Microsoft has released Sysmon 12, and it comes with a useful feature that logs and captures any data added to the Windows Clipboard. This feature can help system administrators and incident responders track the activities of malicious actors who compromised a system. Those not familiar with Sysmon, otherwise known as System Monitor, it is a Read more about Microsoft Sysmon now logs data copied to the Windows Clipboard[…]
Last month, Microsoft patched a very interesting vulnerability that would allow an attacker with a foothold on your internal network to essentially become Domain Admin with one click. All that is required is for a connection to the Domain Controller to be possible from the attacker’s viewpoint. Secura’s security expert Tom Tervoort previously discovered a Read more about Zerologon: instantly become domain admin by subverting Netlogon cryptography (CVE-2020-1472)[…]
In August, security researcher Volodymyr Diachenko discovered a misconfigured Elasticsearch cluster, owned by gaming hardware vendor Razer, exposing customers’ PII (Personal Identifiable Information). The cluster contained records of customer orders and included information such as item purchased, customer email, customer (physical) address, phone number, and so forth—basically, everything you’d expect to see from a credit Read more about Private data gone public: Razer leaks 100,000+ gamers’ personal info[…]
The database built by Shenzhen Zhenhua from a variety of sources is technically complex using very advanced language, targeting, and classification tools. Shenzhen Zhenhua claims to work with, and our research supports, Chinese intelligence, military, and security agencies use the open information environment we in open liberal democracies take for granted to target individuals and Read more about Shenzhen Zhenua Data Leak – high profile international contacts database kept by Chinese leaked[…]
Three “grumpy old hackers” in the Netherlands managed to access Donald Trump’s Twitter account in 2016 by extracting his password from the 2012 Linkedin hack. The pseudonymous, middle-aged chaps, named only as Edwin, Mattijs and Victor, told reporters they had lifted Trump’s particulars from a database that was being passed about hackers, and tried it Read more about Three middle-aged Dutch hackers slipped into Donald Trump’s Twitter account days before 2016 US election[…]
Boffins in America, the Netherlands, and Switzerland have devised a Spectre-style attack on modern processors that can defeat defenses that are supposed to stop malicious software from hijacking a computer’s operating system. The end result is exploit code able to bypass a crucial protection mechanism and take over a device to hand over root access. Read more about BlindSide: Watch speculative memory probing bypass kernel defenses, give malware root control[…]
Windows 10 users can customize their desktops with unique themes, and are able to create and share those themes with others. Hackers can also use them to steal your credentials. A flaw in Windows 10’s theme-creation feature lets hackers modify custom themes that, once installed, trick users into passing over their Microsoft account name and Read more about Hacked Windows 10 Themes Can Swipe Your Microsoft Login[…]
The coronavirus pandemic has forced people around the globe to temporarily modify the ways they go about activities. Activities like these include political elections and campaigning. Since the virus hit in an election year, it’s highly likely new measures will be taken to prevent mass gatherings during voting. Infection rates aren’t likely to drop any Read more about Security Risks Revolving the 2020 US Presidential Elections | Techwarn.com[…]
The United States Court of Appeals for the Ninth Circuit has ruled [PDF] that the National Security Agency’s phone-call slurping was indeed naughty, seven years after former contractor Edward Snowden blew the whistle on the tawdry affair. It’s been a long time coming, and while some might view the decision as a slap for officials Read more about 7 years later, US court deems NSA bulk phone-call snooping illegal, possibly unconstitutional, and probably pointless anyway[…]
Facebook has published its first Vulnerability Disclosure Policy and given itself grounds to blab the existence of bugs to the world if it thinks that’s the right thing to do. “Facebook may occasionally find critical security bugs or vulnerabilities in third-party code and systems, including open source software,” the company writes. “When that happens, our Read more about Facebook finally joins responsible disclosure for bugs they find[…]
Can’t send something on Gmail? If so then you’re in good company, ever since about midnight ET, people have been complaining about issues connecting to many of the G suite services, but especially Gmail. The Google apps status page just updated to confirm they’ve received reports of an issue with Gmail and Google Drive, while Read more about A Gmail and Google Drive outage is causing errors around the world – yay cloud![…]
A security researcher has detailed how an artificial intelligence company in possession of nearly 2.6 million medical records allowed them to be publicly visible on the internet. It’s a clear reminder that our personal health data is not safe. As Secure Thoughts reports, on July 7 security researcher Jeremiah Fowler discovered two folders of medical Read more about AI Company Leaks Over 2.5M Medical Records[…]
Boffins testing the security of OpenPGP and S/MIME, two end-to-end encryption schemes for email, recently found multiple vulnerabilities in the way email client software deals with certificates and key exchange mechanisms. They found that five out of 18 OpenPGP-capable email clients and six out of 18 S/MIME-capable clients are vulnerable to at least one attack. Read more about Trusting OpenPGP and S/Mime with your email secrets? You might want to rethink that[…]
