Krebs on Security

AUGUST 9, 2022

Microsoft this month also issued a different patch for another MSDT flaw, tagged as CVE-2022-35743. See Microsoft’s blog post on the Exchange Server updates for more details. The publicly disclosed Exchange flaw is CVE-2022-30134 , which is an information disclosure weakness.

Authentication 254

Authentication Internet Internet Cyber threats 254

Security Affairs

DECEMBER 1, 2021

Collections are open to our VirusTotal Community (registered users) and they will be enhanced with VirusTotal analysis metadata providing the latest information we have for the IoCs, along with some aggregated tags.” ” reads the announcement published by Virus Total.

Hacking 93

Hacking Information Security Malware 93

Google Security

APRIL 30, 2024

This blog describes one set of signals for use by system administrators or endpoint detection agents that should reliably flag any access to the browser’s protected data from another application on the system. This blog will also show how the logging works in practice by testing it against a python password stealer. against theft.

Passwords 90

Passwords Malware Encryption System Administration 90

Security Boulevard

JANUARY 9, 2024

SAP HotNews Security Note #3411067 , tagged with a CVSS score of 9.1, SAP Security Note #3413475 , tagged with a CVSS score of 9.1, SAP Security Note #3412456 , tagged with a CVSS score of 9.1, The HotPriority Notes in Detail SAP Security Note #3411869 , tagged with a CVSS score of 8.4, HTTP/1 is not affected.

Internet 52

Internet Internet Marketing Technology 52

NopSec

JANUARY 31, 2024

Specifically, the researcher found that the issue was rooted in the InitializeXamlDiagnosticsEx API. One of the more interesting aspects of this vulnerability is that the vulnerable XAML component leverages undocumented API methods within the CoreMessaging.dll for interprocess communication. It’s Log4Fusion!

VPN 59

VPN Government Risk Hacking 59

Troy Hunt

DECEMBER 3, 2023

The very next day I published a blog post about how I made it so fast to search through 154M records and thus began a now 185-post epic where I began detailing the minutiae of how I built this thing, the decisions I made about how to run it and commentary on all sorts of different breaches. And then ensured could never happen again.

Data breaches 363

Data breaches Passwords Internet Internet 363

NetSpi Technical

FEBRUARY 26, 2024

The technique was first demonstrated by Outflank in the following blog post. By creating a new “dropper” template which removed all the endpoint dropper code, such as process injection API calls, we had a working decrypt function. 0; //div tag used for download userAction.href=blobUrl; userAction.download="{{.OutputFile}}";

Encryption 121

Encryption Internet Internet Malware 121

Troy Hunt

AUGUST 7, 2020

I was reminded of this just yesterday when my friend from Cloudflare, Junade Ali, posted this: Now @LastPass has added breached password notifications using the k-Anonymity API design by me and @troyhunt - joining @1Password , Okta PassProtect, Apple, Google, etc. The platform this very blog runs on, Ghost, is open source.

Passwords 363

Passwords Architecture Data breaches Internet 363

Security Boulevard

MARCH 30, 2023

This blog post analyzes the encryption algorithms used by Xloader to decrypt the most critical parts of the code and the most important parameters of the malware’s configuration. Previous blog posts have referred to this structure as the ConfigObj, with fields that are used to store flags, encryption parameters, pointers, etc.

Encryption 59

Encryption Malware 59

Troy Hunt

JUNE 30, 2022

Every time this very blog loads Font Awesome from Cloudflare's CDN, for example, it's verified against the hash in the integrity attribute of the script tag (view source for yourself). The 1 hash that won't yield any search results (until Google indexes this blog post.) is the middle one.

Passwords 307

Passwords Identity Theft Consumer Services Password Management 307

Troy Hunt

FEBRUARY 11, 2018

This tag was in the source code over at secure.donaldjtrump.com/donate-homepage yet it was pulling script directly off Igor Escobar's GitHub repository for the project. You can safely use an integrity attribute on your script tag because if ever we want to change the implementation, we'll simply rev the version. from its current state.

Government 243

Government Risk Software Technology 243

ForAllSecure

MARCH 29, 2023

Application Programming Interfaces (APIs) are a fundamental component of modern software development. APIs allow developers to integrate different software systems, making it easier than ever to create complex applications and services. API Basics: What Is an API and How Do APIs Work? How do APIs work?

Authentication 40

Authentication Passwords Encryption Software 40

eSecurity Planet

AUGUST 10, 2023

Differentiator APIs/Integrations Pricing AlienVault Open Threat Exchange Best for community-driven threat feeds Yes Free FBI Infragard Best for critical infrastructure security Limited Free abuse.ch Additionally, dashboards share data about threat names, any relevant reference URLs, tags, adversary and malware families, and attack IDs.

