Found 13 bookmarks
Newest
Hackers hijack govt and business accounts on X for crypto scams
Hackers hijack govt and business accounts on X for crypto scams
Hackers are increasingly targeting verified accounts on X (formerly Twitter) belonging to government and business profiles and marked with 'gold' and 'grey' checkmarks to promote cryptocurrency scams, phishing sites, and sites with crypto drainers.
#bleepingcomputer#ENM#2024#Media#Account#InfoSec#Scam#Takeover#Security#Computer#Verified#Twitter#CryptoCurrency#Social#X
·bleepingcomputer.com·
Hackers hijack govt and business accounts on X for crypto scams
Synology NAS DSM Account Takeover: When Random is not Secure
Synology NAS DSM Account Takeover: When Random is not Secure
  • Team82 has uncovered the use of a weak random number generator in Synology’s DiskStation Manager (DSM) Linux-based operating system running on the company’s network-attached storage (NAS) products The insecure Math.random() method was used to generate the password of the admin password for the NAS device itself. Under some rare conditions, an attacker could leak enough information to restore the seed of the pseudorandom number generator (PRNG), reconstruct the admin password, and remotely take over the admin account. * The vulnerability, tracked as CVE-2023-2729, has been addressed by Synology. Synology’s advisory is here.
#claroty#team42#EN#2023#CVE-2023-2729#ynology#NAS#DSM#Account#Takeover#random
·claroty.com·
Synology NAS DSM Account Takeover: When Random is not Secure