2003, Information Security, Internet and Malware

Security Affairs newsletter Round 283

Security Affairs

SEPTEMBER 27, 2020

fitness chains Town Sports leaked online Group-IB detects a series of ransomware attacks by OldGremlin HOW DO PROVIDERS IMPLEMENT INTERNET BLOCKING IN BELARUS? fitness chains Town Sports leaked online Group-IB detects a series of ransomware attacks by OldGremlin HOW DO PROVIDERS IMPLEMENT INTERNET BLOCKING IN BELARUS?

IoT

IoT Banking Advertising Ransomware

Microsoft warns for the second time of applying BlueKeep patch

Security Affairs

MAY 31, 2019

BlueKeep is a wormable flaw that can be exploited by malware authors to create malicious code with WannaCry capabilities. Many security experts have already developed their own exploit code for this issue without publicly disclosing it for obvious reasons. Microsoft has released patches for Windows 7, Server 2008, XP and Server 2003.

Internet

Internet Internet Malware Advertising

First Cyber Attack ‘Mass Exploiting’ BlueKeep RDP Flaw Spotted in the Wild

Security Affairs

NOVEMBER 3, 2019

BlueKeep is a wormable flaw that can be exploited by malware authors to create malicious code with WannaCry capabilities. Over the last months, many security experts have developed their own exploit code for this issue without publicly disclosing it for obvious reasons. ” concludes the expert. ” concludes the expert.

Cyber Attacks

Cyber Attacks Penetration Testing Cryptocurrency Hacking

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

NSA urges Windows Users and admins to Patch BlueKeep flaw

Security Affairs

JUNE 5, 2019

BlueKeep is a wormable flaw that can be exploited by malware authors to create malicious code with WannaCry capabilities. Many security experts have already developed their own exploit code for this issue without publicly disclosing it for obvious reasons. Microsoft has released patches for Windows 7, Server 2008, XP and Server 2003.

Penetration Testing

Penetration Testing Firewall Authentication Advertising

Microsoft July 2020 Security Updates address 123 vulnerabilities

Security Affairs

JULY 15, 2020

on the CVSS scale and affects Windows Server versions 2003 to 2019. Wormable vulnerabilities have the potential to spread via malware between vulnerable computers without user interaction. The most severe issue is the 17-year-old wormable issue SigRed , tracked as CVE-2020-1350 , that allows hijacking of Microsoft Windows Server.

DNS

DNS Advertising Engineering Internet

Microsoft Patch Tuesday addresses dangerous RDS flaw that opens to WannaCry-like attacks

Security Affairs

MAY 15, 2019

The vulnerability tracked as CVE-2019-0863 could be exploited by an attacker with low-privileged access to the targeted system to deliver a malware. As explained by Microsoft, this vulnerability could be exploited by malware with wormable capabilities. ” It is important to highlight that the RDP itself is not vulnerable.

Malware

Malware Authentication Advertising Accountability

Microsoft Patch Tuesday for August 2019 patch 93 bugs, including 2 dangerous wormable issues

Security Affairs

AUGUST 14, 2019

The list of flaws addressed by the tech giant doesn’t include zero-days or publicly disclosed vulnerabilities, 29 issues were rated as ‘Critical’ and affect Microsoft’s Edge and Internet Explorer web browsers, Windows, Outlook and Office. Windows XP, Windows Server 2003, and Windows Server 2008 are not affected.

Authentication

Authentication Advertising Internet Internet

[SI-LAB] FlawedAmmyy Leveraging Undetected XLM Macros as an Infection Vehicle

Security Affairs

MARCH 2, 2019

SI-LAB captured a piece of the FlawedAmmyy malware that leverages undetected XLM macros as an Infection Vehicle to compromise user’s devices. This technology is stored in the Workbook OLE stream in Excel 97-2003 format which makes it very difficult to detect and parse by antivirus (AV) engines. macro technology.

Malware

Malware Antivirus Technology Phishing

Internet scans found nearly one million systems vulnerable to BlueKeep

Security Affairs

MAY 28, 2019

GreyNoise is observing sweeping tests for systems vulnerable to the RDP "BlueKeep" (CVE-2019-0708) vulnerability from several dozen hosts around the Internet. BlueKeep is a wormable flaw that can be exploited by malware authors to create malicious code with WannaCry capabilities. Graham added. . Pierluigi Paganini.

Internet

Internet Internet Advertising Malware

UNRAVELING EternalBlue: inside the WannaCry’s enabler

Security Affairs

SEPTEMBER 1, 2023

These data packets can contain malware such as a trojan, ransomware, or similar dangerous program. By scanning a range of IP addresses, they can identify potential targets that have SMB services exposed to the internet. During this lateral movement, the attacker may deploy various tools and malware to further their objectives.

Social Engineering

Social Engineering Penetration Testing Engineering Malware

Who Wants to Support My Work Commercially?

Security Boulevard

JANUARY 25, 2022

Astalavista Security Newsletter - 2003-2006 - Full Offline Reading Copy. Compilations of Personally Identifiable Information Including XMPP/Jabber and Personal Emails Belonging to Cybercriminals and Malicious Threat Actors Internationally – An OSINT Analysis. Malware – Future Trends – Research Paper – Copy. Stay tuned!

Cybercrime

Cybercrime Hacking Scams Ransomware

The Hacker Mind Podcast: Hacking Real World Criminals Online

ForAllSecure

MAY 2, 2023

That, of course, was not all, but it is an example of how someone -- anyone on the internet -- can take a photo or blog post or Yelp review from social media, or some other seemingly random open source item and tie it back to a crime. Which then I could configure to get on the internet, you know. That’s not always the case.

Hacking

Hacking Media InfoSec Internet

The Hacker Mind Podcast: The Fog of Cyber War

ForAllSecure

JULY 6, 2022

I’m talking about cybercrime unicorns, talking the fog of cyberwar among nation states, and about a new book that I think will be on the shelves of every information security professional later this summer. Vamosi: The slogan of the RSA Conference is “Where the World Talks Security,” and, in general.

Cybercrime

Cybercrime Government Ransomware Hacking

Cyber Security Informer

Security Affairs newsletter Round 283

Microsoft warns for the second time of applying BlueKeep patch

Webinars

Trending Sources

First Cyber Attack ‘Mass Exploiting’ BlueKeep RDP Flaw Spotted in the Wild

Webinars

NSA urges Windows Users and admins to Patch BlueKeep flaw

Microsoft July 2020 Security Updates address 123 vulnerabilities

Microsoft Patch Tuesday addresses dangerous RDS flaw that opens to WannaCry-like attacks

Microsoft Patch Tuesday for August 2019 patch 93 bugs, including 2 dangerous wormable issues

[SI-LAB] FlawedAmmyy Leveraging Undetected XLM Macros as an Infection Vehicle

Internet scans found nearly one million systems vulnerable to BlueKeep

UNRAVELING EternalBlue: inside the WannaCry’s enabler

Who Wants to Support My Work Commercially?

The Hacker Mind Podcast: Hacking Real World Criminals Online

The Hacker Mind Podcast: The Fog of Cyber War

Stay Connected