cRyPtHoN™ INFOSEC (EN)

2021-05-11 18:36:28 Trend Micro hosted email service is down, inboxes still stuck in cloudy limbo.

Blames spam filters for brownout, warns fix could be 'disruptive'

Trend Micro’s hosted email security product is experiencing a global brownout.

The security company’s Japanese support pages say the incident started on Monday afternoon at 1515 UTC, or a quarter past midnight in Tokyo, and has not been resolved at the time of writing more than ten hours later.

Trend’s sparse notification says the company is “aware of some email delivery delays in Hosted Email Security and Pre-filter products affecting customers in all regions. We are currently addressing the issue and hope to have it resolved as soon as possible.”

https://www.theregister.com/2021/05/11/trend_email_outage/

@cRyPtHoN_INFOSEC_FR
@cRyPtHoN_INFOSEC_EN
@cRyPtHoN_INFOSEC_DE
@BlackBox_Archiv Open / Comment

2021-05-11 18:30:47 Finance Giant Plaid Paid People $500 for their Employer Payroll Logins.

The offer was part of an internal test at Plaid. If peoples' employers didn't provide permission, Plaid may run afoul of U.S. hacking laws.

Plaid, a giant in the finance world that was recently valued at $13 billion, paid people $500 each for providing their employer payroll login details, which, if the people were not authorized by their employer to share the credentials, may run afoul of U.S. hacking laws, Motherboard has learned.

https://www.vice.com/en/article/bvzzqa/plaid-paid-500-dollars-workplace-logins

@cRyPtHoN_INFOSEC_FR
@cRyPtHoN_INFOSEC_EN
@cRyPtHoN_INFOSEC_DE
@BlackBox_Archiv Open / Comment

2021-05-11 18:21:55 Tencent research team scores free powerups for electric cars with Raspberry Pi-powered X-in-the-middle attack.

Another auto-exploit saw rPi push Telegram messages over CAN bus to brick a car

Researchers have used the Black Hat Asia conference to demonstrate the awesome power of the Raspberry Pi as a car-p0wning platform.

Chinese web giant Tencent's Blade Team, a security research group, showed they could circumvent payment schemes used at electric vehicle charging stations. Their exploits also changed the charging voltage and current, an act that could damage the EV.

“The construction of charging stations is accelerating all over the world, but there is little research on the security of electric vehicle infrastructure,” said TenCent Blade Team senior security researcher Wu HuiYu.

https://www.theregister.com/2021/05/11/black_hat_asia_car_hacking/

@cRyPtHoN_INFOSEC_FR
@cRyPtHoN_INFOSEC_EN
@cRyPtHoN_INFOSEC_DE
@BlackBox_Archiv Open / Comment

2021-05-11 18:16:54 Japanese Manufacturer Yamabiko Targeted by Babuk Ransomware.

A ransomware group that claimed to be retiring after an audacious attack on Washington DC’s police department appears to be back in action after reportedly targeting a Japanese firm.

Yamabiko, a Tokyo-headquartered manufacturer of power tools and agricultural and industrial machinery, was apparently added to the data leak site used by the Babuk group.

Although official confirmation is still pending from the firm itself, reports suggest the Russian-speaking threat actors have already released some of the data on their naming-and-shaming site.

https://www.infosecurity-magazine.com/news/japanese-manufacturer-yamabiko/

@cRyPtHoN_INFOSEC_FR
@cRyPtHoN_INFOSEC_EN
@cRyPtHoN_INFOSEC_DE
@BlackBox_Archiv Open / Comment

2021-05-11 18:14:20 Apple AirTag jailbroken already – hacked in rickroll attack.

Apple recently announced a tracking device that it calls the AirTag, a new competitor in the “smart label” product category.

The AirTag is a round button about the size of a key fob that you can attach to a suitcase, laptop or, indeed, to your keys, to help you find said item if you misplace it.

If you remember those whistle-and-they-bleep-back-at-you keyrings that were all the rage for a while in the 1990s, well, this is the 21st century version of one of those.

https://nakedsecurity.sophos.com/2021/05/11/apple-airtag-jailbroken-already-hacked-in-rickroll-attack/

@cRyPtHoN_INFOSEC_FR
@cRyPtHoN_INFOSEC_EN
@cRyPtHoN_INFOSEC_DE
@BlackBox_Archiv Open / Comment

2021-05-11 18:12:12 Ransomware gang threatens release of DC police records.

