Author: Admin
August 9, 2024Ravi LakshmananCloud Security / Data Protection Cybersecurity researchers have discovered multiple critical flaws in Amazon Web Services (AWS) offerings that, if successfully exploited, could lead to serious consequences. “The impact of these vulnerabilities ranges from remote code execution (RCE), full-service user hijacking (which can provide powerful administrative access), manipulation of artificial intelligence modules, exposure of sensitive data, data theft, and denial of service,” it writes Aqua is a cloud security company. according to a detailed report shared by The Hacker News. After making a responsible disclosure in February 2024, Amazon addressed the deficiencies over several months from March…
August 9, 2024Ravi LakshmananVulnerability / Network Security Microsoft on Thursday disclosed four medium-severity security flaws in its open-source OpenVPN software that could be combined to achieve remote code execution (RCE) and local elevation of privilege (LPE). “This chain of attacks can allow attackers to gain complete control over targeted endpoints, potentially leading to data leakage, system compromise, and unauthorized access to sensitive information,” Vladimir Tokarov of the Microsoft Threat Intelligence Community. said. However, the exploit presented by Black Hat USA 2024 requires user authentication and a deep understanding of OpenVPN’s inner workings. The vulnerabilities affect all OpenVPN versions up to…
August 9, 2024Ravi LakshmananIoT Security / Wireless Security Cybersecurity researchers have discovered weaknesses in Sonos smart speakers that could be used by an attacker to secretly eavesdrop on users. The vulnerabilities “resulted in a complete breach of Sonos’ secure download process on a wide range of devices and the ability to remotely hack multiple devices over the air,” NCC Group security researchers Alex Plaskett and Robert Herrera noted. said. Successful exploitation of one of these flaws could allow a remote attacker to secretly capture audio from Sonos devices via a wireless attack. They are affect all versions to Sonos S2…
August 9, 2024Ravi LakshmananNational Security / Identity Theft The US Department of Justice (DoJ) on Thursday indicted a 38-year-old Nashville, Tennessee man for allegedly running a “laptop farm” to help North Koreans get remote jobs at US and British companies. Matthew Isaac Noth is charged with conspiracy to damage a protected computer, conspiracy to launder money, conspiracy to defraud, willful damage to a protected computer, identity theft and conspiracy to illegally recruit aliens. If convicted, Knuth faces a maximum sentence of 20 years in prison, with a mandatory minimum of two years in prison for aggravated identity theft. Court documents…
August 9, 2024Ravi LakshmananVulnerability / Network Security The US Cybersecurity and Infrastructure Security Agency (CISA) has revealed that threat actors are exploiting an outdated Cisco Smart Install (SMI) function for the purpose of accessing confidential data. Agency said he saw adversaries “obtaining system configuration files using available protocols or software on devices, such as by abusing Cisco’s legacy Smart Install feature.” It also said it continues to monitor weak password types used on Cisco network devices, thereby exposing them to password cracking attacks. Password types refer to the algorithms used to protect the Cisco device password in the system configuration…
August 8, 2024Ravi LakshmananCyber attack / Cyber espionage The threat actor associated with North Korea is known as Kimsuki has been linked to a new set of attacks targeting university staff, researchers and teachers for intelligence gathering purposes. Cybersecurity firm Resilience said it discovered the activity in late July 2024 after noticing an operation security (OPSEC) error made by hackers. Kimsuky, also known as APT43, ARCHIPELAGO, Black Banshee, Emerald Sleet, Springtail and Velvet Chollima, is just one of many offensive cyber groups operating under the direction of the North Korean government and military. It is also very active, often using…
August 8, 2024Ravi LakshmananBrowser Vulnerability / Security Cybersecurity researchers have discovered a new “0.0.0.0 Day” that affect all major web browsers, which malicious sites can use to hack local networks. The critical vulnerability “exposes a fundamental flaw in the way browsers handle network requests, potentially giving attackers access to confidential services running on local devices,” said Oligo Security researcher Avi Lumelsky said. The Israeli application security company said the implications of the vulnerability are far-reaching and that it stems from inconsistent implementation of security mechanisms and a lack of standardization across browsers. As a result, a seemingly innocuous IP address…
August 8, 2024Ravi LakshmananNetwork Security / Cloud Security Cybersecurity researchers have discovered a new phishing campaign that uses Google Drawings and shortened links created via WhatsApp to avoid detection and trick users into clicking fake links designed to steal sensitive information. “The attackers chose a group of the most prominent websites in computing to create the threat, including Google and WhatsApp to host the attack elements, and an Amazon lookalike to collect the victim’s information,” Menlo Security researcher Ashwin Vamshi said. “This attack is a great example of life at the expense of trusted sites (a lot) threat”. The starting…
August 8, 2024Hacker newsCyber threat management Over the past few years, more than a few new categories of security solutions have emerged in hopes of stemming the never-ending tide of risks. One of these categories is Automated Security Validation (ASV), which provides an attacker perspective on exposure and empowers security teams to continuously test exposure, security measures, and remediation at scale. ASV is a critical element of any cybersecurity strategy, and by providing a clearer picture of potential vulnerabilities and impacts within an organization, security teams can identify weaknesses before they can be exploited. However, relying on ASV alone can…
August 8, 2024Ravi LakshmananWindows Security/Vulnerabilities Microsoft said it is developing security updates to address two vulnerabilities it says could be used to launch attacks to downgrade the Windows Update architecture and replace current versions of Windows files with older versions. The vulnerabilities are listed below – CVE-2024-38202 (CVSS Score: 7.3) – Windows Update Stack Elevation of Privilege Vulnerability CVE-2024-21302 (CVSS Score: 6.7) – Elevation of privilege vulnerability in Windows Secure Kernel Mode The detection and reporting of flaws belongs to SafeBreach Labs researcher Alon Leviev, who presented the findings on Black Hat USA 2024 and DEF CON 32. CVE-2024-38202, which…