PayTR Ödeme Ve Elektronik Para Kuruluşu A.Ş. Security Vulnerabilities

Ubuntu 20.04 LTS : LibreOffice vulnerabilities (USN-5661-1)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5661-1 advisory. An Improper Certificate Validation vulnerability in LibreOffice existed where determining if a macro was signed by a trusted author was done by only...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : LibreOffice vulnerabilities (USN-5694-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5694-1 advisory. If LibreOffice has an encrypted document open and crashes, that document is auto-saved encrypted. On restart, LibreOffice...

Analysis of Storm-0558 techniques for unauthorized email access

**Executive summary ** On July 11, 2023, Microsoft published two blogs detailing a malicious campaign by a threat actor tracked as Storm-0558 that targeted customer email that we've detected and mitigated: Microsoft Security Response Center and Microsoft on the Issues. As we continue our...

Uncovering weaknesses in Apple macOS and VMWare vCenter: 12 vulnerabilities in RPC implementation

Cisco Talos discovered 12 memory corruption vulnerabilities in MSRPC implementations on Apple macOS and VMWare vCenter. - Seven vulnerabilities affect Apple macOS only. - Two vulnerabilities affect VMWare vCenter. - Three vulnerabilities affect both. For more on these individual vulnerabilities,...

Analysis of Storm-0558 techniques for unauthorized email access

**Executive summary ** On July 11, 2023, Microsoft published two blogs detailing a malicious campaign by a threat actor tracked as Storm-0558 that targeted customer email that we've detected and mitigated: Microsoft Security Response Center and Microsoft on the Issues. As we continue our...

Introducing passwordless authentication on GitHub.com

Most security breaches are not the product of exotic zero-day attacks but rather involve lower-cost attacks like social engineering, credential theft or leakage, and other avenues that provide attackers with a broad range of access to victim accounts and the resources they have access to. In fact,....

Class-Action Lawsuit for Scraping Data without Permission

I have mixed feelings about this class-action lawsuit against OpenAI and Microsoft, claiming that it "scraped 300 billion words from the internet" without either registering as a data broker or obtaining consent. On the one hand, I want this to be a protected fair use of public data. On the other.....

Security Bulletin: security vulnerability has been identified in OpenSSL, which is shipped with IBM Tivoli Network Manager IP Edition (CVE-2019-1559)

Summary OpenSSL is shipped with IBM Tivoli Network Manager IP Edition version 3.9. Information about a security vulnerability affecting Open SSL has been published here. Vulnerability Details CVE-ID: CVE-2019-1559 Description: OpenSSL could allow a remote attacker to obtain sensitive information,.....

Self-Driving Cars Are Surveillance Cameras on Wheels

Police are already using self-driving car footage as video evidence: While security cameras are commonplace in American cities, self-driving cars represent a new level of access for law enforcement ­ and a new method for encroachment on privacy, advocates say. Crisscrossing the city on their...

Google plans to scrape everything you post online to train its AI

Additions to Google's Privacy Policy are making some observers worry that all of your content is about to be fed into Google's AI tools. Alterations to the T&Cs now explicitly state that your "publicly available information" will be used to train in-house Google AI models alongside other products.....

Wordfence Intelligence Weekly WordPress Vulnerability Report (July 3, 2023 to July 9, 2023)

Last week, there were 61 vulnerabilities disclosed in 54 WordPress Plugins and 1 WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 28 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in....

Threat Roundup for June 30 to July 7

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between June 30 and July 7. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,.....

Who’s Behind the DomainNetworks Snail Mail Scam?

If you've ever owned a domain name, the chances are good that at some point you've received a snail mail letter which appears to be a bill for a domain or website-related services. In reality, these misleading missives try to trick people into paying for useless services they never ordered, don't.....

DDoS attacks want to make sure you haven’t forgotten about them

Welcome to this week's edition of the Threat Source newsletter. Distributed denial-of-service attacks (DDoS) have been around since before I even knew how to turn a computer on. These types of attacks, I feel, have the same vibe as the term "computer virus" -- something we used to talk about in...

"Free" Evil Dead Rise movie scam lurks in Amazon listings

Scammers are using a novel technique with Amazon listings to trick fans of Evil Dead into downloads they may not want, and expensive rolling payments they have no interest in. Evil Dead Rise, the breakout horror film of 2023, started with big cinema numbers and has moved on to a victory lap in...