Internet 96

Internet Internet Cybersecurity Malware 96

SecureWorld News

FEBRUARY 10, 2021

Google says that OSV will automate workflow for an open source package consumer by providing an API to query for vulnerabilities. OSV takes care of the rest of the analysis to figure out impacted commit ranges (accounting for cherry picks) and versions/tags.". For more information, read Google's Security Blog about OSV.

Software 74

Software Accountability Cybersecurity 74

Cisco Security

AUGUST 29, 2022

In part one of this issue of our Black Hat USA NOC (Network Operations Center) blog, you will find: Adapt and Overcome. I hope you will read on, to learn more lessons learned about the network and the part two blog about Cisco Secure in the NOC. The first amongst these was the use of the Cisco Meraki API.

Engineering 72

Engineering Wireless Malware DNS 72

SecureList

OCTOBER 28, 2021

Models were available via an API, meaning that the setting was black-box. To win we had to fool as many models as possible for each sample using the fewest possible number of API queries. However, we did not have the API query budget for that, which probably made the setting a bit more realistic. What we did.

Phishing 65

Phishing Malware Architecture Technology 65

Troy Hunt

MAY 1, 2018

Edge now joins the other major browsers in rejecting any script which doesn't hash down to the value specified in the integrity tag. I don't want that question to go unaddressed here because inevitably, some of the first feedback I'll get from people about this blog post will be the lead time it took.

Government 121

Government 121

IT Security Guru

MAY 24, 2021

By combining agent-based and agentless data collection, active scanning to track known assets, passive scanning to identify unknown assets, and APIs for automation, the Qualys Cloud Platform provides comprehensive asset discovery across your entire infrastructure, including on-premises, cloud, container, OT, and IoT.

Cybersecurity 108

Cybersecurity Risk Software Data collection 108

Security Boulevard

AUGUST 4, 2021

This check reviews recent commits, using the GitHub API to search for associated pull requests. Signed Tags. Although this check does not verify the signature, it does look for cryptographically signed tags in the last five tags. Developers often use tags to mark versions. Pull Requests.

Software 83

Software Risk Government Technology 83

NetSpi Technical

FEBRUARY 26, 2024

The technique was first demonstrated by Outflank in the following blog post. By creating a new “dropper” template which removed all the endpoint dropper code, such as process injection API calls, we had a working decrypt function. 0; //div tag used for download userAction.href=blobUrl; userAction.download="{{.OutputFile}}";

Encryption 52

Encryption Internet Internet Malware 52

Malwarebytes

JULY 23, 2021

This blog post was authored by Hasherezade. In this blog we will take a look at AvosLocker a solid, yet not too fancy new ransomware family that has already claimed several victims. Yet, it’s not completely defenseless: all the strings, and some of the APIs, are obfuscated in order to evade static detection.

Ransomware 131

Ransomware Encryption Malware Backups 131

Cisco Security

AUGUST 28, 2023

To be a NOC partner, you must be willing to collaborate, share API (Automated Programming Interface) keys and documentation, and come together (even as market competitors) to secure the conference, for the good of the attendees. A simple Arista API implementation that tracked where users were located on the conference floor.

Wireless 61

Wireless DNS Mobile Technology 61

Veracode Security

FEBRUARY 23, 2021

This is the seventh entry in this blog series on using Java Cryptography securely. Thankfully, Java provides us with rich, easy-to-use APIs for lot of these applications, relieving us to build up crypto systems from primitives. In order to get both, we would need a separate crypto-scheme that would compute authentication tags (a.k.a

Authentication 71

Authentication Encryption Architecture Risk 71

eSecurity Planet

NOVEMBER 16, 2021

HTML smuggling uses both the HTML5 “download” attribute and a JavaScript Blog to pull together the payload after it is downloaded into the victim’s device. A JavaScript Blob stores the encoded data of a file, which is then decoded when passed to a JavaScript API that expects a URL. Trickbot Attacks.

Firewall 120

Firewall Ransomware Banking Malware 120

McAfee

OCTOBER 30, 2020

The introduction of MITRE ATT&CK framework into MVISION Cloud marked McAfee as the first CASB provider to tag and visualize cloud security events within an ATT&CK. The post McAfee Named a Leader in the 2020 Gartner Magic Quadrant for CASB appeared first on McAfee Blogs. Government’s Joint Authorization Board (JAB).

