#URL File #NTLM Hash Disclosure #Vulnerability (0day) - and Free #Micropatches for it

Source: https://blog.0patch.com/2024/12/url-file-ntlm-hash-disclosure.html

#bug #Patch #Microsoft #Windows #Software #os #cybersecurity #0day #security #news

URL File NTLM Hash Disclosure Vulnerability (0day) - and Free Micropatches for it

  Our researchers discovered a vulnerability on all Windows Workstation and Server versions from Windows 7 and Server 2008 R2 to the latest...

South Korea arrests CEO for adding DDoS feature to 240,000 satellite receivers

Allegedly, the functionality was needed to counter the attacks of a competing entity.

The exact way the DDoS functionality was leveraged on the devices was not specified, but these attacks are always illegal when targeting external systems.

Moreover, users of the satellite receivers were involuntarily taking part in attacks and might have experienced reduced device performance during these occurrences.

There has been more and more of a shift towards satellite communications for civilian Internet and mobile phone use, so this is probably just a wake-up call for all of us to realise that those satellites sitting up there in plain view, are not just going to be “allowed” to be used without any interference or weaponizations.

It will be both military (and I include all nations here) who will try to intercept or even block messages, as well as the usual hacking and ransomware suspects who will try to exploit them. The military of all nations will be pushing to have their encryption back doors included, and will want to be able to disable civilian satellite services “in times of need”.

All I’m saying is, we cannot assume these satellites will all just be there functioning in our interests 100% of the time. Of all the communications mediums ever invented, satellites are the most exposed and vulnerable of all. In other words, be sure not to rely solely on satellite communications in the future. Consider them a useful supplementary tool for communications, but do not neglect your more traditional means of communications.

See bleepingcomputer.com/news/secu…
#Blog, #satellites, #security, #technology, #vulnerability

Within this assessment, the red team (also referred to as ‘the team’) gained initial access through a web shell left from a third party’s previous security #assessment.

Source: https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-326a

Today's #security measures therefore tend to reduce security rather than increase it. 🤔😖

#news #Software #vulnerability #bug #fail #cybersecurity #Problem #omg #wtf #web #webshell #internet

#Cisco reports more than 35 #vulnerabilities in #firewall products

Source: https://www.heise.de/en/news/Cisco-reports-more-than-35-vulnerabilities-in-firewall-products-9992758.html

Don't forget that you use firewalls to increase #security.

#news #Software #vulnerability #bug #fail #cybersecurity #Problem #fail #qa #economy

Cisco reports more than 35 vulnerabilities in firewall products

Cisco's ASA, Firepower and Secure Firewall Management Center have security vulnerabilities, some of which are critical. More than 35 updates are now available.

Hackers take control of #robot vacuums in multiple cities, yell racial slurs

Source: https://www.abc.net.au/news/2024-10-11/robot-vacuum-yells-racial-slurs-at-family-after-being-hacked/104445408

The PIN code system protecting the robot's video feed — and remote control feature — was also known to be faulty, and the warning sound that is meant to play when the #camera is being watched was able to be disabled from afar.

These #security issues could explain how attackers took control of multiple robots in separate locations, and how they could've silently surveilled their victims once they'd gotten in.

#cybersecurity #news #hack #hacker #privacy #surveillance #Software #vulnerability #Problem #fail #economy #technology

Hackers take control of robot vacuums in multiple US cities and abuse owners

Ecovacs robot vacuums in multiple US cities were hacked in the space of a few days, with the attacker physically controlling them and yelling obscenities through their onboard speakers.

U.S. #Wiretap Systems Targeted in #China - Linked #Hack

Source: http://www.wsj.com/tech/cybersecurity/u-s-wiretap-systems-targeted-in-china-linked-hack-327fc63b

The #surveillance systems believed to be at issue are used to cooperate with requests for domestic information related to criminal and national security investigations. Under federal law, telecommunications and broadband companies must allow authorities to intercept electronic information pursuant to a court order. It couldn’t be determined if systems that support foreign #intelligence surveillance were also vulnerable in the breach.

Like all backdoors, this #backdoor is also a #security risk and not a gain.

#news #cybersecurity #cybercrime #privacy #politics #police #justice #communication #crime #Problem #USA #fail #hacker #Software #vulnerability #spy

Exposing The Flaw In Our #Phone System: https://www.youtube.com/watch?v=wVyu7NB7W6Y

#hack #security #mobile #ss7 #network #vulnerability #surveillance #attack

Investigations in the so-called #darknet: Law enforcement agencies undermine #Tor #anonymisation

Source: https://www.ndr.de/fernsehen/sendungen/panorama/aktuell/Investigations-in-the-so-called-darknet-Law-enforcement-agencies-undermine-Tor-anonymisation,toreng100.html

These are the first documented cases of these so-called ‘timing analyses’ in the Tor network worldwide. Until now, this was considered practically impossible.

#news #police #Germany #cybercrime #vulnerability #Software #tracking #internet #anonymity #privacy

Investigations in the so-called darknet: Law enforcement agencies undermine Tor anonymisation

The Tor network is considered the most important tool for surfing the internet anonymously. Law enforcement agencies have apparently begun to infiltrate it in order to expose criminals. They have been successful in at least one case.

#Malware says hooray 😱

Source: https://techcommunity.microsoft.com/t5/excel-blog/python-in-excel-available-now/ba-p/4240212

#Python in #Excel is now generally available for #Windows users of #Microsoft 365 Business and Enterprise.

#news #Software #vulnerability #Problem

Python in Excel – Available Now

Python in Excel is now generally available for Windows users of Microsoft 365 Business and Enterprise. Last August, in partnership with Anaconda, we..

