Researcher Explains Wi-Fi Password Cracking at Scale
Conducted in Tel Aviv, the researcher’s experiment showed just how easy an attacker could hack into home and enterprise networks, by simply walking around a city with the right equipment in hand. For his experiment, CyberArk’s Ido Hoorvitch used an AWUS036ACH ALFA Network card, which costs around $50, and provides both monitoring and packet injection…
Mozilla Blocks Malicious Firefox Add-Ons Abusing Proxy API
The API allows add-ons to control the manner in which the browser connects to the Internet, and some extensions were found to abuse this. Specifically, the manner in which the offending add-ons interacted with the API prevented users from accessing updated blocklists, from downloading updates, and from updating content remotely configured. According to Mozilla, a…
Researcher Earns $2 Million for Critical Vulnerability in Polygon
Specifically, a user could deposit a specific amount to the Polygon Plasma Bridge, withdraw the entire sum, and then submit the same withdrawal transaction an additional 223 times, each time receiving the full amount. Basically, one could deposit $1 million and withdraw $224 million. With the DepositManager for the Plasma Bridge holding roughly $850 million…
Facebook Introduces New Tool for Finding SSRF Vulnerabilities
According to the definition provided by OWASP, a SSRF attack enables an attacker to abuse a server’s functionality to read or update internal resources. “The attacker can supply or modify a URL which the code running on the server will read or submit data to, and by carefully selecting the URLs, the attacker may be…
Zerodium Buying Zero-Day Exploits Targeting VPN Software
Specifically, the company wants to acquire exploits that work against the Windows versions of the ExpressVPN, NordVPN and Surfshark applications. These VPN services have millions of users. Zerodium is looking for remote code execution, IP address leak, and other information disclosure exploits. It does not want to acquire local privilege escalation vulnerabilities. The company has…
Many Prometheus Endpoints Expose Sensitive Data
Designed to harvest real-time metrics from various endpoints, Prometheus enables organizations to keep a close eye on systems’ state, network usage, and the like. Close to 800 cloud-native platforms, including Slack and Uber, leverage the solution. In January 2021, Prometheus added support for Transport Layer Security (TLS) and basic authentication, to prevent access to the…
Ransomware Hit SCADA Systems at 3 Water Facilities in U.S.
The alert was issued by the FBI, CISA, the EPA and the NSA. The agencies are aware of attacks — launched by both known and unknown threat actors — against the IT and OT (operational technology) networks of water facilities. The agencies noted that while cyber threats are increasing across critical infrastructure sectors, the latest…
Extortionist Hacker Group SnapMC Breaches Networks in Under 30 Minutes
Dubbed SnapMC, the hacking group attempts to exploit multiple vulnerabilities in webserver and VPN applications for initial access and typically compromises victim networks in under 30 minutes. The group then exfiltrates victim data to leverage it for extortion, but doesn’t use ransomware or other means of disrupting the victim’s operations. SnapMC threatens to publish the…
Necro Python Botnet Starts Targeting Visual Tools DVRs
First discovered in January this year, Necro Python is also tracked as N3Cr0m0rPh, FreakOut, Python.IRCBot and is known for attempting to exploit multiple known vulnerabilities. In late September, the botnet added to its arsenal an exploit targeting a security vulnerability in Visual Tools DVR VX16 4.2.28.0, according to a warning from Juniper Threat Labs. Based…
GitKraken Vulnerability Prompts Action From GitHub, GitLab, Bitbucket
Discovered in the open source library that the Git GUI client uses for SSH key generation, the issue affects all keys issued using versions 7.6.x, 7.7.x, and 8.0.0 of GitKraken. The security hole was identified in late September and was addressed with the release of GitKraken version 8.0.1. The SSH key generation library was replaced…
