Not to change the topic here:
Flaw in Cyberoam firewalls exposed corporate networks to hackers – TechCrunch
The vulnerability allows an attacker to remotely gain “root” permissions on a vulnerable device, giving them the highest level of access, by sending malicious commands across the internet! JustDial fixes bug that allowed hackers access - The .../tech/internet/ justdial - fixes - bug - that-allowed ...JustDial fixes bug that allowed hackers access A cyber security researcher , Ehraz Ahmed , uncovered the vulnerability, which was first reported by moneycontrol.com.!! The attack takes advantage of the web-based operating system that sits on top of the Cyberoam firewall.
Once a vulnerable device is accessed, an attacker can jump onto a company’s network, according to the researcher who shared their findings exclusively with TechCrunch.
Cyberoam devices are typically used in large enterprises, sitting on the edge of a network and acting as a gateway to allow employees in while keeping hackers out. These devices filter out bad traffic, and prevent denial-of-service attacks and other network-based attacks! Flipboard: JustDial fixes bug that allowed hackers access flipboard.com/article/ ...-access/a...JustDial fixes bug that allowed hackers access. indiatimes.com. Local search service JustDial was found to contain a security flaw, through which a user account could potentially be hacked, but the company managed …!! They also include virtual private networking (VPN), allowing remote employees to log on to their company’s network when they are not in the office.
EU warns of 5G cybersecurity risks, potential attacks from 'state-backed' hackers | Fox
The European Union is fearful that 5G networks could cause "security challenges" if they're exposed to state-backed companies.
In a statement , the E.U. said that “security challenges” are likely to be more “prominent” on 5G networks, but did not single out any companies from China, including Huawei.
“Among the various potential actors, non-EU States or State-backed are considered as the most serious ones and the most likely to target 5G networks,” the E.U. said in the release.
* * *
Earlier this year, Secretary of State Mike Pompeo testified before a Senate Appropriations subcommittee and warned about the "risk of having network systems co-located with Huawei systems." And in April, former House Intelligence Committee Chair Mike Rogers spoke at a discussion hosted by the Heritage Foundation and described Huawei as “a functioning subservient enterprise to Chinese intelligence and defense services.”
Hackers are trading millions of stolen passwords on a secret network - Business Insider
These secret networks are only growing, according to Alex Heid, chief research and development officer at SecurityScorecard , a cybersecurity firm.
"Within the hacking underground community, credentials are bought, sold, and traded for free like Pokémon cards," Heid told Business Insider. "There are dozens of different hacking forums that have terabytes of information going back 10-plus years."
* * *
Hackers are using increasingly sophisticated database software to aggregate "combo lists" of millions of login credentials, according to Heid.
This may worth something:
Toms Shoes' Mailing List Hacked to Tell Users to Log Off - VICE
Too often, hackers use their skills to steal cash or make someone's day very difficult . But sometimes, hackers just want to send a message . On Sunday, one hacker used the mailing list of retailer TOMS Shoes to tell users it's time to log off.
Nathan wouldn't specify how they broke into the TOMS account, but said it was easy. They also had a message for other hackers who may have other motivations.
Iran-linked Hackers Target Trump 2020 Campaign, Microsoft says | Threatpost
A group of hackers tied to Iran has been attempting to break into accounts associated with the 2020 reelection campaign of President Trump, researchers have discovered.
Researchers from the Microsoft Threat Intelligence Center said they first observed activity from a group called Phosphorus in August, the company reported in a recent blog post .
Phosphorus was successful in compromising four accounts not related to the campaign or current or former U.S. officials, Microsoft said. The company worked with those affected to secure the accounts, according to the post.
While the attacks themselves were not “technically sophisticated,” what was significant about them is that attackers used a lot of personal information to identify targets and also to attempt their attacks, according to Microsoft.
No comments:
Post a Comment