Found 6141 bookmarks
Custom sorting
Release: VM Escape Exploit for Parallels Desktop Hypervisor (Pwn2Own 2021)
Release: VM Escape Exploit for Parallels Desktop Hypervisor (Pwn2Own 2021)
In April 2021 I participated in Pwn2Own Vancouvver competition as a single player, and successfully demonstrated a 0-day virtual machine escape exploit with code execution on Parallels hypervisor. Today I am finally releasing the exploit source code together with a technical walkthrough video talk that I gave on Zero Day Engineering livestream in November 2021.
·zerodayengineering.com·
Release: VM Escape Exploit for Parallels Desktop Hypervisor (Pwn2Own 2021)
China blocks use of Intel and AMD chips in government computers, FT reports
China blocks use of Intel and AMD chips in government computers, FT reports
China has introduced guidelines to phase out U.S. microprocessors from Intel (INTC.O), opens new tab and AMD (AMD.O), opens new tab from government personal computers and servers, the Financial Times reported on Sunday. The procurement guidance also seeks to sideline Microsoft's (MSFT.O), opens new tab Windows operating system and foreign-made database software in favour of domestic options, the report said.
·reuters.com·
China blocks use of Intel and AMD chips in government computers, FT reports
Air Europa says customer data may have been compromised in October breach
Air Europa says customer data may have been compromised in October breach
Spanish airline Air Europa (ICAG.L), opens new tab said on Friday personal data of its customers may have been compromised in a security incident that was detected in October last year. The company's investigation showed that name, ID card or passport details, date of birth, telephone number, email address and nationality details could have been leaked, Air Europa told its customers in an email that was seen by Reuters.
·reuters.com·
Air Europa says customer data may have been compromised in October breach
Change Healthcare ransomware attack disrupting industry nationwide
Change Healthcare ransomware attack disrupting industry nationwide
The reports keep coming in from across the country on how the Change Healthcare ransomware attack that first came to light on Feb. 21 has been impacting the healthcare sector. The case has been called the most severe cyberattack on the healthcare sector in history and has had a great impact since Change Healthcare, owned by UnitedHealth Group, processes 15 billion healthcare transactions annually, affecting 1 in 3 patient records.
·scmagazine.com·
Change Healthcare ransomware attack disrupting industry nationwide
Google Online Security Blog: Vulnerability Reward Program: 2023 Year in Review
Google Online Security Blog: Vulnerability Reward Program: 2023 Year in Review
Last year, we again witnessed the power of community-driven security efforts as researchers from around the world contributed to help us identify and address thousands of vulnerabilities in our products and services. Working with our dedicated bug hunter community, we awarded $10 million to our 600+ researchers based in 68 countries.
·security.googleblog.com·
Google Online Security Blog: Vulnerability Reward Program: 2023 Year in Review
Ransomware Recruitment Efforts Following Law Enforcement Disruption
Ransomware Recruitment Efforts Following Law Enforcement Disruption
In late 2023 and early 2024, the ransomware ecosystem experienced repeated disruption of its most prolific Ransomware-as-a-Service (RaaS) groups at the hands of international Law Enforcement (LE). Alphv’s dark web data leak site was seized, then unseized, then re-seized in a December 2023 law enforcement operation that seemingly failed to deter the group – until AlphV ultimately claimed to disband via an apparent exit scam, immediately following a high-profile attack against Change Healthcare in March 2024. LockBit experienced a far more dramatic and well-marketed disruption, “Operation Cronos,” in February 2024, leading to the compromise of its infrastructure, internal operational details, and data. While LockBit has ostensibly continued operations, its highly publicized disruption raises the question of whether the group will be able to continue operating and attracting affiliates at the level they once enjoyed.
·guidepointsecurity.com·
Ransomware Recruitment Efforts Following Law Enforcement Disruption
Exploit released for Fortinet RCE bug used in attacks, patch now
Exploit released for Fortinet RCE bug used in attacks, patch now
Security researchers have released a proof-of-concept (PoC) exploit for a critical vulnerability in Fortinet's FortiClient Enterprise Management Server (EMS) software, which is now actively exploited in attacks.
·bleepingcomputer.com·
Exploit released for Fortinet RCE bug used in attacks, patch now
Understanding and Responding to Distributed Denial-Of-Service Attacks
Understanding and Responding to Distributed Denial-Of-Service Attacks
This joint guide, Understanding and Responding to Distributed Denial-Of-Service Attacks, addresses the specific needs and challenges faced by organizations in defending against DDoS attacks. The guidance now includes detailed insight into three different types of DDoS techniques: Volumetric, attacks aiming to consume available bandwidth. Protocol, attacks which exploit vulnerabilities in network protocols. * Application, attacks targeting vulnerabilities in specific applications or running services.
·cisa.gov·
Understanding and Responding to Distributed Denial-Of-Service Attacks
Managing Attack Surface | Huntress Blog
Managing Attack Surface | Huntress Blog
Huntress recently detected interesting activity on an endpoint; a threat actor was attempting to establish a foothold on an endpoint by using commands issued via MSSQL to upload a reverse shell accessible from the web server. All attempts were obviated by MAV and process detections, but boy-howdy, did they try!
·huntress.com·
Managing Attack Surface | Huntress Blog
Loop DoS: New Denial-of-Service attack targets application-layer protocols
Loop DoS: New Denial-of-Service attack targets application-layer protocols
A new Denial-of-Service (DoS) attack targets application-layer protocols that draw on the User Datagram Protocol (UDP) for end-to-end communication. The vulnerability affects both legacy and contemporary protocols. Discovered by Christian Rossow and Yepeng Pan, the attack puts an estimated 300,000 Internet hosts and their networks at risk.
·cispa.de·
Loop DoS: New Denial-of-Service attack targets application-layer protocols
Two Bytes is Plenty: FortiGate RCE with CVE-2024-21762
Two Bytes is Plenty: FortiGate RCE with CVE-2024-21762
Early this February, Fortinet released an advisory for an "out-of-bounds write vulnerability" that could lead to remote code execution. The issue affected the SSL VPN component of their FortiGate network appliance and was potentially already being exploited in the wild. In this post we detail the steps we took to identify the patched vulnerability and produce a working exploit.
·assetnote.io·
Two Bytes is Plenty: FortiGate RCE with CVE-2024-21762