SKS Keyserver Network Under Attack

Posted by & filed under Security Alerts.

Terminological Note “OpenPGP” refers to the OpenPGP protocol, in much the same way that HTML refers to the protocol that specifies how to write a web page. “GnuPG”, “SequoiaPGP”, “OpenPGP.js”, and others are implementations of the OpenPGP protocol in the same way that Mozilla Firefox, Google Chromium, and Microsoft Edge refer to software packages that… Read more »

Latest Mac malware OSX/CrescentCore hides from security researchers

Posted by & filed under Security Alerts.

No fewer than six examples of Mac malware were discovered last month, including one which exploits a vulnerability in macOS Gatekeeper. The latest example – dubbed OSX/CrescentCore – takes steps to hide from security researchers. Security company Intego says it has found CrescentCore on multiple websites, posing as, you guessed it, a Flash Player updater… Read more »

Operation Soft Cell: A Worldwide Campaign Against Telecommunications Providers

Posted by & filed under Security Alerts.

In 2018, the Cybereason Nocturnus team identified an advanced, persistent attack targeting global telecommunications providers carried out by a threat actor using tools and techniques commonly associated with Chinese-affiliated threat actors, such as APT10.  This multi-wave attacks focused on obtaining data of specific, high-value targets and resulted in a complete takeover of the network. Want… Read more »

Nearly 1 Million Computers Still Vulnerable to “Wormable” BlueKeep RDP Flaw

Posted by & filed under Security Alerts.

Nearly 1 Million Computers Still Vulnerable to “Wormable” BlueKeep RDP Flaw Nearly 1 million Windows systems are still unpatched and have been found vulnerable to a recently disclosed critical, wormable, remote code execution vulnerability in the Windows Remote Desktop Protocol (RDP)—two weeks after Microsoft releases the security patch. If exploited, the vulnerability could allow an… Read more »