ICT Security-Sécurité PC et Internet
112.9K views | +1 today
ICT Security-Sécurité PC et Internet
Education Technology
ICT Security + Privacy + Piracy + Data Protection - Censorship - Des cours et infos gratuites sur la"Sécurité PC et Internet" pour usage non-commercial... (FR, EN+DE)...
Curated by Gust MEES
Your new post is loading...
Your new post is loading...
Scooped by Gust MEES
January 21, 2022 4:25 PM
Scoop.it!

Les malware pour Linux sont en croissance, voici les trois principales menaces actuelles | #CyberSecurity

Les malware pour Linux sont en croissance, voici les trois principales menaces actuelles | #CyberSecurity | ICT Security-Sécurité PC et Internet | Scoop.it
From www.zdnet.fr - January 17, 2022 7:57 AM

Les appareils de l'internet des objets font augmenter le nombre de variantes de logiciels malveillants Linux.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

Read more
Gust MEES's insight:

Les appareils de l'internet des objets font augmenter le nombre de variantes de logiciels malveillants Linux.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
October 29, 2021 12:30 PM
Scoop.it!

Hive ransomware now encrypts Linux and FreeBSD systems | #CyberSecurity 

Hive ransomware now encrypts Linux and FreeBSD systems | #CyberSecurity  | ICT Security-Sécurité PC et Internet | Scoop.it
From www.bleepingcomputer.com - October 29, 2021 12:30 PM

The Hive ransomware gang now also encrypts Linux and FreeBSD using new malware variants specifically developed to target these platforms.

However, as Slovak internet security firm ESET discovered, Hive's new encryptors are still in development and still lack functionality.

The Linux variant also proved to be quite buggy during ESET's analysis, with the encryption completely failing when the malware was executed with an explicit path.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

 
 
Read more
Gust MEES's insight:

The Hive ransomware gang now also encrypts Linux and FreeBSD using new malware variants specifically developed to target these platforms.

However, as Slovak internet security firm ESET discovered, Hive's new encryptors are still in development and still lack functionality.

The Linux variant also proved to be quite buggy during ESET's analysis, with the encryption completely failing when the malware was executed with an explicit path.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

 
 
 
more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
April 12, 2021 7:11 AM
Scoop.it!

Clubhouse CEO says user data was not leaked, contrary to reports | #CyberSecurity #FSCD 

Clubhouse CEO says user data was not leaked, contrary to reports | #CyberSecurity #FSCD  | ICT Security-Sécurité PC et Internet | Scoop.it
From www.theverge.com - April 11, 2021 10:13 AM

Clubhouse CEO Paul Davison said Sunday that a report claiming personal user data had been leaked was “false.” Cyber News reported a SQL database with users’ IDs, names, usernames, Twitter and Instagram handles and follower counts were posted to an online hacker forum. According to Cyber News, it did not appear that sensitive user information such as credit card numbers were among the leaked info.

Clubhouse did not immediately reply to a request for more information from The Verge on Sunday. But Davison said in response to a question during a town hall that the platform had not suffered a data breach. “No, This is misleading and false, it is a clickbait article, we were not hacked. The data referred to was all public profile information from our app. So the answer to that is a definitive ‘no.’”

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=Clubhouse

 

https://www.scoop.it/topic/social-media-and-its-influence

 

https://www.scoop.it/topic/securite-pc-et-internet

 

Read more
Gust MEES's insight:

Clubhouse CEO Paul Davison said Sunday that a report claiming personal user data had been leaked was “false.” Cyber News reported a SQL database with users’ IDs, names, usernames, Twitter and Instagram handles and follower counts were posted to an online hacker forum. According to Cyber News, it did not appear that sensitive user information such as credit card numbers were among the leaked info.

Clubhouse did not immediately reply to a request for more information from The Verge on Sunday. But Davison said in response to a question during a town hall that the platform had not suffered a data breach. “No, This is misleading and false, it is a clickbait article, we were not hacked. The data referred to was all public profile information from our app. So the answer to that is a definitive ‘no.’”

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=Clubhouse

 

https://www.scoop.it/topic/social-media-and-its-influence

 

https://www.scoop.it/topic/securite-pc-et-internet

 

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
April 10, 2021 8:10 PM
Scoop.it!

Data of 1.3 Million Clubhouse Users Leaked Online: Report | #CyberSecurity #NobodyIsPerfect

Data of 1.3 Million Clubhouse Users Leaked Online: Report | #CyberSecurity #NobodyIsPerfect | ICT Security-Sécurité PC et Internet | Scoop.it
From www.businessinsider.com - April 9, 2021 8:00 PM

The personal data of 1.3 million Clubhouse users has leaked online on a popular hacker forum, according to a Saturday report from Cyber News.

The leaked data of Clubhouse users includes names, social media profile names, and other details.

Clubhouse did not immediately respond to Insider's request for comment that was made on Saturday. As Cyber News reported, the exposed data could enable bad actors to target users through
phishing
schemes or identity theft.

The invite-only social media app launched in March 2020 and has grown into a popular platform and attracted millions of users. Its audio community allows users to tune into conversations, or "rooms," about various topics. The company is reportedly in talks for a funding round that values the company at $4 billion.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=Clubhouse

 

https://www.scoop.it/topic/social-media-and-its-influence

 

https://www.scoop.it/topic/securite-pc-et-internet

 

 

Read more
Gust MEES's insight:

The personal data of 1.3 million Clubhouse users has leaked online on a popular hacker forum, according to a Saturday report from Cyber News.

The leaked data of Clubhouse users includes names, social media profile names, and other details.

Clubhouse did not immediately respond to Insider's request for comment that was made on Saturday. As Cyber News reported, the exposed data could enable bad actors to target users through
phishing
schemes or identity theft.

The invite-only social media app launched in March 2020 and has grown into a popular platform and attracted millions of users. Its audio community allows users to tune into conversations, or "rooms," about various topics. The company is reportedly in talks for a funding round that values the company at $4 billion.

