Web server hacking

Russia not cracking down on cyber gangs. Operation Harvest. Infrastructure phishbait.

[ad_1]

Attacks, Threats, and Vulnerabilities

How Belarus’s ‘Cyber Partisans’ exposed secrets of Lukashenko’s crackdowns (Washington Post) A series of hacks on Belarus’s government by pro-democracy activists have uncovered details on apparent abuses by security forces, exposed police informants and collected personal data on top officials including the son of President Alexander Lukashenko.

Operation ‘Harvest’: A Deep Dive into a Long-term Campaign (McAfee Blogs) A special thanks to our Professional Services’ IR team, ShadowServer, for historical context on C2 domains, and Thomas Roccia/Leandro Velasco for malware

Apple Security Flaw: How do ‘Zero-Click’ Attacks Work? (SecurityWeek) Apple rushed to patch a major security flaw which allows spyware to be downloaded on an iPhone or iPad without the owner even a button. But how do such “zero-click” attacks work, and can they be stopped?

Amid vaccine mandates, fake vaccine certificates become a full blown industry (Check Point Software) Black market for fake vaccine certificates booms Check Point Research (CPR) continues to monitor the black market in which fake COVID-19 vaccine

Biden Mandate Sparks Price-Gouging for Fake Vax Cards (The Daily Beast) “It’s clear to us they’re using current events to galvanize the market,” researchers at cybersecurity firm Check Point found, said spokesperson Ekram Ahmed.

‘Incredible spike’ in fake vaccination card traffic raises concerns (WTSP) Aside from potentially spreading COVID and facing a fine, getting a fake vaccine card could lead to identity theft, a security expert says.

Attackers Impersonate U.S. Department of Transportation to Harvest Microsoft Credentials (INKY) Between Aug. 16-18, INKY detected 41 phishing emails attempting to impersonate the U.S. Department of Transportation (USDOT). The basic pitch was, with a trillion dollars of government money flowing through the system, you, dear target, are being invited to bid for some of this bounty.

Are “corrupt my file” sites safe? Here’s why to avoid corrupt-a-file services (The Mac Security Blog) File corruption sites claim they can make any file unreadable, so you can get extra time to submit a project. Ethics aside, is it safe to submit documents to such services?

Anonymous Claims to Have Stolen Huge Trove of Data From Epik, the Right-Wing’s Favorite Web Host (Gizmodo) The controversial domain registrar, which has been known to host Nazis and other unfortunate groups, apparently just had all of its data boosted.

Solana Has Been Down for Hours Due to ‘Resource Exhaustion’ (Decrypt) Solana validators may have to restart the recently-rising blockchain network after it was overwhelmed by transactions.

New Zealand DDoS wave targets banks, post offices, weather forecasters and more (Register) Nobody from government will say a word about who’s behind it

Lubbock County confirms private information accessible under new computer system, says situation not a data breach (KLBK | KAMC | EverythingLubbock.com) Lubbock County released a statement Tuesday about previously private court information being made available to the public via a new records system. An earlier release by the …

Cyber incident targets Texas facility (Workboat) The Coast Guard recently received a report from a Maritime Transportation Security Act (MTSA) regulated facility in Texas regarding an attack on an internet public facing server.
Fortunately, the faci

Security Patches, Mitigations, and Software Updates

Patch Tuesday: Microsoft Plugs Exploited MSHTML Zero-Day Hole (SecurityWeek) Microsoft ships a patch for the CVE-2021-40444 vulnerability that has already been actively exploited via booby-trapped Microsoft Office documents.

Microsoft patches Office zero-day in today’s Patch Tuesday (The Record by Recorded Future) Microsoft has released patches today for a zero-day vulnerability in one of the Windows components that was abused in the wild for attacks using weaponized Office documents.

Patch Tuesday: Microsoft patches a zero-day bug under active attack (Computing) In total, 66 security flaws have been addressed in this month’s security update

Digi PortServer TS 16 (CISA) 1. EXECUTIVE SUMMARY

CVSS v3 9.6
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Digi International, Inc.
Equipment: PortServer TS 16
Vulnerability: Improper Authentication
2. RISK EVALUATION

Successful exploitation of this vulnerability allows write access, which grants control of settings, command execution, and access to the command line interface.

Schneider Electric Struxureware Data Center Expert (CISA) 1. EXECUTIVE SUMMARY

CVSS v3 9.1
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Schneider Electric
Equipment: Struxureware Data Center Expert
Vulnerabilities: OS Command Injection, Path Traversal
2. RISK EVALUATION

Successful exploitation of these vulnerabilities could allow remote code execution.

Siemens Simcenter Femap (CISA) 1. EXECUTIVE SUMMARY

CVSS v3 3.3
ATTENTION: Low attack complexity
Vendor: Siemens
Equipment: Simcenter Femap
Vulnerability: Out-of-bounds Read
2. RISK EVALUATION

Successful exploitation of this vulnerability could allow an attacker to leak information in the context of the current process.

Siemens Simcenter STAR-CCM+ Viewer (CISA) 1. EXECUTIVE SUMMARY

CVSS v3 7.8
ATTENTION: Low attack complexity
Vendor: Siemens
Equipment: Simcenter STAR-CCM+ Viewer
Vulnerability: Out-of-bounds Write
2. RISK EVALUATION

Successful exploitation of this vulnerability could lead to a crash and allow an attacker to execute code in the context of the current process.

Siemens SIMATIC CP (CISA) 1. EXECUTIVE SUMMARY

CVSS v3 6.5
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Siemens
Equipment: SIMATIC CP 1543-1 (incl. SIPLUS variants) and SIMATIC CP 1545-1
Vulnerability: Cleartext Storage of Sensitive Information
2. RISK EVALUATION

Successful exploitation of this vulnerability could allow an attacker to read sensitive information.

Siemens APOGEE and TALON (CISA) 1. EXECUTIVE SUMMARY

CVSS v3 9.8
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Siemens
Equipment: APOGEE and TALON
Vulnerability: Classic Buffer Overflow
2. RISK EVALUATION

Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on the device with root privileges.

Siemens Teamcenter Active Workspace (CISA) 1. EXECUTIVE SUMMARY

CVSS v3 4.5
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Siemens
Equipment: Teamcenter Active Workspace
Vulnerability: Path Traversal
2. RISK EVALUATION

Successful exploitation of this vulnerability could lead to access control violations.

Siemens NX (CISA) 1. EXECUTIVE SUMMARY

CVSS v3 7.8
ATTENTION: Low attack complexity
Vendor: Siemens
Equipment: NX
Vulnerabilities: Use After Free, Out-of-bounds Read
2. RISK EVALUATION

Successful exploitation of these vulnerabilities could lead to an access violation and to arbitrary code execution on the target host…

[ad_2]

Read More:Russia not cracking down on cyber gangs. Operation Harvest. Infrastructure phishbait.

Products You May Like