The growth of commercial spyware based intelligence providers without legal or ethical supervision

Attackers have long used commercial products developed by legitimate companies to compromise targeted devices. These products are known as commercial spyware. Commercial spyware operations mainly target mobile platforms with zero- or one-click zero-day exploits to deliver spyware. This threat...

Surveillance camera insecurities argument comes to one inevitable conclusion: Always update

Chinese-made surveillance cameras find themselves in a spot of controversy, after a BBC investigation uncovered flaws in devices during several brand tests. Surveillance and webcam vulnerabilities are common, and we've covered them many times on our blog. What's interesting with this story is that....

GitHub achieves ISO/IEC 27701:2019, 27018:2019, and CSA STAR certifications

GitHub continues to invest in security, privacy, and compliance as part of our ongoing effort to be the most trusted home for all developers. As a result of that investment, GitHub’s Information Security and Privacy Management System (ISPMS) was assessed against the ISO/IEC 27701:2019 (PII...

Why blocking ads is good for your digital health

Online content is largely powered and paid for by advertising. Almost every site you visit, every forum you browse, and even the online stores you buy things from is an advert extravaganza, and they don't just stop at showing cool offers for shirts at 50% off. The scaffolding the adverts sit on...

New video provides a behind-the-scenes look at Talos ransomware hunters

Welcome to this week's edition of the Threat Source newsletter. AI-generated art is causing drama across the internet over the past few months, from Marvel TV show opening credits scenes to predatory YouTubers who claim YOU can make millions by having AI tools create children's books for you....

OpenSSH trojan campaign targets Linux systems and IoT devices

Poorly configured Linux and Internet of Things (IoT) devices are at risk of compromise from a cryptojacking campaign, according to researchers at Microsoft. The attacks, which involve brute forcing a way into a system, are designed to profit from mining in illicit fashion for cryptocurrency. Once.....

9 basic security tips for seniors

Before we get into the tips: a caveat. We know many seniors who are digitally more up to date than people 20 years younger, but for those who aren't, this guide is for you. If you're offended by the word seniors in the title, feel free to replace it with "computer illiterate people." And keep in...

para-port.com Cross Site Scripting vulnerability OBB-3222686

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Business Logic Attacks: Why Should You Care?

Imagine this: You've just launched an amazing new application with top-of-the-line API security, reinforced it with client-side protection, and even set up defenses against bot attacks. You're feeling safe and secure, congratulating yourself on a job well done. But, despite all your efforts, your.....

oi-para-empresas.com Cross Site Scripting vulnerability OBB-3219760

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

5 facts to know about the Royal ransomware gang

When we first introduced the Royal ransomware gang in our November 2022 review, little did we know they'd rapidly evolve into one of the most potent threats in our ongoing monthly threat intelligence briefings. In fact, the Malwarebytes Threat Intelligence team has tracked down a staggering 195...

Why businesses need a disinformation defense plan, with Lisa Kaplan: Lock and Code S04E13

When you think about the word "cyberthreat," what first comes to mind? Is it ransomware? Is it spyware? Maybe it's any collection of the infamous viruses, worms, Trojans, and botnets that have crippled countless companies throughout modern history. In the future, though, what many businesses...

SMS Phishers Harvested Phone Numbers, Shipment Data from UPS Tracking Tool

The United Parcel Service (UPS) says fraudsters have been harvesting phone numbers and other information from its online shipment tracking tool in Canada to send highly targeted SMS phishing (a.k.a. "smishing") messages that spoofed UPS and other top brands. The missives addressed recipients by...

Threat Roundup for June 16 to June 23

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between June 16 and June 23. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,....

Why Malware Crypting Services Deserve More Scrutiny

If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or "crypt" your malware so that it appears benign to antivirus and security products. In fact, the process of "crypting" malware is sufficiently...

Anonymous Sudan, MOVEit, and Cl0p

There are three concurrent events of significant concern: An Anonymous Sudan group chat on Telegram has revealed imminent threats from Russia to the US financial system, specifically targeting the SWIFT network. The motive behind this attack is disruption. By attacking SWIFT and inducing...

URLs have always been a great hiding place for threat actors

Welcome to this week's edition of the Threat Source newsletter. Talos' recent blog post on the dangers posed by the newly released ".zip" top-level domain (TLD) recently outlined how threat actors could create real URLs that look like file names and trick users into clicking on their links. .Zip...

