Microsoft Exchange Server attacks: a significant number of cyberattacks targeting vulnerable Microsoft Exchange servers are attempted every single day, warn researchers at F-Secure – who say it is critical to apply the patches immediately.
Popular npm library netmask has a critical networking vulnerability. Netmask is frequently used by hundreds of thousands of applications to parse IPv4 addresses and CIDR blocks or compare them. The component gets over 3 million weekly downloads, and as of today, has scored over 238 million total downloads over its lifetime.
Cornell University specialists have introduced the first microarchitectural side channel attacks that leverage contention on the CPU ring interconnect. They demonstrated our attack by extracting key bits from vulnerable EdDSA and RSA implementations, as well as inferring the precise timing of keystrokes typed by a victim user.
PingSafe AI, a security company that monitors multiple breaches in real-time, has uncovered a critical vulnerability in the iPhone automatic call recorder application that exposed thousands of users’ recorded calls. The Call Recorder app-enabled third-parties to access a user’s entire library of recordings, just by knowing their phone number.
Masslogger Trojan reinvented in quest to steal Outlook, Chrome credentials. The operators have also been linked to the use of AgentTesla, Formbook, and AsyncRAT. Cybersecurity researchers from Cisco Talos said the campaign is currently focused on victims in Turkey, Latvia, and Italy, expanding activities documented in late 2020 which targeted users in Spain, Bulgaria, Lithuania, Hungary, Estonia, and Romania.
The GreatHorn Threat Intelligence Team has identified a new email attack trend, where cybercriminals are able to bypass traditional URL defenses to attack end users. The URLs are malformed, not utilizing the normal URL protocols, such as http:// or https://. Instead, they use http:/\ in their URL prefix.
A small but complex malware variant called Kobalos is targeting supercomputers worldwide. The malware’s codebase is tiny but is sophisticated enough to impact at least Linux, BSD, and Solaris operating systems. ESET suspects it may possibly be compatible with attacks against AIX and Microsoft Windows machines, too.
The vulnerability, disclosed recently as CVE-2021-3156 by security researchers from Qualys, impacts Sudo, an app that allows admins to delegate limited root access to other users. Matthew Hickey, the co-founder of Hacker House, has discovered that a recent security flaw in the Sudo app also impacts the macOS operating system, and not just Linux and BSD, as initially believed.
EUR 272.5 million of fines have been imposed for a wide range of infringements of Europe’s tough data protection laws according to international law firm DLA Piper. EUR 158.5 million of fines imposed since 28 January 2020, a 39% increase on the previous 20 month period since the application of General Data Protection Regulation.
Cybersecurity firm FireEye released a report detailing the techniques used by the SolarWinds hackers inside the networks of companies they breached. Together with the report, FireEye researchers have also released a free tool on GitHub named Azure AD Investigator that they say can help companies determine if the SolarWinds hackers (also known as UNC2452) used any of these techniques inside their networks.
The JSOF research labs are reporting 7 vulnerabilities found in dnsmasq, an open-source DNS forwarding software in common use. The experts have identified approximately 40 vendors using dnsmasq in their products, as well as major Linux distributions.
