Security
Headlines
HeadlinesLatestCVEs

Tag

#microsoft

Metaverse Version of the Dark Web Could be Nearly Impenetrable

Law enforcement will likely find it much harder to take down criminal activities on the "deepverse."

DARKReading
Open in Source
#web#google#microsoft#cisco#git#auth
Windows/x64 Delete File / Dynamic PEB Method NULL-Free Shellcode

This Windows/x64 shellcode is an implementation of the DeleteFileA Windows API to delete a file in the C:/Windows/Temp/ directory.

Charming Kitten's New BellaCiao Malware Discovered in Multi-Country Attacks

The prolific Iranian nation-state group known as Charming Kitten targeted multiple victims in the U.S., Europe, the Middle East and India with a novel malware dubbed BellaCiao, adding to its ever-expanding list of custom tools. Discovered by Bitdefender Labs, BellaCiao is a "personalized dropper" that's capable of delivering other malware payloads onto a victim machine based on commands received

Quarterly Report: Incident Response Trends in Q1 2023

In 45 percent of engagements, attackers exploited public-facing applications to establish initial access, a significant increase from 15 percent the previous quarter.

Dig Security Announces New Integration With CrowdStrike

New CrowdStrike Falcon platform integration delivers multi-cloud visibility and protection of data assets with layered malware detection and file scanning to stop modern attacks.

Google’s Authenticator App Now Lets You Sync 2FA Codes Across Devices

You can now sync sign-in codes across devices—but they aren’t end-to-end encrypted.

HiddenLayer Nabs Most Innovative Startup Crown at RSAC

The judges appreciated the scale of the problem the startup set out to solve: protecting the integrity of AI systems.

Lazarus Subgroup Targeting Apple Devices with New RustBucket macOS Malware

A financially-motivated North Korean threat actor is suspected to be behind a new Apple macOS malware strain called RustBucket. "[RustBucket] communicates with command and control (C2) servers to download and execute various payloads," Jamf Threat Labs researchers Ferdous Saljooki and Jaron Bradley said in a technical report published last week.  The Apple device management company attributed it

Google Cloud Introduces Security AI Workbench for Faster Threat Detection and Analysis

Google's cloud division is following in the footsteps of Microsoft with the launch of Security AI Workbench that leverages generative AI models to gain better visibility into the threat landscape.  Powering the cybersecurity suite is Sec-PaLM, a specialized large language model (LLM) that's "fine-tuned for security use cases." The idea is to take advantage of the latest advances in AI to augment

GHSA-9p5f-5x8v-x65m: Directory traversal + file write causing arbitrary code execution

### Impact Frederic Linn (@FredericLinn) has reported a series of vulnerabilities that can result in directory traversal, file write, and potential remote code execution on Jellyfin instances. The general process involves chaining several exploits including a stored XSS vulnerability and can be used by an unprivileged user. The general process is (using the example of setting an intro video as the payload): * Create a session as a low-priviledged user with a crafted authorization header * Upload an executable that contains a malicious plugin inline via /ClientLog/Document * (Admin hovers over our device in dashboard -> XSS payload gets triggered) * XSS Payload tries to set encoder path to our uploaded "log" file via /System/MediaEncoder/Path * The request fails, but in the process our executable actually runs (I guess for verifying if the path points to a valid ffmpeg version) * The executable will create a plugin folder and place the inlined plugin DLL inside it * The XSS payload sh...