Minio unsafe default: Access keys inherit `admin` of root user, allowing privilege escalation
Summary When someone creates an access key, it inherits the permissions of the parent key. Not only for s3:* actions, but also admin:* actions. Which means unless somewhere above in the access-key hierarchy, the admin rights are denied, access keys will be able to simply override their own s3...
8.8CVSS
8.9AI Score
0.002EPSS
The Psychology of Phishing: Unraveling the Success Behind Phishing Attacks and Effective Countermeasures By Tomer Shloman · February 1, 2024 Phishing is one of the most sneaky and widespread attacks in the constantly changing world of cybersecurity threats. This form of cyber attack, deceiving...
7.1AI Score
Decline in robocalls is encouraging, efforts seem to be working
The Federal Communications Commission (FCC) has announced that its recent actions with the Federal Trade Commission (FTC) against international robocalls appear to have had an effect. Robocalls are automated phone calls, often associated with scams and unwanted solicitations, which can be a...
6.7AI Score
ICS and OT threat predictions for 2024
We do not expect rapid changes in the industrial cyberthreat landscape in 2024. Most of the below-described trends have been observed before, many for some years. However, some of them have reached a critical mass of creeping changes, which could lead to a qualitative shift in the threat landscape....
7.2AI Score
Post-quantum Cryptography for the Go Ecosystem
filippo.io/mlkem768 is a pure-Go implementation of ML-KEM-768 optimized for correctness and readability. ML-KEM (formerly known as Kyber, renamed because we can't have nice things) is a post-quantum key exchange mechanism in the process of being standardized by NIST and adopted by most of the...
6.8AI Score
Brazilian Feds Dismantle Grandoreiro Banking Trojan, Arresting Top Operatives
A Brazilian law enforcement operation has led to the arrest of several Brazilian operators in charge of the Grandoreiro malware. The Federal Police of Brazil said it served five temporary arrest warrants and 13 search and seizure warrants in the states of São Paulo, Santa Catarina, Pará, Goiás,...
6.7AI Score
China-Linked Hackers Target Myanmar's Top Ministries with Backdoor Blitz
The China-based threat actor known as Mustang Panda is suspected to have targeted Myanmar's Ministry of Defence and Foreign Affairs as part of twin campaigns designed to deploy backdoors and remote access trojans. The findings come from CSIRT-CTI, which said the activities took place in November...
7.2AI Score
Apple warns of “privacy and security threats” after EU requires it to allow sideloading
Despite several warnings about the risks, Apple will allow European iPhone owners to install apps obtained from outside the official App store (sideloading). These drastic changes are brought about to comply with the European Union’s (EU) Digital Markets Act (DMA). The Digital Markets Act (DMA)...
6.6AI Score
Deepfake Taylor Swift images circulate online, politicians call for laws to ban deepfake creation
Deepfake images of Taylor Swift have really made some serious waves. Explicit images of the popstar, generated by Artificial Intelligence (AI) were posted on social media and Telegram. The images were viewed millions of times. The impact of the deepfake was enormous. Social media platform X...
7.3AI Score
Top Security Posture Vulnerabilities Revealed
Each New Year introduces a new set of challenges and opportunities for strengthening our cybersecurity posture. It's the nature of the field – the speed at which malicious actors carry out advanced persistent threats brings a constant, evolving battle for cyber resilience. The excitement in...
7.4AI Score
In conversation: Bruce Schneier on AI-powered mass spying
For decades, governments and companies have surveilled the conversations, movements, and behavior of the public. And then the internet came along and made that a whole lot easier. Today, search engines collect our queries, browsers collect our device information, smartphones collect out...
6.8AI Score
Unraveling the Key Components of the Renowned OWASP Mobile Top 10 Index The altruistic initiative, Open Network Application Defense Plan (ONADP), spearheads a cluster of operations in its mission to enhance the level of software protection. A cardinal tool emerging from their efforts, The OWASP...
7.7AI Score
Chatbots and Human Conversation
For most of history, communicating with a computer has not been like communicating with a person. In their earliest years, computers required carefully constructed instructions, delivered through punch cards; then came a command-line interface, followed by menus and options and text boxes. If you.....
6.9AI Score
8.9AI Score
EPSS
Dex discarding TLSconfig and always serves deprecated TLS 1.0/1.1 and insecure ciphers
Summary Dex 2.37.0 is serving HTTPS with insecure TLS 1.0 and TLS 1.1. Details While working on https://github.com/dexidp/dex/issues/2848 and implementing configurable TLS support, I noticed my changes did not have any effect in TLS config, so I started investigating. ...
7.5CVSS
7AI Score
0.001EPSS
Dex discarding TLSconfig and always serves deprecated TLS 1.0/1.1 and insecure ciphers
Summary Dex 2.37.0 is serving HTTPS with insecure TLS 1.0 and TLS 1.1. Details While working on https://github.com/dexidp/dex/issues/2848 and implementing configurable TLS support, I noticed my changes did not have any effect in TLS config, so I started investigating. ...
