latestnews

Experts shared PoC exploit code for RCE in Zoho ManageEngine ADAudit Plus tool

Researchers shared technical details and proof-of-concept exploit code for the CVE-2022-28219 flaw in Zoho ManageEngine ADAudit Plus tool. Security researchers from Horizon3.ai have published technical details and proof-of-concept exploit code for a critical vulnerability, tracked as CVE-2022-28219 (CVSS 9.8 out of 10), in the Zoho ManageEngine ADAudit Plus tool. The tool allows monitoring activities of …

Experts shared PoC exploit code for RCE in Zoho ManageEngine ADAudit Plus tool Read More »

Fortified Castles With Wooden Gates: Weak Keys and Outdated Machine Identity Management Undermine TLSv1.3 Adoption

[ This article was originally published here ] SALT LAKE CITY–()–, the inventor and leading provider of machine identity management, today announced the findings of a new crawler report from security researcher and TLS expert, Scott Helme. The report, which Venafi sponsored, evaluates the use of encryption across the world’s top one million sites over …

Fortified Castles With Wooden Gates: Weak Keys and Outdated Machine Identity Management Undermine TLSv1.3 Adoption Read More »

Evilnum Hacking Group Updates TTPs Targeting Fintech

Cybercrime , Cybercrime as-a-service , Fraud Management & Cybercrime Group Now Uses MS Office Word Documents to Deliver Payload Prajeet Nair (@prajeetspeaks) • July 2, 2022     Evilnum APT group attacks coincide with the Russia-Ukraine conflict (Source: ISMG) Evilnum, a hacking group primarily targeting fintech firms in the U.K. and Europe, has updated its …

Evilnum Hacking Group Updates TTPs Targeting Fintech Read More »

!HackerOne hacked! Bug bounty Platform becomes the victim of Insider Threat

A HackerOne employee had improperly accessed vulnerability reports submitted to the platform by security researchers’ for personal gain. The employee anonymously took these reports, somewhat modified them and disclosed these vulnerabilities outside the HackerOne platform directly to the customer with the goal of claiming bug bounty.  The inquiry began after a HackerOne customer notified the …

!HackerOne hacked! Bug bounty Platform becomes the victim of Insider Threat Read More »

Review – Public ICS Disclosures – Week of 6-25-22 – Part 1

This has been a relatively busy disclosure week. For Part 1 this week we have 15 vendor disclosures from Belden, Hitachi, Hitachi Energy, Honeywell, HPE (7), Luxion, Omron (2), and Philips. Belden Advisory – Belden published an advisory that discusses the FragAttacks WiFi vulnerabilities in their ProSoft RadioLinx RLX2. Hitachi Advisory – Hitachi published an advisory …

Review – Public ICS Disclosures – Week of 6-25-22 – Part 1 Read More »

Microsoft-365-Extractor-Suite – A Set Of PowerShell Scripts That Allow For Complete And Reliable Acquisition Of The Microsoft 365 Unified Audit Log

This suite of scripts contains two different scripts that can be used to acquire the Microsoft 365 Unified Audit Log Read the accompanying blog post on https://invictus-ir.medium.com/introduction-of-the-microsoft-365-extractor-suite-b85e148d4bfe Microsoft365_Extractor, the original script stems from the Office 365 Extractor and provides all features and complete customization. Choose this if you’re not sure what to use. Microsoft365_Extractor_light, lightweight …

Microsoft-365-Extractor-Suite – A Set Of PowerShell Scripts That Allow For Complete And Reliable Acquisition Of The Microsoft 365 Unified Audit Log Read More »

Rabbi’s suit over Florida abortion law tests bounds of religious objections after Roe

Michael Wilner reports: Weeks before the Supreme Court overturned Roe v. Wade, revoking a woman’s constitutional right to abortion, a rabbi and lawyer in Boynton Beach was preparing to take action against Florida. The state’s ban on abortions after 15 weeks, he said, directly targets Jews. “Judaism is in conflict with this law,” Rabbi Barry …

Rabbi’s suit over Florida abortion law tests bounds of religious objections after Roe Read More »

TikTok Confirms Some China-Based Employees Can Access US User Data

Alex Barinka reports: TikTok, the viral video-sharing app owned by China’s ByteDance Ltd., said certain employees outside the US can access information from American users, stoking further criticism from lawmakers who have raised alarms about the social network’s data-sharing practices. The company’s admission came in a letter to nine US senators who accused TikTok and its …

TikTok Confirms Some China-Based Employees Can Access US User Data Read More »

Google says it will delete users’ location history at abortion clinics, other ‘personal’ data

Olivia Olander reports: Google will delete location data after people visit abortion clinics, domestic violence shelters and other sensitive locations, the tech giant announced in a blog post Friday. The update “will take effect in the coming weeks,” Jen Fitzpatrick, a senior vice president at Google, wrote in a blog post. […] Google will also delete …

Google says it will delete users’ location history at abortion clinics, other ‘personal’ data Read More »

Online Abortion Pill Provider Hey Jane Used Tracking Tools That Sent Visitor Data to Meta, Google, and Others

