America's Army Security Vulnerabilities

The Future of Drone Warfare

Ukraine is using $400 drones to destroy tanks: Facing an enemy with superior numbers of troops and armor, the Ukrainian defenders are holding on with the help of tiny drones flown by operators like Firsov that, for a few hundred dollars, can deliver an explosive charge capable of destroying a...

Critical Flaw in NextGen's Mirth Connect Could Expose Healthcare Data

Users of Mirth Connect, an open-source data integration platform from NextGen HealthCare, are being urged to update to the latest version following the discovery of an unauthenticated remote code execution vulnerability. Tracked as CVE-2023-43208, the vulnerability has been addressed in version...

StripedFly: Perennially flying under the radar

Introduction It's just another cryptocurrency miner… Nobody would even suspect the mining malware was merely a mask, masquerading behind an intricate modular framework that supports both Linux and Windows. It comes equipped with a built-in TOR network tunnel for communication with command servers,....

Ex-NSA Employee Pleads Guilty to Leaking Classified Data to Russia

A former employee of the U.S. National Security Agency (NSA) has pleaded guilty to charges accusing him of attempting to transmit classified defense information to Russia. Jareh Sebastian Dalke, 31, served as an Information Systems Security Designer for the NSA from June 6, 2022, to July 1, 2022,.....

U.S. DoJ Cracks Down on North Korean IT Scammers Defrauding Global Businesses

The U.S. government has announced the seizure of 17 website domains used by North Korean information technology (IT) workers as part of an illicit scheme to defraud businesses across the world, evade sanctions, and fund the country's ballistic missile program. The Department of Justice (DoJ) said.....

HTTP/2 Rapid Reset Zero-Day Vulnerability Exploited to Launch Record DDoS Attacks

Amazon Web Services (AWS), Cloudflare, and Google on Tuesday said they took steps to mitigate record-breaking distributed denial-of-service (DDoS) attacks that relied on a novel technique called HTTP/2 Rapid Reset. The layer 7 attacks were detected in late August 2023, the companies said in a...

PEACHPIT: Massive Ad Fraud Botnet Powered by Millions of Hacked Android and iOS

An ad fraud botnet dubbed PEACHPIT leveraged an army of hundreds of thousands of Android and iOS devices to generate illicit profits for the threat actors behind the scheme. The botnet is part of a larger China-based operation codenamed BADBOX, which also entails selling off-brand mobile and...

army-guide.com Cross Site Scripting vulnerability OBB-3729968

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

What Is mTLS? The Essential Guide You Can’t Afford to Miss

Intro: mTLS — The Unsung Hero of Cybersecurity Picture this: You're a secret agent on a high-stakes mission. You have a briefcase full of confidential information that you need to hand over securely. Sure, you could pass it to another agent, but how do you know you can trust them? Here's where...

New Variant of Banking Trojan BBTok Targets Over 40 Latin American Banks

An active malware campaign targeting Latin America is dispensing a new variant of a banking trojan called BBTok, particularly users in Brazil and Mexico. "The BBTok banker has a dedicated functionality that replicates the interfaces of more than 40 Mexican and Brazilian banks, and tricks the...

The Interdependence between Automated Threat Intelligence Collection and Humans

The volume of cybersecurity vulnerabilities is rising, with close to 30% more vulnerabilities found in 2022 vs. 2018. Costs are also rising, with a data breach in 2023 costing $4.45M on average vs. $3.62M in 2017. In Q2 2023, a total of 1386 victims were claimed by ransomware attacks compared with....

Watch out, this LastPass email with "Important information about your account" is a phish

The consequences of last year's LastPass breach continue to be felt, with the latest insult to users coming in the form of a highly convincing phishing email. Although the "unauthorized party" that compromised LastPass users' data was able to steal password vaults, it's likely that they are having....

New HijackLoader Modular Malware Loader Making Waves in the Cybercrime World

A new malware loader called HijackLoader is gaining traction among the cybercriminal community to deliver various payloads such as DanaBot, SystemBC, and RedLine Stealer. "Even though HijackLoader does not contain advanced features, it is capable of using a variety of modules for code injection...

army-guide.com Cross Site Scripting vulnerability OBB-3664263

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

SoX vulnerability

Releases Ubuntu 23.04 Ubuntu 22.04 LTS Ubuntu 20.04 LTS Ubuntu 18.04 ESM Ubuntu 16.04 ESM Ubuntu 14.04 ESM Packages sox - Swiss army knife of sound processing Details It was discovered that SoX incorrectly handled certain inputs. If a user or an automated system were tricked into opening a...

