DecryptedTech

Skip to content

Monday27 March 2023

Skip to content

Subscribe to this RSS feed

Security Talk (124)

News, and Disucssions centered on Security

Lapsus$ Claims They have Some Microsoft Azure Source Code, Microsoft is Investigating the Claim

Posted on Monday, 21 March 2022 in Security Talk

Written by Sean Kalinich

Rate this item

1
2
3
4
5

(0 votes)

Lapsus$ Claims They have Some Microsoft Azure Source Code, Microsoft is Investigating the Claim

The Lapsus$ group has been in the news recently for theft of source code form some high-profile targets. These targets have included companies like NVIDIA, Samsung, Vodafone, and Ubisoft. The NVIDIA event was noteworthy as it included a claim that…

Read 1279 times

Be the first to comment!

New Browser in the Browser Attack Improves on Phishing Campaigns

Posted on Monday, 21 March 2022 in Security Talk

Written by Sean Kalinich

Rate this item

1
2
3
4
5

(0 votes)

New Browser in the Browser Attack Improves on Phishing Campaigns

Phishing, regular and spear, is a very common method of compromising accounts and gaining access to a network. In many incidents, the initial compromise can be traced back to a compromised account via some sort of phishing message. This happens…

Read 684 times

Be the first to comment!

SolarWinds Says Remove Web Help Desk from Public Access to Avoid Possible Attack

Posted on Thursday, 17 March 2022 in Security Talk

Written by Sean Kalinich

Rate this item

1
2
3
4
5

(0 votes)

SolarWinds Says Remove Web Help Desk from Public Access to Avoid Possible Attack

Recently a SolarWinds Web Help Desk client reported an attempted attack on their externally facing Web Help Desk instance. The attack was caught by their EDR system which was able to block the attempt. However, the reported attack, after a…

Read 696 times

Be the first to comment!

Open Source Community Takes a Hit as One Developer Pushes Destructive Content as a Form of Protest

Posted on Thursday, 17 March 2022 in Security Talk

Written by Sean Kalinich

Rate this item

1
2
3
4
5

(0 votes)

Open Source Community Takes a Hit as One Developer Pushes Destructive Content as a Form of Protest

Since the beginning of the Russian invasion of Ukraine we have seen a massive increase in what can only be called cyber warfare. This battle is not just being fought at the state level though. Even APT groups have gotten…

Read 803 times

Be the first to comment!

MFA Flaw used by State Threat Actors to Move Around your Network

Posted on Wednesday, 16 March 2022 in Security Talk

Written by Sean Kalinich

Rate this item

1
2
3
4
5

(0 votes)

MFA Flaw used by State Threat Actors to Move Around your Network

Multi-Factor Authentication is often seen as an answer to account compromise, or at least a partial answer to this issue. The problem is that MFA is that while it can help with account compromise, it is certainly not the end…

Read 561 times

Be the first to comment!

Microsoft Says Ads in Windows 11 File Explorer Were Not Meant for Us to See

Posted on Wednesday, 16 March 2022 in Security Talk

Written by Sean Kalinich

Rate this item

1
2
3
4
5

(0 votes)

Microsoft Says Ads in Windows 11 File Explorer Were Not Meant for Us to See

Yesterday we reported that insider builds of Microsoft’s Windows 11 were displaying ads for other Microsoft services inside File Explorer. Like most people, we felt this was not a good thing and the news went around the internet at a…

Read 810 times

Be the first to comment!

Phishing Campaign Targeting Ukraine uses Fake AntiMalware Update

Posted on Tuesday, 15 March 2022 in Security Talk

Written by Sean Kalinich

Rate this item

1
2
3
4
5

(0 votes)

Phishing Campaign Targeting Ukraine uses Fake AntiMalware Update

Ukrainian Security Officials are warning of an active phishing campaign. The campaign involves emails that impersonate government agencies and include links to what appear to be critical security updates. The payload of the campaign delivers Cobalt Strike and a few…

Read 531 times

Be the first to comment!

Microsoft Testing Ads in File Explorer as Part of Preview Builds of Windows 11

Posted on Tuesday, 15 March 2022 in Security Talk

Written by Sean Kalinich

Rate this item

1
2
3
4
5

(0 votes)

Microsoft Testing Ads in File Explorer as Part of Preview Builds of Windows 11

Microsoft, famous for bad marketing moves, is looking to make another one. In this case the mistake has not hit the general public but is in a preview build of Windows 11. The mistake is shoveling ads to people for…

Read 1007 times

Be the first to comment!

New Report Shows WordPress Sites leave 30% of Critical Vulnerabilities Unpatched.

