Tux Machines

Security Leftovers

Posted by Roy Schestowitz on Apr 05, 2023

Programming Leftovers
Android Leftovers

Zimbra Flaw Exploited by Russia Against NATO Countries Added to CISA ‘Must Patch’ List

↺ Zimbra Flaw Exploited by Russia Against NATO Countries Added to CISA ‘Must Patch’ List
CISA has added to its Known Exploited Vulnerabilities catalog a Zimbra vulnerability exploited in attacks targeting NATO countries

WiFi Flaws Allow Network Traffic Interception on Linux, iOS, and Android

↺ WiFi Flaws Allow Network Traffic Interception on Linux, iOS, and Android
The WiFi flaw discovered by researchers from Northeastern University and KU Leuven can impact a wide range of operating systems, including Linux, iOS, and Android, leaving them vulnerable to potential interception of network traffic if exploited by hackers.
Wireless networking stacks found in a wide range of operating systems were left vulnerable due to an ambiguity in the WiFi specification, explained academics from Northeastern University and KU Leuven in a paper (PDF) titled “Framing Frames: Bypassing WiFi Encryption by Manipulating Transmit Queues.” The ambiguity can allow exposure of network traffic if exploited by threat actors.

Analyzing the efile.com Malware "efail", (Tue, Apr 4th)

↺ Analyzing the efile.com Malware "efail", (Tue, Apr 4th)
Yesterday, I wrote about efile.com serving malicious ake "Browser Updates" to some of its users. This morning, efile.com finally removed the malicious code from its site. The attacker reacted a bit faster and removed some of the additional malware. But luckily, I was able to retrieve some of the malware last evening before it was removed.

Notorious Genesis Market cybercrime forum seized in international law enforcement operation

↺ Notorious Genesis Market cybercrime forum seized in international law enforcement operation
The FBI led "Operation Cookie Monster" to shutter the site linked to millions of instances of fraud and cybercrime globally.

North Korea Hacking Cryptocurrency Sites with 3CX Exploit

↺ North Korea Hacking Cryptocurrency Sites with 3CX Exploit
News:
↺ News
↺ News

3CX Supply Chain Attack: North Korean Hackers Likely Targeted Cryptocurrency Firms

↺ 3CX Supply Chain Attack: North Korean Hackers Likely Targeted Cryptocurrency Firms
3CX supply chain attack appears to have been conducted by North Korean hackers with the goal of targeting cryptocurrency firms.

NATO Seeks Contractors to Test Security of Web Assets

↺ NATO Seeks Contractors to Test Security of Web Assets
NATO is looking for penetration testing vendors to assess the security of its internet-facing web assets.

Self-Propagating, Fast-Encrypting ‘Rorschach’ Ransomware Emerges

↺ Self-Propagating, Fast-Encrypting ‘Rorschach’ Ransomware Emerges
The sophisticated, self-propagating Rorschach ransomware is one of the fastest at encrypting victim’s files.
gemini.tuxmachines.org