Found 188 bookmarks
Custom sorting
PyPI package 'ctx' and PHP library 'phpass' compromised to steal environment variables
PyPI package 'ctx' and PHP library 'phpass' compromised to steal environment variables
This week, immensely popular PyPI package 'ctx' has been compromised and altered to steal environment variables from its users. Additionally, a forked PHP project 'phpass' also suffered a repo-hijacking attack with the project tained with identical malicious payload.
#PyPI#ctx#PHP#supplychain#attack#sonatype#EN#2022#exfiltration#steal#Supply-chain-security
·blog.sonatype.com·
PyPI package 'ctx' and PHP library 'phpass' compromised to steal environment variables
How the French fiber optic cable attacks accentuate critical infrastructure vulnerabilities
How the French fiber optic cable attacks accentuate critical infrastructure vulnerabilities
The pictures show neatly trimmed fiber optic cables dug up from underground behind what appears to be a well-hidden grate. The apparent simplicity of the sabotage is all the more harrowing in light of how extensively it disrupted Internet service in France, experts said.
#cyberscoop#2022#en#fiber#optical#cable#attack#French
·cyberscoop.com·
How the French fiber optic cable attacks accentuate critical infrastructure vulnerabilities
‘Zero-Click’ Hacks Are Growing in Popularity. There’s Practically No Way to Stop Them
‘Zero-Click’ Hacks Are Growing in Popularity. There’s Practically No Way to Stop Them
As a journalist working for the Arab news network Alaraby, Rania Dridi said she’s taken precautions to avoid being targeted by hackers, keeping an eye out for suspicious messages and avoiding clicking on links or opening attachments from people she doesn’t know.
#Bloomberg#EN#2022#zeroclick#spyware#NSO#governement#spy#privacy#attack
·bloombergquint.com·
‘Zero-Click’ Hacks Are Growing in Popularity. There’s Practically No Way to Stop Them
research!rsc: The xz attack shell script
research!rsc: The xz attack shell script
Andres Freund published the existence of the xz attack on 2024-03-29 to the public oss-security@openwall mailing list. The day before, he alerted Debian security and the (private) distros@openwall list. In his mail, he says that he dug into this after “observing a few odd symptoms around liblzma (part of the xz package) on Debian sid installations over the last weeks (logins with ssh taking a lot of CPU, valgrind errors).” At a high level, the attack is split in two pieces: a shell script and an object file. There is an injection of shell code during configure, which injects the shell code into make. The shell code during make adds the object file to the build. This post examines the shell script. (See also my timeline post.)
#research.swtch.com#EN#2024#script#exploitation#xz#attack
·research.swtch.com·
research!rsc: The xz attack shell script
Comprehensive Threat Intelligence: Cisco Talos shares insights related to recent cyber attack on Cisco
Comprehensive Threat Intelligence: Cisco Talos shares insights related to recent cyber attack on Cisco
  • On May 24, 2022, Cisco became aware of a potential compromise. Since that point, Cisco Security Incident Response (CSIRT) and Cisco Talos have been working to remediate. * During the investigation, it was determined that a Cisco employee’s credentials were compromised after an attacker gained control of a personal Google account where credentials saved in the victim’s browser were being synchronized.
#talosintelligence#EN#2022#Cisco#attack#Google#sync#password#insights
·blog.talosintelligence.com·
Comprehensive Threat Intelligence: Cisco Talos shares insights related to recent cyber attack on Cisco
PyPI package 'ctx' and PHP library 'phpass' compromised to steal environment variables
PyPI package 'ctx' and PHP library 'phpass' compromised to steal environment variables
This week, immensely popular PyPI package 'ctx' has been compromised and altered to steal environment variables from its users. Additionally, a forked PHP project 'phpass' also suffered a repo-hijacking attack with the project tained with identical malicious payload.