7.5CVSS
6.8AI Score
0.001EPSS
AI likely to boost ransomware, warns government body
The British National Cyber Security Centre (NCSC) says it expects Artificial Intelligence (AI) to heighten the global ransomware threat. In a report, the NCSC makes the assessment that AI will almost certainly increase the volume and heighten the impact of cyberattacks over the next two years....
7.6AI Score
Understanding the Basics of Security Operations (SecOps) SecOps represents the blending of cybersecurity proficiency with operational domains, forming a powerful bulwark. Its primary mission lies in safeguarding the fundamental data assets and technological infrastructures of an organization. More....
7AI Score
QR Code Phishing Soars 587%: Users Falling Victim to Social Engineering Scams
By Deeba Ahmed QR Code Phishing has surged by a staggering 587%, with scammers exploiting it to steal login credentials and deploy malware. This is a post from HackRead.com Read the original post: QR Code Phishing Soars 587%: Users Falling Victim to Social Engineering...
7.5AI Score
Oracle Linux 9 : openssl (ELSA-2024-12093)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-12093 advisory. Issue summary: A bug has been identified in the processing of key and initialisation vector (IV) lengths. This can lead to potential truncation or overruns...
7.5CVSS
7.5AI Score
0.001EPSS
Unauthenticated Nonce Increment in snow
Impact There was a logic bug where unauthenticated payloads could still cause a nonce increment in snow's internal state. For an attacker with the ability to inject packets into the channel Noise is talking over, this allows a denial-of-service type attack which could prevent communication as it...
6.9AI Score
Unauthenticated Nonce Increment in snow
Impact There was a logic bug where unauthenticated payloads could still cause a nonce increment in snow's internal state. For an attacker with the ability to inject packets into the channel Noise is talking over, this allows a denial-of-service type attack which could prevent communication as it...
6.9AI Score
Jason’s Deli Data Breach Exposes 344,000 Users in Credential Stuffing Attack
By Waqas The data breach occurred a few days before Christmas on December 21, 2023, but the details have only been revealed now. This is a post from HackRead.com Read the original post: Jason's Deli Data Breach Exposes 344,000 Users in Credential Stuffing...
7.3AI Score
10 years on from the Target breach. Has building cyber security improved?
It’s over a decade since the Target data breach. It was an event that reinforced the need for supply chain security reviews. It seems that much has changed since then, or has it? Has the security profile of the average connected building in the USA improved in that time period, be it retail,...
7.2AI Score
TCP Resets from Client and Server aka TCP-RST-FROM-Client
Diving into the Enigma of TCP Resets Executed by Client and Server The Base Communication Protocol (BCP), understoond as the Transmission Control Protocol (TCP) equivalent, plays a key role in the protocol unit of the internet. Its primary task entails laying a groundwork for communication between....
7.7AI Score
Unauthenticated Nonce Increment in snow
There was a logic bug where unauthenticated payloads could still cause a nonce increment in snow's internal state. For an attacker with privileges to inject packets into the channel over which the Noise session operates, this could allow a denial-of-service attack which could prevent message...
7AI Score
Oracle Linux 9 : openssl (ELSA-2024-0310)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-0310 advisory. Issue summary: A bug has been identified in the processing of key and initialisation vector (IV) lengths. This can lead to potential truncation or overruns...
7.5CVSS
7.5AI Score
0.001EPSS
Multiple issues involving quote API in shlex
Issue 1: Failure to quote characters Affected versions of this crate allowed the bytes { and \xa0 to appear unquoted and unescaped in command arguments. If the output of quote or join is passed to a shell, then what should be a single command argument could be interpreted as multiple arguments....
7.3AI Score
Multiple issues involving quote API in shlex
Issue 1: Failure to quote characters Affected versions of this crate allowed the bytes { and \xa0 to appear unquoted and unescaped in command arguments. If the output of quote or join is passed to a shell, then what should be a single command argument could be interpreted as multiple arguments....
7.3AI Score
AlmaLinux 9 : openssl (ALSA-2024:0310)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:0310 advisory. Issue summary: A bug has been identified in the processing of key and initialisation vector (IV) lengths. This can lead to potential truncation or overruns...
7.5CVSS
7.6AI Score
0.001EPSS
Multiple issues involving quote API
Issue 1: Failure to quote characters Affected versions of this crate allowed the bytes { and \xa0 to appear unquoted and unescaped in command arguments. If the output of quote or join is passed to a shell, then what should be a single command argument could be interpreted as multiple arguments....
7.3AI Score
Google changes wording for Incognito browsing in Chrome
Users of Chrome Canary have noticed some slight changes in the wording that Google uses for Incognito mode. Chrome Canary is mainly intended for use by developers. It’s updated nearly daily with new features, and because it can be used alongside versions of the “normal” Chrome browser (known...
6.8AI Score
Are You Ready for PCI DSS 4.0?
The Payment Card Industry Data Security Standard (PCI DSS) is the global benchmark for ensuring companies that handle credit card information maintain a secure environment. It provides a framework to help organizations protect sensitive cardholder data from theft and secure payment card systems. .....
