Are hardware supply chain attacks “cyber attacks?”

The recent attacks in the Middle East triggering explosions on pagers has raised new fears around physical hardware supply chain attacks. In cybersecurity, we typically consider supply chain attacks to target software, in which adversaries infect a legitimate tool with a malicious, fake update th...

CVE-2023-35836

An issue was discovered in SolaX Pocket WiFi 3 through 3.001.02. An attacker within RF range can obtain a cleartext copy of the network configuration of the device, including the Wi-Fi PSK, during device setup and reconfiguration. Upon success, the attacker is able to further infiltrate the...

CVE-2023-35836

An issue was discovered in SolaX Pocket WiFi 3 through 3.001.02. An attacker within RF range can obtain a cleartext copy of the network configuration of the device, including the Wi-Fi PSK, during device setup and reconfiguration. Upon success, the attacker is able to further infiltrate the...

Alert: Threat Actors Can Leverage AWS STS to Infiltrate Cloud Accounts

Threat actors can take advantage of Amazon Web Services Security Token Service AWS STS as a way to infiltrate cloud accounts and conduct follow-on attacks. The service enables threat actors to impersonate user identities and roles in cloud environments, Red Canary researchers Thomas Gardner and...

Malicious Ads Infiltrate Bing AI Chatbot in Malvertising Attack

By Waqas Is it really necessary to display advertisements within an AI chatbot? This is a post from HackRead.com Read the original post: Malicious Ads Infiltrate Bing AI Chatbot in Malvertising Attack...

RomCom RAT Using Deceptive Web of Rogue Software Sites for Covert Attacks

The threat actors behind RomCom RAT are leveraging a network of fake websites advertising rogue versions of popular software at least since July 2022 to infiltrate targets. Cybersecurity firm Trend Micro is tracking the activity cluster under the name Void Rabisu, which is also known as Tropical...

Iranian State Broadcaster Clobbered by ‘Clumsy, Buggy’ Code

Footage of opposition leaders calling for the assassination of Iran’s Supreme Leader ran on several of the nation’s state-run TV channels in late January after a state-sponsored cyber-attack on Iranian state broadcaster IRIB. The incident – one of a series of politically motivated attacks in Iran...

Malicious Package

mllearnlib is a malicious package. The package is a typosquat of the legitimate Python plotting software matplotlib from PyPI and is designed to infiltrate the PyPI repository that secretly pull in cryptominers on the affected machines...

Malicious Typosquatting

maratlib1 is a malicious package. The package is a typosquat of the legitimate Python plotting software matplotlib from PyPI and is designed to infiltrate the PyPI repository that secretly pull in cryptominers on the affected machines...

Malicious Package

maratlib is a malicious package. The package is a typosquat of the legitimate Python plotting software matplotlib from PyPI and is designed to infiltrate the PyPI repository that secretly pull in cryptominers on the affected machines...

Mimecast Certificate Hacked in Supply-Chain Attack

A Mimecast-issued certificate used to authenticate some of the company’s products to Microsoft 365 Exchange Web Services has been “compromised by a sophisticated threat actor,” the company has announced. Mimecast provides email security services that customers can apply to their Microsoft 365...

h1-ctf: 12 Days of CTF Walkthroughs

h1-ctf: 12 Days of Hacky Holidays This is my writeup for 12 Days of Hacky Holidays. The report is written such that beginners to CTFs will be able to learn the tricks of the trade. The Mission: The Grinch has gone hi-tech this year with the intention of ruining the holidays 😱We need you to...

CVE-2020-9462

An issue was discovered in all Athom Homey and Homey Pro devices up to the current version 4.2.0. An attacker within RF range can obtain a cleartext copy of the network configuration of the device, including the Wi-Fi PSK, during device setup. Upon success, the attacker is able to further...

CuteNews 2.1.2 - avatar Remote Code Execution (Metasploit)

CuteNews 2.1.2 - avatar Remote Code Execution Metasploit This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "CuteNews 2.1.2 - 'avatar' Remote Code Execution", 'Description' = %q This module exploit...

CuteNews 2.1.2 - avatar Remote Code Execution Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "CuteNews 2.1.2 - 'avatar' Remote Code Execution", 'Description' = %q This module exploits a command execution vulnerability in CuteNews prior to...

On Baseband Vulnerabilities, SIEMs, Samsung Tizen and More

Mike Mimoso, Tom Spring, and Chris Brook recap two conferences from last week: Infiltrate Con in Miami and Kaspersky Lab’s Security Analyst Summit in St. Maarten. A baseband vulnerability, SIEMs, vulnerabilities in Samsung’s Tizen operating system, and an IoT honeypot are discussed. Download:...

On Badlock, Encryption Legislation, and Cryptoworms

Mike Mimoso and Chris Brook recap the week in news, including the Badlock bust, encryption legislation Burr-Feinstein, the California decryption bill and the dawn of ‘cryptoworms’ – Mike also discusses last week’s Infiltrate Conference in Miami. Download: ThreatpostNewsWrapApril152016.mp3 Music b...

FBI used Anonymous and Lulzsec Hackers to attack foreign governments

Sentencing for former LulzSec leader Hector Xavier Monsegur, better known as "Sabu" , has again been delayed. Monsegur pleaded guilty to a dozen criminal counts two years prior and stands to face more a maximum sentence of more than 124 years. Another Lulzsec Hacker Jeremy Hammond has claimed tha...

As Defenders Adapt, Offensive Techniques Continue to Evolve

MIAMI BEACH–The security teams that have to defend enterprise networks are faced with a broad and deep threat landscape populated with all manner of malware and targeted attacks. Those teams often have to react quickly to new threats, well before vendors respond with new technologies. By the look...

Offensive Research Continuing to Advance

MIAMI BEACH–It’s the accepted wisdom these days that many of the traditional security defenses organizations depend on just aren’t effective at deterring attackers. But this glosses over the fact that the last few years have included some major advances in defensive technologies, including the...