Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-07-06 13:06:58 |
(Déjà vu) CyberheistNews Vol 12 #27 [New FBI and CISA Alert] This Ransomware Strain Uses RDP Flaws to Hack Into Your Network (lien direct) |
|
Ransomware
Hack
|
|
|
|
2022-07-06 10:48:56 |
Alleged Chinese Police Database Hack Leaks Data of 1 Billion (lien direct) |
Hackers claim to have obtained a trove of data on 1 billion Chinese from a Shanghai police database in a leak that, if confirmed, could be one of the largest data breaches in history.
|
Hack
|
|
|
|
2022-07-05 20:06:42 |
Pentagon: We\'ll pay you if you can find a way to hack us (lien direct) |
DoD puts money behind bug bounty program after reward-free pilot The US Department of Defense has created a broad but short bug bounty program for vulnerabilities in public-facing systems and applications.… |
Hack
|
|
|
|
2022-07-05 16:36:56 |
UK Military Investigates Hacks on Army Social Media Accounts (lien direct) |
British military authorities are trying to find out who hacked the army's social media accounts over the weekend, flooding them with cryptocurrency videos and posts related to collectible electronic art.
|
Hack
|
|
|
|
2022-07-04 11:00:00 |
The Worst Hacks and Breaches of 2022 So Far (lien direct) |
From cryptocurrency thefts to intrusions into telecom giants, state-backed attackers have had a field day in the year's first half. |
Hack
|
|
|
|
2022-07-04 10:17:26 |
Threat Actor Group Claims Responsibility for High Profile University Hacks (lien direct) |
Reportedly, CloudSEK used its artificial intelligence (AI)-powered digital risk platform XVigil to identify a post on a cybercrime forum mentioning open source automation server platform Jenkins as one of the TTP (tactics, techniques, and procedures) used by a threat actor (TA) in attacks against IBM and Stanford University. Used by a TA to get clicks […]
|
Hack
Threat
|
|
|
|
2022-07-01 19:09:27 |
OpenSea NFT Marketplace Faces Insider Hack (lien direct) |
OpenSea warns users that they are likely to be targeted in phishing attacks after a vendor employee accessed and downloaded its email list. |
Hack
|
|
|
|
2022-07-01 16:00:00 |
Threat Actor Claims Responsibility For IBM and Stanford University Hack (lien direct) |
The module reportedly has desktop takeover capabilities that would be used to get clicks on ads |
Hack
|
|
|
|
2022-07-01 14:17:57 |
(Déjà vu) UnRAR Vulnerability Lets Attackers Hack Zimbra Webmail Servers (lien direct) |
It has been reported that a new security vulnerability has been disclosed in RARlab’s UnRAR utility that, if successfully exploited, could permit a remote attacker to execute arbitrary code on a system that relies on the binary. The flaw, assigned the identifier CVE-2022-30333, relates to a path traversal vulnerability in the Unix versions of UnRAR that […] |
Hack
Vulnerability
|
|
|
|
2022-07-01 10:47:10 |
[New FBI and CISA Alert] This ransomware strain uses RDP flaws to hack into your network (lien direct) |
|
Ransomware
Hack
|
|
|
|
2022-06-30 17:58:47 |
Experts blame North Korea-linked Lazarus APT for the Harmony hack (lien direct) |
>North Korea-linked Lazarus APT group is suspected to be behind the recent hack of the Harmony Horizon Bridge. Recently, threat actors have stolen $100 million in cryptocurrency from the Blockchain company Harmony. The company reported the incident to the authorities, the FBI is investigating the cyber heist with the help of several cybersecurity firms. Harmony's […]
|
Hack
Threat
|
APT 38
|
|
|
2022-06-30 17:27:16 |
North Korea Lazarus Hackers Blamed for $100 Million Horizon Bridge Heist (lien direct) |
The infamous North Korean Lazarus hacking group is the prime suspect in the $100 million hack of Harmony's Horizon Bridge, according to new data and research from blockchain analytics firm Elliptic.
|
Hack
|
APT 38
|
|
|
2022-06-30 16:54:28 |
NXM Announces Platform That Protects Space Infrastructure and IoT Devices From Cyberattacks (lien direct) |
NXM Autonomous Security protects against network-wide device hacks and defends against critical IoT vulnerabilities. |
Hack
|
|
|
|
2022-06-30 16:00:00 |
North Korea\'s Lazarus Group Suspected of $100m Harmony Hack (lien direct) |
Elliptic used Tornado demixing techniques to trace the stolen funds to new Ethereum wallets |
Hack
|
APT 38
|
|
|
2022-06-29 23:01:41 |
North Korean Hackers Suspected to be Behind $100M Horizon Bridge Hack (lien direct) |
The notorious North Korea-backed hacking collective Lazarus Group is suspected to be behind the recent $100 million altcoin theft from Harmony Horizon Bridge, citing similarities to the Ronin bridge attack in March 2022.
