Information

01 Feb

Dutch, European Hospitals ‘Hit by Pro-Russian Hackers’

Information, News

Dutch cyber authorities said Wednesday that several hospital websites in the Netherlands and Europe were likely targeted by a pro-Kremlin hacking group because of their countries’ support for Ukraine. The UMCG hospital in the northern Dutch city of Groningen, one of the largest in the country, saw its website crash in a cyberattack on Saturday. “European hospitals including in the Netherlands have most likely been hit by the pro-Russian hacking group Killnet,” said the Dutch…

Read More
31 Jan

Serious Security: The Samba logon bug caused by outdated crypto

Information

by Paul Ducklin Samba, simply put, is a super-useful, mega-popular, open-source reimplementation of the networking protocols used in Microsoft Windows, and its historical importance in internetworking (connecting two different sorts of network together) cannot be underestimated. In the late 1990s, Microsoft networking shed its opaque, proprietary nature and became an open standard known as CIFS, short for common internet file system. But there was nothing “common” or “open” about it in the early 1990s, when…

Read More
31 Jan

GitHub code-signing certificates stolen (but will be revoked this week)

Information

by Paul Ducklin Another day, another access-token-based database breach. This time, the victim (and in some ways, of course, also the culprit) is Microsoft’s GitHub business. GitHub claims that it spotted the breach quickly, the day after it happened, but by then the damage had been done: On December 6, 2022, repositories from our atom, desktop, and other deprecated GitHub-owned organizations were cloned by a compromised Personal Access Token (PAT) associated with a machine account.…

Read More
31 Jan

Cyber Insights 2023: Attack Surface Management

Information, News

About SecurityWeek Cyber Insights | At the end of 2022, SecurityWeek liaised with more than 300 cybersecurity experts from over 100 different organizations to gain insight into the security issues of today – and how these issues might evolve during 2023 and beyond. The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. SecurityWeek Cyber Insights 2023 | Attack Surface Management…

Read More
30 Jan

Meta Awards $27,000 Bounty for 2FA Bypass Vulnerability

Information, News

A researcher has disclosed the details of a two-factor authentication (2FA) vulnerability that earned him a $27,000 bug bounty from Facebook parent company Meta.  Gtm Manoz of Nepal discovered in September 2022 that a system designed by Meta for confirming a phone number and email address did not have any rate-limiting protection. A fix was rolled out by Meta in October 2022 and the company highlighted Manoz’s findings in its annual bug bounty program report.…

Read More
28 Jan

Are you in control of your personal data? – Week in security with Tony Anscombe

Information

Data Privacy Week is a reminder to protect your data – all year round. Here are three privacy-boosting habits you can start today. Every action we  take on the internet generates data that is shared with online services and other parties. It stands to reason, then, that we need to assert control over how much and what kind of personal information we hand over to online services and generally limit the amount of our data…

Read More
28 Jan

SwiftSlicer: New destructive wiper malware strikes Ukraine

Information

Sandworm continues to conduct attacks against carefully chosen targets in the war-torn country ESET researchers have uncovered a new wiper attack in Ukraine that they attribute to the Sandworm APT group. Dubbed SwiftSlicer, the destructive malware was spotted on the network of a targeted organization on January 25th. It was deployed through Group Policy, which suggests that the attackers had taken control of the victim’s Active Directory environment. Some of the wipers spotted by ESET in…

Read More
28 Jan

Hive ransomware servers shut down at last, says FBI

Information

by Naked Security writer Six months ago, according to the US Department of Justice (DOJ), the Federal Bureau of Investigation (FBI) infiltrated the Hive ransomware gang and started “stealing back” the decryption keys for victims whose files had been scrambled. As you are almost certainly, and sadly, aware, ransomware attacks these days typically involve two associated groups of cybercriminals. These groups often “know” each other only by nicknames, and “meet” only online, using anonymity tools…

Read More
27 Jan

Critical Vulnerability Impacts Over 120 Lexmark Printers

Information, News

Printer and imaging products manufacturer Lexmark this week published a security advisory to warn users of a critical vulnerability impacting over 120 printer models. The issue, tracked as CVE-2023-23560 (CVSS score of 9.0), is described as a server-side request forgery (SSRF) flaw in the Web Services feature of newer Lexmark devices, which could be exploited to execute arbitrary code. “Successful exploitation of this vulnerability can lead to an attacker being able to remotely execute arbitrary…

Read More
27 Jan

BIND Updates Patch High-Severity, Remotely Exploitable DoS Flaws

Information, News

The Internet Systems Consortium (ISC) this week announced patches for multiple high-severity denial-of-service (DoS) vulnerabilities in the DNS software suite BIND. The addressed issues could be exploited remotely to cause named – the BIND daemon that acts both as an authoritative name server and as a recursive resolver – to crash, or could lead to the exhaustion of the available memory. The first of the security defects, tracked as CVE-2022-3094, can be exploited by sending…

Read More