 

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=Clubhouse

 

https://www.scoop.it/topic/social-media-and-its-influence

 

https://www.scoop.it/topic/securite-pc-et-internet

 

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
April 10, 2021 9:05 AM
Scoop.it!

Critical Zoom vulnerability triggers remote code execution without user input | #CyberSecurity

Critical Zoom vulnerability triggers remote code execution without user input | #CyberSecurity | ICT Security-Sécurité PC et Internet | Scoop.it
From www.zdnet.com - April 9, 2021 8:42 AM

A zero-day vulnerability in Zoom which can be used to launch remote code execution (RCE) attacks has been disclosed by researchers. 

Why some governments are getting cyber crime gangs to do their hacking for them (ZDNet YouTube)
Pwn2Own, organized by the Zero Day Initiative, is a contest for white-hat cybersecurity professionals and teams to compete in the discovery of bugs in popular software and services. 

The latest competition included 23 entries, competing in different categories including web browsers, virtualization software, servers, enterprise communication, and local escalation of privilege. 

For successful entrants, the financial rewards can be high -- and in this case, Daan Keuper and Thijs Alkemade earned themselves $200,000 for their Zoom discovery. 

The researchers from Computest demonstrated a three-bug attack chain that caused an RCE on a target machine, and all without any form of user interaction. 

 

Learn more / En savoir plus / Mehr erfahren:

 

 https://www.scoop.it/topic/securite-pc-et-internet/?&tag=ZOOM

 

https://www.scoop.it/topic/securite-pc-et-internet

 

Read more
Gust MEES's insight:

A zero-day vulnerability in Zoom which can be used to launch remote code execution (RCE) attacks has been disclosed by researchers. 

Why some governments are getting cyber crime gangs to do their hacking for them (ZDNet YouTube)
Pwn2Own, organized by the Zero Day Initiative, is a contest for white-hat cybersecurity professionals and teams to compete in the discovery of bugs in popular software and services. 

The latest competition included 23 entries, competing in different categories including web browsers, virtualization software, servers, enterprise communication, and local escalation of privilege. 

For successful entrants, the financial rewards can be high -- and in this case, Daan Keuper and Thijs Alkemade earned themselves $200,000 for their Zoom discovery. 

The researchers from Computest demonstrated a three-bug attack chain that caused an RCE on a target machine, and all without any form of user interaction. 

 

Learn more / En savoir plus / Mehr erfahren:

 

 https://www.scoop.it/topic/securite-pc-et-internet/?&tag=ZOOM

 

https://www.scoop.it/topic/securite-pc-et-internet

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
March 16, 2021 5:11 PM
Scoop.it!

Users could gain root privilege through three flaws sitting in Linux kernel | #CyberSecurity #NobodyIsPerfect

Users could gain root privilege through three flaws sitting in Linux kernel | #CyberSecurity #NobodyIsPerfect | ICT Security-Sécurité PC et Internet | Scoop.it
From www.scmagazine.com - March 12, 2021 10:00 AM

Three recently unearthed vulnerabilities in the Linux kernel, located in the iSCSI module used for accessing shared data storage facilities, could allow root privileges to anyone with a user account.

The trio of flaws – CVE-2021-27363, CVE-2021-27364 and CVE-2021-27365 – have lurked in Linux code since 2006 without detection until GRIMM researchers discovered them.

“If you already had execution on a box, either because you have a user account on the machine, or you’ve compromised some service that doesn’t have repaired permissions, you can do whatever you want basically,” said Adam Nichols, principal of the Software Security practice at GRIMM.

While the vulnerabilities “are in code that is not remotely accessible, so this isn’t like a remote exploit,” said Nichols, they are still troublesome. They take “any existing threat that might be there. It just makes it that much worse,” he explained. “And if you have users on the system that you don’t really trust with root access it, it breaks them as well.”

Referring to the theory that ‘many eyes make all bugs shallow,’ Linux code “is not getting many eyes or the eyes are looking at it and saying that seems fine,” said Nichols. “But, [the bugs] have been in there since the code was first written, and they haven’t really changed over the last 15 years.”

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

Read more
Gust MEES's insight:

Three recently unearthed vulnerabilities in the Linux kernel, located in the iSCSI module used for accessing shared data storage facilities, could allow root privileges to anyone with a user account.

The trio of flaws – CVE-2021-27363, CVE-2021-27364 and CVE-2021-27365 – have lurked in Linux code since 2006 without detection until GRIMM researchers discovered them.

“If you already had execution on a box, either because you have a user account on the machine, or you’ve compromised some service that doesn’t have repaired permissions, you can do whatever you want basically,” said Adam Nichols, principal of the Software Security practice at GRIMM.

While the vulnerabilities “are in code that is not remotely accessible, so this isn’t like a remote exploit,” said Nichols, they are still troublesome. They take “any existing threat that might be there. It just makes it that much worse,” he explained. “And if you have users on the system that you don’t really trust with root access it, it breaks them as well.”

Referring to the theory that ‘many eyes make all bugs shallow,’ Linux code “is not getting many eyes or the eyes are looking at it and saying that seems fine,” said Nichols. “But, [the bugs] have been in there since the code was first written, and they haven’t really changed over the last 15 years.”

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
March 9, 2021 7:06 PM
Scoop.it!

High severity Linux network security holes found, fixed | #CyberSecurity #NobodyIsPerfect 

High severity Linux network security holes found, fixed | #CyberSecurity #NobodyIsPerfect  | ICT Security-Sécurité PC et Internet | Scoop.it
From www.zdnet.com - March 2, 2021 7:01 PM

Rising Linux security developer Alexander Popov of London-based Positive Technologies discovered and fixed a set of five security holes in the Linux kernel's virtual socket implementation. An attacker could use these vulnerabilities (CVE-2021-26708) to gain root access and knock out servers in a Denial of Service (DoS) attack.

