Aggregator

A Threat Actor is Selling a Malware Loader

The company says no sensitive data was stolen, but federal agencies claim otherwise. CISA and FBI sources said attackers accessed all records of specific customers and the private communications of targeted individuals.

This post first appeared on blog.netwrix.com and was written by Dirk Schrader.
Imagine leaving your car key at a public place, only to drop your keys when exiting the vehicle. Someone picks them up and drives away. They speed through a school zone and are caught on camera. Later, the car is used in a robbery. Now, you’re not only missing your car but also wrongly implicated … Continued

Cross-IdP impersonation – a technique that enables attackers to hijack the single sign-on (SSO) process to gain unauthorized access to downstream software-as-a-service (SaaS) applications without compromising a company’s primary identity provider (IdP) – is expected to gain popularity with attackers, according to Push Security researchers. What is cross-IdP impersonation? Cross-IdP impersonation exploits a flaw in SSO configurations by allowing attackers to create fraudulent IdP accounts matching an organization’s domain, which are then used to access … More →

The post Cross-IdP impersonation bypasses SSO protections appeared first on Help Net Security.

A Threat Actor is Allegedly Selling Data to an Unidentified French Hospital

Authors/Presenters: Paul Roberts, Chris Wysopal, Cory Doctorow, Tarah Wheeler, Dennis Giese

Our sincere appreciation to DEF CON, and the Presenters/Authors for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel.

Permalink

The post DEF CON 32 – Bricked & Abandoned: How To Keep IoT From Becoming An IoTrash appeared first on Security Boulevard.

SecWiki周刊（第559期) by ourren

Nmap识别MongoDB 6.0指纹 by 洞源实验室

更多最新文章，请访问SecWiki

Web applications have increasingly become the backbone of many businesses, but also, unfortunately, major targets for cyberthreats.

The post 7 Common Web App Security Vulnerabilities Explained appeared first on Security Boulevard.

Europese landen willen de onderlinge militaire samenwerking versterken. Dat moet onder meer gebeuren op maritiem gebied, in de luchtverdediging en bij het kunnen detecteren van bewegende doelen. Minister Ruben Brekelmans heeft daarvoor 3 zogenoemde intentieverklaringen getekend. Dit gebeurde vandaag na afloop van de Raad Buitenlandse Zaken Defensie in Brussel.

巴西圣保罗 Marília 的古生物学博物馆馆长 William Nava 于 2016 年发现了一块保存几乎完好的鸟类化石，其头骨几乎完好无损。剑桥大学和洛杉矶县自然历史博物馆的研究人员以数字方式重建了鸟脑，他们用发现者的名字将其命名为 Navaornis hestiae。Navaornis 生活在 8000 万年前的巴西。研究人员认为它填补了鸟脑演化的空白，其生存年代介于 1.5 亿年前的始祖鸟和现代鸟类之间。Navaornis 的大脑比始祖鸟大，表明其认知能力比始祖鸟更强。但其大脑大部分区域如小脑都不太发达，意味着它还没有演化出现代鸟类的复杂飞控机制。论文资深作者 Daniel Field 教授称，现代鸟类有着动物界最先进的认知能力，只有哺乳动物可与之媲美。科学家一直在努力理解鸟类独特大脑和非凡智力如何以及何时演化的。Navaornis 代表了鸟类认知演化过程中处于中间点的物种，是了解鸟类智力演化的第一步。

The Ngioweb botnet, which supplies most of the 35,000 bots in the cybercriminal NSOCKS proxy service, is being disrupted as security companies block traffic to and from the two networks. [...]

Microsoft is working on a new Windows "Quick Machine Recovery" feature that will allow IT administrators to use Windows Update "targeted fixes" to remotely fix systems rendered unbootable. [...]

Jen Easterly, who took over as CISA director in 2021, will step down in January when Donald Trump takes over as president, creating an uncertain future for the critical cybersecurity agency and the country's larger security posture in an increasingly complex cyberthreat environment.

The post CISA Director Easterly to Leave When Trump Assumes Presidency appeared first on Security Boulevard.

Chinese threat actors use custom post-exploitation toolkit ‘DeepData’ to exploit FortiClient VPN zero-day and steal credentials. Volexity researchers discovered a vulnerability in Fortinet’s Windows VPN client that China-linked threat actor BrazenBamboo abused in their DEEPDATA malware. BrazenBamboo is known to be the author of other malware families, including LIGHTSPY, DEEPDATA, and DEEPPOST. DEEPDATA is a […]

为了进一步提升我国相关专业人员运用开源情报的实战能力，第12期全国开源情报能力提升培训班将于2024年12月17日至22日在北京市举办。