The finding comes as Harmony confirmed that its Horizon Bridge, a platform that allows users to move cryptocurrency across different blockchains, had been breached last week. |
Hack
Medical
|
APT 38
|
|
|
2022-06-29 16:30:00 |
New UnRAR Vulnerability Could Lead to Zimbra Webmail Hack (lien direct) |
Successful exploitation would give an attacker access to all emails on a compromised server |
Hack
Vulnerability
|
|
|
|
2022-06-29 14:48:08 |
Path Traversal flaw in UnRAR utility can allow hacking Zimbra Mail servers (lien direct) |
>Researchers discovered a new flaw in RARlab’s UnRAR utility, tracked CVE-2022-30333, that can allow to remotely hack Zimbra Webmail servers. SonarSource researchers have discovered a new vulnerability in RARlab’s UnRAR utility, tracked as CVE-2022-30333, that can be exploited by remote attackers to execute arbitrary code on a system that relies on the binary, like Zimbra […]
|
Hack
Vulnerability
|
|
|
|
2022-06-29 01:29:21 |
New UnRAR Vulnerability Could Let Attackers Hack Zimbra Webmail Servers (lien direct) |
A new security vulnerability has been disclosed in RARlab's UnRAR utility that, if successfully exploited, could permit a remote attacker to execute arbitrary code on a system that relies on the binary.
The flaw, assigned the identifier CVE-2022-30333, relates to a path traversal vulnerability in the Unix versions of UnRAR that can be triggered upon extracting a maliciously crafted RAR archive. |
Hack
Vulnerability
|
|
|
|
2022-06-28 13:18:14 |
AMD investigates RansomHouse hack claims, theft of 450GB data (lien direct) |
Chip manufacturer AMD says they are investigating a cyberattack after threat actors claimed to have stolen 450 GB of data from the company last year. [...] |
Hack
Threat
|
|
|
|
2022-06-28 10:02:01 |
Breaking Down the Zola Hack and Why Password Reuse is so Dangerous (lien direct) |
In May of 2022, the wedding planning and registry site Zola suffered a major security breach due to a credential stuffing attack. due to password reuse. Here's what happened and what could have been done to prevent the attack. [...] |
Hack
|
|
|
|
2022-06-27 11:39:17 |
Microsoft Exchange bug abused to hack building automation systems (lien direct) |
A Chinese-speaking threat actor has hacked into the building automation systems (used to control HVAC, fire, and security functions) of several Asian organizations to backdoor their networks and gain access to more secured areas in their networks. [...] |
Hack
Threat
|
|
|
|
2022-06-25 17:14:05 |
Harmony Blockchain Bridge Loses $100 Million In Crypto Hack (lien direct) |
>U.S. based firm Harmony, the crypto start-up behind Horizon Blockchain Bridge, on Friday announced that $100 million worth of digital tokens were stolen from one of its key products. For the unversed, Horizon Blockchain Bridge allows users to transfer their crypto assets including tokens, stablecoins, and NFTs, between Ethereum, Binance Smart Chain, and the Harmony blockchain. The company said that on June 23, 2022, […]
|
Hack
|
|
|
|
2022-06-23 19:36:46 |
Log4Shell Still Being Exploited to Hack VMWare Servers to Exfiltrate Sensitive Data (lien direct) |
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), along with the Coast Guard Cyber Command (CGCYBER), on Thursday released a joint advisory warning of continued attempts on the part of threat actors to exploit the Log4Shell flaw in VMware Horizon servers to breach target networks.
