Website Defacement: Petty Cyber Attack…Big Consequences
“Prepare for the worst.” The surprising nature of a website defacement attack is what makes it so powerful and scary. A message that might be detected and removed in a few minutes, sometimes hours, can have enormous political cost, and result in reputational damage and a loss of trust that takes time to recover. Of…
German Election Authority Confirms Likely Cyber Attack
The development, first reported by Business Insider, comes as German federal prosecutors probe alleged cyber attacks against lawmakers during the campaign to choose a new parliament and a successor to Chancellor Angela Merkel. “At the end of August the website of the Federal Returning Officer only had limited accessibility for a few minutes due to…
Why We Need More Blue Team Voices at the Table
I’m going to tell you one of the dirty secrets of enterprise cybersecurity. There are a lot of practitioners that secretly wish their company would get attacked. Because at least then, someone would listen to them. These people tend to reside on what we frequently refer to as the blue team. In cybersecurity exercises and…
Malvuln Project Catalogues Vulnerabilities Found in Malware
Malvuln is the creation of security researcher John Page (aka hyp3rlinx), who told SecurityWeek that he came up with the idea when he got bored during a COVID-19 lockdown. The Malvuln website currently has 26 entries describing remotely exploitable buffer overflow vulnerabilities and privilege escalation flaws related to insecure permissions. The list of targeted malware…
NAT Slipstreaming: Visiting Malicious Site Can Expose Local Network Services to Remote Attacks
Dubbed NAT Slipstreaming, the attack can be triggered when the victim visits a specially crafted website, exploiting the browser and Application Level Gateway (ALG), a connection tracking mechanism present in firewalls, NATs, and routers. According to the researcher, the attack chains “internal IP extraction via timing attack or WebRTC, automated remote MTU and IP fragmentation…
Government Software Provider Tyler Technologies Confirms Ransomware Attack
Tyler this week shut down its website and started informing customers via email that its internal phone and IT systems were accessed without authorization by an unknown third party. The company said the attack disrupted access to some internal systems, and it decided to shut down points of access to external systems while investigating the…
Information Disclosure, XSS Vulnerabilities Patched in Drupal
The most serious of the flaws is CVE-2020-13668, a critical XSS issue affecting Drupal 8 and 9. It’s worth noting that Drupal uses the NIST Common Misuse Scoring System to determine security risk levels and critical is the second highest level, after highly critical. The issue is a reflected XSS and exploitation is only possible…
Cybercriminals Hide Malware & Phishing Sites Under SSL Certificates
Cybercriminals are increasingly relying on SSL certificates to lull people into a false sense of security when clicking malicious links. The assumption that HTTPS links and the accompanying lock icon protect employees from attack can threaten businesses without sufficient SSL inspection. Nearly 52% of the top 1 million websites were available over HTTPS in 2019,…
Rockstar Games Launches Public Bug Bounty Program
Rockstar Games this week launched a public bug bounty program through HackerOne, after running it in private mode for more than nine months. On the program’s page, the company reveals that the minimum bounty for successful vulnerability submissions is $150, but that researchers can get higher rewards, depending on the severity and complexity of the…
LeakedSource’s shutdown is a blow to amateur hackers
Amateur hackers are alarmed with the apparent demise of LeakedSource, a controversial breach notification site that’s been accused of doing more harm than good. U.S. law enforcement has allegedly confiscated its servers, and now some hackers are wondering if customers of LeakedSource might be next.