- 1. Bluetooth Bugs Open Billions of Devices to DoS, Code Execution
- 2. NPM package with 3 million weekly downloads had a severe vulnerability
- 3. Superhero Loki Lurks Like a Zero-Day Threat
Does the "TVA is just like a SoC" analogy hold up?
- 4. The ‘Unhackable’ Wii Mini Has Been Hacked
- 5. How to Secure your AWS infrastructure?
- 6. Confluence Server 7.12.4 OGNL Injection Remote Code Execution
- 7. Israeli Foreign Minister Promises Closer Look at NSO
Darknet Diaries has a great episode with details on this (though despite amazing effort, was not able to interview NSO, which speaks volumes): "NSO has come under widespread criticism over reports that its flagship spyware product, Pegasus, has been misused by governments to spy on dissidents, journalists, human rights workers and possibly even heads of state. Pegasus is able to stealthily infiltrate a target’s mobile phone, giving users access to data, email, contacts and even their cameras and microphones."
- 8. Beginners Guide to Azure Sentinel
- 9. It’s time to create a TJ Hooper for information security
"Many companies have a prevailing practice regarding information security — that they need to do only the bare minimum to get by. They do that while millions of consumer records are breached weekly."
- 10. A deep-dive into the SolarWinds Serv-U SSH vulnerability
- 11. Pwned! The home security system that can be hacked with your email address
- 12. Security Researcher Develops Lightning Cable With Hidden Chip to Steal Passwords
- 13. SANS Technology Institute Selects Ed Skoudis As Its New President
- 14. Widespread credential phishing campaign abuses open redirector links
- 15. Authentication Bypass Vulnerability In Exchange Server – CyberWorkx
- 16. Cyberhack Hides Malicious Code in Your Graphics Card’s VRAM
- 17. A popular smart home security system can be remotely disarmed, researchers say – TechCrunch
"If a malicious actor knows a user’s email address, they can use it to query the cloud-based API to return an International Mobile Equipment Identity (IMEI) number, which appears to also serve as the device's serial number." - And with the email and the IMEI, you can use the API to disarm the system. Also, I feel like this is 20-years-ago behavior from a vendor: "Rapid7 revealed details of the two vulnerabilities on Tuesday after not hearing from Fortress in three months, the standard window of time that security researchers give companies to fix bugs before details are made public. Rapid7 said its only acknowledgment of its email was when Fortress closed its support ticket a week later without commenting. Fortress owner Michael Hofeditz opened but did not respond to several emails sent by TechCrunch with an email open tracker. An email from Bottone Reiling, a Massachusetts law firm representing Fortress, called the claims “false, purposely misleading and defamatory,” but did not provide specifics that it claims are false, or if Fortress has mitigated the vulnerabilities."
- 18. Does a USB drive get heavier as you store more files on it?
- 19. CISA: Don’t use single-factor auth on Internet-exposed systems
"The use of single-factor authentication for remote or administrative access to systems supporting the operation of Critical Infrastructure and National Critical Functions (NCF) is dangerous and significantly elevates risk to national security, national economic security, and national public health and safety. This dangerous practice is especially egregious in technologies accessible from the Internet. "
- 20. HPE Warns Sudo Bug Gives Attackers Root Privileges to Aruba Platform
And they are just either discovering or disclosing this now? SBOM anyone? - "The Aruba AirWave management platform is HPE’s real-time monitoring and security alert system for wired and wireless infrastructures. The Sudo bug (CVE-2021-3156) was reported in January by Qualys researchers and is believed to impact millions of endpoint devices and systems."
- 21. Hacker Claims Honda And Acura Vehicles Vulnerable To Simple Replay Attack
" The crux of the allegations are that simply recording signals from a Honda or Acura keyfob is enough to compromise the vehicle. Reportedly, no rolling code system is implemented and commands can easily be replayed."
- 22. When you finish celebrating Linux turning 30, try new Linux 5.14, says Linus Torvalds
Interesting, we seem to be really destroying the basic concepts of permissions and rings: "memfd_secret lets applications create an area of memory that only that application can access. Not even the kernel can access the designated area of memory. Which matters, because Spectre and Meltdown meant cached data could be accessed. memfd_secret is designed to provide a safe place for secrets like cryptographic keys or passwords to reside."
- 23. Florida Woman Convicted Of Damaging Her Former Employer’s Computers After She Was Fired
Yikes: "While she was being terminated, and just before she was escorted from the building, CALONGE was observed by two employees of Employee-1 repeatedly hitting the delete key on her desktop computer. Several hours later, CALONGE logged into a system (“System-1”) used by Employer?1 to receive and manage applications for employment with the company, which the company had invested two years and over $100,000 to build. During the next two days, CALONGE rampaged through System-1, deleting over 17,000 job applications and resumes, and leaving messages with profanities inside the system."
- 24. ChaosDB: Unauthorized Privileged Access to Microsoft Azure Cosmos DB
"By exploiting a chain of vulnerabilities in the Jupyter Notebook feature of Cosmos DB, a malicious actor can query information about the target Cosmos DB Jupyter Notebook. By doing so, the attacker will obtain a set of credentials related to the target Cosmos DB account, the Jupyter Notebook compute, and the Jupyter Notebook Storage account, including the Primary Key. Using these credentials, it is possible to view, modify, and delete data in the target Cosmos DB account via multiple channels. Below is a diagram that illustrates the attack."