Personal information from reviewers was also exposed until The Markup’s inquiry By: Jon Keegan and Dara Kerr Hey Jane, an online abortion pill provider, performs a service that pro-choice advocates say has become critically important since the U.S. Supreme Court overturned Roe v. Wade last week. “Get fast, safe and affordable abortion pills shipped to …

Online Abortion Pill Provider Hey Jane Used Tracking Tools That Sent Visitor Data to Meta, Google, and Others Read More »

Sabre and Travelport help the government spy on air travelers

Edward Hasbrouck writes: Ongoing litigation on behalf of journalist Thomas Brewster and Forbes Media has revealed a few more details about how computerized reservation systems (CRSs) collaborate with the US government to surveil travelers. It has also prompted new denials by some of those CRS companies that range from misdirection to out-and-out lies. In 2020, Forbes published a report by Mr. Brewster based on a …

Sabre and Travelport help the government spy on air travelers Read More »

Cross-border Data Transfer Developments in China

After more than seven months since China’s Personal Information Protection Law (《个人信息保护法》, “PIPL”) went into effect, Chinese regulators have issued several new (draft) rules over the past few days to implement the cross-border data transfer requirements of the PIPL.  In particular, Article 38 of the PIPL sets out three legal mechanisms for lawful transfers of …

Cross-border Data Transfer Developments in China Read More »

Unified Group-IB. Meet Unified Risk Platform

Group-IB, one of the global leaders in cybersecurity headquartered in Singapore, has unveiled the Unified Risk Platform, an ecosystem of solutions that understands each organization’s threat profile and tailors defenses against them in real time. Every product and service in Group-IB’s now consolidated security suite is enriched with information from a Single Data Lake, which …

Unified Group-IB. Meet Unified Risk Platform Read More »

Google location tracking to forget you were ever at that medical clinic

In brief Google on Friday pledged to update its location history system so that visits to medical clinics and similarly sensitive places are automatically deleted. In this post-Roe era of America, there is concern that cops and other law enforcement will demand the web giant hand over information about its users if they are suspected …

Google location tracking to forget you were ever at that medical clinic Read More »

A ransomware attack forced publishing giant Macmillan to shuts down its systems

A cyber attack forced the American publishing giant Macmillan to shut down its IT systems.  The publishing giant Macmillan has been hit by a cyberattack that forced the company to shut down its IT infrastructure to prevent the threat from spreading within its network. The company spokesman Erin Coffey told different media outlets that attackers have encrypted …

A ransomware attack forced publishing giant Macmillan to shuts down its systems Read More »

TikTok Assures U.S. Lawmakers it's Working to Safeguard User Data From Chinese Staff

Following heightened worries that U.S. users’ data had been accessed by TikTok engineers in China between September 2021 and January 2022, the company sought to assuage U.S. lawmakers that it’s taking steps to “strengthen data security.” The admission that some China-based employees can access information from U.S. users came in a letter sent to nine …

TikTok Assures U.S. Lawmakers it's Working to Safeguard User Data From Chinese Staff Read More »

Conti's brand appears to have gone into occultation (maybe for real, this time). Lockbit has now taken Conti's place as the biggest ransomware brand. Lithuania sustains a major DDoS attack.

At a glance.Conti’s brand appears to have gone into occultation (maybe for real, this time).Lockbit has now taken Conti’s place as the biggest ransomware brand.Lithuania sustains a major DDoS attack.Iranian steel mill suspends production due to cyberattack.Bumblebee rising.Dark Crystal RAT described.Influence operations in the interest of national market share.SOHO routers under attack.YTStealer discovered, out and …

Conti's brand appears to have gone into occultation (maybe for real, this time). Lockbit has now taken Conti's place as the biggest ransomware brand. Lithuania sustains a major DDoS attack. Read More »

Hexnode Unveils Its Third Annual User Conference: HexCon22

[ This article was originally published here ] SAN FRANCISCO–()–, the enterprise security solution of Mitsogo, is gearing up to launch its third annual virtual user conference, . The three-day event, scheduled to commence on September 21 until 23 will be an open event featuring about 100 speakers from various verticals, endpoint management, cybersecurity and …

Hexnode Unveils Its Third Annual User Conference: HexCon22 Read More »

Resecurity’s cybersecurity solutions now available in the Microsoft Azure marketplace

Resecurity announced its award-winning cybersecurity threat intelligence and risk monitoring platform is now available on Microsoft’s Azure Marketplace. Microsoft’s Azure Marketplace is the most comprehensive marketplace on the planet, offering thousands of certified cloud applications and software to over four million active users and subscribers. With cyber-risk ranking as a top concern for CEOs and …

Resecurity’s cybersecurity solutions now available in the Microsoft Azure marketplace Read More »

Dlinject – Inject A Shared Library (I.E. Arbitrary Code) Into A Live Linux Process, Without Ptrace

Inject a shared library (i.e. arbitrary code) into a live linux process, without ptrace. Inspired by Cexigua and linux-inject, among other things. .___.__ .__ __ ____| _/| | |__| ____ |__| ____ _____/ |_ ______ ___.__./ __ | | | | |/ | |/ __ _/ ___ __ ____ < | |/ /_/ | | …

Dlinject – Inject A Shared Library (I.E. Arbitrary Code) Into A Live Linux Process, Without Ptrace Read More »