2016, Libraries and Security - Information Management Today

Apache Struts users have to update FileUpload library to fix years-old flaws

Security Affairs

NOVEMBER 6, 2018

Apache Struts Users have to update the Commons FileUpload library in Struts 2 that is affected by two vulnerabilities. Apache Struts developers have addressed two vulnerabilities in the Commons FileUpload library in Struts 2, the flaws can be exploited for remote code execution and denial-of-service (DoS) attacks. Struts 2.3.x

Libraries

Libraries Access Security IT

INFRA:HALT flaws impact OT devices from hundreds of vendors

Security Affairs

AUGUST 4, 2021

IN FRA:HALT is a set of vulnerabilities affecting a popular TCP/IP library commonly OT devices manufactured by more than 200 vendors. NicheStack (aka InterNiche stack) is a proprietary TCP/IP stack developed originally by InterNiche Technologies and acquired by HCC Embedded in 2016. ” states the report. ” states the report.

Manufacturing

Manufacturing Libraries Cloud Security

New Pro-Ocean crypto-miner targets Apache ActiveMQ, Oracle WebLogic, and Redis installs

Security Affairs

JANUARY 31, 2021

The new malware implement new and improved rootkit and worm capabilities, it continues to target cloud applications by exploiting known vulnerabilities such as Oracle WebLogic ( CVE-2017-10271 ) and Apache ActiveMQ ( CVE-2016-3088 ) servers. One of the ways to use LD_PRELOAD is to add the crafted library to /etc/ld.so.preload.”

Cloud

Cloud Libraries Mining IT

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

Security Affairs newsletter Round 249

Security Affairs

FEBRUARY 2, 2020

The best news of the week with Security Affairs. CVE-2020-7247 RCE flaw in OpenSMTPD library affects many BSD and Linux distros. Hackers penetrated NEC defense business division in 2016. The post Security Affairs newsletter Round 249 appeared first on Security Affairs. A new round of the weekly newsletter arrived!

Security

Security Military Ransomware Libraries

Oracle critical patch advisory addresses 284 flaws, 33 critical

Security Affairs

JANUARY 18, 2019

The advisory fixed the CVE-2016-1000031 flaw, a remote code execution (RCE) bug in the Apache Commons FileUpload, disclosed in November last year. The Commons FileUpload library is the default file upload mechanism in Struts 2, the CVE-2016-1000031 was discovered two years ago by experts at Tenable. Pierluigi Paganini.

Financial Services

Financial Services Libraries Mining Retail

Security Affairs newsletter Round 222 – News of the week

Security Affairs

JULY 13, 2019

The best news of the week with Security Affairs. Backdoor mechanism found in Ruby strong_password library. UK ICO fines British Airways £183 Million under GDPR over 2018 security breach. Kaspersky report: Malware shared by USCYBERCOM first seen in December 2016. Kindle Edition. Paper Copy. Once again thank you!

Security

Security Libraries Data breaches Ransomware

Mandrake Android spyware found in five apps in Google Play with over 32,000 downloads since 2022

Security Affairs

JULY 30, 2024

The original Mandrake campaign had two major infection waves, in 2016–2017 and 2018–2020. These included relocating malicious functions to obfuscated native libraries, using certificate pinning to secure C2 communications, and determine if it was running on a rooted device or in an emulated environment.

Libraries

Libraries Communications Encryption IT

EU launches bug bounty programs for 15 software

Security Affairs

DECEMBER 31, 2018

Bug bounty programs are very important for the security of software and hardware, major tech firms launched their own programs to discover flaws before hackers. The first phase of the FOSSA project started in 2014, the “pilot project” phase ran over two years from 2015-2016. GNU C Library (glibc). 25.000,00 € 30/01/2019.

Libraries

Libraries Privacy Security IT

Hidden Cobra APT used the new ATM cash-out scheme FASTCash to hit banks worldwide

Security Affairs

OCTOBER 3, 2018

The group is considered responsible for the massive WannaCry ransomware attack, a string of SWIFT attacks in 2016, and the Sony Pictures hack. According to the report published by the US-CERT, Hidden Cobra has been using the FASTCash technique since at least 2016, the APT group targets bank infrastructure to cash out ATMs.

