BU-CERT News

From cyberdefensemagazine.com

Data, the saying goes, is the new oil. This probably understates the case: Not only is data at the core of the biggest businesses on earth but unlike oil, more and more of it is being created, at an exponential pace. Around 2.5 quintillion bytes of new data every day, to be precise.

The most valuable forms of data exist within enterprises. Customer data, financial data, intellectual property – today, companies across industries live or die on the value and integrity of their data. A single successful phishing attack could spell disaster. However, the speed and volume at which data is transferred and exchanged, and at which digital interactions occur, presents a serious control problem.

Read more…

From securityaffairs.co

McDonald’s fast-food chain disclosed a data breach, hackers have stolen information belonging to customers and employees from the US, South Korea, and Taiwan.

McDonald’s, the world’s largest restaurant chain by revenue, has disclosed a data breach that impacted customers and employees from the US, South Korea, and Taiwan.

The hackers compromised the system of the company and have stolen business contact info belonging to US employees and franchises, the company pointed out that no sensitive and financial data were accessed.

Read more…

From gbhackers.com

GitHub security researcher Kevin Backhouse has recently discovered a seven-year-old critical Linux privilege escalation bug in the polkit system service, which was previously called PoilcyKit, which could allow any hackers to bypass authorization to gain root access on the affected system.

Read more…

From cyware.com

Microsoft has warned about an ongoing series of attacks targeting Kubernetes clusters running Kubeflow ML instances. These attacks are deploying malicious containers mining Monero and Ethereum. According to Microsoft, these attacks started at the end of May.

What’s the threat?

At the end of May, security researchers observed a sudden increase in TensorFlow ML pod deployments. Attackers were proactively scanning clusters and had a list of potential targets.

• The pods were genuine, however, the attackers tampered with them to mine cryptocurrency on targeted Kubernetes clusters by deploying ML pipelines, leveraging the Kubeflow Pipelines platform.
• The attackers used internet-exposed Kubeflow dashboards to gain initial access to the clusters. This was followed by the deployment of cryptocurrency miners.
• Subsequently, they deployed two separate pods on each of the targeted clusters: one was used for GPU mining ( Ethminer), and the other one used for CPU mining (XMRig).

Read more…

From ehackingnews.com

There is no need to worry about the security of Russian systems after a global failure in the work of world sites, since the servers of all state institutions are located on the territory of Russia

Information security expert Denis Batrankov explained that the problem of modern systems is that many companies do not have the opportunity to create their own office to host their servers there. As a result, they order servers from other hosting providers where they host their product. All responsibility in this case falls on the hosting provider, but the risk of failures increases significantly.

Read more…

From kitploit.com

Nebula is a Cloud and (hopefully) DevOps Penetration Testing framework. It is build with modules for each provider and each functionality. As of April 2021, it only covers AWS, but is currently an ongoing project and hopefully will continue to grow to test GCP, Azure, Kubernetes, Docker, or automation engines like Ansible, Terraform, Chef, etc.

Read more…

From kalilinuxtutorials.com

DNS-Black-Cat is a Multi-platform toolkit for an interactive C2C DNS shell, by using DNS-Black-Cat, you will be able to execute system commands in shell mode over a fully encrypted covert channel

Read more…