OpenSSH introduces a new feature to prevent Side-Channel attacks, latest release encrypts secret keys in memory as temporary solution.
Source: OpenSSH introduces a security feature to prevent Side-Channel Attacks
Seth is a tool written in Python and Bash to MitM RDP connections by attempting to downgrade the connection in order to extract clear text credentials.
Source: Seth : Perform A MitM Attack From RDP Connections
Researchers discovered a new JavaScript-based and modular downloader Trojan camouflaged and distributed to targets in the form of game cheats via websites owned by its developers.
Source: Hackers Disguise New JavaScript-Based Trojan as Game Cheat
Worst JavaScript Flaws That Hackers Love To Abuse
The Cybersecurity and Infrastructure Security Agency (CISA) published an alert for Windows users to patch the critical severity Remote Desktop Services (RDS) RCE security flaw dubbed BlueKeep.
Source: U.S. Govt Achieves BlueKeep Remote Code Execution, Issues Alert
How to check if a target is vulnerable to the new RDP vulnerability (BlueKeep).
In the report, the cybersecurity company Symantec claims that a Chinese hacker group associated with Chinese government intelligence conducted a hacking campaign using a tool that at the time was only known to be the property of the NSA.
Source: Chinese spies stole NSA hacking tools, report finds
Researchers discovered two vulnerabilities in Alaris Gateway Workstations that are used to deliver fluid medication. One of them is critical and an attacker could leverage it to take full control of the medical devices connecting to it.
Source: Critical Bug in Infusion System Allows Changing Drug Dose in Medical Pumps
Healthcare privacy and security
Zydra is a file password recovery tool and Linux shadow file cracker. It uses the dictionary search or Brute force method for cracking passwords.
Source: Zydra : Password Recovery Tool & Linux Shadow File Cracker
Security Awareness writer Keil Hubert describes a mysterious email message that could well have been an insidiously clever spear phishing attack.
Source: A guide to phishing emails and how they work -TEISS® : Cracking Cyber Security
This is what happens when you reply to spam email
Cybercriminal group Carbanak has stolen hundreds of millions of dollars from financial institutions. Here’s a detailed analysis by Bitdefender of an attack on one bank.
Source: From phish to network compromise in two hours: How Carbanak operates
Microsoft allows you to download the latest Windows 10 ISOs from their site, but only if you are using a non-Windows browser user agent. This article will explain how to change your user agent in Chrome and Edge so you can download an ISO instead of using the Windows 10 Media Creation Tool.
Source: How to Download a Windows 10 ISO By Impersonating Other Devices
ESET researchers show how, in a bid to evade detection, the Turla group leverages PowerShell scripts to inject malware directly into memory.
Source: A dive into Turla PowerShell usage | WeLiveSecurity
The Russian army seems to be in the process of replacing the Windows system with the Debian-based Linux distribution Astra Linux.
Source: Russian military plans to replace Windows with Astra Linux
Look @ Astra Linux ® 2.12 – Russian Debian – Fly Desktop
This course is about helping you to survive an identity theft, attempt to educate you on how to prevent a direct identity theft attempt, know what to look for and how not be the one who helped the thief take your personal information. With your new found knowledge take it to your family so they can avoid years of headaches.
Source: Watch Cyber Security Is It Your Time For Identity theft, Yet? | Prime Video
Extent of the hack is unknown, but Flipboard said hackers had access to its systems for almost nine months.
Source: Flipboard says hackers stole user details | ZDNet
Flipboard confirms database hack, resets all user passwords
Cyberattacks against hospitals increased over 1000% last year : cybersecurity IICS Delhi Ethical Hacking Digital Forensics services
Source: Cyberattacks against hospitals increased over 1000% last year
What happens when hackers attack a hospital?
 
|
 
|
Azure Security Center, Microsoft’s cloud-based cyber solution helps customers safeguard their cloud workloads as well as protect them from these threats.
Source: Uncovering Linux based cyberattack using Azure Security Center
Perceptics confirms intrusion and theft, stays quiet on details
Digital License Plates: Convenience or Privacy Risk?
If there is a new tech cold war, it is one with shots fired over a decade ago, largely by China. The questions going forward are about both leverage and values.
Source: China, Leverage, and Values
5G is a war the US is about to lose warns DoD
more on Cyber War …
Jack Goldsmith: “The United States is Losing the Digital Cold War” | Talks at Google
Europe’s privacy law went into effect nearly a year ago. It’s time for the US to catch up, the tech giant says.
Source: Microsoft wants a US privacy law that puts the burden on tech companies
