Channel address:
Categories:
Cryptocurrencies
Language: English
Subscribers:
3.56K
Description from channel
Latest news of INFOSEC (EN)
1. Latest Vulnerability.
2. Latest Patch.
3. Privacy Breach.
4. Security Breach.
5. InfoSec News.
German Version 🇩🇪
@cRyPtHoN_INFOSEC_DE
France Version 🇫🇷
@cRyPtHoN_INFOSEC_FR
Italian Version 🇮🇹
@cRyPtHoN_INFOSEC_IT
Ratings & Reviews
Reviews can be left only by registered users. All reviews are moderated by admins.
5 stars
1
4 stars
0
3 stars
1
2 stars
0
1 stars
0
The latest Messages 7
2022-05-18 12:49:14
Experts spotted a new variant of UpdateAgent macOS malware dropper written in Swift.
Researchers spotted a new variant of the UpdateAgent macOS malware dropper that was employed in attacks in the wild.
Researchers from the Jamf Threat Labs team have uncovered a new variant of the UpdateAgent macOS malware dropper. The new version is written in Swift and relies on the AWS infrastructure to host its malicious payloads.
The new variant of the malware supports common dropper features, including some minor system fingerprinting, endpoint registration, and persistence.
https://securityaffairs.co/wordpress/131391/malware/updateagent-macos-malware-swift.html
https://www.jamf.com/blog/updateagent-adapts-again/
@cRyPtHoN_INFOSEC_IT
@cRyPtHoN_INFOSEC_FR
@cRyPtHoN_INFOSEC_EN
@cRyPtHoN_INFOSEC_DE
@BlackBox_Archiv
320 views09:49
2022-05-18 12:40:39
Vulnerability Spotlight: Multiple memory corruption vulnerabilities in NVIDIA GPU driver.
Cisco Talos recently discovered four vulnerabilities in the NVIDIA D3D10 driver for graphics cards that could allow an attacker to corrupt memory and write arbitrary memory on the card.
NVIDIA graphics drivers are software for NVIDIA Graphics GPU cards that are installed on PCs. The D3D10 driver communicates between the operating system and the GPU. It's required in most cases for the PC to function properly.
An attacker could exploit these vulnerabilities by sending the target a specially crafted executable or shader file.
These issues could also allow an adversary to perform a guest-to-host escape if they target a guest machine running virtualization environments.
https://blog.talosintelligence.com/2022/05/vuln-spotlight-nvidia-driver-memory.html
#oscp #iocteams #spread #snortteams
@cRyPtHoN_INFOSEC_IT
@cRyPtHoN_INFOSEC_FR
@cRyPtHoN_INFOSEC_EN
@cRyPtHoN_INFOSEC_DE
@BlackBox_Archiv
264 views09:40
2022-05-18 12:29:19
Critical VMware Bug Exploits Continue, as Botnet Operators Jump In.
A critical VMware bug tracked as CVE-2022-22954 continues to draw cybercriminal moths to its remote code-execution flame, with recent attacks focused on botnets and Log4Shell.
Recently uncovered VMware vulnerabilities continue to anchor an ongoing wave of cyberattacks bent on dropping various payloads. In the latest spate of activity, nefarious types are going in with the ultimate goal of infecting targets with various botnets or establishing a backdoor via Log4Shell.
That's according to Barracuda researchers, who found that attackers are particularly probing for the critical vulnerability tracked as CVE-2022-22954 in droves, with swaths of actual exploitation attempts in the mix as well.
https://www.darkreading.com/application-security/critical-vmware-bug-exploits-continue-as-botnet-operators-jump-in
@cRyPtHoN_INFOSEC_IT
@cRyPtHoN_INFOSEC_FR
@cRyPtHoN_INFOSEC_EN
@cRyPtHoN_INFOSEC_DE
@BlackBox_Archiv
219 views09:29
2022-05-18 12:23:01
NVIDIA fixes ten vulnerabilities in Windows GPU display drivers.
NVIDIA has released a security update for a wide range of graphics card models, addressing four high-severity and six medium-severity vulnerabilities in its GPU drivers.
The security update fixes vulnerabilities that can lead to denial of service, information disclosure, elevation of privileges, code execution, etc.
The updates have been made available for Tesla, RTX/Quadro, NVS, Studio, and GeForce software products, covering driver branches R450, R470, and R510.
https://www.bleepingcomputer.com/news/security/nvidia-fixes-ten-vulnerabilities-in-windows-gpu-display-drivers/
@cRyPtHoN_INFOSEC_IT
@cRyPtHoN_INFOSEC_FR
@cRyPtHoN_INFOSEC_EN
@cRyPtHoN_INFOSEC_DE
@BlackBox_Archiv
224 views09:23
2022-05-18 12:18:55
Emotet Summary: November 2021 Through January 2022.
Emotet is one of the most prolific email-distributed malware families in our current threat landscape. Although a coordinated law enforcement effort shut down this malware in January 2021, Emotet resumed operations in November 2021. Since then, Emotet has returned to its status as a prominent threat.
