Difference between revisions of "Template:PSWPaul639"

From Paul's Security Weekly
Jump to: navigation, search
Line 5: Line 5:
 
#[https://www.theregister.co.uk/2020/02/11/forgotten_gigabte_driver_robbinhood/ Forgotten motherboard driver turns out to be perfect for slipping Windows ransomware past antivirus checks] - ''criminals have used the Gigabyte driver as a wedge so they could load a second, unsigned driver into Windows. This second driver then goes to great lengths to kill processes and files belonging to endpoint security products, bypassing tamper protection, to enable the ransomware to attack without interference.''
 
#[https://www.theregister.co.uk/2020/02/11/forgotten_gigabte_driver_robbinhood/ Forgotten motherboard driver turns out to be perfect for slipping Windows ransomware past antivirus checks] - ''criminals have used the Gigabyte driver as a wedge so they could load a second, unsigned driver into Windows. This second driver then goes to great lengths to kill processes and files belonging to endpoint security products, bypassing tamper protection, to enable the ransomware to attack without interference.''
 
#[https://securityaffairs.co/wordpress/97644/breaking-news/dell-supportassist-flaw-2.html Dell SupportAssist flaw exposes computers to hack, patch it asap!]
 
#[https://securityaffairs.co/wordpress/97644/breaking-news/dell-supportassist-flaw-2.html Dell SupportAssist flaw exposes computers to hack, patch it asap!]
#[https://www.vice.com/en_us/article/5dmybx/jail-software-left-inmate-data-exposed-online Jail Software Left Inmate Data Exposed Online]
+
#[https://www.vice.com/en_us/article/5dmybx/jail-software-left-inmate-data-exposed-online Jail Software Left Inmate Data Exposed Online] - ''The storage bucket containing JailCore’s data was seemingly completely unsecured, and could be accessed by anyone who stumbled across its URL. After the research team contacted the company responsible for the software on January 5, the issue was finally resolved on January 15 and the S3 bucket now appears to be properly secured.''
 
#[https://www.darkreading.com/cloud/why-ransomware-will-soon-target-the-cloud-/a/d-id/1336957 Why Ransomware Will Soon Target the Cloud]
 
#[https://www.darkreading.com/cloud/why-ransomware-will-soon-target-the-cloud-/a/d-id/1336957 Why Ransomware Will Soon Target the Cloud]
 
#[https://theconversation.com/hackers-could-shut-down-satellites-or-turn-them-into-weapons-130932 Hackers could shut down satellites  or turn them into weapons]
 
#[https://theconversation.com/hackers-could-shut-down-satellites-or-turn-them-into-weapons-130932 Hackers could shut down satellites  or turn them into weapons]
 
#[https://www.binarydefense.com/emotet-evolves-with-new-wi-fi-spreader/ Emotet Evolves With new Wi-Fi Spreader - Binary Defense]
 
#[https://www.binarydefense.com/emotet-evolves-with-new-wi-fi-spreader/ Emotet Evolves With new Wi-Fi Spreader - Binary Defense]
 
#[https://www.forbes.com/sites/daveywinder/2020/02/12/cia-secretly-bought-global-encryption-provider-built-backdoors-spied-on-100-foreign-governments/ CIA Secretly Owned Global Encryption Provider, Built Backdoors, Spied On 100+ Foreign Governments: Report]
 
#[https://www.forbes.com/sites/daveywinder/2020/02/12/cia-secretly-bought-global-encryption-provider-built-backdoors-spied-on-100-foreign-governments/ CIA Secretly Owned Global Encryption Provider, Built Backdoors, Spied On 100+ Foreign Governments: Report]

Revision as of 21:17, 13 February 2020

  1. ASSET Research Group: SweynTooth - SweynTooth captures a family of 12 vulnerabilities (more under non-disclosure) across different BLE software development kits (SDKs) of six major system-on-a-chip (SoC) vendors. The vulnerabilities expose flaws in specific BLE SoC implementations that allow an attacker in radio range to trigger deadlocks, crashes and buffer overflows or completely bypass security depending on the circumstances.
  2. Misconfigured Docker Registries Expose Thousands of Repositories - “With all the source code and historical tags, malicious actors can design tailored exploits to compromise the systems. If the push operation is allowed, benign application images may be replaced with images with backdoors. These registries may also be used for hosting malware. If the delete operation is allowed, hackers could encrypt or delete the images and ask for ransom,” they note in a blog post. but as of tonight, only 940, at least one person got the memo. But there are probably more in other hosted providers.
  3. top-ten-password-cracking-techniques-used-hackers
  4. Mac malware reportedly grew faster than Windows malware in 2019 - Mac threats increased by more than 400% in 2019, with 11 threats per Mac endpoint compared to 5.8 threats per Windows endpoint.
  5. Forgotten motherboard driver turns out to be perfect for slipping Windows ransomware past antivirus checks - criminals have used the Gigabyte driver as a wedge so they could load a second, unsigned driver into Windows. This second driver then goes to great lengths to kill processes and files belonging to endpoint security products, bypassing tamper protection, to enable the ransomware to attack without interference.
  6. Dell SupportAssist flaw exposes computers to hack, patch it asap!
  7. Jail Software Left Inmate Data Exposed Online - The storage bucket containing JailCore’s data was seemingly completely unsecured, and could be accessed by anyone who stumbled across its URL. After the research team contacted the company responsible for the software on January 5, the issue was finally resolved on January 15 and the S3 bucket now appears to be properly secured.
  8. Why Ransomware Will Soon Target the Cloud
  9. Hackers could shut down satellites or turn them into weapons
  10. Emotet Evolves With new Wi-Fi Spreader - Binary Defense
  11. CIA Secretly Owned Global Encryption Provider, Built Backdoors, Spied On 100+ Foreign Governments: Report