Retail

Retail Libraries Government Phishing

The Emotet botnet is back and hits 100K recipients per day

Security Affairs

DECEMBER 26, 2020

Emotet is a modular malware, its operators could develop new Dynamic Link Libraries to update its capabilities. In October, the Cybersecurity and Infrastructure Security Agency (CISA) issued an alert to warn of a surge of Emotet attacks that have targeted multiple state and local governments in the U.S. since August.

Ransomware

Ransomware Libraries Cybersecurity Security

North Korea-linked Lazarus APT uses a Mac variant of the Dacls RAT

Security Affairs

MAY 9, 2020

The group is considered responsible for the massive WannaCry ransomware attack, a string of SWIFT attacks in 2016, and the Sony Pictures hack. “Both Mac and Linux variants use the WolfSSL library for SSL communications. This library has been used by several threat actors.” ” continues the report.

Libraries

Libraries Communications Encryption Authentication

75% of medical infusion pumps affected by known vulnerabilities

Security Affairs

MARCH 3, 2022

. “We reviewed crowdsourced data from scans of more than 200,000 infusion pumps on the networks of hospitals and other healthcare organizations using IoT Security for Healthcare from Palo Alto Networks.” High) 52.11% 3 CVE-2016-9355 5.3 Medium) 50.39% 4 CVE-2016-8375 4.9 ” Image source: Ateq USA website.

IoT

IoT Risk Libraries Security

The Russia-linked APT29 is behind recent attacks targeting NATO and EU

Security Affairs

APRIL 13, 2023

APT29 along with APT28 cyber espionage group was involved in the Democratic National Committee hack and the wave of attacks aimed at the 2016 US Presidential Elections. recommend organizations in the area of interest of the APT group to improve the security of IT Security systems.

Libraries

Libraries Military Education Government

After 2 years under the radars, Ratsnif emerges in OceanLotus ops

Security Affairs

JULY 1, 2019

Security experts spotted a news wave of attacks carried out by the OceanLotus APT group that involved the new Ratsnif Trojan. Experts at the security firm Cylance detected a new RAT dubbed Ratsnif that was used in cyber espionage operations conducted by the OceanLotus APT group. of the wolfSSL library , formerly known as CyaSSL.

Manufacturing

Manufacturing Libraries Security Communications

Experts warn of two flaws in popular open-source software ImageMagick

Security Affairs

FEBRUARY 2, 2023

Experts disclosed details of two security flaws in the open-source software ImageMagick that could potentially lead to information disclosure or trigger a DoS condition. Vulnerabilities on open-source libraries like ImageMagick are very dangerous and can be exploited by attackers in the wild. 52 on November 2022.

Metadata

Metadata Libraries Security IT

Android Spyware Monokle, developed by Russian defense contractor, used in targeted attacks

Security Affairs

JULY 25, 2019

STC) has been sanctioned for interfering with the 2016 U.S. Monokle has been used in highly targeted attacks at least since March 2016, it supports a wide range of spying functionalities and implements advanced data exfiltration techniques. Petersburg, Russia-based company, Special Technology Centre, Ltd. ( Presidential election.

Cleanup

Cleanup Passwords Communications Libraries

Chronicle experts spotted a Linux variant of the Winnti backdoor

Security Affairs

MAY 20, 2019

Security researchers from Chronicle, Alphabet’s cyber-security division, have spotted a Linux variant of the Winnti backdoor. Security experts from Chronicle, the Alphabet’s cyber-security division, have discovered a Linux variant of the Winnti backdoor. samples designed specifically for Linux.”