"Since December 2021, multiple threat actor groups have exploited Log4Shell on unpatched, |
Hack
Threat
|
|
|
|
2022-06-23 15:28:48 |
CISA: Log4Shell exploits still being used to hack VMware servers (lien direct) |
CISA warned today that threat actors including state-backed hacking groups are still targeting VMware Horizon and Unified Access Gateway (UAG) servers using the Log4Shell (CVE-2021-44228) remote code execution vulnerability. [...] |
Hack
Threat
|
|
|
|
2022-06-23 06:05:37 |
Conti ransomware hacking spree breaches over 40 orgs in a month (lien direct) |
The Conti cybercrime syndicate runs one of the most aggressive ransomware operations and has grown highly organized, to the point that affiliates were able to hack more than 40 companies in a little over a month. [...] |
Ransomware
Hack
|
|
|
|
2022-06-20 21:46:13 |
Russian APT28 hacker accused of the NATO think tank hack in Germany (lien direct) |
>The Attorney General has issued an arrest warrant for a hacker who targeted a NATO think tank in Germany for the Russia-linked APT28. The Attorney General has issued an arrest warrant for the Russian hacker Nikolaj Kozachek (aka “blabla1234565” and “kazak”) who is accused to have carried out a cyber espionage attack against the NATO […]
|
Hack
|
APT 28
|
|
|
2022-06-20 10:58:14 |
Jury Convicts Seattle Woman in Massive Capital One Hack (lien direct) |
A federal jury on Friday convicted a former Seattle tech worker of several charges related to a massive hack of Capital One bank and other companies in 2019.
|
Hack
|
|
|
|
2022-06-17 20:19:14 |
BSidesSF 2022 Writeups: Tutorial Challenges (Shurdles, Loadit, Polyglot, NFT) (lien direct) |
Hey folks,
This is my (Ron's / iagox86's) author writeups for the BSides San Francisco 2022 CTF. You can get the full source code for everything on github. Most have either a Dockerfile or instructions on how to run locally. Enjoy!
Here are the four BSidesSF CTF blogs:
shurdles1/2/3, loadit1/2/3, polyglot, and not-for-taking
mod_ctfauth, refreshing
turtle, guessme
loca, reallyprettymundane
Shurdles - Shellcode Hurdles
The Shurdles challenges are loosely based on a challenge from last year, Hurdles, as well as a Holiday Hack Challenge 2021 challenge I wrote called Shellcode Primer. It uses a tool I wrote called Mandrake to instrument shellcode to tell the user what's going on. It's helpful for debugging, but even more helpful as a teaching tool!
The difference between this and the Holiday Hack version was that this time, I didn't bother to sandbox it, so you could pop a shell and inspect the box. I'm curious if folks did that.. probably they couldn't damage anything, and there's no intellectual property to steal. :)
I'm not going to write up the solutions, but I did include solutions in the repository.
Although I don't work for Counter Hack anymore, a MUCH bigger version of this challenge that I wrote is included in the SANS NetWars version launching this year. It covers a huge amount, including how to write bind- and reverse-shell shellcode from scratch. It's super cool! Unfortunately, I don't think SANS is doing hybrid events anymore, but if you find yourself at a SANS event be sure to check out NetWars!
Loadit - Learning how to use LD_PRELOAD
I wanted to make a few challenges that can be solved with LD_PRELOAD, which is where loadit came from! These are designed to be tutorial-style, so I think the solutions mostly speak for themselves.
One interesting tidbit is that the third loadit challenge requires some state to be kept - rand() needs to return several different values. I had a few folks ask me about that, so I'll show off my solution here:
#include
int rand(void) {
int answers[] = { 20, 22, 12, 34, 56, 67 };
static int count = 0;
return answers[count++];
}
// Just for laziness
unsigned int sleep(unsigned int seconds) {
return 0;
}
I use the static variable type to keep track of how many times rand() has been called. When you declare something as static inside a function, it means that the variable is initialized the first time the function is called, but changes are maintained as if it's a global variable (at least conceptually - in reality, it's initialized when the program is loaded, even if the function is never called).
