview of targeted attacks and APTs on Linux
Perhaps unsurprisingly, a lot has been written about targeted attacks on Windows systems. Windows is, due to its popularity, the platform for which we discover most APT attack tools. At the same time, there's a widely held opinion that Linux is a secure-by-default operating system that isn't...
AI Score
0.974EPSS
JITSploitation II: Getting Read/Write
Posted by Samuel Groß, Project Zero This three-part series highlights the technical challenges involved in finding and exploiting JavaScript engine vulnerabilities in modern web browsers and evaluates current exploit mitigation technologies. The exploited vulnerability, CVE-2020-9802, was fixed in....
8.8CVSS
9.7AI Score
0.593EPSS
JITSploitation III: Subverting Control Flow
Posted by Samuel Groß, Project Zero This three-part series highlights the technical challenges involved in finding and exploiting JavaScript engine vulnerabilities in modern web browsers and evaluates current exploit mitigation technologies. The exploited vulnerability, CVE-2020-9802, was fixed...
8.8CVSS
10AI Score
0.593EPSS
By Samuel Groß, Project Zero This three-part series highlights the technical challenges involved in finding and exploiting JavaScript engine vulnerabilities in modern web browsers and evaluates current exploit mitigation technologies. The exploited vulnerability, CVE-2020-9802, was fixed in iOS...
8.8CVSS
9.6AI Score
0.593EPSS
Dopple-Ganging Up on Facial Recognition
ARCHIVED STORY Dopple-ganging up on Facial Recognition Systems By Steve Povolny · August 25, 2020 Co-authored with Jesse Chick, OSU Senior and Former McAfee Intern, Primary Researcher. Special thanks to Dr. Catherine Huang, McAfee Advanced Analytics Team Special thanks to Kyle Baldes, Former...
0.2AI Score
Dopple-Ganging Up on Facial Recognition
ARCHIVED STORY Dopple-ganging up on Facial Recognition Systems By Steve Povolny · August 25, 2020 Co-authored with Jesse Chick, OSU Senior and Former McAfee Intern, Primary Researcher. Special thanks to Dr. Catherine Huang, McAfee Advanced Analytics Team Special thanks to Kyle Baldes, Former...
6.3AI Score
The Sounds a Key Make Can Produce 3D-Printed Replica
Security researchers have given a whole new meaning to “picking a lock,” demonstrating that they can use audio and signal-processing technology to listen to the sounds a key makes when it opens a lock and then 3D-print a duplicate from a recording. The attack, called SpiKey, leverages any basic...
-0.1AI Score
MSI Ambient Link Multiple Vulnerabilities
Advisory Information Title: MSI Ambient Link Multiple Vulnerabilities Advisory ID: CORE-2020-0012 Advisory URL: https://www.coresecurity.com/core-labs/advisories/msi-ambient-link-multiple-vulnerabilities Date published: 2020-08-19 Date of last update: 2020-08-19 Vendors contacted: MSI Release...
7.8CVSS
8.4AI Score
0.002EPSS
Zoom Faces More Legal Challenges Over End-to-End Encryption
Video-conferencing behemoth Zoom has been hit with yet another lawsuit stemming from its claim to offer end-to-end encryption for sessions. The suit, filed in a Washington D.C. court [PDF] this week by a nonprofit advocacy group called Consumer Watchdog, alleges that the company falsely told users....
-0.9AI Score
The Publishing Industry -- Where to Now?
Many of us have spent far more time at home looking at screens to keep up to date with the world than would have seemed possible at the start of the year. In the UK, as with many other countries, the lockdown rules and pandemic response were changing on a near-daily basis, and the 5 PM government.....
-0.6AI Score
CIS Releases 2019 Year in Review
The Center for Internet Security (CIS) has released its 2019 Year in Review. CIS is home to the Multi-State Information Sharing & Analysis Center (MS-ISAC), a Cybersecurity and Infrastructure Security Agency (CISA) partner focused on cyber threat prevention, protection, response, and recovery for.....
6.6AI Score
Quarterly highlights Targeted attacks The second quarter often saw phishers resort to targeted attacks, especially against fairly small companies. To attract attention, scammers imitated email messages and websites of companies whose products or services their potential victims could be using. The....
-0.4AI Score
0.974EPSS
Intel, ARM, IBM, AMD Processors Vulnerable to New Side-Channel Attacks
It turns out that the root cause behind several previously disclosed speculative execution attacks against modern processors, such as Meltdown and Foreshadow, was misattributed to 'prefetching effect,' resulting in hardware vendors releasing incomplete mitigations and countermeasures. Sharing...
1AI Score
Repurposing Neural Networks to Generate Synthetic Media for Information Operations
FireEye’s Data Science and Information Operations Analysis teams released this blog post to coincide with our Black Hat USA 2020 Briefing, which details how open source, pre-trained neural networks can be leveraged to generate synthetic media for malicious purposes. To summarize our presentation,.....
0.6AI Score
Cybercrime in the Age of COVID-19
The Cambridge Cybercrime Centre has a series of papers on cybercrime during the coronavirus pandemic. EDITED TO ADD (8/12): Interpol...
