CYBEREXCELL

T he vulnerability dubbed Kr00k lets hackers eavesdrop on user activity over Wi-fi A serious vulnerability in Wi-Fi chips affecting a billion devices has been discovered by cyber-security firm ESET who presented their findings at the RSA conference 2020 on Wednesday. “ESET researchers have discovered Kr00k (CVE-2019-15126), a previously unknown vulnerability in Wi-Fi chips used in many client devices, Wi-Fi access points and routers,” the firm said in an official statement. The flaw dubbed Kr00k by ESET allows attackers to eavesdrop on user communications over Wi-Fi by gaining access to Wi-Fi traffic by disarming the encryption used by a password-protected Wi-Fi network. “Kr00k is a vulnerability that causes the network communication of an affected device to be encrypted with an all-zero encryption key. In a successful attack, this allows an adversary to decrypt wireless network packets,” it said. “Kr00k manifests itself after Wi-Fi disassociations – which can happen ...

Much of the traffic egressing enterprise networks are from poorly protected Internet-connected consumer devices, a Zscaler study finds. When it comes to protecting against Internet of Things (IoT)-based threats, many organizations seem have a lot more to deal with than just the officially sanctioned Internet-connected devices on their networks. A new analysis by Zscaler of IoT traffic exiting enterprise networks showed a high volume associated with consumer IoT products, including TV set-top boxes, IP cameras, smart watches, smart refrigerators, connected furniture, and automotive multimedia systems. In some cases, the traffic was generated by employees at work, for instance, checking their nanny cams or accessing media devices or their home security systems over the corporate network. In another instances, consumer-grade IoT devices installed in work facilities, such as smart TVs, generated a lot of the IoT traffic. Though all IoT devices — authorized and unauthorized — tha...

Confidentiality  : Only authorized entities have access to the data Example                  :   Information that could be considered confidential are health records, financial account information, criminal records, source code, trade secrets and military tactical plans. Controls Expected :  Identification and authentication, Authorization, auditing and logging                                       Integrity             : No unauthorized modifications of the data  Example                :  Unaltered data Controls Expected : logical and physical access controls, backups, file integrity monitoring and Change Management monitoring and  privileged user access review Availability          ...

A new malware campaign dubbed ObliqueRAT using malicious Microsoft Office documents to target government organizations in Southeast Asia. Researchers believe that the ObliqueRAT campaign linked with the CrimsonRAT campaign as they share the same similar maldocs and macros. In this campaign, attackers use phishing Email messages with weaponized Microsoft Office documents to deliver the ObliqueRAT […] The post ObliqueRAT – A New RAT Malware Distributed Through Weaponized Office Documents Targeting Government Organizations ( https://gbhackers.com/obliquerat-malware/ ) appeared first on GBHackers On Security ( https://gbhackers.com/ ).  malicious Microsoft Office documents to target government organizations in Southeast Asia. Researchers believe that the ObliqueRAT campaign linked with the CrimsonRAT campaign as they share the same similar maldocs and macros. In this campaign, attackers use phishing Email messages with weaponized Microsoft Office documents to deliver the ObliqueR...

A security researcher has pointed out today that Microsoft has a problem in managing its thousands of subdomains, many of which can be hijacked and used for attacks against users, its employees, or for showing spammy content. The issue has been brought up today by Michel Gaschet, a security researcher and a developer for NIC.gp. In an interview with  ZDNet , Gaschet said that during the past three years, he's been reporting subdomains with misconfigured DNS records to Microsoft, but the company has either been ignoring reports or silently securing some subdomains, but not all. RESEARCHER: ONLY 5%-10% GOT FIXED Gaschet says he reported 21 msn.com subdomains that were vulnerable to hijacks to Microsoft in 2017 [ 1 ,  2 ], and then another 142 misconfigured microsoft.com subdomains in 2019 [ 1 ,  2 ]. BLAME DNS MISCONFIGURATIONS Gaschet told ZDNet the OS maker usually fixes big subdomains, like  cloud.microsoft.com  and  account.dpedge.microsoft.com , but le...

Ransomware attack forces 2-day shutdown of natural gas pipeline Department of Homeland Security (DHS) on Tuesday  said  that an infection by an unidentified ransomware strain forced the shutdown of a natural-gas pipeline for two days. For intunately, nothing blew up. The attacker never got control of the facility’s operations, the human-machine interfaces (HMIs) that read and control the facility’s operations were successfully yanked offline, and a geographically separate central control was able to keep an eye on operations, though it wasn’t instrumental in controlling them. Where this all went down is a mystery. The alert, issued by DHS’s Cybersecurity and Infrastructure Security Agency (CISA), didn’t say where the affected natural gas compression facility is located. It instead stuck to summarizing the attack and provided technical guidance for other critical infrastructure operators so they can gird themselves against similar attacks. The alert did get fa...

Definition of 'Cyber Security' : Cyber security or information technology security are the techniques of protecting computers, networks, programs and data from unauthorized access or attacks that are aimed for exploitation.