We zoeken bij Securify een cloudengineer! https://securifybv.recruitee.com/o/cloud-engineer

#netsec #Azure #jobs

MalDoc in PDF - Detection bypass by embedding a malicious Word file into a PDF file – - JPCERT/CC Eyes | JPCERT Coordination Center official Blog

#netsec

https://blogs.jpcert.or.jp/en/2023/08/maldocinpdf.html

> JPCERT/CC has confirmed that a new technique was used in an attack that occurred in July, which bypasses detection by embedding a malicious Word file into a PDF file. This blog article calls the technique “MalDoc in PDF” hereafter and explains the details of and countermeasures against it.

Some sneaky base64 encoded HTML #email attachments lately. #emailsec #netsec #sysadmin

Big uptick in these ACH #phishing messages targeting managers+ recently. #emailsec #netsec https://www.virustotal.com/gui/file/27705aadbd2df540a117b206bfe9b39c30146676338833a4fd27e4ee0c41c5e3/detection

"Vulnerabilities in Sogou Keyboard encryption expose keypresses to network eavesdropping"

https://citizenlab.ca/2023/08/vulnerabilities-in-sogou-keyboard-encryption/

#security #infosec #netsec

Oof... Are session tokens really being stored in the logs?

#netsec #microsoft #onedrive

https://www.theregister.com/2023/08/10/microsoft_onedrive/

windows-install-hosts.bat.lnk has been detected as Clam.lnk.Trojan.Qakbot-9977832-1

#netsec #infosec #itsecurity #malware #trojans

HDTunePro.exe has been detected as Clam.Win.Ransomware.Cerber-9981227-0

Does anyone know more about this program?

#netsec #infosec #itsecurity #malware #ransomware

CVE-2023-36325: Attackers can de-anonymize i2p hidden services with a message replay attack

https://xeiaso.net/blog/CVE-2023-36325

#i2p #cve #netsec #infosec @cadey

Hey @cadey, do you host it as an exit node or only router? Just wondering, as I read that hosting an exit node could be problematic (as people do illegal stuff through it)

"Uninstall the Nightowl App, now."

https://robins.one/notes/uninstall-the-nightowl-app-now.html

"...forcibly joins your devices into a botnet for use of market research, without your knowledge (other than the TOS in small text on the download page) or express consent (this feature cannot be turned off, even when the app is quit)."

#security #infosec #netsec #apple #nightowl

My parents had malware on their computer - I had to remove it for them

- It was overwriting their search engines in all installed browsers (with redirection URLs)

- It added redirecting Amazon links to the Desktop and Start Menu

- Infection happened on August 24, 2023 0:10+0100

I think the program was named 'Cookie A.Q.'

#cybersecurity #cybersec #netsec #malware #adware #spyware

if a cyber security goon is demanding you to prove that some random CVE that was spat out of a dumb scan has been patched, you can probably find what you need in the packages changelog.Debian.gz file

eg:

zgrep CVE /usr/share/doc/openssh-server/changelog.Debian.gz

And yes x 💯 this is pointless bureaucracy that does nothing for security.

#WebDev #NetSec #goon

According to Wiz the keys stolen by #China to get into #Microsoft Exchange eMail accounts was a lot more powerful and might've been able to access all Microsoft #Cloud services!

https://www.wiz.io/blog/storm-0558-compromised-microsoft-key-enables-authentication-of-countless-micr

#security #netsec #hacking #malware #privacy

"Remote Code Execution in OpenSSH’s forwarded ssh-agent"

https://blog.qualys.com/vulnerabilities-threat-research/2023/07/19/cve-2023-38408-remote-code-execution-in-opensshs-forwarded-ssh-agent

#security #infosec #netsec

"Hunting for Nginx Alias Traversals in the wild"

https://labs.hakaioffsec.com/nginx-alias-traversal/

Note: it has a juicy case study related to self-hosted bitwarden.

#security #infosec #netsec #nginx #bitwarden

Coming across a fun bug in Pentoo, grappling with it CONVINCED that I've screwed something up irreparably only to work up the courage, post a request for help, and finding that it's a known issue in the packet manager...

At least it wasn't a dumb question this time! 😃

#pentoo #linux #infosec #netsec

"acme.sh runs arbitrary commands from a remote server"

https://github.com/acmesh-official/acme.sh/issues/4659

#security #cybersecurity #netsec #infosec #tls #ssl #acme

KeePass fixed the bug that allows the extraction of the cleartext master password
KeePass fixed bug against cleartext master password
KeePass addressed the CVE-2023-32784 bug that allows the extraction of the cleartext master password from the memory of the client.

KeePass has addressed the CVE-2023-32
https://hackademicus.nl/keepass-fixed-the-bug-that-allows-the-extraction-of-the-cleartext-master-password/
#Blog #password #blog #bug #hacking #infosec #Keepass #netsec #news #security

Super interesting description of an iOS attack Kapersky has named "Triangulation": https://usa.kaspersky.com/blog/triangulation-attack-on-ios/28444/

Looking forward to a deep dive on this. #cybersecurity #triangulation #netsec

BrutePrint attack which targets smartphone fingerprint scanners via the SPI bus between it and the processor.

tl;dr

Android is very vulnerable to this attack. All smartphones tested had their fingerprint authentication bypassed eventually.

iPhones are somewhat vulnerable to this attack, though the attempt-lock feature of iOS reduced its effectiveness. The actual number of attempts allowed by iOS was actually 3x what it was configured to allow.

#NetSec

https://arstechnica.com/information-technology/2023/05/hackers-can-brute-force-fingerprint-authentication-of-android-devices/