#microsoft

A Gaza-based threat actor has been linked to a series of cyber attacks aimed at Israeli private-sector energy, defense, and telecommunications organizations. Microsoft, which revealed details of the activity in its fourth annual Digital Defense Report, is tracking the campaign under the name Storm-1133. "We assess this group works to further the interests of Hamas, a Sunni militant group that is

By Deeba Ahmed Facebook’s official page was hacked on Facebook after bizarre posts, including demands for the release of ex-Pakistani PM… This is a post from HackRead.com Read the original post: Facebook’s Official Page Hacked; Demand Release of Pakistani PM Imran Khan

Categories: News Categories: Personal Amazon has announced it will require all privileged AWS to use MFA in the near future. Let's hope others follow. (Read more...) The post Multi-factor authentication has proven it works, so what are we waiting for? appeared first on Malwarebytes Labs.

Categories: News Categories: Scams A very convincing Amazon Prime scam landed in our mail server today and...went straight to spam. Here's why. (Read more...) The post Amazon Prime email scammer snatches defeat from the jaws of victory appeared first on Malwarebytes Labs.

GitHub has announced an improvement to its secret scanning feature that extends validity checks to popular services such as Amazon Web Services (AWS), Microsoft, Google, and Slack. Validity checks, introduced by the Microsoft subsidiary earlier this year, alert users whether exposed tokens found by secret scanning are active, thereby allowing for effective remediation measures. It was first

Plus, Qakbot appears to be still active, despite efforts from the FBI and other international law enforcement agencies to disrupt the massive botnet.

Ubuntu Security Notice 6417-1 - It was discovered that the eBPF implementation in the Linux kernel contained a race condition around read-only maps. A privileged attacker could use this to modify read-only maps. It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service.

Ubuntu Security Notice 6416-1 - It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service. Daniel Trujillo, Johannes Wikner, and Kaveh Razavi discovered that some AMD processors utilising speculative execution and branch prediction may allow unauthorised memory reads via a speculative side-channel attack. A local attacker could use this to expose sensitive information, including kernel memory.

Ubuntu Security Notice 6412-1 - Hyunwoo Kim discovered that the DVB Core driver in the Linux kernel contained a race condition during device removal, leading to a use-after- free vulnerability. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. Hyunwoo Kim discovered that the Technotrend/Hauppauge USB DEC driver in the Linux kernel did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service.

By Deeba Ahmed Another day, another NPM typosquatting attack. This is a post from HackRead.com Read the original post: NPM Typosquatting Attack Deploys r77 Rootkit via Legitimate Package