More than 3.7 million. That’s the latest number of surveillance cameras, baby monitors, doorbells with webcams, and other internet-connected devices found left open to hijackers via two insecure communications protocols globally, we’re told. This is up from estimates of a couple of million last year. The protocols are CS2 Network P2P, used by more than Read more about Peer-to-peer takes on a whole new meaning when used to spy on 3.7 million or more cameras, other IoT gear[…]
Misconfigured AWS S3 storage buckets exposing massive amounts of data to the internet are like an unexploded bomb just waiting to go off, say experts. The team at Truffle Security said its automated search tools were able to stumble across some 4,000 open Amazon-hosted S3 buckets that included data companies would not want public – Read more about Leaky AWS S3 buckets are so common, they’re being found by the thousands now – with lots of buried secrets[…]
With over 3 billion users globally, smartphones are an integral, almost inseparable part of our day-to-day lives. As the mobile market continues to grow, vendors race to provide new features, new capabilities and better technological innovations in their latest devices. To support this relentless drive for innovation, vendors often rely on third parties to provide Read more about 400 faults found in Qualcomm chips powering your mobile phone with big implications[…]
Smart glasses company North has told customers that their $600 (£460) purchases will stop working in a few days’ time. The Canadian company, recently purchased by Google, says its Focals glasses will cease functioning on Friday. From then, owners will not be able to use “any features” of the glasses, or connect to the companion Read more about Google offers refunds after North smart glasses stop working or why cloud sucks and you want things running locally[…]
Netgear has quietly decided not to patch more than 40 home routers to plug a remote code execution vulnerability – despite security researchers having published proof-of-concept exploit code. The vuln was revealed publicly in June by Trend Micro’s Zero Day Initiative (ZDI) following six months spent chivvying Netgear behind the scenes to take it seriously. Read more about If you own one of these 45 Netgear devices, replace it: Firm won’t patch vulnerable gear despite live proof-of-concept code[…]
Waydev, a San Francisco-based company, runs a platform that can be used to track software engineers’ work output by analyzing Git-based codebases. To do this, Waydev runs a special app listed on the GitHub and GitLab app stores. When users install the app, Waydev receives an OAuth token that it can use to access its Read more about Hackers stole GitHub and GitLab OAuth tokens from Git analytics firm Waydev – this is why you don’t give cloud access to your crown jewels[…]
An annoying vulnerability in the widely used GRUB2 bootloader can be potentially exploited by malware or a rogue insider already on a machine to thoroughly compromise the operating system or hypervisor while evading detection by users and security tools. […] Designated CVE-2020-10713, the vulnerability allows a miscreant to achieve code execution within the open-source bootloader, Read more about GRUB2, you’re getting too bug for your boots: Config file buffer overflow is a boon for malware seeking to drill deeper into a system[…]
Garmin is reportedly being asked to pay a $10 million ransom to free its systems from a cyberattack that has taken down many of its services for two days. The navigation company was hit by a ransomware attack on Thursday, leaving customers unable to log fitness sessions in Garmin apps and pilots unable to download Read more about Will Garmin Pay $10 Million Ransom To End Two-Day Outage?[…]
Twitter said on Saturday that the perpetrators “manipulated a small number of employees and used their credentials” to log into tools and turn over access to 45 accounts. here On Wednesday, it said that the hackers could have read direct messages to and from 36 accounts but did not identify the affected users. The former Read more about More than 1,000 people at Twitter had ability to aid hack of accounts[…]
More than 1,000 unsecured databases so far have been permanently deleted in an ongoing attack that leaves the word “meow” as its only calling card, according to Internet searches over the past day. The attack first came to the attention of researcher Bob Diachenko on Tuesday, when he discovered a database that stored user details Read more about Ongoing Meow attack has nuked >4,000 MongoDB and Elastic databases with default settings left on[…]
Garmin’s Connect service has been down for more than seven hours today to the frustration of fitness enthusiasts keen to upload running times or synchronise with other services such as Strava. So, too, is the company’s web shop and support forums. Users have expressed obvious concern that such an extended outage is indicative of a Read more about Fitness freaks flummoxed as massive global Garmin outage leaves them high and dry for hours[…]
The personal information of what could be hundreds of thousands of Instacart customers is being sold on the dark web. This data includes names, the last four digits of credit card numbers, and order histories, and appears to have affected customers who used the grocery delivery service as recently as yesterday. As of Wednesday, sellers Read more about Instacart Customers’ Data Is Being Sold Online, but Instacart has it’s fingers in it’s ears, pretends nothing is wrong[…]