Legacy bug in ESXi servers is being targeted by threat actors This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: CISA Releases Recovery Tool for VMware Ransomware Victims
Russian Hacker Pleads Guilty to Money Laundering Linked to Ryuk Ransomware
A Russian national on February 7, 2023, pleaded guilty in the U.S. to money laundering charges and for attempting to conceal the source of funds obtained in connection with Ryuk ransomware attacks. Denis Mihaqlovic Dubnikov, 30, was arrested in Amsterdam in November…
US CISA releases a script to recover servers infected with ESXiArgs ransomware
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a script to recover VMware ESXi servers infected with ESXiArgs ransomware. Good news for the victims of the recent wave of ESXiArgs ransomware attacks, the U.S. Cybersecurity and Infrastructure Security Agency…
ARM Boss Committed To Public Listing In 2023
Chief executive Rene Haas says ARM is committed to an initial public offering this year, and plans are “underway now” This article has been indexed from Silicon UK Read the original article: ARM Boss Committed To Public Listing In 2023
Regulator Halts AI Chatbot Over GDPR Concerns
Replika accused of posing risk to children This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Regulator Halts AI Chatbot Over GDPR Concerns
Why performing security testing on your products and systems is a good idea
Major CrackDown – Police Hacked Exclu ‘secure’ Cybercriminal Message Platform
The police and the Public Prosecution Service in the Netherlands have been able to gain access to data from a crypto communication service used by criminals and read their conversations. It relates to the dismantled crypto-communication service Exclu. According to…
Vulnerability Research is a Journey: CVEs Found by KeenLab
Partly estimated, until May 2016, KeenLab has totally found 152 critical vulnerabilities with CVE IDs, ranging from mainstream OS to browsers and applications Among those vulnerabilities we discovered, 13 was used directly in our 8 Pwn2Own winner categories in the…
Emerging Defense in Android Kernel
There was a time that every Linux kernel hacker loves Android. It comes with a kernel from stone-age with merely any exploit mitigation. Writing exploit with any N-day available was just a walk in the park.Now a days Google, ARM…
WindowServer: The privilege chameleon on macOS (Part 1)
When talking about Apple Graphics, the WindowServer component should not be neglected. Rencently KeenLab has been talking about Apple graphics IOKit components at POC 2015 “OS X Kernel is As Strong as its Weakest Part“, CanSecWest 2016 “Don’t Trust Your…
WindowServer: The privilege chameleon on macOS (Part 2)
From my last blog post “WindowServer: The privilege chameleon on macOS (Part 1)”, we discussed some basic concepts, the history and architecture of WindowServer, as well as the details of CVE-2016-1804 – A Use-After-Free (Or we can also call it…
Suspect in Finnish psychotherapy center blackmail hack arrested
Suomi sentence expected for shrink records theft French police have arrested a 25-year-old Finnish man accused of hacking a psychotherapy clinic, stealing more than 22,000 patients’ therapy notes, demanding ransom payments from them and also leaking this very private info…
CERT-UA Alerts Ukrainian State Authorities of Remcos Software-Fueled Cyber Attacks
The Computer Emergency Response Team of Ukraine (CERT-UA) has issued an alert warning of cyber attacks against state authorities in the country that deploy a legitimate remote access software named Remcos. The mass phishing campaign has been attributed to a threat actor…
The Journey of a complete OSX privilege escalation with a single vulnerability – Part 1
In previous blog posts Liang talked about the userspace privilege escalation vulnerability we found in WindowServer. Now in following articles I will talk about the Blitzard kernel bug we used in this year’s pwn2own to escape the Safari renderer sandbox,…
Car Hacking Research: Remote Attack Tesla Motors
With several months of in-depth research on Tesla Cars, we have discovered multiple security vulnerabilities and successfully implemented remote, aka none physical contact, control on Tesla Model S in both Parking and Driving Mode. It is worth to note that…
A Link to System Privilege
A Detailed Description of CVE-2016-0176 and Its Exploitation Essentials of a Successful Pwn of Microsoft Edge A successful Pwn of Microsoft Edge consists of two essential parts: Browser RCE(Remote Code Execution) and browser sandbox bypass. Browser RCE is typically achieved…
Racing for everyone: descriptor describes TOCTOU in Apple’s core
This blog post is about a new type of vulnerabilities in IOKit I discovered and submitted to Apple in 2016. I did a brief scan using a IDA script on MacOS and found at least four bugs with 3 CVEs…
New Car Hacking Research: 2017, Remote Attack Tesla Motors Again
Keen Lab discovered new security vulnerabilities on Tesla motors and realized full attack chain to implement arbitrary CAN BUS and ECUs remote controls on Tesla motors with latest firmware. Several highlights for 2017 Tesla Research: Realized full attack chain as…
Global Ransomware attack downs Florida Supreme Court and European Universities
A Global Ransomware campaign has reportedly targeted over 3800 organizations so far, including Florida Supreme Court and Universities operating in the United States and Central Europe. Analysis conducted by Ransomwhere; a digital platform that keeps a tab of all international…
Cisco’s innovations protect hybrid work and multi-cloud environments
Cisco customers can now access new risk-based capabilities across Cisco’s security portfolio to better protect hybrid work and multi-cloud environments. These advancements demonstrate progress towards realizing the full vision of the Cisco Security Cloud which will protect the integrity of…
Everbridge DigitalOps Insights provides visibility into IT service disruptions
Everbridge has introduced a new AI-powered situational awareness tool enabling incident commanders and resolvers to gain deep visibility into IT service disruptions. Available as part of Everbridge’s Digital Operations solutions bundle, DigitalOps Insights powered by xMatters provides Operations/IT, NOC/SOC, Service…
Neustar Security Services UltraPlatform protects enterprises’ digital assets
Neustar Security Services is launching UltraPlatform, a solution that leverages three Neustar Security Services’ offerings critical to protecting organizations’ online assets and infrastructure: an authoritative domain name system (DNS) service, protection against distributed denial-of-service (DDoS) attacks and a web application…
Novel face swaps emerge as a major threat to biometric security
Digital identities are rapidly becoming more widely used as organizations’ and governments’ digital transformation projects mature and users demand more remote accessibility for everything, from creating a bank account to applying for government services, according to iProov. To support this…
Generative AI: A benefit and a hazard
If there’s one thing people will remember about AI advances in 2022, it’ll be the advent of sophisticated generative models: DALL.E 2, Stable Diffusion, Midjourney, ChatGPT. They all made headlines – and they will change the way we work and…
Biden’s SOTU: Data Privacy Is Now a Must-Hit US State of the Union Topic
Biden’s speech proves that protecting personal info is no longer a fringe issue. Now, Congress just needs to do something about it. This article has been indexed from Security Latest Read the original article: Biden’s SOTU: Data Privacy Is Now…
A bunch of Red Pills: VMware Escapes
Background VMware is one of the leaders in virtualization nowadays. They offer VMware ESXi for cloud, and VMware Workstation and Fusion for Desktops (Windows, Linux, macOS).The technology is very well known to the public: it allows users to run unmodified…
TenSec 2018
Tencent Security Conference (TenSec) is an international cybersecurity summit launched by Tencent Security, hosted by Tencent Keen Security Lab and Tencent Security Platform Department, and co-organized by Tencent Security Academy. TenSec 2018 will be held on October 10 and 11,…