With a Common Vulnerability Scoring System (CVSS) v3 base score of 7.0, high severity, smart Linux administrators will patch their systems as soon as possible. 

While Popov discovered the bugs in Red Hat's community Linux distribution Fedora 33 Server, it exists in the system using the Linux kernel from November 2019's version 5.5 to the current mainline kernel version 5.11-rc6. 

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

Read more
Gust MEES's insight:

Rising Linux security developer Alexander Popov of London-based Positive Technologies discovered and fixed a set of five security holes in the Linux kernel's virtual socket implementation. An attacker could use these vulnerabilities (CVE-2021-26708) to gain root access and knock out servers in a Denial of Service (DoS) attack.

With a Common Vulnerability Scoring System (CVSS) v3 base score of 7.0, high severity, smart Linux administrators will patch their systems as soon as possible. 

While Popov discovered the bugs in Red Hat's community Linux distribution Fedora 33 Server, it exists in the system using the Linux kernel from November 2019's version 5.5 to the current mainline kernel version 5.11-rc6. 

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
February 3, 2021 7:53 AM
Scoop.it!

Recent root-giving Sudo bug also impacts macOS | #CyberSecurity #Linux #Apple

Recent root-giving Sudo bug also impacts macOS | #CyberSecurity #Linux #Apple | ICT Security-Sécurité PC et Internet | Scoop.it
From www.zdnet.com - February 3, 2021 7:19 AM

A British security researcher has discovered today that a recent security flaw in the Sudo app also impacts the macOS operating system, and not just Linux and BSD, as initially believed.

The vulnerability, disclosed last week as CVE-2021-3156 (aka Baron Samedit) by security researchers from Qualys, impacts Sudo, an app that allows admins to delegate limited root access to other users.

Qualys researchers discovered that they could trigger a "heap overflow" bug in the Sudo app to change the current user's low-privileged access to root-level commands, granting the attacker access to the whole system.

The only condition to exploit this bug was that an attacker gain access to a system, which researchers said could be done by either planting malware on a device or brute-forcing a low-privileged service account.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

Read more
Gust MEES's insight:

A British security researcher has discovered today that a recent security flaw in the Sudo app also impacts the macOS operating system, and not just Linux and BSD, as initially believed.

The vulnerability, disclosed last week as CVE-2021-3156 (aka Baron Samedit) by security researchers from Qualys, impacts Sudo, an app that allows admins to delegate limited root access to other users.

Qualys researchers discovered that they could trigger a "heap overflow" bug in the Sudo app to change the current user's low-privileged access to root-level commands, granting the attacker access to the whole system.

The only condition to exploit this bug was that an attacker gain access to a system, which researchers said could be done by either planting malware on a device or brute-forcing a low-privileged service account.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
December 22, 2020 9:57 AM
Scoop.it!

Millionen WordPress-Webseiten gefährdet | #CyberSecurity #Blogs

Millionen WordPress-Webseiten gefährdet | #CyberSecurity #Blogs | ICT Security-Sécurité PC et Internet | Scoop.it
From www.com-magazin.de - December 22, 2020 9:57 AM
Eine Sicherheitslücke im beliebten Plug-in Contact Form 7 ermöglicht es Angreifern, Dateien jeglichen Typs hochzuladen. Ein Sicherheitsupdate ist verfügbar.


Eine gefährliche Sicherheitslücke im WordPress-Plug-in Contact Form 7 gefährdet Millionen von Word-Press-Webseiten. Gefunden wurde die Schwachstelle von Sicherheitsforschern von Astra, wie «Heise Online» berichtet.


Contact Form 7 ermöglicht es Nutzern, mehrere Kontaktformulare auf einer Webseite hinzuzufügen und ist nach Angaben des Astra-Research-Teams eines der beliebtesten WordPress-Plugins. Auf der entsprechenden WordPress-Seite sind über 5 Millionen aktive Installationen ausgewisen und das Plug-in ist in 62 Sprachen verfügbar.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=WordPress

 

Read more
Gust MEES's insight:
Eine Sicherheitslücke im beliebten Plug-in Contact Form 7 ermöglicht es Angreifern, Dateien jeglichen Typs hochzuladen. Ein Sicherheitsupdate ist verfügbar.


Eine gefährliche Sicherheitslücke im WordPress-Plug-in Contact Form 7 gefährdet Millionen von Word-Press-Webseiten. Gefunden wurde die Schwachstelle von Sicherheitsforschern von Astra, wie «Heise Online» berichtet.


Contact Form 7 ermöglicht es Nutzern, mehrere Kontaktformulare auf einer Webseite hinzuzufügen und ist nach Angaben des Astra-Research-Teams eines der beliebtesten WordPress-Plugins. Auf der entsprechenden WordPress-Seite sind über 5 Millionen aktive Installationen ausgewisen und das Plug-in ist in 62 Sprachen verfügbar.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=WordPress

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
February 4, 2020 5:23 PM
Scoop.it!

Nasty Linux, macOS sudo bug found and fixed | #CyberSecurity #NobodyIsPerfect #Sudo

Nasty Linux, macOS sudo bug found and fixed | #CyberSecurity #NobodyIsPerfect #Sudo | ICT Security-Sécurité PC et Internet | Scoop.it
From www.zdnet.com - February 4, 2020 5:12 PM

Sudo is a very popular, very simple Unix-system sysadmin application. It enables users to switch identities for the purpose of running a single command. Usually, but not always, it lets you run a command as the root, system administrator, user. Sudo's easy to abuse, but it's so darn useful, until it's not. A recently discovered sudo bug once more spells out why you should be wary of this command. 

