Security Affairs

OCTOBER 4, 2022

“Sonar discovered and responsibly disclosed a critical vulnerability in Packagist, a central component of the PHP supply chain, to help secure developer tools.” During our security research, we discovered a critical vulnerability in the source code of Composer which is used by Packagist. The CVE-2022-24828 (CVSS score: 8.8)

File names 90

File names Metadata IT Security 90

Security Affairs

APRIL 8, 2019

Researchers at Emsisoft developed a decryptor for the Planetary Ransomware family that could allow victims to decrypt their files for free. Good news for the victims of the Planetary Ransomware, security firm Emsisoft has released a decryptor that allows victims to decrypt their files for free. The ransom note, named !!!READ_IT!!!

Ransomware 91

Ransomware Encryption File names Security 91

Security Affairs

OCTOBER 20, 2018

A security researcher discovered a zero-day vulnerability, tracked as CVE-2018-9206 , that affects older versions of the jQuery File Upload plugin since 2010. The jQuery File Upload is a jQuery widget “with multiple file selection, drag&drop support, progress bars, validation and preview images, audio and video.”.

File names 93

File names Libraries Security Access 93

Security Affairs

MAY 18, 2021

Searching for these common entries led us to a YouTube video titled “Simps Botnet , Slamming!!!”, created by a user named “itz UR0A” created on 24 April 2021. Figure 7: Youtube video demo of Simps Botnet. Figure 10: keksec.infected.you.log file. Another commonality was the Simps Botnet infection log message.

IoT 128

IoT File names Communications Security 128

Security Affairs

DECEMBER 20, 2018

Security researcher SandboxEscaper released a working proof-of-concept (PoC) exploit for a new Windows zero-day vulnerability. The security researcher SandboxEscaper is back and for the third time in a few months, released proof-of-concept (PoC) exploit for a new zero-day vulnerability affecting Microsoft’s Windows OS. .

File names 96

File names Security IT 96

Security Affairs

FEBRUARY 5, 2019

A security expert discovered a severe Remote Code Execution vulnerability in the popular LibreOffice and Apache OpenOffice. Inführ used a specially ODT file containing a white-colored hyperlink (he has used the white color to make it invisible in the document) that has an “ onmouseover ” event to execute a local python file.

File names 101

File names Libraries Security IT 101

Security Affairs

JUNE 5, 2019

Security experts at Trend Micro have discovered a new Monero cryptomining miner, dubbed BlackSquid, that is targeting web servers, network drives, and removable drives. “This malware, which we named BlackSquid after the registries created and main component file names, is particularly dangerous for several reasons.”

Mining 63

Mining File names Libraries IT 63

Security Affairs

MARCH 15, 2019

The following video PoC shows how to gain full control over a targeted system by tricking the victims into opening maliciously crafted compressed archive file using WinRAR. The file associated with the fake Ariana Grande’s hit album is currently detected by a limited number of antivirus solutions. . Pierluigi Paganini.

Archiving 88

Archiving Libraries File names Security 88

DLA Piper Privacy Matters

MARCH 20, 2023

It is therefore paramount to ensure that the entries in such file are accurate and that the data retention term and conditions of management of this file are compliant with the data protection law (e.g., The CNIL will also check the measures implemented to ensure the security of the data. management of data subjects’ rights).

Computer and Electronics 52

Computer and Electronics IT File names Access 52

Security Affairs

JUNE 25, 2019

Mac security software firm Intego has spotted a new Mac malware dubbed OSX/Linker that exploits a recently disclosed macOS Gatekeeper vulnerability. Experts at Mac security software firm Intego discovered a new piece of Mac malware dubbed OSX/Linker that exploits a recently disclosed macOS Gatekeeper bypass vulnerability.

Archiving 77

Archiving File names Access Security 77

Troy Hunt

APRIL 19, 2018

Let's start with this video as it pretty succinctly explains the issue in consumer-friendly terms: VIDEO: Nova Scotia's government is accusing a 19-year-old of breaching their government website's security ~ Privacy experts disagree. That's something I vehemently disagree with.

Access 69

Access File names Government IT 69

Security Affairs

OCTOBER 28, 2018

Researchers at Cymulate security firm devised a new stealthy technique to deliver malware leveraging videos embedded into weaponized Microsoft Office Documents. The technique could be used to execute JavaScript code when a user clicks on a weaponized YouTube video thumbnail embedded in a Weaponized Office document.

File names 105

File names Phishing Security IT 105

Security Affairs

SEPTEMBER 8, 2018

The unwanted behavior was spotted by a security researcher that goes online with Twitter account Privacy 1st , he discovered that Adware Doctor would gather browsing history from the Safari, Chrome, and the Firefox browsers, the search history on the App Store, and a list of running processes. star rating. Pierluigi Paganini.

Privacy 52

Privacy File names GDPR Personal data 52

Security Affairs

JULY 30, 2018

The messages used employment-related subjects such as “About a role” and “Job Application,” while the malicious attached documents used file names in the format of “firstname.surname_resume.doc”. The stolen information is organized into sections: info : basic computer information such as Windows version and computer name.

Passwords 51

Passwords File names Ransomware IT 51

The Texas Record

JUNE 1, 2021

It could also increase security risk, especially if the records are on an employee’s personal device. Inform the employee of the consequences associated with losing the government records and the high security risk the event creates. Organizing and Naming. Remind employees to work inside of the government’s network.

Records Management 71

Records Management File names Risk Government 71

Troy Hunt

JANUARY 16, 2019

If @1Password was to integrate with my newly released Pwned Passwords k-Anonymity model so you could securely check your exposure against the service (it'd have to be opt in, of course). My hope is that for many, this will be the prompt they need to make an important change to their online security posture. Oh wow - look at this!

Data breaches 112

Data breaches Passwords Risk Personal data 112

KnowBe4

MAY 31, 2023

That's right – the financial services industry, at least according to cybersecurity vendor Armorblox's 2023 Email Security Threat Report. Blog post with links: [link] [Live Demo] Ridiculously Easy Security Awareness Training and Phishing Old-school awareness training does not hack it anymore. Yup – shoe store.

Phishing 75

Phishing File names Security awareness Risk 75

Security Affairs

JANUARY 6, 2021

Researchers uncovered a malspam campaign that spreads the QNode remote access Trojan (RAT) using fake Trump’s sex scandal video as bait. Security experts from Trustwave uncovered a malspam campaign that is delivering the QNode remote access Trojan (RAT) using fake Trump’s sex scandal video as bait.

Archiving 120

Archiving File names Communications Access 120

Troy Hunt

OCTOBER 19, 2017

I'm an independent Australian (I have a Microsoft Regional Director title but RDs don't actually work for Microsoft ) and I specialise in security training folks who build online systems. On March 14 this year, someone sent me a 27GB file called "masterdeeds.sql" which was a MySQL database backup file.

Data breaches 83

Data breaches Personal data Government IT 83

Troy Hunt

FEBRUARY 14, 2018

It's not just the media using scary imagery either, check out the first 20 seconds of this video promoting a home security product: Holy s**t! They're trying to sell you a security thing based on something my 5-year-old can do! Also note the balaclava for extra security.) Will they sell more security things if you do?

Data breaches 81

Data breaches Passwords Marketing Access 81