FBI Dismantles QakBot Malware, Frees 700,000 Computers, Seizes $8.6 Million

A coordinated law enforcement effort codenamed Operation Duck Hunt has felled QakBot, a notorious Windows malware family that's estimated to have compromised over 700,000 computers globally and facilitated financial fraud as well as ransomware. To that end, the U.S. Justice Department (DoJ) said...

Several hospitals still counting the cost of widespread ransomware attack

The 16 hospitals struck down by ransomware last week are still dealing with the fallout from the attack. The healthcare facilities located in Connecticut, Pennsylvania, Rhode island, and California had the ransomware attack confirmed by the FBI. Issues started to emerge last Thursday with patients....

Demystifying the WordPress Vulnerability Landscape: 2023 Mid-Year Wordfence Intelligence WordPress Vulnerability Review Leveraging ChatGPT

In the first 6 months of 2023, our team has already added 2,471[1] individual vulnerability records to the Wordfence Intelligence WordPress Vulnerability Database. These vulnerabilities affected 1,680[2] WordPress software components. This means we have already surpassed the total number of...

Previewing Talos at BlackHat 2023

Welcome to this week's edition of the Threat Source newsletter. The time has come once again for all of us (well, not me specifically but lots of other Talos people) to descend on Las Vegas for Hacker Summer Camp. Cisco Talos will be well-represented at BlackHat and DEF CON over the course of the.....

STARK#MULE Targets Koreans with U.S. Military-themed Document Lures

An ongoing cyber attack campaign has set its sights on Korean-speaking individuals by employing U.S. Military-themed document lures to trick them into running malware on compromised systems. Cybersecurity firm Securonix is tracking the activity under the name STARK#MULE. The scale of the attacks...

TETRA:BURST — 5 New Vulnerabilities Exposed in Widely Used Radio Communication System

A set of five security vulnerabilities have been disclosed in the Terrestrial Trunked Radio (TETRA) standard for radio communication used widely by government entities and critical infrastructure sectors, including what's believed to be an intentional backdoor that could have potentially exposed...

Ransomware review: July 2023

This article is based on research by Marcelo Rivero, Malwarebytes' ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. In this report, "known attacks" are those where the victim did not pay a ransom. This provides the best overall picture of...

Acltoolkit - ACL Abuse Swiss-Knife

acltoolkit is an ACL abuse swiss-army knife. It implements multiple ACL abuses. Installation pip install acltoolkit-ad or git clone https://github.com/zblurx/acltoolkit.git cd acltoolkit make Usage usage: acltoolkit [-h] [-debug] [-hashes LMHASH:NTHASH] [-no-pass] [-k] [-dc-ip ip address]...

Top Suspect in 2015 Ashley Madison Hack Committed Suicide in 2014

When the marital infidelity website AshleyMadison.com learned in July 2015 that hackers were threatening to publish data stolen from 37 million users, the company's then-CEO Noel Biderman was quick to point the finger at an unnamed former contractor. But as a new documentary series on Hulu reveals....

BlackCat Operators Distributing Ransomware Disguised as WinSCP via Malvertising

Threat actors associated with the BlackCat ransomware have been observed employing malvertising tricks to distribute rogue installers of the WinSCP file transfer application. "Malicious actors used malvertising to distribute a piece of malware via cloned webpages of legitimate organizations,"...

Top contenders in Endpoint Security revealed: G2 Summer 2023 results

Navigating the world of endpoint security is challenging, with numerous vendors stoking "Fear, Uncertainty, and Doubt" (FUD) and making bold claims that are difficult to verify. In times like these, the honest opinions of real users are invaluable for busy IT teams. Enter G2, an industry-leading...

army-store.cz Cross Site Scripting vulnerability OBB-3470854

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

army-store.cz Cross Site Scripting vulnerability OBB-3451134

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Where from, Where to — The Evolution of Network Security

For the better part of the 90s and early aughts, the sysadmin handbook said, "Filter your incoming traffic, not everyone is nice out there" (later coined by Gandalf as "You shall not pass"). So CIOs started to supercharge their network fences with every appliance they could get to protect against.....

Kubestroyer - Kubernetes Exploitation Tool

Kubestroyer Kubestroyer aims to exploit Kubernetes clusters misconfigurations and be the swiss army knife of your Kubernetes pentests About The Project Kubestroyer is a Golang...