Ironically, this solution actually has an overflow - the 7th time and onwards rand() is called, it will start manipulating random memory. Luckily, we know that'll never happen. :) |
Hack
Tool
|
|
★★★★
|
|
2022-06-15 13:59:37 |
DragonForce Gang Unleash Hacks Against Govt. of India (lien direct) |
In response to a comment about the Prophet Mohammed, a hacktivist group in Malaysia has unleashed a wave of cyber attacks in India. |
Hack
|
|
|
|
2022-06-14 13:09:05 |
Report Reveals $1.7 Billion Hacked From Top 10 Centralised Crypto Exchanges Over The Last Decade (lien direct) |
A new study from BestBitcoinExchange.io has assessed which of the top crypto exchanges have suffered the worst hacks in the past, which are the safest to trust going forward, and which should be avoided. The experts analyzed data from the top 25 crypto exchanges over the last ten years, to identify which are the most […] |
Hack
|
|
|
|
2022-06-11 13:34:12 |
PACMAN, a new attack technique against Apple M1 CPUs (lien direct) |
>PACMAN is a new attack technique demonstrated against Apple M1 processor chipsets that could be used to hack macOS systems. PACMAN is a novel hardware attack technique that can allow attackers to bypass Pointer Authentication (PAC) on the Apple M1 CPU. The pointer authentication codes (PACs) allow to detect and guard against unexpected changes to pointers in memory. […]
|
Hack
|
|
|
|
2022-06-09 15:15:24 |
Why AIs Will Become Hackers (lien direct) |
At a 2022 RSA Conference keynote, technologist Bruce Schneier asserted that artificial intelligence agents will start to hack human systems - and what that will mean for us. |
Hack
|
|
★★★★
|
|
2022-06-08 20:21:29 |
Gone in 130 seconds: New Tesla hack gives thieves their own personal key (lien direct) |
You may want to think twice before giving the parking attendant your Tesla-issued NFC card. |
Hack
|
|
|
|
2022-06-08 09:00:00 |
China using top consumer routers to hack Western comms networks (lien direct) |
You may want to think twice before giving the parking attendant your Tesla-issued NFC card. |
Hack
|
|
★★★★
|
|
2022-06-06 22:14:34 |
[Live Demo] Ridiculously Easy Security Awareness Training and Phishing (lien direct) |
Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense. |
Hack
|
|
|
|
2022-06-04 15:23:45 |
Bored Ape Yacht Club, Otherside NFTs stolen in Discord server hack (lien direct) |
Hackers reportedly stole over $257,000 in Ethereum and thirty-two NFTs after the Yuga Lab's Bored Ape Yacht Club and Otherside Metaverse Discord servers were compromised to post a phishing scam. [...] |
Hack
|
|
|
|
2022-06-03 13:46:55 |
Old Hacks Die Hard: Ransomware, Social Engineering Top Verizon DBIR Threats – Again (lien direct) |
Deja-Vu data from this year's DBIR report feels like we are stuck in the movie 'Groundhog Day.' |
Hack
Threat
|
|
|
|
2022-06-02 15:01:51 |
Ransomware gang now hacks corporate websites to show ransom notes (lien direct) |
A ransomware gang is taking extortion to a new level by publicly hacking corporate websites to publicly display ransom notes. [...] |
Ransomware
Hack
|
|
|
|
2022-06-02 15:00:11 |
Dutch Used Pegasus Spyware on Most-Wanted Criminal: Report (lien direct) |
Dutch secret services have used the controversial Israeli spyware known as Pegasus to hack targets including the country's most-wanted criminal, a news report said on Thursday.
