Malicious NPM packages target Amazon, Slack with new dependency attacks

Posted by & filed under Ειδοποιήσεις.

Threat actors are targeting Amazon, Zillow, Lyft, and Slack NodeJS apps using a new ‘Dependency Confusion’ vulnerability to steal Linux/Unix password files and open reverse shells back to the attackers. Last month, BleepingComputer reported that security researcher Alex Birsan earned bug bounties from 35 companies by utilizing a new flaw in open-source development tools. This flaw works… Read more »

Federal Reserve nationwide outage impacts US banking system

Posted by & filed under Security News.

The US Federal Reserve suffered a massive IT systems outage today that prevented wire transfers, ACH transactions, and other services from operating. When performing a US wire transfer or ACH withdrawal/deposit, the transaction first goes through the Federal Reserve Bank systems who facilitate the transaction. Today, the Federal Reserve banking systems suffered an outage caused… Read more »

Cisco fixes maximum severity MSO auth bypass vulnerability

Posted by & filed under Ειδοποιήσεις.

Cisco has addressed a maximum severity authentication bypass vulnerability found in the API endpoint of the Cisco ACI Multi-Site Orchestrator (MSO) installed on the Application Services Engine. Cisco ACI MSO is an intersite network and policy orchestration solution that helps admins monitor the health of their organizations’ interconnected sites across multiple data centers.

Chinese hackers used NSA exploit years before Shadow Brokers leak

Posted by & filed under Ειδοποιήσεις.

Chinese state hackers cloned and started using an NSA zero-day exploit almost three years before the Shadow Brokers hacker group publicly leaked it in April 2017. EpMe is the original exploit created by Equation Group around 2013 for a Windows zero-day bug tracked as CVE-2017-2005. The vulnerability was used for escalating Windows user privileges after gaining… Read more »

France links Russian Sandworm hackers to hosting provider attacks

Posted by & filed under Ειδοποιήσεις.

The French national cyber-security agency has linked a series of attacks that resulted in the breach of multiple French IT providers over a span of four years to the Russian-backed Sandworm hacking group. ANSSI (short for Agence Nationale de la Sécurité des Systèmes d’Information) has not been able to determine how the servers were compromised…. Read more »