#PyPI#ctx#PHP#supplychain#attack#sonatype#EN#2022#exfiltration#steal#Supply-chain-security
·blog.sonatype.com·
PyPI package 'ctx' and PHP library 'phpass' compromised to steal environment variables
How the French fiber optic cable attacks accentuate critical infrastructure vulnerabilities
How the French fiber optic cable attacks accentuate critical infrastructure vulnerabilities
The pictures show neatly trimmed fiber optic cables dug up from underground behind what appears to be a well-hidden grate. The apparent simplicity of the sabotage is all the more harrowing in light of how extensively it disrupted Internet service in France, experts said.
#cyberscoop#2022#en#fiber#optical#cable#attack#French
·cyberscoop.com·
How the French fiber optic cable attacks accentuate critical infrastructure vulnerabilities
‘Zero-Click’ Hacks Are Growing in Popularity. There’s Practically No Way to Stop Them
‘Zero-Click’ Hacks Are Growing in Popularity. There’s Practically No Way to Stop Them
As a journalist working for the Arab news network Alaraby, Rania Dridi said she’s taken precautions to avoid being targeted by hackers, keeping an eye out for suspicious messages and avoiding clicking on links or opening attachments from people she doesn’t know.
#Bloomberg#EN#2022#zeroclick#spyware#NSO#governement#spy#privacy#attack
·bloombergquint.com·
‘Zero-Click’ Hacks Are Growing in Popularity. There’s Practically No Way to Stop Them
Recent ‘MFA Bombing’ Attacks Targeting Apple Users – Krebs on Security
Recent ‘MFA Bombing’ Attacks Targeting Apple Users – Krebs on Security
Several Apple customers recently reported being targeted in elaborate phishing attacks that involve what appears to be a bug in Apple's password reset feature. In this scenario, a target's Apple devices are forced to display dozens of system-level prompts that…
#krebsonsecurity#EN#2024#MFA-fatigue#attack#Apple#MFA-bombing#password
·krebsonsecurity.com·
Recent ‘MFA Bombing’ Attacks Targeting Apple Users – Krebs on Security
ZenHammer: Rowhammer Attacks on AMD Zen-based Platforms
ZenHammer: Rowhammer Attacks on AMD Zen-based Platforms
Our work shows that it is possible to trigger Rowhammer bit flips on DDR4 devices on AMD Zen 2 and Zen 3 systems despite deployed TRR mitigations. This result proves that AMD systems are equally vulnerable to Rowhammer as Intel systems, which greatly increases the attack surface, considering today’s AMD market share of around 36%… Read
#ETHZ#EN#2024#ZenHammer#Rowhammer#DDR4#AMD#Zen2#Zen3#attack#study
·comsec.ethz.ch·
ZenHammer: Rowhammer Attacks on AMD Zen-based Platforms
Managing Attack Surface | Huntress Blog
Managing Attack Surface | Huntress Blog
Huntress recently detected interesting activity on an endpoint; a threat actor was attempting to establish a foothold on an endpoint by using commands issued via MSSQL to upload a reverse shell accessible from the web server. All attempts were obviated by MAV and process detections, but boy-howdy, did they try!
#huntress#EN#2024#attack#IoCs#MSSQL#reverse-shell
·huntress.com·
Managing Attack Surface | Huntress Blog
Comprehensive Threat Intelligence: Cisco Talos shares insights related to recent cyber attack on Cisco
Comprehensive Threat Intelligence: Cisco Talos shares insights related to recent cyber attack on Cisco
  • On May 24, 2022, Cisco became aware of a potential compromise. Since that point, Cisco Security Incident Response (CSIRT) and Cisco Talos have been working to remediate. * During the investigation, it was determined that a Cisco employee’s credentials were compromised after an attacker gained control of a personal Google account where credentials saved in the victim’s browser were being synchronized.
#talosintelligence#EN#2022#Cisco#attack#Google#sync#password#insights
·blog.talosintelligence.com·
Comprehensive Threat Intelligence: Cisco Talos shares insights related to recent cyber attack on Cisco