In this latest security hole, CVE-2019-18634, Apple Information Security researcher Joe Vennix discovered that if the "pwfeedback" option is enabled in your sudoers configuration file, any user, even one who can't run sudo or is listed in the sudoers file, can crack a system.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

Read more
Gust MEES's insight:

Sudo is a very popular, very simple Unix-system sysadmin application. It enables users to switch identities for the purpose of running a single command. Usually, but not always, it lets you run a command as the root, system administrator, user. Sudo's easy to abuse, but it's so darn useful, until it's not. A recently discovered sudo bug once more spells out why you should be wary of this command. 

In this latest security hole, CVE-2019-18634, Apple Information Security researcher Joe Vennix discovered that if the "pwfeedback" option is enabled in your sudoers configuration file, any user, even one who can't run sudo or is listed in the sudoers file, can crack a system.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
October 17, 2019 5:51 PM
Scoop.it!

Multiple zero-day vulnerabilities found medical IoT devices: CISA | #CyberSecurity 

Multiple zero-day vulnerabilities found medical IoT devices: CISA | #CyberSecurity  | ICT Security-Sécurité PC et Internet | Scoop.it
From www.scmagazine.com - October 2, 2019 4:25 PM

The Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory warning of vulnerabilities in several medical IoT devices that could lead to remote code execution.

Advisory ICSA-19-274-01, which has a CVSS rating or 9.8, covers the following pieces of equipment: OSE by ENEA, INTEGRITY RTOS by Green Hills Software, ITRON, Zebos by IP Infusion, and VxWorks by Wind River. The vulnerabilities include stack-based buffer overflow, heap-based buffer overflow, integer underflow, improper restriction of operations within the bounds of a memory buffer, race condition, argument injection and null pointer dereference.

All are described as exploitable remotely, requiring only a low skill level to exploit and public exploits are available. This is an expanded advisory with the original being issued by DHS in July.

“The Interpeak IPnet stack vulnerabilities were first reported under ICSA-19-211-01 Wind River VxWorks. These vulnerabilities have expanded beyond the affected VxWorks systems and affect additional real-time operating systems (RTOS). CISA has reached out to affected vendors of the report and asked them to confirm the vulnerabilities and identify mitigations,” the advisory stated.

In response ENEA recommends affected users upgrade to a newer version of OSE or contact WindRiver (now the license holder for Interpeak) for compensating controls; Green Hills Software recommends affected users contact Wind River for compensating controls; ZebOS by IP Infusion has not yet responded to CISA inquiries.

 

 Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=Medicine

 

 

Read more
Gust MEES's insight:

The Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory warning of vulnerabilities in several medical IoT devices that could lead to remote code execution.

Advisory ICSA-19-274-01, which has a CVSS rating or 9.8, covers the following pieces of equipment: OSE by ENEA, INTEGRITY RTOS by Green Hills Software, ITRON, Zebos by IP Infusion, and VxWorks by Wind River. The vulnerabilities include stack-based buffer overflow, heap-based buffer overflow, integer underflow, improper restriction of operations within the bounds of a memory buffer, race condition, argument injection and null pointer dereference.

All are described as exploitable remotely, requiring only a low skill level to exploit and public exploits are available. This is an expanded advisory with the original being issued by DHS in July.

“The Interpeak IPnet stack vulnerabilities were first reported under ICSA-19-211-01 Wind River VxWorks. These vulnerabilities have expanded beyond the affected VxWorks systems and affect additional real-time operating systems (RTOS). CISA has reached out to affected vendors of the report and asked them to confirm the vulnerabilities and identify mitigations,” the advisory stated.

In response ENEA recommends affected users upgrade to a newer version of OSE or contact WindRiver (now the license holder for Interpeak) for compensating controls; Green Hills Software recommends affected users contact Wind River for compensating controls; ZebOS by IP Infusion has not yet responded to CISA inquiries.

 

 Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=Medicine

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
October 11, 2019 7:25 AM
Scoop.it!

Hackers bypassing some types of 2FA security FBI warns –

Hackers bypassing some types of 2FA security FBI warns – | ICT Security-Sécurité PC et Internet | Scoop.it
From nakedsecurity.sophos.com - October 11, 2019 7:13 AM

Some types of two-factor authentication (2FA) security can no longer be guaranteed to keep the bad guys out, the FBI is reported to have warned US companies in a briefing note circulated last month.

FBI reporting identified several methods cyber actors use to circumvent popular multi-factor authentication techniques in order to obtain the one-time passcode and access protected accounts.

The simplest and therefore most popular bypass is SIM swap fraud, in which the attacker convinces a mobile network (or bribes an employee) to port a target’s mobile number, allowing them to receive 2FA security codes sent via SMS text.

Naked Security now regularly covers this kind of hack, almost always because it was used to empty people’s bank accounts, steal cryptocurrency from wallets or exchange accounts, or to attack services such as PayPal.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Two-factor+authentication

 

 

Read more
Gust MEES's insight:

Some types of two-factor authentication (2FA) security can no longer be guaranteed to keep the bad guys out, the FBI is reported to have warned US companies in a briefing note circulated last month.

FBI reporting identified several methods cyber actors use to circumvent popular multi-factor authentication techniques in order to obtain the one-time passcode and access protected accounts.

The simplest and therefore most popular bypass is SIM swap fraud, in which the attacker convinces a mobile network (or bribes an employee) to port a target’s mobile number, allowing them to receive 2FA security codes sent via SMS text.

Naked Security now regularly covers this kind of hack, almost always because it was used to empty people’s bank accounts, steal cryptocurrency from wallets or exchange accounts, or to attack services such as PayPal.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Two-factor+authentication

 

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
September 9, 2019 4:59 PM
Scoop.it!

Exploit Kits Target Windows Users with Ransomware and Trojans | #CyberSecurity #NobodyIsperfect 

Exploit Kits Target Windows Users with Ransomware and Trojans | #CyberSecurity #NobodyIsperfect  | ICT Security-Sécurité PC et Internet | Scoop.it
From www.bleepingcomputer.com - September 9, 2019 4:59 PM

Over the weekend and into today, four different malvertising campaigns have been redirecting users to exploit kits that install password stealing Trojans, ransomware, and clipboard hijackers.

