Blacksmith attack bypasses existing DDR4 memory defenses.
Views expressed in this cybersecurity-intelligence update are those of the reporters and correspondents.
Accessed on 21 November 2021, 2315 UTC.
Content provided by “Cyware.com.”
Please scroll down to read your selections.
Latest Cybersecurity News And Articles
Blacksmith Attack Bypasses Existing DDR4 Memory Defenses
Researchers from ComSec group have demonstrated that it is possible to trigger the Rowhammer exploit and target the associated DRAMs used in commercially available devices. Blacksmith (tracked as CVE-2021-42114 ) is a fuzzing-based technique, and unlike previous DRAM exploits, it works well for … Read More
New ETW Attacks May Blind Security Products
Researchers from Binarly have disclosed two Event Tracing for Windows (ETW) bypass techniques and demonstrated their effectiveness against Windows Defender and Process Monitor.
COVID-19 and Cybercrime – Europol Threat Assessment
The conditions brought forth by the global pandemic have set a rapid pace of transformation in the cyberworld. With accelerated digitalization, came the threat of heightened cyberattacks.
Latest Research Links Ghostwriter Disinformation Campaign to Belarus
Researchers from Mandiant Threat Intelligence have claimed with high confidence that the Ghostwriter (UNC1151) disinformation campaign is associated with the government of Belarus.
Vestas hit by cyber security incident, shuts some IT systems
Vestas has been hit by a cyber security incident and has shut down its IT systems across multiple business units and locations to contain the issue, the world’s largest maker of wind turbines said on Saturday.
FBI Warning: Cybercriminals Abusing Zero-Day in FatPipe VPN
A flash alert has been issued by the FBI regarding an APT group abusing a zero-day flaw in FatPipe devices and software products. FatPipe, the networking hardware firm, has Fortune 1000 companies as its customers.
Microsoft Reports Evolution of Iranian Hacking Groups
From September 2020, the tech giant has been tracking six Iranian hacking groups (DEV-0146, DEV-0227, DEV-0198, DEV-0500, Rubidium, and Phosphorus) spreading ransomware and stealing data.
Zero-day Flaws and Exploit-as-a-Service Trending Among Ransomware Groups
A recent analysis made by researchers from Digital Shadows indicates that an increasing amount of chatter has been observed on dark web message boards regarding the criminal market for zero-day vulnerabilities.
Sky customers vulnerable to hackers after security flaw on six million routers
The security issue meant internet users with Sky routers were vulnerable to hacks and online attacks for well over a year, according to internet security company Pen Test Partners.
Cybercriminals discuss new business model for zero-day exploits
The potential new service is a product of the highly profitable zero-day market, where researchers have seen multimillion-dollar price tags for vulnerabilities and exploits.
US banks must soon report significant cybersecurity incidents within 36 hours
The U.S. financial regulators have approved a new rule that requires banking organizations to report any “significant” cybersecurity incident within 36 hours of discovery.
The Glitch Platform Is Being Used By Hackers to Host Malicious URLs
The Glitch platform has become a target for phishing hackers. It seems that the service is being actively abused by cybercriminals with the goal to host on this platform for free phishing sites that perform credentials theft.
North Korean Hacker Group Intensifies Espionage Campaigns
The adversary, which security researchers also refer to as Kimsuky, Thallium, and Konni, has been targeting organizations in sectors such as education, government, media, and research, as well as other industries.
Scammers Leverage Fake SS7 Exploits to Boost Their Revenue
Analysts at SOS Intelligence found several underground forums offering fake exploits for SS7 vulnerabilities. During the investigation, the researchers uncovered 84 unique onion domains claiming to offer the fake exploit tool.
Ransomware Phishing Emails Sneak Through SEGs
Researchers are raising the alarm over a phishing email kicking off a Halloween-themed MICROP ransomware offensive, which they observed making its way to a target’s inbox despite its being secured by an SEG.
Researcher finds SSRF bug in internal Google Cloud project, nabs $10,000 bug bounty
Now fixed, the bug, which researcher avid Schütz has documented in a comprehensive video and blog post, could have allowed an attacker to access sensitive resources and possibly run malicious code.
CKEditor vulnerabilities pose XSS threat to Drupal and other downstream applications
A pair of cross-site scripting (XSS) bugs, which are deemed ‘moderately critical’ by Drupal, could have a far-reaching impact since CKEditor is incorporated into numerous online applications.
Ransomware is now a giant black hole that is sucking in all other forms of cybercrime
Ransomware is considered by many experts to be most pressing security risk facing businesses – and its extremely lucrative for the gangs involved, with ransom payouts increasing significantly.
Canadian teen arrested for stealing $36.5m of cryptocurrency
A Canadian teen has been arrested for allegedly stealing $37m worth of cryptocurrency via a SIM swap scam, making it the largest virtual cash heist affecting a single person yet, according to police.
Banks ordered to promptly flag cybersecurity incidents under new U.S. rule
US federal bank regulatory agencies have approved a new rule ordering banks to notify their primary federal regulators of significant computer-security incidents within 36 hours.
Malicious Packages on Python Package Index Caught Stealing Discord Tokens, Installing Remote Access Shells
These packages can be used for the collection and theft of user data, passwords, and Discord access tokens and the installation of remote access shells for remote access to infected systems.
California Pizza Kitchen Exposed Over 100,000 Current and Former Employee Social Security Numbers
The company learned of a “disruption” on Sept 15 and by Oct 4, it had determined cybercriminals had infiltrated its systems and gained access to certain files, including employee names and SSNs.
Reality check: Your security hygiene is worse than you think it is
In order to truly have a grasp on asset inventory, security teams must prioritize the difficult task of correlating various data sources to arrive at an accurate picture of the their asset inventory.