Artwork

Konten disediakan oleh Paul Torgersen. Semua konten podcast termasuk episode, grafik, dan deskripsi podcast diunggah dan disediakan langsung oleh Paul Torgersen atau mitra platform podcast mereka. Jika Anda yakin seseorang menggunakan karya berhak cipta Anda tanpa izin, Anda dapat mengikuti proses yang dijelaskan di sini https://id.player.fm/legal.
Player FM - Aplikasi Podcast
Offline dengan aplikasi Player FM !

NetStandard Knocked Offline, Moxa NPort Flaws, Twitter Data Sale, and more.

3:44
 
Bagikan
 

Seri yang sudah diarsipkan ("Feed tidak aktif" status)

When? This feed was archived on May 25, 2023 16:09 (10M ago). Last successful fetch was on July 29, 2022 18:35 (1+ y ago)

Why? Feed tidak aktif status. Server kami tidak mendapatkan feed podcast yang valid secara terus-menerus.

What now? You might be able to find a more up-to-date version using the search function. This series will no longer be checked for updates. If you believe this to be in error, please check if the publisher's feed link below is valid and contact support to request the feed be restored or if you have any other concerns about this.

Manage episode 335736928 series 2478053
Konten disediakan oleh Paul Torgersen. Semua konten podcast termasuk episode, grafik, dan deskripsi podcast diunggah dan disediakan langsung oleh Paul Torgersen atau mitra platform podcast mereka. Jika Anda yakin seseorang menggunakan karya berhak cipta Anda tanpa izin, Anda dapat mengikuti proses yang dijelaskan di sini https://id.player.fm/legal.
A daily look at the relevant information security news from overnight - 28 July, 2022
Episode 275 - 28 July 2022
NetStandard Knocked Offline- https://www.bleepingcomputer.com/news/security/kansas-msp-shuts-down-cloud-services-to-fend-off-cyberattack/
Moxa NPort Flaws -
https://www.securityweek.com/moxa-nport-device-flaws-can-expose-critical-infrastructure-disruptive-attacks
Post Macro Tactics -
https://www.infosecurity-magazine.com/news/hackers-change-tactics-for-new/
Naughty Knotweed- https://thehackernews.com/2022/07/microsoft-uncover-austrian-company.html
Twitter Data Sale -
https://www.infosecurity-magazine.com/news/criminal-twitter-users-data/
Hi, I’m Paul Torgersen. It’s Thursday July 28th, 2022 and this is a look at the information security news from overnight.
From BleepingComputer.com:
Managed service provider NetStandard suffered a cyberattack causing the company to shut down its MyAppsAnywhere cloud services. The company said Hosted GP, Hosted CRM, Hosted Exchange, and Hosted Sharepoint will be offline until further notice, but that no other services were impacted. That being said, their main website remains down as well. No word on threat actor or malware involved, but it is assumed to be a ransomware hit.
From SecurityWeek.com:
Two high severity flaws have been found in the NPort 5110 device servers from Moxa. The vulnerabilities can be exploited remotely to cause the targeted device to enter a denial of service condition. The only way to regain control of the device is to physically power it down, which might present a challenge as many of these devices are in very remote locations. These things are designed to connect to Ethernet networks and should not be exposed to the internet. However, a Shodan search found at least 5,300 of them that are. Now some of these may be honeypots, but they’re not ALL honeypots. Customers should contact Moxa for a security patch.
From InfoSecurity-Magazine.com:
Since Microsoft announced they would disable macros by default, the use of macro-enabled attachments by threat actors decreased by around 66% between October 2021 and June 2022. Awesome. But, where there’s a will there's a way. In that same timeframe, the number of malicious campaigns using container file formats jumped up 176%. These formats include ISO, RAR, ZIP and IMG files that contain macro-enabled docs. Now the ISO and RAR formats will still have the Mark of the Web, meaning they originated from the internet and their macros would be blocked, but the files within them would not. Link to the ProofPoint research in the article.
From TheHackerNews.com:
A threat actor tracked as Knotweed, used several Windows and Adobe zero-day exploits in highly-targeted attacks against targets in Europe and Central America. They are actually an Austrian outfit called DSIRF that supposedly sells general security and information analysis services to commercial customers. As a side gig, they created a cyberweapon called Subzero, which can hack phones, computers, and internet-connected devices. Talk about vertical integration.
And last, from InfoSecurity-Magazine.com:
A user named devil is selling a database of 5.4 million Twitter users' information on the Breached Forums site. They say it contains the phone numbers and email addresses of users, including celebrities and companies, and is asking for $30,000. Twitter is investigating the issue, which the seller said exploited a vulnerability in its systems that allows someone to find additional user information, even if that user has it hidden in privacy settings.
That’s all for me today. Have a great rest of your day. Like and subscribe, and until tomorrow, be safe out there.
  continue reading

221 episode

Artwork
iconBagikan
 

Seri yang sudah diarsipkan ("Feed tidak aktif" status)

When? This feed was archived on May 25, 2023 16:09 (10M ago). Last successful fetch was on July 29, 2022 18:35 (1+ y ago)

Why? Feed tidak aktif status. Server kami tidak mendapatkan feed podcast yang valid secara terus-menerus.