All four of these campaigns were discovered by exploit kit expert nao_sec and are being distributed through malvertising that redirect visitors to the exploit kits landing pages. These landing pages are typically hosted on hacked sites.

Once a user visits the site, the kit's scripts will attempt to exploit vulnerabilities in the visitor's browser to automatically download and install malware without the user's knowledge.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=RANSOMWARE

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Costs-of-Cybercirme

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=Exploit-Kits

 

Read more
Gust MEES's insight:

Over the weekend and into today, four different malvertising campaigns have been redirecting users to exploit kits that install password stealing Trojans, ransomware, and clipboard hijackers.

All four of these campaigns were discovered by exploit kit expert nao_sec and are being distributed through malvertising that redirect visitors to the exploit kits landing pages. These landing pages are typically hosted on hacked sites.

Once a user visits the site, the kit's scripts will attempt to exploit vulnerabilities in the visitor's browser to automatically download and install malware without the user's knowledge.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=RANSOMWARE

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Costs-of-Cybercirme

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=Exploit-Kits

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
December 13, 2021 6:14 PM
Scoop.it!

Log4j vulnerability: Infosec industry goes to red alert • The Register

From www.theregister.com - December 12, 2021 6:10 PM

Miscreants are wasting no time in using the widespread Log4j vulnerability to compromise systems, with waves and waves of live exploit attempts focused mainly – for now – on turning infected devices into cryptocurrency-mining botnet drones.

Israel's Check Point said this morning it was seeing around 100 exploit attempts every minute, going into further detail in a blog post.

Apache Log4j is a logging utility written in Java that is used all over the world in many software packages and online systems. Last week it emerged that Alibaba security engineer Chen Zhaojun had found and privately disclosed on November 24 details of a trivial-to-exploit remote code execution hole (CVE-2021-44228) in Log4j 2.x, specifically versions 2.14.1 and earlier.

Exploitation is possible by feeding a specially crafted snippet of text, such as a message or username, to an application that logs this information using Log4j 2.

 

Learn more / En savoir plus / Mehr erfahren: 

 

https://www.scoop.it/topic/securite-pc-et-internet

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=Log4j

 

Read more
Gust MEES's insight:

Miscreants are wasting no time in using the widespread Log4j vulnerability to compromise systems, with waves and waves of live exploit attempts focused mainly – for now – on turning infected devices into cryptocurrency-mining botnet drones.

Israel's Check Point said this morning it was seeing around 100 exploit attempts every minute, going into further detail in a blog post.

Apache Log4j is a logging utility written in Java that is used all over the world in many software packages and online systems. Last week it emerged that Alibaba security engineer Chen Zhaojun had found and privately disclosed on November 24 details of a trivial-to-exploit remote code execution hole (CVE-2021-44228) in Log4j 2.x, specifically versions 2.14.1 and earlier.

Exploitation is possible by feeding a specially crafted snippet of text, such as a message or username, to an application that logs this information using Log4j 2.

 

Learn more / En savoir plus / Mehr erfahren: 

 

https://www.scoop.it/topic/securite-pc-et-internet

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=Log4j

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
April 28, 2021 3:16 PM
Scoop.it!

Linux kernel vulnerability exposes stack memory, causes data leaks | #CyberSecurity 

Linux kernel vulnerability exposes stack memory, causes data leaks | #CyberSecurity  | ICT Security-Sécurité PC et Internet | Scoop.it
From www.zdnet.com - April 28, 2021 3:11 PM

An information disclosure vulnerability in the Linux kernel can be exploited to leak data and act as a springboard for further compromise. 

Disclosed by Cisco Talos researchers on Tuesday, the bug is described as an information disclosure vulnerability "that could allow an attacker to view Kernel stack memory."

The kernel is a key component of the open source Linux operating system. The vulnerability, tracked as CVE-2020-28588, was found in the proc/pid/syscall functionality of 32-bit ARM devices running the OS.

According to Cisco, the issue was first found in a device running on Azure Sphere. Attackers seeking to exploit the security flaw could read the /syscall OS file via Proc, a system used for interfacing between kernel data structures. 

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

 

Read more
Gust MEES's insight:

An information disclosure vulnerability in the Linux kernel can be exploited to leak data and act as a springboard for further compromise. 

Disclosed by Cisco Talos researchers on Tuesday, the bug is described as an information disclosure vulnerability "that could allow an attacker to view Kernel stack memory."

The kernel is a key component of the open source Linux operating system. The vulnerability, tracked as CVE-2020-28588, was found in the proc/pid/syscall functionality of 32-bit ARM devices running the OS.

According to Cisco, the issue was first found in a device running on Azure Sphere. Attackers seeking to exploit the security flaw could read the /syscall OS file via Proc, a system used for interfacing between kernel data structures. 

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
April 11, 2021 2:33 PM
Scoop.it!

Clubhouse data for 1.3 million users leaks online | #CyberSecurity #SocialMedia #NobodyIsPerfect

Clubhouse data for 1.3 million users leaks online | #CyberSecurity #SocialMedia #NobodyIsPerfect | ICT Security-Sécurité PC et Internet | Scoop.it
From mashable.com - April 11, 2021 2:27 PM

Large-scale data leaks have become almost a rite of passage for new social networks. If Clubhouse wasn't part of the, erm, club before, it is now.

Cyber News reported over the weekend that personal data for around 1.3 million users was scraped from the trendy voice chatroom app and posted on a hacker forum. The compromised data included names, handles for other linked social media accounts, and the username of whoever invited said user, as Clubhouse is still in an invite-only stage.