Posted on Thursday, 10 March 2022 in Security Talk

Written by Sean Kalinich

Rate this item

1
2
3
4
5

(0 votes)

New Report Shows WordPress Sites leave 30% of Critical Vulnerabilities Unpatched.

PatchStack has pushed out a report that shows that a shocking 30% of vulnerabilities in WordPress sites are left unpatched. This is not to say that people are not patching (they are not), but the report illustrates that vendors for…

Read 745 times

Be the first to comment!

Emotet’s Comeback Shows no Sign of Slowing as Bot Number Exceeds 100,000

Posted on Thursday, 10 March 2022 in Security Talk

Written by Sean Kalinich

Rate this item

1
2
3
4
5

(0 votes)

Emotet’s Comeback Shows no Sign of Slowing as Bot Number Exceeds 100,000

Emotet, (not to be confused with Imhotep the ancient Egyptian Polymath) was originally identified in 2014 and quickly became one of the top threats of the decade. After an early start as a banking trojan, the group amassed a huge…

Read 546 times

Be the first to comment!

16 New Vulnerabilities Found in HP UEFI Firmware Implementations by Binarly

Posted on Wednesday, 09 March 2022 in Security Talk

Written by Sean Kalinich

Rate this item

1
2
3
4
5

(0 votes)

16 New Vulnerabilities Found in HP UEFI Firmware Implementations by Binarly

The Security Group Binarly has disclosed 16 high-severity vulnerabilities in different implementations of UEFI firmware in HP Enterprise devices. The list of affected devices includes Laptops, Desktops, POS (point-of-sale) and edge computing nodes. The vulnerabilities range in severity from 7.5…

Read 943 times

Be the first to comment!

Another Linux Kernel Bug Found that can allow an Unauthenticated user Root Privileges

Posted on Tuesday, 08 March 2022 in Security Talk

Written by Sean Kalinich

Rate this item

1
2
3
4
5

(0 votes)

Another Linux Kernel Bug Found that can allow an Unauthenticated user Root Privileges

Linux, often thought of as a more secure alternative to Microsoft, has not had an easy year. We have seen vulnerabilities that affect the iSCSI subsystem, the Extended Berkeley Packet Filter, the Polkit pkexec component bug and now two Kernel…

Read 1225 times

Be the first to comment!

Supply Chain Vulnerabilities Found in 150 Devices Spanning Multiple Industries Dubbed Access 7

Posted on Tuesday, 08 March 2022 in Security Talk

Written by Sean Kalinich

Rate this item

1
2
3
4
5

(0 votes)

Supply Chain Vulnerabilities Found in 150 Devices Spanning Multiple Industries Dubbed Access 7

Supply chain attacks are always a concern when it comes to device manufacture and distribution. If an attacker can compromise a part of the supply or management chain, they can affect a large part of the market with relatively minimal…

Read 620 times

Be the first to comment!

Google Announces Plans to Buy Mandiant for $5.4 Billion in Cash

Posted on Tuesday, 08 March 2022 in Security Talk

Written by Sean Kalinich

Rate this item

1
2
3
4
5

(0 votes)

Google Announces Plans to Buy Mandiant for $5.4 Billion in Cash

In early February, rumors about a potential acquisition of Mandiant by Microsoft started to circle the internet. The response was not positive with many feeling that it was allowing the fox to run the chicken coop. Although unpopular the rumor…

Read 636 times

Be the first to comment!

Samsung Confirms Breach and Theft of Source Code

Posted on Monday, 07 March 2022 in Security Talk

Written by Sean Kalinich

Rate this item

1
2
3
4
5

(0 votes)

Samsung Confirms Breach and Theft of Source Code

Earlier today we reported that the same group that hit NVIDIA and stole source code along with employee logins also hit Samsung and stole around 190GB of source code data related to how galaxy mobile devices operate. The data, according…

Read 937 times

Be the first to comment!

Firefox Users Urged to Update to Version 97.0.2 over two Use After free Vulnerabilities Found Exploited in the Wild

Posted on Monday, 07 March 2022 in Security Talk

Written by Sean Kalinich

Rate this item

1
2
3
4
5

(0 votes)

Firefox Users Urged to Update to Version 97.0.2 over two Use After free Vulnerabilities Found Exploited in the Wild

Mozilla is urging users to update to the latest version of Firefox after two vulnerabilities (CVE-2022-26485 and CVE-2022-26486) have been found to be actively exploited in the wild. Both vulnerabilities are listed as use-after-free vulnerabilities. This type of vulnerability relies…

Read 973 times

Be the first to comment!

Start
Prev
1
2
3
4
5
6
7
8
Next
End

Page 3 of 8

Top