Fake security researchers push malware files on GitHub

Researchers from VulnCheck have observed a campaign using real security researchers as bait for malware. The campaign goes to some lengths to appear genuine, using fake profiles, downloads, websites, and bogus GitHub profiles, to paint a convincing picture of security professionals offering up...

Sneaky DoubleFinger loads GreetingGhoul targeting your cryptocurrency

Introduction Stealing cryptocurrencies is nothing new. For example, the Mt. Gox exchange was robbed of many bitcoins back in the beginning of 2010s. Attackers such as those behind the Coinvault ransomware were after your Bitcoin wallets, too. Since then, stealing cryptocurrencies has continued to.....

Threat Roundup for June 9 to June 16

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between June 9 and June 16. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,.....

LibreOffice vulnerabilities

Releases Ubuntu 22.04 LTS Ubuntu 20.04 LTS Packages libreoffice - Office productivity suite Details It was discovered that LibreOffice did not properly validate the number of parameters passed to the formula interpreter, leading to an array index underflow attack. If a user were tricked into...

Rooting with root cause: finding a variant of a Project Zero bug

In this blog, I'll look at CVE-2022-46395, a variant of Project Zero issue 2327 (CVE-2022-36449) and show how it can be used to gain arbitrary kernel code execution and root privileges from the untrusted app domain on an Android phone that uses the Arm Mali GPU. I used a Pixel 6 device for testing....

K000130240 : Intel BIOS vulnerability CVE-2022-26006

Security Advisory Description Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. (CVE-2022-26006) Impact A local attacker logged in as a privileged user can exploit the...

Snowden Ten Years Later

In 2013 and 2014, I wrote extensively about new revelations regarding NSA surveillance based on the documents provided by Edward Snowden. But I had a more personal involvement as well. I wrote the essay below in September 2013. The New Yorker agreed to publish it, but the Guardian asked me not to.....

5 unusual cybersecurity tips that actually work

So, you're on top of your software updates, you use a password manager, you've enabled two-factor authentication wherever you can, you've got BrowserGuard installed, and you're running Malwarebytes Premium. If you're doing all of that you're already winning at security. But you want more, because.....

How Joe Marshall helps defend everything from electrical grids to grain co-ops across multiple continents

Joe Marshall was a security practitioner before he even knew it. Marshall started his career in information technology as a systems administrator. On the surface, he jokes that he was a "white-collar plumber" -- fixing IT issues as they arose, handing out new credentials and asking users if they...

Holistic API Security Strategy for 2023

In the digital landscape of 2023, Application Programming Interfaces (APIs) have taken center stage in business operations. APIs act as the backbone of many digital services, enabling software applications to communicate and exchange data with each other. As businesses increasingly rely on APIs...

Service Rents Email Addresses for Account Signups

One of the most expensive aspects of any cybercriminal operation is the time and effort it takes to constantly create large numbers of new throwaway email accounts. Now a new service offers to help dramatically cut costs associated with large-scale spam and account creation campaigns, by paying...

Threat Roundup for June 2 to June 9

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between June 2 and June 9. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

Discord Admins Hacked by Malicious Bookmarks

A number of Discord communities focused on cryptocurrency have been hacked this past month after their administrators were tricked into running malicious Javascript code disguised as a Web browser bookmark. This attack involves malicious Javascript that is added to one's browser by dragging a...

IT threat evolution Q1 2023

IT threat evolution in Q1 2023 IT threat evolution in Q1 2023. Non-mobile statistics IT threat evolution in Q1 2023. Mobile statistics Targeted attacks BlueNoroff introduces new methods bypassing MotW At the close of 2022, we reported the recent activities of BlueNoroff, a financially motivated...

Debian DLA-3368-1 : libreoffice - LTS security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3368 advisory. LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred...

Debian DSA-5252-1 : libreoffice - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5252 advisory. LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme 'vnd.libreoffice.command' specific...

Financial services company OneMain fined $4.25 million for security lapses

A series of security errors and mishaps has cost personal loan provider OneMain $4.25m in penalties, issued by the New York State department of financial services. The fines, coming at the end of a detailed investigation into how security practices at the company were determined to be below-par,...

[SECURITY] [DSA 5415-1] libreoffice security update

Debian Security Advisory DSA-5415-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 28, 2023 https://www.debian.org/security/faq Package : libreoffice CVE ID : CVE-2023-0950 CVE-2023-2255...