Clubhouse didn't immediately respond to Mashable's request for comment, but the official Clubhouse Twitter account pushed back against the idea that there was a hack, saying the leaked information is already public via the app's API.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=Clubhouse

 

https://www.scoop.it/topic/social-media-and-its-influence

 

https://www.scoop.it/topic/securite-pc-et-internet

 

 

Read more
Gust MEES's insight:

Large-scale data leaks have become almost a rite of passage for new social networks. If Clubhouse wasn't part of the, erm, club before, it is now.

Cyber News reported over the weekend that personal data for around 1.3 million users was scraped from the trendy voice chatroom app and posted on a hacker forum. The compromised data included names, handles for other linked social media accounts, and the username of whoever invited said user, as Clubhouse is still in an invite-only stage.

Clubhouse didn't immediately respond to Mashable's request for comment, but the official Clubhouse Twitter account pushed back against the idea that there was a hack, saying the leaked information is already public via the app's API.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=Clubhouse

 

https://www.scoop.it/topic/social-media-and-its-influence

 

https://www.scoop.it/topic/securite-pc-et-internet

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
April 10, 2021 9:28 AM
Scoop.it!

Hack: Sicherheitslücken in Zoom erlauben Ausführen von Schadcode | #CyberSecurity #Pwn2own

Hack: Sicherheitslücken in Zoom erlauben Ausführen von Schadcode | #CyberSecurity #Pwn2own | ICT Security-Sécurité PC et Internet | Scoop.it
From www.golem.de - April 10, 2021 8:31 AM

Der Hackerwettbewerb Pwn2own stand dieses Jahr ganz im Zeichen der Coronapandemie. Gehackt wurde das Videokonferenzsystem Zoom, aber auch Betriebssysteme wie Windows 10 von Microsoft oder der Chrome-Browser von Google. Veranstaltet wird der Wettbewerb durch die Zero Day Initiative (ZDI).

Auf einem Rechner mit dem Videokonferenzsystem Zoom gelang es Daan Keuper und Thijs Alkemade, Schadcode aus der Ferne auszuführen - ohne jegliche Benutzerinteraktion. Dazu kombinierten sie gleich drei neue Sicherheitslücken in der Videokonferenzsoftware. Da die Lücken noch nicht geschlossen wurden, gibt es keine weiteren technischen Details zu den Zero Days.

In einer Animation des Angriffs wird jedoch gezeigt, dass die Sicherheitsforscher das Taschenrechnerprogramm auf dem angegriffenen Rechner öffnen konnten. Der Angriff soll sowohl unter Windows als auch unter MacOS funktionieren, auf iOS und Android wurde er noch nicht getestet. Die beiden Sicherheitsforscher erhalten 200.000 US-Dollar Preisgeld

Laut dem Zoom-Hersteller muss der Angriff "von einem akzeptierten externen Kontakt ausgehen oder Teil des gleichen Organisationskontos des Ziels sein". An einem Patch werde gearbeitet. "Als Best Practice empfiehlt Zoom allen Nutzern, nur Kontaktanfragen von Personen zu akzeptieren, die sie kennen und denen sie vertrauen."

 

Learn more / En savoir plus / Mehr erfahren:

 

 https://www.scoop.it/topic/securite-pc-et-internet/?&tag=ZOOM

 

https://www.scoop.it/topic/securite-pc-et-internet

 

Read more
Gust MEES's insight:

Der Hackerwettbewerb Pwn2own stand dieses Jahr ganz im Zeichen der Coronapandemie. Gehackt wurde das Videokonferenzsystem Zoom, aber auch Betriebssysteme wie Windows 10 von Microsoft oder der Chrome-Browser von Google. Veranstaltet wird der Wettbewerb durch die Zero Day Initiative (ZDI).

Auf einem Rechner mit dem Videokonferenzsystem Zoom gelang es Daan Keuper und Thijs Alkemade, Schadcode aus der Ferne auszuführen - ohne jegliche Benutzerinteraktion. Dazu kombinierten sie gleich drei neue Sicherheitslücken in der Videokonferenzsoftware. Da die Lücken noch nicht geschlossen wurden, gibt es keine weiteren technischen Details zu den Zero Days.

In einer Animation des Angriffs wird jedoch gezeigt, dass die Sicherheitsforscher das Taschenrechnerprogramm auf dem angegriffenen Rechner öffnen konnten. Der Angriff soll sowohl unter Windows als auch unter MacOS funktionieren, auf iOS und Android wurde er noch nicht getestet. Die beiden Sicherheitsforscher erhalten 200.000 US-Dollar Preisgeld

Laut dem Zoom-Hersteller muss der Angriff "von einem akzeptierten externen Kontakt ausgehen oder Teil des gleichen Organisationskontos des Ziels sein". An einem Patch werde gearbeitet. "Als Best Practice empfiehlt Zoom allen Nutzern, nur Kontaktanfragen von Personen zu akzeptieren, die sie kennen und denen sie vertrauen."

 

Learn more / En savoir plus / Mehr erfahren:

 

 https://www.scoop.it/topic/securite-pc-et-internet/?&tag=ZOOM

 

https://www.scoop.it/topic/securite-pc-et-internet

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
April 4, 2021 6:44 AM
Scoop.it!

Facebook data on 533 million users posted online |  #CyberSecurity #DataBreaches #2FA #SocialMedia

Facebook data on 533 million users posted online |  #CyberSecurity #DataBreaches #2FA #SocialMedia | ICT Security-Sécurité PC et Internet | Scoop.it
From www.zdnet.com - April 3, 2021 6:40 AM

Data of 553 million Facebook users including phone numbers, Facebook IDs, full names, birth dates and other information have been posted online.

The data dump was Tweeted by Alon Gal, CTO of security firm Hudson Rock. Gal posted a list of affected users by country. According to his list, the US had 32.3 million affected users and UK had 11.5 million. The data was accessed via a Telegram bot.

Other data points in the posting included gender, location and job status. Catalin Cimpanu, at The Record, also reported that he reviewed samples of the leaked data.

