NetSec
  corner   



HOME

LINUX

CYBERLAW

VIRTUALIZATION

Bugtraq

Packetstorm

FD

GrokLaw


RSS Feed


Netsec, comsec, infosec and IA news, research and trends

 

2.13.2023

 

To whomever it was that called and claimed to be from Publishers' Clearing House, that was the most unprofessional call I've ever received, even from other scam artists. What made your call even less believable is that I've not bought a magazine from PCH in over 30 years and the UPSO stopped forwarding mail from there 3 or 4 relocations ago. This puts you in the same category as the wife of the dead Nigerian Prince who wants to give me money.

The one thing that I regret: I don't have your number. If I did, I'd call you back, so that I could hang up on you again. Meh.




2.07.2023

 
Hackers Target Thousands of Computers Days After Ion Attack from Blaine

Hackers are mass infecting servers worldwide by exploiting a two year old patched hole in VMware's ESXi OS

This had me scratching my head because normally ESXi hosts areand are kept on an isolated management network. It turns out the "abuse case" is people running unlicensed ESXi hosts (people who also happen to not know what the *&^% they are doing) and therefore not being eligible for routine updates. If you know anyone running unlicensed ESXi servers, tell them to disable SLP.



1.30.2023

 
Experian Glitch Exposing Credit Files Lasted 47 Days



9.20.2022

 
A New Attack Can Unmask Anonymous Users on Any Major Browser



6.09.2022

 
Web3 is going just great!



10.07.2021

 
Operation Ghostshell: Novel RAT targets aerospace and telecoms firms



7.05.2021

 
A 'Colossal' Ransomware Attack Hits Hundreds Of U.S. Companies, A Security Firm Says



4.24.2021

 

It has come to light that on April 23, 2021, the computer security world lost a titan. Dan was an incredibly kind and honest person. It’s no understatement that he helped save the internet on at least one occasion when he discovered and covertly assisted in patching a fundamental bug in DNS.


The world was lucky to have him and is a little darker without him. 


God speed Dan. Make some pretty pictures please. 




10.18.2020

 
Apple Users Have A Serious Problem Transferring WhatsApp To New iPhone from Tarik



1.14.2020

 
Exploit Fully Breaks SHA-1, Lowers the Attack Bar from Red. We've known about SHA-1's wobbliness for some time. Previously, researchers had reduced the attack complexity to 2^64 from what should have nominally been 2^80 operations. Under this attack scenario, it will take 2648718071565183277.290096774912 cryptographic operations as opposed to 29966824157681538847.454306951413 operations. This is roughly a 10-fold increase, which is significant, but the headline "fully breaks" is an exaggeration. Virtually all crypto is subject to both brute force and statistical attacks, it is simply a matter of work. That said, SHA-1 has largely been retired from use going forward. According to wikipedia, all major browsers stopped accepting SHA-1 signed certificates in 2017.



11.15.2019

 
Federal Court Rules Suspicionless Searches of Travelers’ Phones and Laptops Unconstitutional

 
Hong Kong protesters using Bluetooth Bridgefy app - Wireless mesh networking is the future.



11.04.2019

 
Fog, Edge, Mist computing complement the cloud.



10.08.2019

 
There’s a scary new reason not to borrow a stranger’s iPhone cable from Keith



9.25.2019

 
Google’s ‘Quantum Supremacy’ Isn’t the End of Encryption from Christopher



7.31.2019

 
RUNNING A TESLA MODEL 3 ON AUTOPILOT OFF THE ROAD WITH GPS SPOOFING from Kyle



7.16.2019

 
Dragonblood: A Security Analysis of WPA3’s SAE Handshake from Kyle



7.03.2019

 

https://www.zdnet.com/article/us-cyber-command-issues-alert-about-hackers-exploiting-outlook-vulnerability/



6.13.2019

 

https://arstechnica.com/information-technology/2019/06/if-you-havent-patched-vim-or-neovim-text-editors-you-really-really-should/



6.01.2019

 
https://www.hackread.com/hackers-steal-source-code-of-top-anti-virus-firms/

 
https://www.zdnet.com/google-amp/article/new-hiddenwasp-malware-found-targeting-linux-systems/



5.29.2019

 
Germany demands an end to working cryptography

 
Microsoft Patches ‘Wormable’ RDP Flaw in Windows XP, 7 and Windows 2003



5.11.2019

 
The U.S. Government Can’t Force You To Unlock Your Phone With Your Fingerprint, Another Judge Rules from Red



4.10.2019

 
SAS 2019: Triton ICS Malware Hits A Second Victim

 
SAS 2019: Meet ‘TajMahal,’ A New and Highly Advanced APT Framework



3.25.2019

 
https://boingboing.net/2019/03/25/asus-unwittingly-pushed-malwar.html



3.20.2019

 

 
SSH client PuTTY contained serious key exchange flaw



3.12.2019

 
https://www.bleepingcomputer.com/news/security/malware-spreads-as-a-worm-uses-cryptojacking-module-to-mine-for-monero/



3.03.2019

 
https://www.zdnet.com/article/hackers-have-started-attacks-on-cisco-rv110-rv130-and-rv215-routers/



2.27.2019

 
WinRAR Flaw Being Actively Used To Load Malware In Windows PCs from Randall



2.17.2019

 
New Astaroth Trojan Variant Exploits Anti-Malware Software to Steal Info from Randall

 
Emotet Uses Camouflaged Malicious Macros to Avoid Antivirus Detection from Randall



2.04.2019

 
This malware can steal passwords, credit card info in Chrome, Safari from Randall



1.29.2019

 
Europol Now Going After People Who Bought DDoS-for-Hire Services

 
Feds Dismantle xDedic Dark Web Credentials Market



1.28.2019

 
Hackers are going after Cisco RV320/RV325 routers using a new exploit from Randall





This page is powered by Blogger.


Site Meter Locations of visitors to this page