Healthcare

Healthcare Communications Libraries Access

Microsoft addresses CVE-2020-0601 flaw, the first issue ever reported by NSA

Security Affairs

JANUARY 15, 2020

Microsoft has released a security update to address “a broad cryptographic vulnerability” that is impacting its Windows operating system. ” reads the security advisory published by Microsoft. “This month we addressed the vulnerability CVE-2020-0601 in the usermode cryptographic library, CRYPT32.DLL,

Libraries

Libraries Encryption Security Risk

Russia-linked APT28 targets government Polish institutions

Security Affairs

MAY 10, 2024

jpg.exe , which pretends to be a photo and is used to trick the recipient into clicking on it, script.bat (hidden file), fake library WindowsCodecs.dll (hidden file). The group was involved also in the string of attacks that targeted 2016 Presidential election. The attack chain includes the download of a ZIP archive file from webhook[.]site,

Government

Government Military Libraries Archiving

Lemon Group gang pre-infected 9 million Android devices for fraudulent activities

Security Affairs

MAY 19, 2023

The Triada Trojan was spotted for the first time in 2016 by researchers at Kaspersky Lab that considered it the most advanced mobile threat seen to the date of the discovery. In March 2018, security researchers at Antivirus firm Dr. Web discovered that 42 models of low-cost Android smartphones are shipped with the Android.Triada.231

Libraries

Libraries Communications Big data Security

Cr1ptT0r Ransomware targets D-Link NAS Devices and embedded systems

Security Affairs

FEBRUARY 23, 2019

The newest firmware revision is bated back 2016 and its known to be affected by several bugs that can be exploited to compromise the device. The post Cr1ptT0r Ransomware targets D-Link NAS Devices and embedded systems appeared first on Security Affairs. ” continues Bleeping Computer. Pierluigi Paganini.

Ransomware

Ransomware Encryption File names Libraries

IndieFlix streaming service leaves thousands of confidential agreements, filmmaker SSNs, videos exposed on public server

Security Affairs

JULY 31, 2020

This includes scans of confidential motion picture acquisition agreements, tax ID requests that include filmmaker social security numbers and employer identification numbers, as well as relatively detailed contact information of thousands of film professionals. What data is in the bucket? Who had access to the bucket?

Access

Access Authentication Marketing Security

APT34: Glimpse project

Security Affairs

MAY 2, 2019

On April 19 2019 researchers at Chronicle, a security company owned by Google’s parent company, Alphabet, have examined the leaked tools , exfiltrated the past week on a Telegram channel, and confirmed that they are indeed the same ones used by the OilRig attackers. I am a computer security scientist with an intensive hacking background.

Computer and Electronics

Computer and Electronics Communications Government Security

News alert: Introducing Mayhem Security — ForAllSecure unveils name change, fresh focus

The Last Watchdog

OCTOBER 1, 2024

1, 2024 — ForAllSecure , the world’s most advanced application security testing company, today announced it is changing its corporate name to Mayhem Security (“Mayhem”), signaling a new era of growth and opportunity aligned with its award-winning Mayhem Application Security platform.

Security

Security Education Cybersecurity Libraries

Exclusive: Pakistan and India to armaments: Operation Transparent Tribe is back 4 years later

Security Affairs

FEBRUARY 21, 2020

The Operation Transparent Tribe was first spotted by Proofpoint Researchers in Feb 2016, in a series of espionages operations against Indian diplomats and military personnel in some embassies in Saudi Arabia and Kazakhstan. The two dll are legit windows library and are used in support of the malicious behaviour. Introduction.

Military

Military Communications Encryption IT

August 2018 Microsoft Patch Tuesday fixes two flaws exploited in attacks in the wild

Security Affairs

AUGUST 15, 2018

” reads the security advisory published by Microsoft. A buffer overflow vulnerability affects Microsoft SQL Server 2016 and 2017, a remote attacker could exploit it to execute arbitrary code on an affected system in the context of the SQL Server Database Engine service account. CVE-2018-8273 – Microsoft SQL Server RCE.