Camaro Dragon Strikes with New TinyNote Backdoor for Intelligence Gathering

The Chinese nation-state group known as Camaro Dragon has been linked to yet another backdoor that's designed to meet its intelligence-gathering goals. Israeli cybersecurity firm Check Point, which dubbed the Go-based malware TinyNote, said it functions as a first-stage payload capable of "basic...

army-store.cz Cross Site Scripting vulnerability OBB-3353103

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

APT attacks: Exploring Advanced Persistent Threats and their evasive techniques

Cyber criminals come in all shapes and sizes. On one end of the spectrum, there's the script kiddie or inexperienced ransomware gang looking to make a quick buck. On the other end are state-sponsored groups using far more sophisticated tactics--often with long-term, strategic goals in mind....

army-shop.ch Cross Site Scripting vulnerability OBB-3336176

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

XWorm Malware Exploits Follina Vulnerability in New Wave of Attacks

Cybersecurity researchers have discovered an ongoing phishing campaign that makes use of a unique attack chain to deliver the XWorm malware on targeted systems. Securonix, which is tracking the activity cluster under the name MEME#4CHAN, said some of the attacks have primarily targeted...

New Discord username policy raises user privacy fears

Discord, the Voice over IP (VoIP) and instant message communications tool, is changing how usernames function in a major way soon. Many users are not keen on this change at all. What is going on over there, and why are so many people concerned about the upcoming alterations? When Discord launched.....

Vietnamese Threat Actor Infects 500,000 Devices Using 'Malverposting' Tactics

A Vietnamese threat actor has been attributed as behind a "malverposting" campaign on social media platforms to infect over 500,000 devices worldwide over the past three months to deliver variants of information stealers such as S1deload Stealer and SYS01stealer. Malverposting refers to the use of....

What your peers said: G2 comparison of top Endpoint Security vendors

Navigating the world of endpoint security is challenging, with numerous vendors stoking FUD and making bold claims that are difficult to verify. In times like these, the honest opinions of real users are invaluable for busy IT teams. Enter G2, an industry-leading peer-to-peer review site. Each...

army-nato-shop.de Cross Site Scripting vulnerability OBB-3268824

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

TikTok: What’s going on and should I be worried?

Since 2020, several governments and organizations have banned, or considered banning, the immensely popular social media app TikTok from their staff's devices. With all these alarming bells ringing, we thought it might be handy to break down what we know and see if we can plot a sensible strategy.....

AlienFox Malware Targets API Keys and Secrets from AWS, Google, and Microsoft Cloud Services

A new "comprehensive toolset" called AlienFox is being distributed on Telegram as a way for threat actors to harvest credentials from API keys and secrets from popular cloud service providers. "The spread of AlienFox represents an unreported trend towards attacking more minimal cloud services,...

SoX 14.4.2 - Denial Of Service

...

SoX 14.4.2 - Denial Of Service Vulnerability

...

The Scorched-Earth Tactics of Iran’s Cyber Army

Amid ongoing protests, the Iranian regime has lost control of its image, pushing it to employ increasingly drastic tactics where everyone...

SoX regression

Releases Ubuntu 22.10 Ubuntu 22.04 LTS Ubuntu 20.04 LTS Ubuntu 18.04 ESM Ubuntu 16.04 ESM Ubuntu 14.04 ESM Packages sox - Swiss army knife of sound processing Details USN-5904-1 fixed vulnerabilities in SoX. It was discovered that the fix for CVE-2021-33844 was incomplete. This update fixes...

FakeCalls Vishing Malware Targets South Korean Users via Popular Financial Apps

An Android voice phishing (aka vishing) malware campaign known as FakeCalls has reared its head once again to target South Korean users under the guise of over 20 popular financial apps. "FakeCalls malware possesses the functionality of a Swiss army knife, able not only to conduct its primary aim.....

Fake ChatGPT Chrome Extension Hijacking Facebook Accounts for Malicious Advertising

A fake ChatGPT-branded Chrome browser extension has been found to come with capabilities to hijack Facebook accounts and create rogue admin accounts, highlighting one of the different methods cyber criminals are using to distribute malware. "By hijacking high-profile Facebook business accounts,...

Debian: Security Advisory (DLA-609-1)

The remote host is missing an update for the...

Debian: Security Advisory (DLA-128-1)

The remote host is missing an update for the...

SoX vulnerabilities

Releases Ubuntu 22.10 Ubuntu 22.04 LTS Ubuntu 20.04 LTS Ubuntu 18.04 ESM Ubuntu 16.04 ESM Ubuntu 14.04 ESM Packages sox - Swiss army knife of sound processing Details Helmut Grohne discovered that SoX incorrectly handled certain inputs. If a user or an automated system were tricked into...