Security
Headlines
HeadlinesLatestCVEs

Latest News

Internet Archive (Archive.org) Hacked for Second Time in a Month

The Internet Archive (Archive.org) suffered a second security breach in October 2024, exposing support tickets through unrotated Zendesk…

HackRead
Open in Source
#vulnerability#web#mac#ddos#dos#git#aws
GHSA-3wwx-63fv-pfq6: Cilium's CIDR deny policies may not take effect when a more narrow CIDR allow is present

### Impact A policy rule denying a prefix that is broader than /32 may be ignored if there is - A policy rule referencing a more narrow prefix (`CIDRSet` or `toFQDN`) **and** - This narrower policy rule specifies either `enableDefaultDeny: false` or `- toEntities: all` Note that a rule specifying `toEntities: world` or `toEntities: 0.0.0.0/0` is insufficient, it must be to entity `all`. As an example, given the below policies, traffic is allowed to 1.1.1.2, when it should be denied: ``` apiVersion: cilium.io/v2 kind: CiliumClusterwideNetworkPolicy metadata: name: block-scary-range spec: endpointSelector: {} egressDeny: - toCIDRSet: - cidr: 1.0.0.0/8 --- apiVersion: cilium.io/v2 kind: CiliumNetworkPolicy metadata: name: evade-deny spec: endpointSelector: {} egress: - toCIDR: - 1.1.1.2/32 - toEntities: - all ``` ### Patches This issue affects: - Cilium v1.14 between v1.14.0 and v1.14.15 inclusive - Cilium v1.15 between v1.15.0 and v1.15.9 inclusive...

ICE's $2 Million Contract With a Spyware Vendor Is Under White House Review

Immigration and Customs Enforcement's contract with Paragon Solutions faces scrutiny over whether it complies with the Biden administration's executive order on spyware, WIRED has learned.

GHSA-584q-6j8j-r5pm: secp256k1-node allows private key extraction over ECDH

### Summary In `elliptic`-based version, `loadUncompressedPublicKey` has a check that the public key is on the curve: https://github.com/cryptocoinjs/secp256k1-node/blob/6d3474b81d073cc9c8cc8cfadb580c84f8df5248/lib/elliptic.js#L37-L39 `loadCompressedPublicKey` is, however, missing that check: https://github.com/cryptocoinjs/secp256k1-node/blob/6d3474b81d073cc9c8cc8cfadb580c84f8df5248/lib/elliptic.js#L17-L19 That allows the attacker to use public keys on low-cardinality curves to extract enough information to fully restore the private key from as little as 11 ECDH sessions, and very cheaply on compute power Other operations on public keys are also affected, including e.g. `publicKeyVerify()` incorrectly returning `true` on those invalid keys, and e.g. `publicKeyTweakMul()` also returning predictable outcomes allowing to restore the tweak ### Details The curve equation is `Y^2 = X^3 + 7`, and it restores `Y` from `X` in `loadCompressedPublicKey`, using `Y = sqrt(X^3 + 7)`, but whe...

Akira ransomware continues to evolve

As the Akira ransomware group continues to evolve its operations, Talos has the latest research on the group's attack chain, targeted verticals, and potential future TTPs.

Hacker Advertises “Top Secret US Space Force (USSF) Military Technology Archive”

A hacker known as “TAINTU” is advertising a “Top Secret U.S. Space Force Military Technology Archive” for sale,…

Anti-Bot Services Help Cybercrooks Bypass Google 'Red Page'

The emergence of novel anti-detection kits for sale on the Dark Web limit the effectiveness of a Chrome browser feature that warns users that they have reached a phishing page.

This industry profits from knowing you have cancer, explains Cody Venzke (Lock and Code S05E22)

This week on the Lock and Code podcast, we speak with Cody Venzke about why data brokers are allowed to collect everything about us.

Why I'm Excited About the Future of Application Security

The future of application security is no longer about reacting to the inevitable — it's about anticipating and preventing attacks before they can cause damage.

Internet Archive attackers email support users: “Your data is now in the hands of some random guy”

Those who hacked the Internet Archive haven’t gone away. Users of the Internet Archive who have submitted helpdesk tickets are reporting...