6.8AI Score
JAVA-based Sophisticated Stealer Using Discord Bot as EventListener
JAVA-Based Sophisticated Stealer Using Discord Bot as EventListener By Gurumoorthi Ramanathan · January 18, 2024 Executive Summary: In mid-November 2023, Trellix Advanced Research Center team members observed a Java-based stealer being spread through cracked software zip files using JDABuilder...
7AI Score
JAVA-based Sophisticated Stealer Using Discord Bot as EventListener
JAVA-Based Sophisticated Stealer Using Discord Bot as EventListener By Gurumoorthi Ramanathan · January 18, 2024 Executive Summary: In mid-November 2023, Trellix Advanced Research Center team members observed a Java-based stealer being spread through cracked software zip files using JDABuilder...
7AI Score
AI used to fake voices of loved ones in “I’ve been in an accident” scam
The San Francisco Chronicle tells a story about a family that almost got scammed when they heard their son's voice telling them he'd been in a car accident and hurt a pregnant woman. Sadly, this is becoming more common. Scammers want to spread panic among their victims, and to do this, they feign.....
6.8AI Score
Dark web threats and dark market predictions for 2024
An overview of last year's predictions Increase in personal data leaks; corporate email at risk A data leakage is a broad term encompassing various types of information that become publicly available, or published for sale on the dark web or other shadow web sites. Leaked information may...
7.2AI Score
The evolution of the Kuiper ransomware
Kuiper Ransomware’s Evolution By Max Kersten · January 17, 2024 The Golang-based Kuiper ransomware is presented as an opportunity for other criminals to make money by ransoming one or more targets. Additionally, RobinHood, the actor behind Kuiper, states that help with operations can be provided...
6.5AI Score
The evolution of the Kuiper ransomware
Kuiper Ransomware’s Evolution By Max Kersten · January 17, 2024 The Golang-based Kuiper ransomware is presented as an opportunity for other criminals to make money by ransoming one or more targets. Additionally, RobinHood, the actor behind Kuiper, states that help with operations can be provided...
6.5AI Score
Woodstox Vulnerability in Bamboo Data Center and Server
This High severity Third-Party Dependency vulnerability was introduced in versions 9.2.1 of Bamboo Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an unauthenticated attacker to...
7.5CVSS
7.2AI Score
0.008EPSS
Deciphering the Danger: Decoding Mallox Ransomware. Mallox Ransomware embodies a harmful software element, contributing to an ever-expanding repertoire of digital extortion threats. This cyber menace executes its mission by snaking its way into your computer system, applying a cipher to your data,....
7.2AI Score
[SECURITY] [DSA 5601-1] php-phpseclib3 security update
Debian Security Advisory DSA-5601-1 [email protected] https://www.debian.org/security/ Sebastien Delafond January 12, 2024 https://www.debian.org/security/faq Package : php-phpseclib3 CVE ID : CVE-2023-48795 Fabian...
5.9CVSS
6.1AI Score
0.963EPSS
[SECURITY] [DSA 5600-1] php-phpseclib security update
Debian Security Advisory DSA-5600-1 [email protected] https://www.debian.org/security/ Sebastien Delafond January 12, 2024 https://www.debian.org/security/faq Package : php-phpseclib CVE ID : CVE-2023-48795 Fabian...
5.9CVSS
6.1AI Score
0.963EPSS
[SECURITY] [DSA 5599-1] phpseclib security update
Debian Security Advisory DSA-5599-1 [email protected] https://www.debian.org/security/ Sebastien Delafond January 12, 2024 https://www.debian.org/security/faq Package : phpseclib CVE ID : CVE-2023-48795 Fabian Baeumer,...
5.9CVSS
6.1AI Score
0.963EPSS
Ransomware review: January 2024
This article is based on research by Marcelo Rivero, Malwarebytes' ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. In this report, "known attacks" are those where the victim did not pay a ransom. This provides the best overall picture of...
7.1AI Score
Unearthing the Basics: Your Guide to Understanding Network Partitioning A fundamental tenet of network partitioning is its critical role in digital defense. But, what does this truly embody? If you were to break it down, network partitioning refers to an approach that segregates a digital system...
7.2AI Score
Atomic Stealer Gets an Upgrade - Targeting Mac Users with Encrypted Payload
Cybersecurity researchers have identified an updated version of a macOS information stealer called Atomic (or AMOS), indicating that the threat actors behind the malware are actively enhancing its capabilities. "It looks like Atomic Stealer was updated around mid to late December 2023, where its...
6.8AI Score
7.8CVSS
7.7AI Score
0.001EPSS
Atomic Stealer rings in the new year with updated version
Last year, we documented malware distribution campaigns both via malvertising and compromised sites delivering Atomic Stealer (AMOS) onto Mac users. This stealer has proven to be quite popular in the criminal underground and its developers have been adding new features to justify its hefty...
7.6AI Score
Untrusted search path under some conditions on Windows allows arbitrary code execution
Summary This issue exists because of an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted search path if it uses a shell to run git, as well as when it runs bash.exe to interpret hooks. If either of those features are used on Windows, a malicious git.exe or bash.exe may be....
7.8CVSS
8AI Score
0.001EPSS