What now? You might be able to find a more up-to-date version using the search function. This series will no longer be checked for updates. If you believe this to be in error, please check if the publisher's feed link below is valid and contact support to request the feed be restored or if you have any other concerns about this.

Manage episode 335736928 series 2478053
Konten disediakan oleh Paul Torgersen. Semua konten podcast termasuk episode, grafik, dan deskripsi podcast diunggah dan disediakan langsung oleh Paul Torgersen atau mitra platform podcast mereka. Jika Anda yakin seseorang menggunakan karya berhak cipta Anda tanpa izin, Anda dapat mengikuti proses yang dijelaskan di sini https://id.player.fm/legal.
A daily look at the relevant information security news from overnight - 28 July, 2022
Episode 275 - 28 July 2022
NetStandard Knocked Offline- https://www.bleepingcomputer.com/news/security/kansas-msp-shuts-down-cloud-services-to-fend-off-cyberattack/
Moxa NPort Flaws -
https://www.securityweek.com/moxa-nport-device-flaws-can-expose-critical-infrastructure-disruptive-attacks
Post Macro Tactics -
https://www.infosecurity-magazine.com/news/hackers-change-tactics-for-new/
Naughty Knotweed- https://thehackernews.com/2022/07/microsoft-uncover-austrian-company.html
Twitter Data Sale -
https://www.infosecurity-magazine.com/news/criminal-twitter-users-data/
Hi, I’m Paul Torgersen. It’s Thursday July 28th, 2022 and this is a look at the information security news from overnight.
From BleepingComputer.com:
Managed service provider NetStandard suffered a cyberattack causing the company to shut down its MyAppsAnywhere cloud services. The company said Hosted GP, Hosted CRM, Hosted Exchange, and Hosted Sharepoint will be offline until further notice, but that no other services were impacted. That being said, their main website remains down as well. No word on threat actor or malware involved, but it is assumed to be a ransomware hit.
From SecurityWeek.com:
Two high severity flaws have been found in the NPort 5110 device servers from Moxa. The vulnerabilities can be exploited remotely to cause the targeted device to enter a denial of service condition. The only way to regain control of the device is to physically power it down, which might present a challenge as many of these devices are in very remote locations. These things are designed to connect to Ethernet networks and should not be exposed to the internet. However, a Shodan search found at least 5,300 of them that are. Now some of these may be honeypots, but they’re not ALL honeypots. Customers should contact Moxa for a security patch.
From InfoSecurity-Magazine.com:
Since Microsoft announced they would disable macros by default, the use of macro-enabled attachments by threat actors decreased by around 66% between October 2021 and June 2022. Awesome. But, where there’s a will there's a way. In that same timeframe, the number of malicious campaigns using container file formats jumped up 176%. These formats include ISO, RAR, ZIP and IMG files that contain macro-enabled docs. Now the ISO and RAR formats will still have the Mark of the Web, meaning they originated from the internet and their macros would be blocked, but the files within them would not. Link to the ProofPoint research in the article.
From TheHackerNews.com:
A threat actor tracked as Knotweed, used several Windows and Adobe zero-day exploits in highly-targeted attacks against targets in Europe and Central America. They are actually an Austrian outfit called DSIRF that supposedly sells general security and information analysis services to commercial customers. As a side gig, they created a cyberweapon called Subzero, which can hack phones, computers, and internet-connected devices. Talk about vertical integration.
And last, from InfoSecurity-Magazine.com:
A user named devil is selling a database of 5.4 million Twitter users' information on the Breached Forums site. They say it contains the phone numbers and email addresses of users, including celebrities and companies, and is asking for $30,000. Twitter is investigating the issue, which the seller said exploited a vulnerability in its systems that allows someone to find additional user information, even if that user has it hidden in privacy settings.
That’s all for me today. Have a great rest of your day. Like and subscribe, and until tomorrow, be safe out there.
  continue reading

221 episode

Semua episode

×
 
Loading …

Selamat datang di Player FM!

Player FM memindai web untuk mencari podcast berkualitas tinggi untuk Anda nikmati saat ini. Ini adalah aplikasi podcast terbaik dan bekerja untuk Android, iPhone, dan web. Daftar untuk menyinkronkan langganan di seluruh perangkat.

 

Panduan Referensi Cepat