Displaying items by tag: exploits

GUEST OPINION: Moves to code Active Directory exploitation directly into malware is a growing trend and concern for security professionals.

Security vendor Eset says a Hong Kong pro-democracy news website has been compromised to deliver cyberespionage malware to visitors' Macs.

Seventy-one flaws have been patched in Microsoft's products, the company announced on Tuesday, the monthly Patch Tuesday.

A version of the CANVAS exploit platform, that can be used to test the vulnerability of computer systems or to break into remote systems using exploits that come along with it, has been leaked on the VirusTotal database and can now be accessed by all paid subscribers of the service.

Microsoft has issued an advisory stating that four zero-day exploits are being used to attack versions of Microsoft Exchange Server on-premise.

A second case of NSA exploits being customised and used for attacks, before they were leaked on the Web by a group known as the Shadow Brokers in 2017, has come to light, this time following research by the Israel-based cyber security firm Check Point Research.

Cyber security vendor FireEye has a considerable amount of egg on its face after the tools used by its Red Team — an attack unit — have been stolen by a group that it claims is a "highly sophisticated state-sponsored adversary".

A former CIA employee who was on trial for allegedly leaking details of exploits developed by the CIA to WikiLeaks has escaped conviction on all but two counts, with a federal jury in Manhattan deadlocked after a four-week trial and six days of what were described as chaotic deliberations.

After Google's very scary sounding Project Zero security report suggesting groups making a "sustained effort to hack the users of iPhones in certain communities over a period of at least two years", Apple has struck back.

With the sentencing of former NSA contractor Harold Martin to nine years in prison for taking huge amounts of company data home, the identity of the Shadow Brokers, the group which leaked numerous NSA exploits on the Web three years ago, still remains unknown.

Former NSA contractor Harold Martin, who has been in jail for allegedly taking a massive horde of security material to his house, is set to plead guilty to the charges on Friday (Thursday US time).

Researchers from security outfit Kaspersky Lab say they have found about 50 systems infected by the DarkPulsar malware, part of the NSA exploits which were dumped online by a group calling itself the Shadow Brokers in 2017.

American intelligence agencies have been making an undercover effort to recover from Russian operatives material stolen from the NSA and, in part, exposed on the Web by a group known as the Shadow Brokers, a report claims.

More "evidence" has emerged this week, once again from a security company, this one based in Washington DC, that appears to point the finger at Russian involvement in the leaking of NSA exploits on the Web last year.

The zero-day vulnerability in macOS's Keychain has been addressed by Apple, along with some other issues in High Sierra. But other recent versions of the operating system are still vulnerable.

Exploit vendor Zerodium has added new categories to its payout list, with sums of half a million dollars (US) on offer for fully functioning weaponised exploits against Signal, WhatsApp, Telegram and other encrypted messaging apps.

The Shadow Brokers, the group that has leaked NSA exploits that have been used to craft the malware used in the last two big attacks, say they will be raising the price for any leaks in July.

Two researchers who started a fund-raiser on Patreon to buy the next set of exploits offered by the Shadow Brokers have shut it down after advice from legal experts that they could fall afoul of the US justice system by going ahead with the purchase.

Two security researchers, supported by a number of others, have launched a fund-raiser aimed at collecting enough money to buy the next set of NSA security exploits offered by the Shadow Brokers group.

The Shadow Brokers, the group that dumped a bunch of NSA exploits in April that led to the development and spread of the WannaCry ransomware earlier this month, has announced that it will be selling its next bunch of exploits through a subscription service.