2.4AI Score
US Government Warns of a New Strain of Chinese 'Taidoor' Virus
Intelligence agencies in the US have released information about a new variant of 12-year-old computer virus used by China's state-sponsored hackers targeting governments, corporations, and think tanks. Named "Taidoor," the malware has done an 'excellent' job of compromising systems as early as...
0.8AI Score
New Attack Leverages HTTP/2 for Effective Remote Timing Side-Channel Leaks
Security researchers have outlined a new technique that renders a remote timing-based side-channel attack more effective regardless of the network congestion between the adversary and the target server. Remote timing attacks that work over a network connection are predominantly affected by...
-0.2AI Score
-0.1AI Score
Baldr Botnet Panel Shell Upload Exploit
This module exploits an arbitrary file upload vulnerability within the Baldr stealer malware control panel when uploading victim log files (which are uploaded as ZIP files). Attackers can turn this vulnerability into an RCE by first registering a new bot to the panel and then uploading a ZIP file.....
7.3AI Score
Deepfakes or not: new GAN image stirs up questions about digital fakery
Subversive deepfakes that enter the party unannounced, do their thing, then slink off into the night without anybody noticing are where it’s at. Easily debunked clips of Donald Trump yelling THE NUKES ARE UP or something similarly ludicrous are not a major concern. We’ve already dug into why...
6.9AI Score
Parallels RAS OS Command Execution
Advisory Information Title: Parallels RAS OS Command Execution Advisory ID: CORE-2020-0011 Advisory URL: https://www.coresecurity.com/core-labs/advisories/parallels-ras-os-command-execution Date published: 2020-07-23 Date of last update: 2020-07-21 Vendors contacted: Parallels Release mode:...
9.9CVSS
-0.1AI Score
0.018EPSS
Replace PGP With an HTTPS Form
I asked my Twitter followers what I should talk about in this issue, and those trolls picked PGP and security vulnerability reporting, so here goes nothing. As you probably know, the school of modern cryptography thinking I subscribe to says that tools and protocols should be small, simple, and...
8.1CVSS
-0.5AI Score
0.969EPSS
Threat Source newsletter for July 16, 2020
Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. If you haven’t already, we highly recommend you read our in-depth research paper on election security. This paper represents four years of hands-on research, interviews and insight into how things have changed since 2016, and what.....
1.2AI Score
How CARTA Strategies for Web Applications are Met with Indusface AppTrana Solution
Gartner’s CARTA (Continuous Adaptive Risk and Trust Assessment), which sets out their vision for security, is increasingly being adopted by several enterprises. Recently Gartner also called out CARTA strategic approach in the top 10 security projects for 2019. CARTA, being a strategic approach,...
AI Score
Ronald Graham and the Magic of Math
Late Monday night, I received an email sharing the sad news that Ronald Graham had died that evening at the age of 84. For those who never had the pleasure of knowing Ron, he was a brilliant mathematician with a great sense of humor, a circus-level juggler and magician, a mentor of countless...
0.1AI Score
Do Chromebooks need antivirus protection?
The supervisor handed Jim a Chromebook and said: “Take this home with you and use it to send me updates. We want to minimize the number of visits to the office—anything you can do from home helps keep this place safer. When the pandemic is over, I’d like to have it back in one piece, if...
-0.8AI Score
Connected Car Standards – Thank Goodness!
Intelligent transportation systems (ITS) require harmonization among manufacturers to have any chance of succeeding in the real world. No large-scale car manufacturer, multimodal shipper, or MaaS (Mobility as a Service) provider will risk investing in a single-vendor solution. Successful ITS...
-0.2AI Score
Over 100 New Chrome Browser Extensions Caught Spying On Users
Google recently removed 106 more extensions from its Chrome Web Store after they were found illegally collecting sensitive user data as part of a "massive global surveillance campaign" targeting oil and gas, finance, and healthcare sectors. Awake Security, which disclosed the findings late last...
0.6AI Score
Security and Human Behavior (SHB) 2020
Today is the second day of the thirteenth Workshop on Security and Human Behavior. It's being hosted by the University of Cambridge, which in today's world means we're all meeting on Zoom. SHB is a small, annual, invitational workshop of people studying various aspects of the human side of...
-0.4AI Score
Podcast: Would You Use A Contact-Tracing Coronavirus App?
As a world afflicted by the coronavirus pandemic begins to re-open restaurants, retail stores and more, public-health officials remain concerned about the spread of the virus. Technology for contact-tracing apps, intended to help citizens trace whether they were exposed to someone who has tested...
-0.7AI Score
h1-ctf: [h1-2006 2020] Write up for H1-2006 CTF
I huffed and puffed my way up a flight of stairs into a dimly lit, dusty room, looking for Sherlock. As I made way through scattered books, I exclaimed, "Sherlock, wake up! It’s that time of the year. h1-ctf, a chance to get an invitation to hackerone’s live hacking event. “zer0ttl, of course!...
-0.7AI Score
Stegcloak - Hide Secrets With Invisible Characters In Plain Text Securely Using Passwords
StegCloak is a pure JavaScript steganography module designed in functional programming style, to hide secrets inside text by compressing and encrypting with Zero Width Characters. It can be used to safely watermark strings, invisible scripts on webpages, texts on social media or for any other...
7.1AI Score
0.3AI Score
0.018EPSS