This blog provides a background on Emotet, and it reviews activity from this malware family since its return in November 2021. The information covers changes in Emotet operations from its revival through the end of January 2022. These examples will provide a more comprehensive picture and better indicate the worldwide threat Emotet currently poses.
https://unit42.paloaltonetworks.com/emotet-malware-summary-epoch-4-5/
#oscp #iocteams #spread #snortteams
@cRyPtHoN_INFOSEC_IT
@cRyPtHoN_INFOSEC_FR
@cRyPtHoN_INFOSEC_EN
@cRyPtHoN_INFOSEC_DE
@BlackBox_Archiv
195 views09:18
2022-05-18 12:14:57
Apple patches zero-day kernel hole and much more – update now!
Apple’s latest security updates have arrived.
All still-supported flavours of macOS (Monterey, Big Sur and Catalina), as well as all current mobile devices (iPhones, iPads, Apple TVs and Apple Watches), get patches.
Additionally, programmers using Apple’s Xcode development system get an update too.
The details are below.
https://nakedsecurity.sophos.com/2022/05/17/apple-patches-zero-day-kernel-hole-and-much-more-update-now/
@cRyPtHoN_INFOSEC_IT
@cRyPtHoN_INFOSEC_FR
@cRyPtHoN_INFOSEC_EN
@cRyPtHoN_INFOSEC_DE
@BlackBox_Archiv
195 views09:14
2022-05-18 12:09:49
Police Warn of £15m Courier Scams.
Police are urging the public to be vigilant after revealing that thousands of people fell victim to so-called “courier fraud” last year, leading to losses in excess of £15m.
Some 3625 Brits were conned in 2021, with scammers using a variety of tactics to trick them into handing over cash, cards or expensive items to a courier dispatched to their address.
The City of London police force, which runs the National Fraud Intelligence Bureau (NFIB), said there were four common types of courier fraud, all of which usually start with an unsolicited telephone call:
https://www.infosecurity-magazine.com/news/police-warn-of-15m-courier-scams/
@cRyPtHoN_INFOSEC_IT
@cRyPtHoN_INFOSEC_FR
@cRyPtHoN_INFOSEC_EN
@cRyPtHoN_INFOSEC_DE
@BlackBox_Archiv
200 views09:09
2022-05-18 12:06:23
Technical Advisory – Tesla BLE Phone-as-a-Key Passive Entry Vulnerable to Relay Attacks.
Summary
The Tesla Model 3 and Model Y employ a Bluetooth Low Energy (BLE) based passive entry system. This system allows users with an authorized mobile device or key fob within a short range of the vehicle to unlock and operate the vehicle, with no user interaction required on the mobile device or key fob. This system infers proximity of the mobile device or key fob based on signal strength (RSSI) and latency measurements of cryptographic challenge-response operations conducted over BLE.
https://research.nccgroup.com/2022/05/15/technical-advisory-tesla-ble-phone-as-a-key-passive-entry-vulnerable-to-relay-attacks/
@cRyPtHoN_INFOSEC_IT
@cRyPtHoN_INFOSEC_FR
@cRyPtHoN_INFOSEC_EN
@cRyPtHoN_INFOSEC_DE
@BlackBox_Archiv
202 views09:06
2022-05-17 10:33:29
A custom PowerShell RAT uses to target German users using Ukraine crisis as bait.
Researchers spotted a threat actor using a custom PowerShell RAT targeting German users to gain intelligence on the Ukraine crisis.
Malwarebytes experts uncovered a campaign that targets German users with custom PowerShell RAT targeting. The threat actors attempt to trick victims into opening weaponized documents by using the current situation in Ukraine as bait.
The attackers registered a decoy site that was an expired German domain name at collaboration-bw[.]de. The site was hosting a bait document, named “2022-Q2-Bedrohungslage-Ukraine,” used to deliver the custom malware. The document appears to contain information about the current crisis in Ukraine.
https://securityaffairs.co/wordpress/131353/intelligence/powershell-rat-targets-germany-ukraine-bait.html
@cRyPtHoN_INFOSEC_IT
@cRyPtHoN_INFOSEC_FR
@cRyPtHoN_INFOSEC_EN
@cRyPtHoN_INFOSEC_DE
@BlackBox_Archiv
91 views07:33
2022-05-17 10:31:45
Nvidia releases security update for out-of-support GPUs
Nvidia published a security bulletin on May 16, 2022 in which it informs customers about a new software security update for the Nvidia GPU display driver. The update patches security issues in earlier driver versions that can lead to "denial of service, information disclosure, or data tampering".
While it is common for companies to release security updates for their software applications and drivers, it is uncommon to receive updates for products that are not supported anymore.
In this particular case, Nvidia released security updates for Kepler-series graphics adapters that it no longer supports officially with Game Ready Drivers.
https://www.ghacks.net/2022/05/17/nvidia-releases-security-update-for-out-of-support-gpus/
@cRyPtHoN_INFOSEC_IT
@cRyPtHoN_INFOSEC_FR
@cRyPtHoN_INFOSEC_EN
@cRyPtHoN_INFOSEC_DE
@BlackBox_Archiv
73 views07:31
C