Libraries

Libraries Security IT

Backdoor Built into Android Firmware

Schneier on Security

JUNE 21, 2019

Triada first came to light in 2016 in articles published by Kaspersky here and here , the first of which said the malware was "one of the most advanced mobile Trojans" the security firm's analysts had ever encountered. Once installed, Triada's chief purpose was to install apps that could be used to send spam and display ads.

Manufacturing

Manufacturing Libraries Security IT

Reconciling vulnerability responses within FIPS 140 security certifications

Thales Cloud Protection & Licensing

AUGUST 17, 2018

In this blog, I will present a new and efficient approach to reconciling security vulnerabilities and FIPS 140 security certifications, led by Thales eSecurity in collaboration with NIST/CMVP and FIPS 140 evaluation laboratories. A quick and efficient patch also needs a quick and efficient certification.

Security

Security Manufacturing Libraries Risk

UNCOVERING VULNERABILITIES IN CRYPTOGRAPHIC LIBRARIES: MAYHEM, MATRIXSSL, AND WOLFSSL

ForAllSecure

MAY 19, 2020

As part of a recent initiative at ForAllSecure to analyze more open source software with Mayhem, a next-generation fuzzing solution, we decided to investigate some cryptographic libraries. Why Crypto Libraries? Why look at crypto libraries? Fuzzing MatrixSSL. Moreover, it is incredibly difficult to do correctly. include "x509.h"

Libraries

Libraries IoT Security Passwords

Latest Turla backdoor leverages email PDF attachments as C&C mechanism

Security Affairs

AUGUST 23, 2018

In June 2016, researchers from Kaspersky reported that the Turla APT had started using rootkit), Epic Turla (Wipbot and Tavdig) and Gloog Turla. The backdoor is a standalone DLL (dynamic link library) that interacts with Outlook and The Bat! ” reads the analysis published by ESET. Pierluigi Paganini.

Metadata

Metadata Military Libraries Access

[SI-LAB] FlawedAmmyy Leveraging Undetected XLM Macros as an Infection Vehicle

Security Affairs

MARCH 2, 2019

This is part of a giant list of Living off the Land (LOL) techniques that attackers employ to mask their activities from runtime endpoint security monitoring tools such as AVs. dll library). Figure 27: First stage of RAT builts IAT and load some libraries (kernel32.dll See more about msiexec.exe and its parameters here.

File names

File names Phishing Libraries IT

Uncovering Vulnerabilities In Cryptographic Libraries: Mayhem, MatrixSSL, And WolfSSL (CVE-2019-13470)

ForAllSecure

MAY 19, 2020

As part of a recent initiative at ForAllSecure to analyze more open source software with Mayhem, a next-generation fuzzing solution, we decided to investigate some cryptographic libraries. Why Crypto Libraries? Why look at crypto libraries? Fuzzing MatrixSSL. Moreover, it is incredibly difficult to do correctly. include "x509.h"

Libraries

Libraries IoT Security Passwords

Uncovering Vulnerabilities In Cryptographic Libraries: Mayhem, MatrixSSL, And WolfSSL (CVE-2019-13470)

ForAllSecure

MAY 19, 2020

As part of a recent initiative at ForAllSecure to analyze more open source software with Mayhem, a next-generation fuzzing solution, we decided to investigate some cryptographic libraries. Why Crypto Libraries? Why look at crypto libraries? Fuzzing MatrixSSL. Moreover, it is incredibly difficult to do correctly. include "x509.h"

Libraries

Libraries IoT Security Passwords

Library and Archives Canada’s journey of discovery: modernising our digital preservation infrastructure using Preservica

Preservica

NOVEMBER 29, 2018

On World Digital Preservation Day 2018, Sylvain Bélanger, Director General of Digital Operations and Preservation at Library and Archives Canada (LAC) discusses operating at scale, the challenges of preserving high volume born-digital content, and giving Canadians greater access to Canada’s continuing memory.