|
Hack
|
|
|
|
2022-06-01 06:59:07 |
Reg hack attends holographic WebEx meeting, blows away Zoom fatigue (lien direct) |
Far from the finished product and not obviously a game-changer, but intriguing nonetheless In October 2021, Cisco announced WebEx Hologram – an augmented reality meeting experience that promised "photorealistic, real-time holograms of actual people" and the chance to "share physical and digital content".… |
Hack
|
|
|
|
2022-05-27 08:00:43 |
IT threat evolution Q1 2022 (lien direct) |
Kaspersky IT threat review in Q1 2022: activity of APTs such as MoonBounce, BlueNororff, Lazarus and Roaming Mantis, attacks against Ukraine, phishing kits, Okta hack and more. |
Hack
Threat
|
APT 38
|
★★★
|
|
2022-05-26 03:00:00 |
A Problem Like API Security: How Attackers Hack Authentication (lien direct) |
>There is a sight gag that has been used in a number of movies and TV comedies that involves an apartment building lobby. It shows how people who don't live there, but who want to get in anyway, such as Girl Guides looking to sell cookies to the tenants – simply run their fingers down […]… Read More
|
Hack
|
|
|
|
2022-05-25 11:12:40 |
(Déjà vu) Chaining Zoom bugs is possible to hack users in a chat by sending them a message (lien direct) |
>Security flaws in Zoom can be exploited to compromise another user over chat by sending specially crafted messages. A set of four security flaws in the popular video conferencing service Zoom could be exploited to compromise another user over chat by sending specially crafted Extensible Messaging and Presence Protocol (XMPP) messages.Tracked from CVE-2022-22784 through CVE-2022-22787, […]
|
Hack
|
|
|
|
2022-05-25 02:00:00 |
Security and privacy laws, regulations, and compliance: The complete guide (lien direct) |
This directory includes laws, regulations and industry guidelines with significant security and privacy impact and requirements. Each entry includes a link to the full text of the law or regulation as well as information about what and who is covered.CSO updates this directory, originally published on January 28, 2021, frequently as new laws and regulations are put in place.Click on a link to skip to information and resources on that law:Broadly applicable laws and regulations
Sarbanes-Oxley Act (SOX)
Payment Card Industry Data Security Standard (PCI DSS)
Payment Service Directive, revised (PSD2)
Gramm-Leach-Bliley Act (GLBA)
Customs-Trade Partnership Against Terrorism (C-TPAT)
Free and Secure Trade Program (FAST)
Children's Online Privacy Protection Act (COPPA)
Fair and Accurate Credit Transaction Act (FACTA), including Red Flags Rule
Federal Rules of Civil Procedure (FRCP)
Industry-specific guidelines and requirements
Federal Information Security Management Act (FISMA)
North American Electric Reliability Corp. (NERC) standards
Title 21 of the Code of Federal Regulations (21 CFR Part 11) Electronic Records
Health Insurance Portability and Accountability Act (HIPAA)
The Health Information Technology for Economic and Clinical Health Act (HITECH)
Patient Safety and Quality Improvement Act (PSQIA, Patient Safety Rule)
H.R. 2868: The Chemical Facility Anti-Terrorism Standards Regulation
US state laws
California Consumer Privacy Act (CCPA)
California Privacy Rights Act (CPRA)
Colorado Privacy Act
Connecticut Data Privacy Act (CTDPA)
Maine Act to Protect the Privacy of Online Consumer Information
Maryland Personal Information Protection Act – Security Breach Notification Requirements – Modifications (House Bill 1154)
Massachusetts 201 CMR 17 (aka Mass Data Protection Law)
Massachusetts Bill H.4806 - An Act relative to consumer protection from security breaches
|
Hack
|
|
|
|
2022-05-24 23:31:15 |
Server hack yields harrowing images of life inside Chinese detention camps (lien direct) |
Leak is latest bright light shined on China's persecution of ethnic minorities. |
Hack
|
|
|
|
2022-05-24 20:59:02 |
New Zoom Flaws Could Let Attackers Hack Victims Just by Sending them a Message (lien direct) |
Popular video conferencing service Zoom has resolved as many as four security vulnerabilities, which could be exploited to compromise another user over chat by sending specially crafted Extensible Messaging and Presence Protocol (XMPP) messages and execute malicious code.
Tracked from CVE-2022-22784 through CVE-2022-22787, the issues range between 5.9 and 8.1 in severity. Ivan Fratric of Google |
Hack
|
|
|
|
2022-05-24 15:00:49 |
Malicious Life Podcast: What The LinkedIn Hack Taught Us About Storing Passwords (lien direct) |
|
Hack
|
|
|
|
2022-05-24 14:00:00 |
Crypto Hacks Aren\'t a Niche Concern; They Impact Wider Society (lien direct) |
Million-dollar crypto heists are becoming more common as the currency starts to go mainstream; prevention and enforcement haven't kept pace. |
Hack
|
|
|
|
2022-05-23 13:02:01 |
Hackers can hack your online accounts before you even register them (lien direct) |
Security researchers have revealed that hackers can hijack your online accounts before you even register them by exploiting flaws that have been already been fixed on popular websites, including Instagram, LinkedIn, Zoom, WordPress, and Dropbox. [...] |
Hack
|
|
|
|
2022-05-20 07:53:39 |
Russian Sberbank says it\'s facing massive waves of DDoS attacks (lien direct) |
Sberbank's vice president and director of cybersecurity, Sergei Lebed, has told participants of the Positive Hack Days forum that the company is going through a period of unprecedented targeting by hackers. [...] |
Hack
|
|
|