Hackaday Links: August 18, 2024

#hackadaycolumns #hackadaylinks #74hcxx #autonomous #bicycle #bluetooth #derailleur #driverless #fft #fpga #horn #job #parametric #racing #sanfrancisco #search #spreadsheet #tootle #vulnerability #waymo #wireless #hackaday
posted by pod_feeder_v2

Hackaday Links: August 18, 2024

They’re back! The San Francisco autonomous vehicle hijinks, that is, as Waymo’s fleet of driverless cars recently took up the fun new hobby of honking their horns in the wee hours of th…

Working at a company with #Microsoft #CyberSecurity products ... D:

#Security #Meme #Memes #Cloud #Azure #Office365 #fail #software #bug #vulnerability #cyberwar #omg #wtf

#Blast-RADIUS is a #vulnerability that affects the RADIUS #protocol. RADIUS is a very common protocol used for #authentication, #authorization, and accounting (AAA) for networked devices on enterprise and telecommunication networks.

Source: https://www.blastradius.fail/

#cybersecurity #security #network #fail #problem #newd

#RegreSSHion: Remote Code Execution #Vulnerability In #OpenSSH Server

source: https://www.phoronix.com/news/RegreSSHion-CVE-2024-6387

#exploit #security #software #server #news #update #patch #cybersecurity

#Windows #vulnerability reported by the #NSA exploited to install Russian #malware

Source: https://arstechnica.com/security/2024/04/kremlin-backed-hackers-exploit-critical-windows-vulnerability-reported-by-the-nsa/

When Microsoft patched the vulnerability in October 2022—at least two years after it came under #attack by the Russian hackers—the company made no mention that it was under active exploitation.

#patch #update #exploit #Russia #security #CyberSecurity #news #os #software #hack #hacker

Kremlin-backed hackers exploit critical Windows vulnerability reported by the NSA

Microsoft didn't disclose the in-the-wild exploits by Kremlin-backed group until now.

#CVE-2024-20356: #Jailbreaking a #Cisco appliance to run #DOOM

In this adventure, the Cisco #C195 device family was jailbroken in order to run unintended code. This includes the discovery of a vulnerability in the #CIMC body management controller which affects a range of different devices, whereby an authenticated high privilege user can obtain underlying root access to the server’s #BMC (CVE-2024-20356) which in itself has high-level access to various other components in the system. The end goal was to run DOOM – if a smart fridge can do it, why not Cisco?

source: https://labs.nettitude.com/blog/cve-2024-20356-jailbreaking-a-cisco-appliance-to-run-doom/

#software #security #bug #network #game #news #vulnerability #exploit #hack #hacker

CVE-2024-20356: Jailbreaking a Cisco appliance to run DOOM

The Cisco C195 is a Cisco Email Security Appliance device. Its role is to act as an SMTP gateway on your network perimeter. This device (and the full range of appliance devices) is heavily locked down and prevents unauthorised code from...

#NIST National #Vulnerability #Database Disruption Sees #CVE Enrichment on Hold

Since February 12, 2024, NIST has almost completely stopped enriching software vulnerabilities listed in its National Vulnerability Database (NVD), the world's most widely used software vulnerability database.

Source: https://www.infosecurity-magazine.com/news/nist-vulnerability-database/

#nvd #usa #security #software #problem #exploit #hack #bug #news #cybersecurity

NIST NVD Disruption Sees CVE Enrichment on Hold

Vulnerability data has stopped being added to the most widely used software vulnerability database for over a month, putting organizations at risk – and nobody knows why

Hackers exploited #Windows 0-day for 6 months after #Microsoft knew of it

Source: https://arstechnica.com/security/2024/03/hackers-exploited-windows-0-day-for-6-months-after-microsoft-knew-of-it/

Even after Microsoft patched the #vulnerability last month, the company made no mention that the North Korean threat group #Lazarus had been using the vulnerability since at least August to install a stealthy #rootkit on vulnerable computers. The vulnerability provided an easy and stealthy means for #malware that had already gained administrative system rights to interact with the Windows #kernel. Lazarus used the vulnerability for just that. Even so, Microsoft has long said that such admin-to-kernel elevations don’t represent the crossing of a security boundary, a possible explanation for the time Microsoft took to fix the vulnerability.

#software #news #security #cybercrime #bug #exploit #0day #fail #economy #problem #politics #hack #Hackers #trust #risk

Hackers exploited Windows 0-day for 6 months after Microsoft knew of it

Technically, Microsoft doesn't consider such bugs vulnerabilities. It patched it anyway.

#Anycubic users say their #3D printers were hacked to warn of a #security flaw

source: https://techcrunch.com/2024/02/28/anycubic-users-3d-printers-hacked-warning/?guccounter=1

Ouyang said in an email to TechCrunch: “We are investigating very carefully. There will be an official announcement very soon,” but did not comment further.

“Disconnect your printer from the internet until anycubic patches this issue,” the text file reads.

#news #3dprinter #hack #hacker #warning #software #problem #technology #vulnerability

Leaky Vessels: Docker and runc Container Breakout Vulnerabilities | #runc #docker #container #vulnerability #cybersecurity #devops #leakyvessels

Leaky Vessels: Docker and runc Container Breakout Vulnerabilities - January 2024 | Snyk

Snyk Security Labs Team has identified four container breakout vulnerabilities in core container infrastructure components including Docker and runc, which also impacts Kubernetes.

They are sharing SSH CVE-2023-48795 (Terrapin attack) vulnerable instances found in their IPv4/IPv6 scans

Nearly 11M instances (by unique IP) found vulnerable (~52%).

Background on the #vulnerability: https://terrapin-attack.com

fedivers: https://infosec.exchange/@shadowserver/111691389140858555

#cve #network #internet #security #bug #cyberwar #software #terrapin #attack #danger #administration #update #patch #ssh