Marketing 86

Marketing Architecture Risk Encryption 86

Security Boulevard

OCTOBER 28, 2022

In Part 1 of this blog series, we analyzed the root cause for CVE-2022-37969. In this blog, we will present an in-the-wild exploit that was discovered by Zscaler ThreatLabz that successfully leveraged CVE-2022-37969 for privilege escalation on Windows 10 and Windows 11. Obtain the function address of the NtQuerySystemInformation API.

52

52

Malwarebytes

JULY 23, 2021

This blog post was authored by Hasherezade. In this blog we will take a look at AvosLocker a solid, yet not too fancy new ransomware family that has already claimed several victims. Yet, it’s not completely defenseless: all the strings, and some of the APIs, are obfuscated in order to evade static detection.

Ransomware 87

Ransomware Encryption Malware Backups 87

Security Affairs

FEBRUARY 9, 2021

” reads a blog post published by Microsoft. ” The lists of security updates released by Microsoft is available on the Security Update Guide portal : Tag CVE ID CVE Title.NET Core CVE-2021-26701.NET CVE-2021-24094 ) and an Important Denial of Service (DoS) vulnerability ( CVE-2021-24086 ).” Pierluigi Paganini.

DNS 97

DNS IoT Backups Mobile 97

SecureList

JULY 25, 2022

One of our industry partners, Qihoo360, published a blog post about an early variant of this malware family in 2017. The ZwCreateSection hook’s primary purpose is to collect the addresses of API functions provided by the kernel, and create a sort of import table for the next component. Affected devices.

Firmware 145

Firmware DNS Malware Technology 145

Security Affairs

MARCH 24, 2020

Users could search for a specific malware family and filter malware using Hashes and TAGS. However, I often get confronted with a simple but severe problem: malware samples referenced in blog posts, whitepaper or mentioned on social media like Twitter are usually not easily available.” ” abuse.ch

Malware 51

Malware Adware Cyber threats Advertising 51

Cisco Security

MAY 26, 2022

In part one of this issue of our Black Hat Asia NOC blog, you will find: . Meraki Scanning API Receiver by Christian Clasen . The first amongst this was the use of the Meraki API. Meraki Scanning API Receiver by Christian Clasen. An excellent solution for these types of API integrations is ngrok ( [link] ).

Wireless 82

Wireless Mobile Engineering Firewall 82

Troy Hunt

JUNE 10, 2019

Search for your account across multiple breaches [link] — Have I Been Pwned (@haveibeenpwned) December 4, 2013 I’ll save the history lesson for the years between then and today because there are presently 106 blog posts with the HIBP tag you can go and read if you’re interested, let me just talk briefly about where the service is at today.

Data breaches 279

Data breaches Passwords InfoSec Accountability 279

Security Boulevard

MARCH 1, 2022

An application has many components: server-side logic, client-side logic, data storage, data transportation, API, and more. But the SOP does not limit javascript code, and the HTML <script> tag is allowed to load Javascript code from any origin. Photo by Lautaro Andreani on Unsplash. Take me back to the top. I’d love to know.

Authentication 52

Authentication Banking Phishing Passwords 52

NetSpi Technical

JULY 13, 2023

Continuing our series on Anti-Scraping techniques, this blog covers implementation of Anti-Scraping protections in a fake message board and examination of how scrapers can adapt to these changes. By changing the number and type of HTML tags around the user data, without affecting the UI, it becomes significantly harder to parse the data.

Accountability 52

Accountability Authentication Passwords VPN 52

Security Boulevard

NOVEMBER 21, 2022

In this blog, we will share details of 4 groups of skimming attacks that have very little to no documentation in the public domain. Exfiltrates the information using the pixtar() function which creates an image tag and sets the source to the exfiltration URL: artmodecssdev[.]art/secure/av/secure.php. art/secure/av/secure.php.

Scams 52

Scams Banking Software 52

LRQA Nettitude Labs

DECEMBER 14, 2023

To provide a bit of context: When interacting with the ChatGPT API, each message includes the role and the content. Specific tags such as <|im_start|> can be used to attempt to create a previous conversation and even attempt to overwrite the original system prompt, “jailbreaking” (removing filters and limitations) the AI.

Artificial Intelligence 61

Artificial Intelligence Technology Penetration Testing Engineering 61

Security Affairs

JUNE 6, 2019

By using the EWS Managed API, the developer can access almost all the information stored in an Office 365, Exchange Online, or Exchange Server mailbox. The attacker used an old version of Microsoft.Exchange.WebService.dll tagged as 15.0.0.0 The used.dll provides a managed interface for developing.NET client applications that use EWS.

Computers and Electronics 79

Computers and Electronics Penetration Testing DNS Passwords 79