Sat.Jun 11, 2022

article thumbnail

Iran-linked Lyceum APT adds a new.NET DNS Backdoor to its arsenal

Security Affairs

Iran-linked Lyceum APT group uses a new.NET-based DNS backdoor to target organizations in the energy and telecommunication sectors. The Iran-linked Lyceum APT group, aka Hexane or Spilrin, used a new.NET-based DNS backdoor in a campaign aimed at companies in the energy and telecommunication sectors, ZScaler researchers warn. The activity of the Lyceum APT group was first documented earlier in August 2019 by researchers at ICS security firm Dragos which tracked it as Hexane.

DNS 143
article thumbnail

WiFi probing exposes smartphone users to tracking, info leaks

Bleeping Computer

Researchers at the University of Hamburg in Germany have conducted a field experiment capturing hundreds of thousands of passersby's WiFi connection probe requests to determine the type of data transmitted without the device owners realizing it. [.].

123
123
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

MIT Researchers Discover New Flaw in Apple M1 CPUs That Can't Be Patched

The Hacker News

A novel hardware attack dubbed PACMAN has been demonstrated against Apple's M1 processor chipsets, potentially arming a malicious actor with the capability to gain arbitrary code execution on macOS systems.

article thumbnail

BSides:Munich 2022 – Christian Bauer’s ‘Building A Security Program For SaaS Product Development’

Security Boulevard

Our thanks to BSides Munich for publishing their Presenter’s BSides:Munich 2022 outstanding security videos on the organization’s’ YouTube channel. Permalink. The post BSides:Munich 2022 – Christian Bauer’s ‘Building A Security Program For SaaS Product Development’ appeared first on Security Boulevard.

Education 117
article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

Confluence servers hacked to deploy AvosLocker, Cerber2021 ransomware

Bleeping Computer

Ransomware gangs are now targeting a recently patched and actively exploited remote code execution (RCE) vulnerability affecting Atlassian Confluence Server and Data Center instances for initial access to corporate networks. [.].

article thumbnail

PACMAN, a new attack technique against Apple M1 CPUs

Security Affairs

PACMAN is a new attack technique demonstrated against Apple M1 processor chipsets that could be used to hack macOS systems. PACMAN is a novel hardware attack technique that can allow attackers to bypass Pointer Authentication (PAC) on the Apple M1 CPU. The pointer authentication codes (PACs) allow to detect and guard against unexpected changes to pointers in memory.

More Trending

article thumbnail

BSides:Munich 2022 – Hido Cohen’s And Arnold Osipov’s ‘From A Simple Log To Sophisticated Crypter’

Security Boulevard

Our thanks to BSides Munich for publishing their Presenter’s BSides:Munich 2022 outstanding security videos on the organization’s’ YouTube channel. Permalink. The post BSides:Munich 2022 – Hido Cohen’s And Arnold Osipov’s ‘From A Simple Log To Sophisticated Crypter’ appeared first on Security Boulevard.

article thumbnail

XKCD ‘Shuttle Skeleton’

Security Boulevard

Permalink. The post XKCD ‘Shuttle Skeleton’ appeared first on Security Boulevard.

69