Daily Archives: November 7, 2020

Update Your iOS Devices Now — 3 Actively Exploited 0-Days Discovered

Apple on Thursday released multiple security updates to patch three zero-day vulnerabilities that were revealed as being actively exploited in the wild. Rolled out as part of its iOS, iPadOS, macOS, and watchOS updates, the flaws reside in the FontParser component and the kernel, allowing adversaries to remotely execute arbitrary code and run malicious programs with kernel-level privileges. The

North Korean Hackers Used ‘Torisma’ Spyware in Job Offers-based Attacks

A cyberespionage campaign aimed at aerospace and defense sectors in order to install data gathering implants on victims’ machines for purposes of surveillance and data exfiltration may have been more sophisticated than previously thought. The attacks, which targeted IP-addresses belonging to internet service providers (ISPs) in Australia, Israel, Russia, and defense contractors based in Russia

Deception Technology: No Longer Only A Fortune 2000 Solution

A cyber-attacker successfully breaks into your environment and begins sneaking around to find something valuable – intellectual property, bank account credentials, company plans, whatever. The attacker makes his way to a certain host on a network node to browse the directories, and suddenly, his connection is cut off. The stolen username and password he acquired no longer works.  Unknowingly,

If You Don’t Have A SASE Cloud Service, You Don’t Have SASE At All

The Secure Access Service Edge (or SASE) has been a very hot buzzword in the past year. A term and category created by Gartner 2019, SASE states that the future of networking and security lies in the convergence of these categories into a single, cloud-based platform.The capabilities that SASE delivers aren’t new and include SD-WAN, threat prevention, remote access, and others that…

New Kimsuky Module Makes North Korean Spyware More Powerful

A week after the US government issued an advisory about a “global intelligence gathering mission” operated by North Korean state-sponsored hackers, new findings have emerged about the threat group’s spyware capabilities. The APT — dubbed “Kimsuky” (aka Black Banshee or Thallium) and believed to be active as early as 2012 — has been now linked to as many as three hitherto…

New Chrome Zero-Day Under Active Attacks – Update Your Browser

Google has patched a second actively exploited zero-day flaw in the Chrome browser in two weeks, along with addressing nine other security vulnerabilities in its latest update. The company released 86.0.4240.183 for Windows, Mac, and Linux, which it said will be rolling out over the coming days/weeks to all users. The zero-day flaw, tracked as CVE-2020-16009, was reported by

How to Prevent Pwned and Reused Passwords in Your Active Directory

Many businesses are currently looking at how to bolster security across their organization as the pandemic and remote work situation continues to progress towards the end of the year. As organizations continue to implement security measures to protect business-critical data, there is an extremely important area of security that often gets overlooked – passwords. Weak passwords have long been a

New NAT/Firewall Bypass Attack Lets Hackers Access Any TCP/UDP Service

A new research has demonstrated a technique that allows an attacker to bypass firewall protection and remotely access any TCP/UDP service on a victim machine. Called NAT Slipstreaming, the method involves sending the target a link to a malicious site (or a legitimate site loaded with malicious ads) that, when visited, ultimately triggers the gateway to open any TCP/UDP port on…

WARNING: Google Discloses Windows Zero-Day Bug Exploited in the Wild

Google has disclosed details of a new zero-day privilege escalation flaw in the Windows operating system that’s being actively exploited in the wild. The elevation of privileges (EoP) vulnerability, tracked as CVE-2020-17087, concerns a buffer overflow present since at least Windows 7 in the Windows Kernel Cryptography Driver (“cng.sys”) that can be exploited for a sandbox escape. “The bug