Computer security operates on a few basic principles, and one of them is that data in use by one application should not be available to another without permission. This basic architecture should in theory keep one application from snooping on another and stealing, for example, a bank key from a password manager. When that principle breaks down, it can be devastating. Since at least 2014, several generations of Intel CPUs have been vulnerable to exactly this type of data leak. READ MORE...
A joint operation between Interpol and cybersecurity firms has led to an arrest and shutdown of the notorious 16shop phishing-as-a-service (PhaaS) platform. Phishing-as-a-service platforms offer cybercriminals a one-stop-shop to conduct phishing attacks. These platforms typically include everything you need, including email distribution, ready-made phishing kits for well-known brands, hosting, data proxying, victim overview dashboards, and other tools that help increase the success of their operations. READ MORE...
August 2023 Patch Tuesday is here, among the 76 CVE-numbered issues fixed by Microsoft this time around is a DoS vulnerability in .NET and Visual Studio (CVE-2023-38180) for which proof-of-exploit code exists. There is a Microsoft Office "Defense in Depth Update" available that, according to Microsoft, stops the attack chain leading to CVE-2023-36884, a Windows Search RCE vulnerability that has been previously exploited by Russian hackers in targeted attacks. READ MORE...
Microsoft's August patch party seems almost boring compared to the other security fires it's been putting out lately. Of the almost 90 flaws addressed today, two are listed as being under active exploitation. Redmond deemed six of the August CVE-tagged bugs as critical, though we note there are 26 vulnerabilities that can lead to remote code execution (RCE). One of the two that miscreants have already found and exploited doesn't yet have a patch. READ MORE...
WormGPT, a private new chatbot service advertised as a way to use Artificial Intelligence (AI) to write malicious software without all the pesky prohibitions on such activity enforced by the likes of ChatGPT and Google Bard, has started adding restrictions of its own on how the service can be used. Faced with customers trying to use WormGPT to create ransomware and phishing scams, the 23-year-old Portuguese programmer who created the project now says his service is slowly morphing into "a more controlled environment." READ MORE...
Audio recordings are dangerously easy to make these days, whether by accident or by design. You could end up with your own permanent copy of something you thought you were discussing privately, preserved indefinitely in an uninterestingly-named file on your phone or laptop, thanks to hitting "Record" by mistake. Someone else could end up with a permanent transcript of something you didn't want preserved at all, thanks to them hitting "Record" on their phone or laptop in a way that wasn't obvious. READ MORE...
The Shellshock vulnerability got a lot of attention when it was first disclosed in 2014 - both from the media and security teams. While that attention has waned in subsequent years, the Shellshock vulnerability has not disappeared - nor has attacker attention weakened. Rather, this vulnerability remains a popular target, particularly in financial services applications. READ MORE...
Several threat groups are actively exploiting a critical vulnerability in Citrix networking products. Three weeks after Citrix released a patch for its NetScaler ADC and NetScaler Gateway, researchers say nearly 7,000 instances remain exposed on the Web. Of those, around 460 have Web shells installed, likely due to compromise. On July 18, cloud computing company Citrix published a patch for CVE-2023-3519, a "Critical" 9.8 CVSS-scored zero-day vulnerability. READ MORE...
Microsoft's Visual Studio Code (VS Code) code editor and development environment contains a flaw that allows malicious extensions to retrieve authentication tokens stored in Windows, Linux, and macOS credential managers. These tokens are used for integrating with various third-party services and APIs, such as Git, GitHub, and other coding platforms, so stealing them could have significant consequences for a compromised organization's data security. READ MORE...