Category: News

From helpnetsecurity.com

PoC for critical Windows Print Spooler flaw leaked
Microsoft has confirmed that the so-called PrintNightmare vulnerability (CVE-2021-34527) is not the same flaw as the previously patched CVE-2021-1675, and that the leaked PoC exploits can be used to exploit this RCE zero-day.

Cisco security devices targeted with CVE-2020-3580 PoC exploit
Attackers and bug hunters are leveraging an exploit for CVE-2020-3580 to compromise vulnerable security devices running Cisco ASA or FTD software.

Read more…

From kalilinuxtutorials.com

CamRaptor is a tool that exploits several vulnerabilities in popular DVR cameras to obtain network camera credentials.

Read more…

From ehackingnews.com

Kaspersky said that the most professional, most aggressive espionage attacks are carried out by those who speak English, Russian and Chinese.

As for the most professional cybercrime groups, they almost all speak Russian, “because the best programmers in the world also speak Russian,” he noted, explaining the difference between cybercrime and cyber espionage, that is, hackers who work for the state.

“The Soviet, Russian education system produces the most intelligent programmers in large numbers. The most malicious cybercriminals graduated from the same universities as the most professional programmers who work as white hat hackers,” Kaspersky said.

Read more…

From therecord.media

Siemens SIMATIC HMI Comfort Panels, devices meant to provide visualization of data received from industrial equipment, are exposing their Telnet service without any form of authentication, security researchers have discovered.

The bug has industrial security experts worried as they fear this misconfiguration could lead to scenarios where threat actors could remotely access the SIMATIC panels and tamper with the data they display.

Read more…

From blog.talosintelligence.com

Attackers are actively exploiting the Kaseya VSA endpoint monitoring software to conduct a widespread supply chain attack targeting a number of Managed Service Providers (MSPs), according to multiple reports. Organizations usually use Kaseya VSA to perform centralized orchestration of systems in customer environments.

Read more…

From thehackernews.com

Cybersecurity researchers on Thursday revealed details about a new Mirai-inspired botnet called “mirai_ptea” that leverages an undisclosed vulnerability in digital video recorders (DVR) provided by KGUARD to propagate and carry out distributed denial-of-service (DDoS) attacks.

Chinese security firm Netlab 360 pinned the first probe against the flaw on March 23, 2021, before it detected active exploitation attempts by the botnet on June 22, 2021.

Read more…

From bleepingcomputer.com

Arthur J. Gallagher (AJG), a US-based global insurance brokerage and risk management firm, is mailing breach notification letters to potentially impacted individuals following a ransomware attack that hit its systems in late September.

“Working with the cybersecurity and forensic specialists to determine what may have happened and what information may have been affected, we determined that an unknown party accessed or acquired data contained within certain segments of our network between June 3, 2020 and September 26, 2020,” AJG said.

Read more…