Digital preservation

Digital preservation Archiving Libraries Government

MY TAKE: Poorly protected local government networks cast shadow on midterm elections

The Last Watchdog

SEPTEMBER 14, 2018

EventTracker has a bird’s eye view; its unified security information and event management (SIEM) platform includes – behavior analytics, threat detection and response, honeynet deception, intrusion detection and vulnerability assessment – all of which are coupled with their SOC for a co-managed solution. Election threat.

Government

Government Digital transformation Mining Insurance

Vulnerability Recap 4/1/24: Cisco, Fortinet & Windows Server Updates

eSecurity Planet

APRIL 1, 2024

While most issues can be fixed through prompt patching and updating, a few remain unfixed and may require more significant changes to the security stack to block possible attacks. March 22, 2024 Emergency Out-of-Band Windows Server Security Updates Type of vulnerability (or attack): Memory leak. Upgrade versions 7.2.0 through 7.2.2

Libraries

Libraries Authentication Artificial Intelligence Cloud

Critical Windows Vulnerability Discovered by NSA

Schneier on Security

JANUARY 15, 2020

Yesterday's Microsoft Windows patches included a fix for a critical vulnerability in the system's crypto library. It was discovered by security researchers. Interestingly, it was discovered by NSA security researchers, and the NSA security advisory gives a lot more information about it than the Microsoft advisory does.

Libraries

Libraries Cybersecurity Security Risk

MY TAKE: How blockchain technology came to seed the next great techno-industrial revolution

The Last Watchdog

NOVEMBER 4, 2019

Related: Securing identities in a blockchain Today we may be standing on the brink of the next great upheaval. In fact, with so many more interfaces swirling through a blockchain system, it becomes even more important for enterprises to adhere to very strict cyber hygiene practices, and everything, security-wise, must go right for them.

Blockchain

Blockchain Mining Privacy Libraries

List of data breaches and cyber attacks in May 2019 – 1.39 billion records leaked

IT Governance

MAY 30, 2019

The cyber security story for May 2019 is much the same as it was last month, with one mammoth breach raising the monthly total. Salesforce customers faced 15-hour delay as org investigates security incident (unknown). Sunderland City Council launches investigation after library users’ personal data hacked (45).

Data breaches

Data breaches Personal data Ransomware Phishing

Dirty Pipe Makes Linux Privilege Escalation Easy

eSecurity Planet

MARCH 9, 2022

The name is reminiscent of the “Dirty Cow” vulnerability discovered in 2016 that allowed attackers to gain root access on any Android Phone regardless of the OS version, but Dirty Pipe could be even easier to exploit than its predecessor. Researcher Max Kellermann of Ionos revealed the new vulnerability earlier this week.

Access

Access Libraries Passwords IT

VulnRecap 3/4/24 – Ivanti, Ubiquiti, AppLocker Under Attack

eSecurity Planet

MARCH 4, 2024

The problem: The FBI warns that during the dismantling of the Moobot botnet, agents detected code from other Russian attackers, including the notorious Fancy Bear (AKA: APT28 or Military Unit 26165) also responsible for the attack on the US Democratic National Committee (DNC) before the 2016 election. The fix: Apply Windows patches ASAP.

IoT

IoT Ransomware Access Cybersecurity

Will cryptocurrency mining soon saturate AWS, Microsoft Azure and Google Cloud?

The Last Watchdog

JUNE 20, 2018

However, closer inspection reveals how cryptojacking morphed out of the ransomware plague of 2015 and 2016. Then a JavaScript library called Coinhive came along that enabled people to embed mining code on their websites. It’s happening a lot, especially if you don’t secure your keys for your cloud very well.

Mining

Mining Cloud Ransomware Passwords

Apple Patches Vulnerabilities in iOS Exploited by Spyware

eSecurity Planet

SEPTEMBER 14, 2021

Apple continues to be haunted by spyware developed by an Israeli security firm that hostile governments used to hack into Apple devices to spy on journalists, activists and world leaders (see Apple Security Under Scrutiny Amid Fallout from NSO Spyware Scandal ). and iPadOS 14.8 Spyware Vulnerability. Fast Fixes by Apple.

