Read Time:7 Second
We’re excited to announce that the Multi-State Information Sharing and Analysis Center (MS-ISAC) counts more than 14,000 organizations as members.
Monthly Archives: October 2022
CISA Warns Against Ransomware Group Daixin Team Targeting Health Organizations
Read Time:4 Second
Daixin Team is actively targeting US businesses, mainly in the healthcare sector
Ex-cop abused police tool in Snapshot sextortion plot that stole sexually explicit photos and videos
Read Time:14 Second
A former officer at Louisville Metro Police has admitted his part in a conspiracy that stalked and extorted young women online, breaking into their Snapchat accounts in order to steal their naked photos and videos.
Read more in my article on the Hot for Security blog.
Multiple RCE Vulnerabilities Discovered in Veeam Backup & Replication App
Read Time:5 Second
The Veeamp malware was used by the Monti and Yanluowang ransomware groups in these attacks
DHL Replaces LinkedIn As Most Imitated Brand in Phishing Attempts
Read Time:5 Second
It is due partly to a major phishing attack DHL warned about before the quarter started
UK Cyber Security Council Creates Chartered Qualification for Industry Pros
Read Time:6 Second
The UK Cyber Security Council has announced a pilot program designed to create the country’s first chartered cyber professionals
Security by design vital to protecting IoT, smart cities around the world, says CEO of UK NCSC
Read Time:57 Second
A secure by design approach is vital to protecting the internet of things (IoT) and smart cities, according to Lindy Cameron, CEO of the UK National Cyber Security Centre (NCSC). Cameron spoke during Singapore International Cyber Week, calling for swift ongoing action to ensure connected devices are designed, built, deployed, and managed securely to prevent malicious actors, improve national resilience, and reap the benefits of emerging technologies.
Growth of IoT giving rise to increased security threats
The scale of consumer-, enterprise-, and city-level IoT has exploded in the last decade, Cameron said, and the magnitude of changes coupled with growing dependency on connected technology has introduced significant security risks. “That is why now is the time to make sure we’re designing and building them properly,” she added. “We all know that connected places are an evolving ecosystem, comprising a range of systems that exchange, process and store sensitive data, as well as controlling critical operational technology. Unfortunately, this makes these systems an attractive target for a range of threat actors. The threat posed by nation states is particularly acute.”
[RT-SA-2021-003] Missing Authentication in ZKTeco ZEM/ZMM Web Interface
Read Time:23 Second
Posted by RedTeam Pentesting GmbH on Oct 24
Advisory: Missing Authentication in ZKTeco ZEM/ZMM Web Interface
The ZKTeco time attendance device does not require authentication to use the
web interface, exposing the database of employees and their credentials.
Details
=======
Product: ZKTeco ZEM500-510-560-760, ZEM600-800, ZEM720, ZMM
Affected Versions: potentially versions below 8.88 (ZEM500-510-560-760, ZEM600-800, ZEM720) and 15.00 (ZMM200-220-210)
Fixed Versions: firmware version 8.88…
Iran’s nuclear energy agency confirms email server hacked
Read Time:45 Second
The Atomic Energy Organization of Iran on Sunday confirmed that an email server at its Bushehr Nuclear Power Plant was hacked. The organization blamed a foreign country, but an Iranian hacking group that goes by the name Black Reward has claimed responsibility for the breach.
The Atomic Energy Organization said that the IT group serving the Bushehr plant has examined and issued a report on the breach, and denied any sensitive information being exposed. The energy agency said the hack was intended to gain the attention of the public and media.
“It should be noted that the content in users’ emails contains technical messages and common and current daily exchanges,” according to a statement on the organization’s website. “It is obvious that the purpose of such illegal efforts, which are carried out of desperation, is to attract public attention.”
CVE-2021-4228 (iac-ast2500_firmware)
Read Time:12 Second
Use of hard-coded TLS certificate by default allows an attacker to perform Man-in-the-Middle (MitM) attacks even in the presence of the HTTPS connection. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.00.0.