Microsoft has shared details of a widespread phishing campaign that not only attempted to steal the passwords of targeted organisations, but was also capable of circumventing multi-factor authentication (MFA) defences.
Read more in my article on the Tripwire State of Security blog.
Graham Cluley Security News is sponsored this week by the folks at Keeper Security. Thanks to the great team there for their support! IT and DevOps teams were presented with new challenges with the mass-migration to home working, and found themselves forced to perform infrastructure monitoring and management remotely. What is clearly needed is a … Continue reading “Keeper Connection Manager : Privileged access to remote infrastructure with zero-trust and zero-knowledge security”
CIS-CAT Pro Assessor now offers a new filter in the HTML report that allows organizations to focus on IG1 recommendations.
Researchers have a new way to de-anonymize browser users, by correlating their behavior on one account with their behavior on another:
The findings, which NJIT researchers will present at the Usenix Security Symposium in Boston next month, show how an attacker who tricks someone into loading a malicious website can determine whether that visitor controls a particular public identifier, like an email address or social media account, thus linking the visitor to a piece of potentially personal data.
When you visit a website, the page can capture your IP address, but this doesn’t necessarily give the site owner enough information to individually identify you. Instead, the hack analyzes subtle features of a potential target’s browser activity to determine whether they are logged into an account for an array of services, from YouTube and Dropbox to Twitter, Facebook, TikTok, and more. Plus the attacks work against every major browser, including the anonymity-focused Tor Browser.
[…]
“Let’s say you have a forum for underground extremists or activists, and a law enforcement agency has covertly taken control of it,” Curtmola says. “They want to identify the users of this forum but can’t do this directly because the users use pseudonyms. But let’s say that the agency was able to also gather a list of Facebook accounts who are suspected to be users of this forum. They would now be able to correlate whoever visits the forum with a specific Facebook identity.”
grafana-9.0.2-3.fc37
Automatic update for grafana-9.0.2-3.fc37.
* Thu Jul 14 2022 Andreas Gerstmayr <agerstmayr@redhat.com> 9.0.2-3
– fix quoting in grafana-cli wrapper script (rhbz#2107046)
It was discovered that HTTP-Daemon incorrectly handled certain crafted
requests. A remote attacker could possibly use this issue to perform an
HTTP Request Smuggling attack.
It was discovered that Python incorrectly handled certain inputs.
An attacker could possibly use this issue to execute arbitrary code.
python-notebook-6.4.11-3.fc37
Automatic update for python-notebook-6.4.11-3.fc37.
* Wed Jul 13 2022 Miro Hrončok <mhroncok@redhat.com> – 6.4.11-3
– Fix CVE-2022-24785 and CVE-2022-31129 in bundled moment
– Fixes: rhbz#2075263