Government

Government Cybersecurity Security Libraries

A new digital archive for Canada’s continuing memory

Preservica

NOVEMBER 13, 2018

Library and Archives Canada (LAC) selects Preservica and TeraMach to centralize and preserve digital documentary history for all Canadians. About Library and Archives Canada. Preservica is an AWS Government Competency Partner meeting the highest levels of availability, reliability and security for government workloads and data.

Archiving

Archiving Digital preservation Libraries Cloud

Apache Struts users have to update FileUpload library to fix years-old flaws

INFRA:HALT flaws impact OT devices from hundreds of vendors

Webinars

Trending Sources

New Pro-Ocean crypto-miner targets Apache ActiveMQ, Oracle WebLogic, and Redis installs

Webinars

Security Affairs newsletter Round 249

Oracle critical patch advisory addresses 284 flaws, 33 critical

Security Affairs newsletter Round 222 – News of the week

Mandrake Android spyware found in five apps in Google Play with over 32,000 downloads since 2022

EU launches bug bounty programs for 15 software

Hidden Cobra APT used the new ATM cash-out scheme FASTCash to hit banks worldwide

The Emotet botnet is back and hits 100K recipients per day

North Korea-linked Lazarus APT uses a Mac variant of the Dacls RAT

75% of medical infusion pumps affected by known vulnerabilities

The Russia-linked APT29 is behind recent attacks targeting NATO and EU

After 2 years under the radars, Ratsnif emerges in OceanLotus ops

Experts warn of two flaws in popular open-source software ImageMagick

Android Spyware Monokle, developed by Russian defense contractor, used in targeted attacks

Chronicle experts spotted a Linux variant of the Winnti backdoor

Microsoft addresses CVE-2020-0601 flaw, the first issue ever reported by NSA

Russia-linked APT28 targets government Polish institutions

Lemon Group gang pre-infected 9 million Android devices for fraudulent activities

Cr1ptT0r Ransomware targets D-Link NAS Devices and embedded systems

IndieFlix streaming service leaves thousands of confidential agreements, filmmaker SSNs, videos exposed on public server

APT34: Glimpse project

News alert: Introducing Mayhem Security — ForAllSecure unveils name change, fresh focus

Exclusive: Pakistan and India to armaments: Operation Transparent Tribe is back 4 years later

August 2018 Microsoft Patch Tuesday fixes two flaws exploited in attacks in the wild

Backdoor Built into Android Firmware

Reconciling vulnerability responses within FIPS 140 security certifications

UNCOVERING VULNERABILITIES IN CRYPTOGRAPHIC LIBRARIES: MAYHEM, MATRIXSSL, AND WOLFSSL

Latest Turla backdoor leverages email PDF attachments as C&C mechanism

[SI-LAB] FlawedAmmyy Leveraging Undetected XLM Macros as an Infection Vehicle

Uncovering Vulnerabilities In Cryptographic Libraries: Mayhem, MatrixSSL, And WolfSSL (CVE-2019-13470)

Uncovering Vulnerabilities In Cryptographic Libraries: Mayhem, MatrixSSL, And WolfSSL (CVE-2019-13470)

Library and Archives Canada’s journey of discovery: modernising our digital preservation infrastructure using Preservica

MY TAKE: Poorly protected local government networks cast shadow on midterm elections

Vulnerability Recap 4/1/24: Cisco, Fortinet & Windows Server Updates

Critical Windows Vulnerability Discovered by NSA

MY TAKE: How blockchain technology came to seed the next great techno-industrial revolution

List of data breaches and cyber attacks in May 2019 – 1.39 billion records leaked

Dirty Pipe Makes Linux Privilege Escalation Easy

VulnRecap 3/4/24 – Ivanti, Ubiquiti, AppLocker Under Attack

Will cryptocurrency mining soon saturate AWS, Microsoft Azure and Google Cloud?

Apple Patches Vulnerabilities in iOS Exploited by Spyware

A new digital archive for Canada’s continuing memory

Stay Connected