The data is reportedly broken up into download packages by country.

With the Facebook data out in the public it's safe to expect it to be used for cybercrime.  

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Two-factor+authentication

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=2FA

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=DATA-BREACHES

 

Read more
Gust MEES's insight:

Data of 553 million Facebook users including phone numbers, Facebook IDs, full names, birth dates and other information have been posted online.

The data dump was Tweeted by Alon Gal, CTO of security firm Hudson Rock. Gal posted a list of affected users by country. According to his list, the US had 32.3 million affected users and UK had 11.5 million. The data was accessed via a Telegram bot.

Other data points in the posting included gender, location and job status. Catalin Cimpanu, at The Record, also reported that he reviewed samples of the leaked data.

The data is reportedly broken up into download packages by country.

With the Facebook data out in the public it's safe to expect it to be used for cybercrime.  

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Two-factor+authentication

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=2FA

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=DATA-BREACHES

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
March 12, 2021 12:38 PM
Scoop.it!

Linux Systems Under Attack By New RedXOR Malware | #CyberSecurity

Linux Systems Under Attack By New RedXOR Malware | #CyberSecurity | ICT Security-Sécurité PC et Internet | Scoop.it
From threatpost.com - March 11, 2021 11:54 AM

Researchers say the new RedXOR backdoor is targeting Linux systems with various data exfiltration and network traffic tunneling capabilities.

Researchers have discovered a new backdoor targeting Linux systems, which they link back to the Winnti threat group.

The backdoor is called RedXOR – in part because its network data-encoding scheme is based on the XOR encryption algorithm, and in part because its samples were found on an old release of the Red Hat Enterprise Linux platform. The latter fact provides a clue that RedXOR is utilized in targeted attacks against legacy Linux systems, noted researchers.

The malware has various malicious capabilities, said researchers – from exfiltrating data to tunneling network traffic to another destination.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

Read more
Gust MEES's insight:

Researchers say the new RedXOR backdoor is targeting Linux systems with various data exfiltration and network traffic tunneling capabilities.

Researchers have discovered a new backdoor targeting Linux systems, which they link back to the Winnti threat group.

The backdoor is called RedXOR – in part because its network data-encoding scheme is based on the XOR encryption algorithm, and in part because its samples were found on an old release of the Red Hat Enterprise Linux platform. The latter fact provides a clue that RedXOR is utilized in targeted attacks against legacy Linux systems, noted researchers.

The malware has various malicious capabilities, said researchers – from exfiltrating data to tunneling network traffic to another destination.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
February 24, 2021 3:11 PM
Scoop.it!

CERTFR-2021-AVI-138 : Multiples vulnérabilités dans le noyau Linux de SUSE (22 février 2021) | #CyberSecurity #NobodyIsPerfect

From www.mag-securs.com - February 24, 2021 3:07 PM

CERTFR-2021-AVI-138 : Multiples vulnérabilités dans le noyau Linux de SUSE (22 février 2021)
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire et un déni de service.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

Read more
Gust MEES's insight:

CERTFR-2021-AVI-138 : Multiples vulnérabilités dans le noyau Linux de SUSE (22 février 2021)
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire et un déni de service.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
January 27, 2021 6:37 AM
Scoop.it!

10-years-old Sudo bug lets Linux users gain root-level access | #CyberSecurity

10-years-old Sudo bug lets Linux users gain root-level access | #CyberSecurity | ICT Security-Sécurité PC et Internet | Scoop.it
From www.zdnet.com - January 27, 2021 6:32 AM

A major vulnerability impacting a large chunk of the Linux ecosystem has been patched today in Sudo, an app that allows admins to delegate limited root access to other users.

The vulnerability, which received a CVE identifier of CVE-2021-3156, but is more commonly known as "Baron Samedit," was discovered by security auditing firm Qualys two weeks ago and was patched earlier today with the release of Sudo v1.9.5p2.

In a simple explanation provided by the Sudo team today, the Baron Samedit bug can be exploited by an attacker who has gained access to a low-privileged account to gain root access, even if the account isn't listed in /etc/sudoers — a config file that controls which users are allowed access to su or sudo commands in the first place.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

Read more
Gust MEES's insight:

A major vulnerability impacting a large chunk of the Linux ecosystem has been patched today in Sudo, an app that allows admins to delegate limited root access to other users.

The vulnerability, which received a CVE identifier of CVE-2021-3156, but is more commonly known as "Baron Samedit," was discovered by security auditing firm Qualys two weeks ago and was patched earlier today with the release of Sudo v1.9.5p2.

In a simple explanation provided by the Sudo team today, the Baron Samedit bug can be exploited by an attacker who has gained access to a low-privileged account to gain root access, even if the account isn't listed in /etc/sudoers — a config file that controls which users are allowed access to su or sudo commands in the first place.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
December 22, 2020 9:52 AM
Scoop.it!

Neue, teils kritische Lücken im Treck TCP/IP-Stack entdeckt – Updates verfügbar | #CyberSecurity

Neue, teils kritische Lücken im Treck TCP/IP-Stack entdeckt – Updates verfügbar | #CyberSecurity | ICT Security-Sécurité PC et Internet | Scoop.it
From www.heise.de - December 22, 2020 5:47 AM

Neue, teils kritische Lücken im Treck TCP/IP-Stack entdeckt – Updates verfügbar
Die im Juni 2020 von Ripple20 betroffene TCP/IP-Implementierung weist weitere, neu entdeckte Sicherheitslücken auf. Ausgenutzt wurden die bislang (noch) nicht.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=TCP%2FIP-Stacks

 

Read more
Gust MEES's insight:

Neue, teils kritische Lücken im Treck TCP/IP-Stack entdeckt – Updates verfügbar
Die im Juni 2020 von Ripple20 betroffene TCP/IP-Implementierung weist weitere, neu entdeckte Sicherheitslücken auf. Ausgenutzt wurden die bislang (noch) nicht.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=TCP%2FIP-Stacks

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
October 21, 2019 11:40 AM
Scoop.it!

