Category: Fity Feeds

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

Cyber threat actors have gotten smarter–or lazier–depending on your perspective. It used to be fairly
common for attackers to spend days or even weeks probing targeted networks for vulnerabilities to
exploit. Once identified, they would break down traditional cybersecurity defenses around the network
perimeter and steal as much information as they could, or cause as much chaos as possible, before the
hole was patched and they were shut out.

This security flaw “allows a network adjacent attacker to determine if another user is connected to a VPN, the virtual IP address they have been assigned by the VPN server, and whether or not there is an active connection to a given website,” according to William J. Tolley, Beau Kujath, and Jedidiah R. Crandall, Breakpointing Bad researchers at University of New Mexico. “Additionally, we are able to determine the exact seq and ack numbers by counting encrypted packets and/or examining their size. This allows us to inject data into the TCP stream and hijack connections,” the researchers said.

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.

On Tuesday the Federal Communications Commission (FCC) Chairman Ajit Pai disclosed in a letter that the agency has reviewed over 50,000 documents as part of its investigation into the sale of real-time phone location data by carriers. Pai also said the FCC has nearly completed its investigation.

The Daily Crunch is TechCrunch’s roundup of our biggest and most important stories. If you’d like to get this delivered to your inbox every day at around 9am Pacific, you can subscribe here.

Long before Instagram toyed with removing “likes,” VSCO, an Oakland-based photo-sharing and editing app, built a community devoid of likes, comments and follower counts. Perhaps known to many only because of this year’s “VSCO girl” meme explosion, the company has long been coaxing the creative community to its freemium platform. Turns out, if you can provide the disillusioned teens of Gen Z respite from the horrors of social media — they’ll pay for it.

Amarnath Amarasingam is an Assistant Professor at Queen’s University in Ontario, Canada, where he studies terrorism, extremism, and radicalization.

Last September, Jessica Lundquist passed through a body-scanner at Burbank airport and was told by a TSA screener that they wanted to conduct a “groin search” on her.

This week, security reporter Brian Krebs asked why the newest iPhone 11 Pro appeared to be sending out a user’s location even when the user disabled Location Services in their phone’s settings, in conflict with Apple’s privacy policy and the express wishes of the user.

Yesterday Bytedance, the company that acquired the tween-centric app Musica.ly and relaunched it as Tiktok, was been sued by a parents’ group for violating the Children’s Online Privacy Protection Act by gathering, storing, and selling private information about their children. Today, they settled the case on terms that have not been disclosed.

There is a new tool offensive security teams can use for their password cracking needs. CrackQ is open-source and can provide metrics on the current jobs, queuing and re-queuing tasks.

A lengthy Red Team engagement is coming. What should the defense do if they catch the offense? Reimage systems? Notify and allow? What is the course of action that allows the engagement to proceed and deliver maximum value to the organization? These can be difficult questions to answer, but ones that companies procuring these tests should be asking. This article is meant to be a preparation guide for an organization that has an upcoming Red Team engagement and wants to get the most out of it!

Microsoft has released a Security Advisory to address an issue in Windows Hello for Business (WHfB). An attacker could exploit this issue on devices that were affected by CVE-2017-15361, also known as Return of Coppersmith’s Attack (ROCA), to take control of an affected system.

The U.S. departments of Justice and Treasury departments today announced sanctions against the Russian hacking group “Evil Corp.”

This Alert is the result of recent collaboration between Department of the Treasury Financial Sector Cyber Information Group (CIG) and the Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) to identify and share information with the financial services sector. Treasury and the Cybersecurity and Infrastructure Security Agency (CISA) are providing this report to inform the sector about the Dridex malware and variants. The report provides an overview of the malware, related activity, and a list of previously unreported indicators of compromise derived from information reported to FinCEN by private sector financial institutions. Because actors using Dridex malware and its derivatives continue to target the financial services sector, including financial institutions and customers, the techniques, tactics, and procedures contained in this report warrant renewed attention. Treasury and CISA encourage network security specialists to incorporate these indicators into existing Dridex-related network defense capabilities and planning. For information regarding the malicious cyber actors responsible for the development and distribution of the Dridex malware, see the Treasury press release, Treasury Sanctions Evil Corp, the Russia-Based Cybercriminal Group Behind Dridex Malware.

Earlier this week, a cybersecurity Twitter account inadvertently revealed a zero-day vulnerability flaw affecting software company Atlassian. According to @SwiftOnSecurity, Atlassian provided a domain that resolved to a local server with a common SSL certificate for its Confluence cloud service. This vulnerability would allow anyone with sufficient technical knowledge to conduct a man-in-the-middle attack, redirecting app traffic to a malicious site.

Experts commented below on Sweaty Betty’s data breach caused by cyber-criminals inserting malicious code into its eCommerce website to capture customer card details during the checkout process.