Security daily (07-05-2021)

How to monitor expirations of imported certificates in AWS Certificate Manager (ACM)

Certificates are vital to maintaining trust and providing encryption to internal or external facing infrastructure and applications. AWS Certificate Manager (ACM) provides certificate services to any workload that requires them. Although ACM provides managed renewals that automatically renew certificates in most cases, there are exceptions, such as imported certs, where an automatic renewal isn’t possible. […] (AWS Security Blog)

Four men plead guilty to being go-to ‘bulletproof’ hosts for cybercriminals

Four Eastern European men pleaded guilty to a scheme overseeing websites that hosted malware used to cause victims hundreds of millions of dollars in losses, the Justice Department said Friday. Russian nationals Aleksandr Grichishkin and Andrei Skvortsov, along with Aleksandr Skorodumov from Lithuania and Pavel Stassi of Estonia, allegedly oversaw an organization that rented IP addresses, computers servers and domains to cybercriminals between 2008 and 2015.  The practice, known as “bulletproof hosting,” is popular with digital thieves trying to evade law enforcement agencies. Grichishkin, Skvortsov, Skorodumov and Stassi pleaded guilty to one count of RICO conspiracy. They each face up to 20 years in prison. Crooks have used the hacking tools allegedly hosted by the defendants’ organizations to repeatedly infect U.S. financial institutions and defraud victims. That includes Zeus, a notorious piece of malicious code that a variety of criminals have used to steal over $100 million from victims. Despite […] The post Four men plead guilty to being go-to ‘bulletproof’ hosts for cybercriminals appeared first on CyberScoop. (CyberScoop)

Russia’s SVR spy agency scanned for Microsoft Exchange Server bug, UK and US say

After pulling off a sweeping breach of U.S. government networks last year, Russia’s SVR foreign intelligence agency has been scanning the internet for a vulnerability in Microsoft software previously exploited by Chinese spies, British and American security agencies said Friday. It’s the third time in a month that U.S. security agencies have published information on hacking techniques allegedly used by the SVR, the Russian spy agency accused of exploiting software made by SolarWinds and other vendors to breach at least nine U.S. federal agencies. The discovery underscores how a bug in widely used technology can be valuable to spy agencies around the world, which bank on the possibility that some of the organizations they target fail to promptly update their software. The alert is part of a press from the U.S. and its allies against the same hacking group that broke into the Democratic National Committee ahead of the 2016 […] The post Russia’s SVR spy agency scanned for Microsoft Exchange Server bug, UK and US say appeared first on CyberScoop. (CyberScoop)

This Top-Rated Course Will Make You a Linux Master

Linux is a diverse and powerful operating system that virtually every IT professional must learn and know well. Whether you realize it or not, you have likely already used a Linux device, and learning to design things for it is a key step in any Data Science career path.

The Mastering Linux Development Bundle is a comprehensive educational bundle that has something new to teach you, whether you're a seasoned expert or completely new, and it's on sale for $19.99 right now.

This bundle is perfect for learners at every level, but it has the most to teach to beginners. Courses like "Linux Basics... more (Null Byte « WonderHowTo)

Fingerprint Web Apps & Servers for Better Recon & More Successful Hacks

Web applications are ubiquitous in the modern online world, and knowing how to attack them is an increasingly valuable skill. But the key to a successful attack is good recon since it's easier to be focused and efficient with the more information you have. There are many fingerprinting tools available, such as httprint and WebTech, but there are even more that can aid us in reconnaissance.

Common Frameworks & Technologies

Gone are the days of simple websites using HTML, CSS, and vanilla JavaScript. Frameworks dominate the landscape today, providing a robust and modular approach to modern web... more (Null Byte « WonderHowTo)

Biggest ISPs Paid For 8.5 Million Fake FCC Comments Opposing Net Neutrality

(News ≈ Packet Storm)

Ryuk Ransomware Attack Sprung By Frugal Student

(News ≈ Packet Storm)

New Moriya Rootkit Stealthily Backdoors Windows

(News ≈ Packet Storm)

Critical Cisco Bugs Threaten Corporate Networks

(News ≈ Packet Storm)

WPScan Intro: How to Scan for WordPress Vulnerabilities

In this post, we look at how to use WPScan. The tool provides you a better understanding of your WordPress website and its vulnerabilities. Be sure to check out our post on installing WPScan to get started with the software. Big Threats Come from Unexpected Places Imagine for a second that you’re a survivor in a zombie apocalypse. You’ve holed up in a grocery store, barricading windows and checking door locks. Continue reading WPScan Intro: How to Scan for WordPress Vulnerabilities at Sucuri Blog. (Sucuri Blog)

6 Unpatched Flaws Disclosed in Remote Mouse App for Android and iOS

As many as six zero-days have been uncovered in an application called Remote Mouse, allowing a remote attacker to achieve full code execution without any user interaction. The unpatched flaws, collectively named 'Mouse Trap,' were disclosed on Wednesday by security researcher Axel Persinger, who said, "It's clear that this application is very vulnerable and puts users at risk with bad (The Hacker News)

New Stealthy Rootkit Infiltrated Networks of High-Profile Organizations

An unknown threat actor with the capabilities to evolve and tailor its toolset to target environments infiltrated high-profile organizations in Asia and Africa with an evasive Windows rootkit since at least 2018. Called 'Moriya,' the malware is a "passive backdoor which allows attackers to inspect all incoming traffic to the infected machine, filter out packets that are marked as designated for (The Hacker News)

New Spectre Flaws in Intel and AMD CPUs Affect Billions of Computers

When Spectre, a class of critical vulnerabilities impacting modern processors, was publicly revealed in January 2018, the researchers behind the discovery said, "As it is not easy to fix, it will haunt us for quite some time," explaining the inspiration behind naming the speculative execution attacks. Indeed, it's been more than three years, and there is no end to Spectre in sight. A team of (The Hacker News)

iPhone Hack Allegedly Used to Spy on China’s Uyghurs

U.S. intelligence said that the Chaos iPhone remote takeover exploit was used against the minority ethnic group before Apple could patch the problem. (Threatpost)

80% of Net Neutrality Comments to FCC Were Fudged

NY's AG: Millions of fake comments – in favor and against – came from a secret broadband-funded campaign or from a 19-year-old's fake identities. (Threatpost)


/security-daily/ 08-05-2021 23:44:22