Linux: Kritische Zeroday-Lücke im WLAN-Treiber | #CyyberSecurity 

Linux: Kritische Zeroday-Lücke im WLAN-Treiber | #CyyberSecurity  | ICT Security-Sécurité PC et Internet | Scoop.it
From www.heise.de - October 21, 2019 11:26 AM

Im WLAN-Treiber für den Einsatz von Realtek-Chips unter Linux findet sich ein Programmierfehler, der eine kritische Sicherheitslücke in Form eines Pufferüberlaufs im Kernel öffnet. Damit lässt sich in aller Regel Code einschleusen und ausführen. Der Sicherheitsforscher Nicolas Waisman hat den Fehler entdeckt und reichlich unkonventionell "mal eben einfach" auf Twitter veröffentlicht.

Betroffen von dem Fehler CVE-2019-17666 sind Systeme auf Linux-Basis, die Realtek-Chips einsetzen. Dazu gehören unter Umständen auch Android-Handys; jedenfalls findet sich der problematische Code auch in Googles Android-Sourcen. Auch WiFi-Router etwa auf Basis von OpenWRT könnten Opfer des Treiber-Bugs werden. Für einen Angriff muss lediglich WLAN eingeschaltet sein.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

 

Read more
Gust MEES's insight:

Im WLAN-Treiber für den Einsatz von Realtek-Chips unter Linux findet sich ein Programmierfehler, der eine kritische Sicherheitslücke in Form eines Pufferüberlaufs im Kernel öffnet. Damit lässt sich in aller Regel Code einschleusen und ausführen. Der Sicherheitsforscher Nicolas Waisman hat den Fehler entdeckt und reichlich unkonventionell "mal eben einfach" auf Twitter veröffentlicht.

Betroffen von dem Fehler CVE-2019-17666 sind Systeme auf Linux-Basis, die Realtek-Chips einsetzen. Dazu gehören unter Umständen auch Android-Handys; jedenfalls findet sich der problematische Code auch in Googles Android-Sourcen. Auch WiFi-Router etwa auf Basis von OpenWRT könnten Opfer des Treiber-Bugs werden. Für einen Angriff muss lediglich WLAN eingeschaltet sein.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
October 17, 2019 4:44 PM
Scoop.it!

WAV audio files are now being used to hide malicious code | #CyberSecurity #Audio #Steganography 

WAV audio files are now being used to hide malicious code | #CyberSecurity #Audio #Steganography  | ICT Security-Sécurité PC et Internet | Scoop.it
From www.zdnet.com - October 16, 2019 4:38 PM

Two reports published in the last few months show that malware operators are experimenting with using WAV audio files to hide malicious code.

The technique is known as steganography -- the art of hiding information in plain sight, in another data medium.

In the software field, steganography -- also referred to as stego -- is used to describe the process of hiding files or text in another file, of a different format. For example, hiding plain text inside an image's binary format.

Using steganography has been popular with malware operators for more than a decade. Malware authors don't use steganography to breach or infect systems, but rather as a transfer method. Steganography allows files hiding malicious code to bypass security software that whitelists non-executable file formats (such as multimedia files).

All previous instances where malware used steganography revolved around using image file formats, such as PNG or JEPG.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/securite-pc-et-internet/?&tag=Steganography

 

Read more
Gust MEES's insight:

Two reports published in the last few months show that malware operators are experimenting with using WAV audio files to hide malicious code.

The technique is known as steganography -- the art of hiding information in plain sight, in another data medium.

In the software field, steganography -- also referred to as stego -- is used to describe the process of hiding files or text in another file, of a different format. For example, hiding plain text inside an image's binary format.

Using steganography has been popular with malware operators for more than a decade. Malware authors don't use steganography to breach or infect systems, but rather as a transfer method. Steganography allows files hiding malicious code to bypass security software that whitelists non-executable file formats (such as multimedia files).

All previous instances where malware used steganography revolved around using image file formats, such as PNG or JEPG.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/securite-pc-et-internet/?&tag=Steganography

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
October 6, 2019 9:29 AM
Scoop.it!

DHS Warns Small Airplanes Vulnerable to Flight Data Manipulation Attacks

DHS Warns Small Airplanes Vulnerable to Flight Data Manipulation Attacks | ICT Security-Sécurité PC et Internet | Scoop.it
From thehackernews.com - July 31, 2019 6:37 AM

What could be more horrifying than knowing that a hacker can trick the plane's electronic systems into displaying false flight data to the pilot, which could eventually result in loss of control?
Of course, the attacker would never wish to be on the same flight, so in this article, we are going to talk about a potential loophole that could allow an attacker to exploit a vulnerability with some level of "unsupervised" physical access to a small aircraft before the plane takes off.


The United States Department of Homeland Security's (DHS) has issued an alert for the same, warning owners of small aircraft to be on guard against a vulnerability that could enable attackers to easily hack the plane's CAN bus and take control of key navigation systems.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=Airlines

 

Read more
Gust MEES's insight:

What could be more horrifying than knowing that a hacker can trick the plane's electronic systems into displaying false flight data to the pilot, which could eventually result in loss of control?
Of course, the attacker would never wish to be on the same flight, so in this article, we are going to talk about a potential loophole that could allow an attacker to exploit a vulnerability with some level of "unsupervised" physical access to a small aircraft before the plane takes off.


The United States Department of Homeland Security's (DHS) has issued an alert for the same, warning owners of small aircraft to be on guard against a vulnerability that could enable attackers to easily hack the plane's CAN bus and take control of key navigation systems.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=Airlines

 

more...
No comment yet.
Sign up to comment
About Follow us Resources Terms Mobile Features
Facebook
X
LinkedIn