Researcher Explains Wi-Fi Password Cracking at Scale
Conducted in Tel Aviv, the researcher’s experiment showed just how easy an attacker could hack into home and enterprise networks, by simply walking around a city with the right equipment in hand. For his experiment, CyberArk’s Ido Hoorvitch used an AWUS036ACH ALFA Network card, which costs around $50, and provides both monitoring and packet injection…
8 Ways to “Fight the Phish” this Cybersecurity Awareness Month
We’ve all been targeted in phishing attacks — fake messages from a seemingly trusted or reputable source designed to convince you to click on a malicious link, reveal information, give unauthorized access to a system or execute a financial transaction. During this second week of Cybersecurity Awareness Month, pay extra attention to those emails, text…
Necro Python Botnet Starts Targeting Visual Tools DVRs
First discovered in January this year, Necro Python is also tracked as N3Cr0m0rPh, FreakOut, Python.IRCBot and is known for attempting to exploit multiple known vulnerabilities. In late September, the botnet added to its arsenal an exploit targeting a security vulnerability in Visual Tools DVR VX16 4.2.28.0, according to a warning from Juniper Threat Labs. Based…
ESET Discovers UEFI Bootkit in Cyber Espionage Campaign
The ESET discovery is the second real-world UEFI bootkit to be publicly documented in recent weeks, following Kaspersky’s report on a new Windows UEFI bootloader fitted into the FinSpy surveillance spyware product. According to ESET researchers Anton Cherepanov and Martin Smolar, the malware has evaded detection for almost a decade and was engineered to bypass…
Enterprises Warned About Zix-Themed Credential Phishing Attacks
Zix provides cybersecurity, compliance and productivity solutions to 21,000 organizations, and cybercriminals have been leveraging the company’s reputation in a phishing campaign aimed at enterprises. Email security company Armorblox said on Tuesday that it has observed an attack on customer environments across Microsoft Exchange, Office 365 and Google Workspace. “Although the potential account exposure of…
Apple Confirms New Zero-Day Attacks on Older iPhones
This is the 16th documented in-the-wild zero-day exploitation of security defects in Apple’s iOS and macOS platforms so far this year. “Apple is aware of reports that an exploit for this issue exists in the wild,” the company said without elaborating. No other details of IOCs (indicators of compromise) were provided. The Cupertino, Calif. software…
GitHub Patches Security Flaws in Core Node.js Dependencies
“These vulnerabilities may result in arbitrary code execution due to file overwrite and creation when tar is used to extract untrusted tar files or when the npm CLI is used to install untrusted npm packages under certain file system conditions,” GitHub said in an advisory. A code npm dependency, tar is used to extract and…
HAProxy Vulnerability Leads to HTTP Request Smuggling
An attacker could exploit the vulnerability – tracked as CVE-2021-40346 (CVSS score of 8.6) – to bypass duplicate HTTP Content-Length header checks. Thus, the attacker could smuggle HTTP requests to the backend server without the proxy server noticing it, or launch a response-splitting attack. “Our analysis confirmed that the duplication is achieved by making use…
Germany Protests to Russia Over Pre-Election Cyberattacks
Foreign Ministry spokeswoman Andrea Sasse said that a hacker outfit called Ghostwriter has been “combining conventional cyberattacks with disinformation and influence operations,” and that activities targeting Germany have been observed “for some time.” She said that, ahead of Germany’s parliamentary election on Sept. 26, there have been attempts – using phishing emails, among other things…
Hacked SolarWinds Software Lacked Basic Anti-Exploit Mitigation: Microsoft
The missing mitigation was flagged by Microsoft in a post mortem of last month’s zero-day attack that hit businesses using the SolarWinds Serv-U Managed File Transfer and Serv-U Secure FTP products. Microsoft originally shipped the mitigation — called ASLR (Address Space Layout Randomization) in Windows Vista back in 2006 as part of a larger plan…
