2012, Information Security and Libraries - Information Management Today

Mozilla fixes critical flaw in Network Security Services (NSS) cryptography library

Security Affairs

DECEMBER 1, 2021

Mozilla fixed a critical memory corruption issue affecting its cross-platform Network Security Services (NSS) set of cryptography libraries. Mozilla has addressed a heap-based buffer overflow vulnerability (CVE-2021-43527) in its cross-platform Network Security Services (NSS) set of cryptography libraries. and NSS 3.73

Libraries

Libraries Security CMS Communications

Deadglyph, a very sophisticated and unknown backdoor targets the Middle East

Security Affairs

SEPTEMBER 24, 2023

Stealth Falcon is a nation-state actor active since at least 2012, the group targeted political activists and journalists in the Middle East in past campaigns. The attacks have been conducted from 2012 until 2106, against Emirati journalists, activists, and dissidents. ” reads the analysis published by ESET.

Libraries

Libraries Encryption Security IT

Devices from Dell, HP, and Lenovo used outdated OpenSSL versions

Security Affairs

NOVEMBER 25, 2022

Researchers discovered that devices from Dell, HP, and Lenovo are still using outdated versions of the OpenSSL cryptographic library. Binarly researchers discovered that devices from Dell, HP, and Lenovo are still using outdated versions of the OpenSSL cryptographic library. that dates back 2012. ” continues the report.

Libraries

Libraries Manufacturing Communications Security

0patch releases free unofficial patches for Windows 0days exploited in the wild

Security Affairs

MARCH 27, 2020

A few days ago, Microsoft warned of hackers actively exploiting two zero-day remote code execution vulnerabilities in Windows Adobe Type Manager Library. The vulnerabilities affects the way Windows Adobe Type Manager Library handles a specially-crafted multi-master font – Adobe Type 1 PostScript format. and Windows Server 2012.

Libraries

Libraries Risk Security IT

Experts bypassed Microsoft’s emergency patch for the PrintNightmare

Security Affairs

JULY 8, 2021

2008 and 2012 but require Point&Print configured for Windows 2016,2019,10 & 11(?). Delpy shared a screenshot of a reversed-engineered Windows DLL with The Register and explained that the issues ties how Microsoft was checking for remote libraries in its patch for PrintNightmare. These work out of the box on Windows 7, 8, 8.1,

Libraries

Libraries Security IT Cybersecurity

US CISA added 17 flaws to its Known Exploited Vulnerabilities Catalog

Security Affairs

JANUARY 23, 2022

CVE Number CVE Title Required Action Due Date CVE-2021-32648 October CMS Improper Authentication 2/1/2022 CVE-2021-21315 System Information Library for node.js CVE Number CVE Title Required Action Due Date CVE-2021-32648 October CMS Improper Authentication 2/1/2022 CVE-2021-21315 System Information Library for node.js

CMS

CMS IT Authentication Libraries

House Passes Two Cybersecurity Bills

Hunton Privacy

MAY 1, 2012

On April 26, 2012, the U.S. 3523), which is aimed at facilitating the exchange of cyber threat intelligence information between the government and certain private entities. In addition, the House approved the Federal Information Security Amendments Act of 2012 (H.R. Federal Information Security Amendments Act.

Cybersecurity

Cybersecurity Information Security Libraries Sales

China-linked APT41 group targets telecommunications companies with new backdoor

Security Affairs

OCTOBER 31, 2019

” The APT41 has been active since at least 2012, it was involved in both state-sponsored espionage campaigns and financially-motivated attacks since 2014. The spyware uses the “ libpcap library to listen to all traffic and parses network protocols starting with Ethernet and IP layers.

Libraries

Libraries Education Risk Security

[SI-LAB] FlawedAmmyy Leveraging Undetected XLM Macros as an Infection Vehicle

Security Affairs

MARCH 2, 2019

File name: control MD5: c4463d6ae741d4fb789bd0895fafebee SHA1: c8866ca1012dfabf5ad131cfeea0036dacb433e6 Creation time: 2012-09-21 09:56:09 First submission on VT: 2019-02-19 23:26:41. dll library). Figure 27: First stage of RAT builts IAT and load some libraries (kernel32.dll dll this case). Now, the second stage is completed.

File names

File names Phishing Libraries IT

The evolutions of APT28 attacks

Security Affairs

DECEMBER 4, 2019

According to the many analyses made by Unit42 (available HERE ), FireEye ( HERE , HERE ) and TALOS ( HERE , HERE ) we might agree that APT28 has been very active (or at least very “spotted”) during the time frame between 2012 to 2019. However most of the new attacks, qualitative speaking, happened during the time frame between 2018 to 2019.

Computer and Electronics

Computer and Electronics Libraries Security Military

Top 6 Rootkit Threats and How to Protect Yourself

eSecurity Planet

NOVEMBER 7, 2022

Also known as an “application rootkit,” the user-mode rootkit replaces executables and system libraries and modifies the behavior of application programming interfaces (APIs). It alters the security subsystem and displays false information to administrators of the target computer. performing regular security maintenance.

Information Security

Information Security Security Access Mining

The Hacker Mind Podcast: The Right To Repair

ForAllSecure

FEBRUARY 10, 2021

I’m Robert Vamosi and in this episode I’m talking about our right to repair, how some high tech companies might want to limit that right, and how there’s a group of information security professionals who are volunteering their free time to fight for those rights in local legislation.

Manufacturing

Manufacturing Agriculture IT Access

The Hacker Mind Podcast: The Right To Repair

ForAllSecure

FEBRUARY 10, 2021

I’m Robert Vamosi and in this episode I’m talking about our right to repair, how some high tech companies might want to limit that right, and how there’s a group of information security professionals who are volunteering their free time to fight for those rights in local legislation.

Manufacturing

Manufacturing Agriculture IT Access

Information Management Today

Mozilla fixes critical flaw in Network Security Services (NSS) cryptography library

Deadglyph, a very sophisticated and unknown backdoor targets the Middle East

Trending Sources

Devices from Dell, HP, and Lenovo used outdated OpenSSL versions

0patch releases free unofficial patches for Windows 0days exploited in the wild

Experts bypassed Microsoft’s emergency patch for the PrintNightmare

US CISA added 17 flaws to its Known Exploited Vulnerabilities Catalog

House Passes Two Cybersecurity Bills

China-linked APT41 group targets telecommunications companies with new backdoor

[SI-LAB] FlawedAmmyy Leveraging Undetected XLM Macros as an Infection Vehicle

The evolutions of APT28 attacks

Top 6 Rootkit Threats and How to Protect Yourself

The Hacker Mind Podcast: The Right To Repair

The Hacker Mind Podcast: The Right To Repair

Stay Connected