RICHMOND, Va. (AP) — A Russian-speaking ransomware syndicate that stole data from the Washington, D.C., police department says negotiations over payment have broken down and it will release sensitive information that could put lives at risk if more money is not offered.

The extortion threat comes amid a separate ransomware attack on a major pipeline that’s affected part of the U.S.’s fuel supply, highlighting the power of internet-savvy criminal gangs to sow mayhem from a half a world away with impunity.

https://apnews.com/article/police-technology-government-and-politics-53e54780aa080decbb78d5b88d4ff44b

Read Via Telegram

@cRyPtHoN_INFOSEC_FR
@cRyPtHoN_INFOSEC_EN
@cRyPtHoN_INFOSEC_DE
@BlackBox_Archiv Open / Comment

2021-05-11 18:06:45 VLC Media Player 3.0.14 fixes broken Windows automatic updater.

VideoLan has released VLC Media Player 3.0.14 to fix an issue affecting Window users and causing the software's auto-updater not to launch the new version's installer automatically.

"VLC users on Windows might encounter issues when trying to auto update VLC from version 3.0.12 and 3.0.13," VideoLan explained. "We are publishing version 3.0.14 to address this problem for future updates."

This issue is caused by a bug introduced in the automatic updater code of VLC 3.0.12 and fixed with the release of VLC 3.0.14.

Because of this bug, VLC updates are downloaded to the users' computers, verified for integrity, but will not be installed as the auto-updater fails to launch the VLC 3.0.14 installer.

https://www.bleepingcomputer.com/news/software/vlc-media-player-3014-fixes-broken-windows-automatic-updater/

@cRyPtHoN_INFOSEC_FR
@cRyPtHoN_INFOSEC_EN
@cRyPtHoN_INFOSEC_DE
@BlackBox_Archiv Open / Comment

2021-05-11 18:02:40 Google Patches 19 Vulnerabilities With Chrome 90 Update.

Google this week announced yet another set of patches for Chrome, to address a total of 19 vulnerabilities affecting the web browser.

The latest Chrome iteration - 90.0.4430.212 – is available for Windows, Mac, and Linux users. The Android and iOS variants of the browser were updated as well.

Of the 19 security holes addressed with this release, 15 were reported by external researchers, including 13 considered high severity and two flaws rated medium severity.

Chrome components affected by these issues include Web App Installs, Offline, Media Feeds, Aura, Tab Groups, Notifications, V8, Autofill, File API, History, Reader Mode, Payments, and Tab Strip.

https://www.securityweek.com/google-patches-19-vulnerabilities-chrome-90-update

@cRyPtHoN_INFOSEC_FR
@cRyPtHoN_INFOSEC_EN
@cRyPtHoN_INFOSEC_DE
@BlackBox_Archiv Open / Comment

2021-05-11 16:32:45 @cRyPtHoN_INFOSEC_FR
@cRyPtHoN_INFOSEC_EN
@cRyPtHoN_INFOSEC_DE
@BlackBox_Archiv Open / Comment

2021-05-11 04:08:00 Diplomatic Entities Targeted with New 'Moriya' Windows Rootkit.

Researchers at anti-malware vendor Kaspersky are documenting a new, previously unknown Windows rootkit being used in the toolkit of an APT actor currently targetings diplomatic entities in Asia and Africa.

Dubbed Moriya, the rootkit provides the threat actor with the ability to intercept network traffic and hide commands sent to the infected machines, thus allowing the attackers to stay hidden within the compromised networks for months.

The rootkit is part of the toolkit used by TunnelSnake, an unknown actor that deploys backdoors onto public servers belonging to the targeted entities. Multiple other tools that show cover overlaps with the rootkit were also found.

https://www.securityweek.com/diplomatic-entities-targeted-new-moriya-windows-rootkit

@cRyPtHoN_INFOSEC_FR
@cRyPtHoN_INFOSEC_EN
@cRyPtHoN_INFOSEC_DE
@BlackBox_Archiv
@NoGoolag Open / Comment