Cyber Security – Kernel Sesias

8 Dicembre 2024Tecnologia

Zero-day Windows NTLM hash vulnerability gets patched by third-party —credentials can be hijacked by merely viewing a malicious file in File Explorer

Back in June 2023, Microsoft officially announced it had deprecated support for its New Technology LAN Manager authentication protocol, which debuted in […]

7 Dicembre 2024Tecnologia

US govt says Cisco gear often targeted in China’s Salt Typhoon attacks on 8 telecommunications providers — issues Cisco-specific advice to patch networks to fend off attacks

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) released guidelines for network engineers, defenders, and organizations with enterprise-grade networking equipment as part […]

24 Novembre 2024Tecnologia

Hackers breach Wi-Fi network of U.S. firm from Russia — daisy chain attack jumps from network to network to gain access from thousands of miles away

Russian hackers compromised the Wi-Fi of an organization located in the U.S. without needing to get into range of its wireless network. […]

20 Novembre 2024Tecnologia

D-Link has another security flaw with older equipment that won’t be repaired — D-Link told users to replace outdated NAS last week

A handful of legacy D-Link routers are susceptible to RCE (Remote Code Execution) threats as the company refuses to offer patches, stating […]

9 Novembre 2024Tecnologia

D-Link refuses to patch a security flaw on over 60,000 NAS devices — the company instead recommends replacing legacy NAS with newer models

Security researcher Netsecfish discovered a critical flaw in several popular D-Link NAS models that could allow an unauthenticated attacker to execute a […]

27 Ottobre 2024Tecnologia

German MPs and their staff fail simple phishing attack test

The Bundestag, the lower house of the German congress, conducted a secret penetration test (pen test) against members of parliament by sending […]

12 Ottobre 2024Tecnologia

Chinese and Iranian hackers use ChatGPT and LLM tools to create malware and phishing attacks — OpenAI report has recorded over 20 cyberattacks created with ChatGPT

If there’s one sign that AI is more trouble than it is worth, OpenAI confirms that over twenty cyberattacks have occurred, all […]

4 Ottobre 2024Tecnologia

Security experts claim new ‘Perfctl’ malware could pose a risk to any Linux server

On October 3, Aqua Nautilus researchers posted a blog post revealing what they know about a specific Linux malware dubbed “Perfctl” that’s […]

6 Agosto 2024Tecnologia

New Linux kernel attack slips past modern defenses — SLUBStick boasts a 99% success rate

Researchers at the Graz University of Technology in Austria have found a new cross-cache attack (PDF) that can bypass modern kernel defenses […]

4 Agosto 2024Tecnologia

Chinese hacker group StormBamboo successfully hijacked an ISP’s automatic software updates with backdoor malware and bad Chrome extensions to breach a downstream target

Prominent Chinese hacker group StormBamboo (alternately known as StormCloud or Evasive Panda) successfully compromised an ISP and several MacOS and Windows devices […]