BleepingComputer.com

"MaginotDNS attacks exploit weak checks for DNS cache poisoning."

Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents.  Accessed on 13 August 2023, 1447 UTC.  Content provided by "BleepingComputer.com."

Source:  https://www.bleepingcomputer.com/ ("BleepingComputer.com").

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

MaginotDNS attacks exploit weak checks for DNS cache poisoning

  • A team of researchers from UC Irvine and Tsinghua University has developed a new powerful cache poisoning attack named 'MaginotDNS,' that targets Conditional DNS (CDNS) resolvers and can compromise entire TLDs top-level domains.

  • Britain UK Flag
     

UK gov keeps repeating its voter registration website is NOT a scam

  • Every year local government bodies or councils across Britain contact residents, asking them to update their voter details on the electoral register if these have changed. To do so, residents are asked to visit HouseholdResponse.com, a domain that looks anything but official and has often confused people, who mistake it for a scam.

  • Knight
     

Knight ransomware distributed in fake Tripadvisor complaint emails

  • The Knight ransomware is being distributed in an ongoing spam campaign that pretends to be TripAdvisor complaints.

  • Ford
     

Ford says cars with WiFi vulnerability still safe to drive

  • Ford is warning of a buffer overflow vulnerability in its SYNC3 infotainment system used in many Ford and Lincoln vehicles, which could allow remote code execution, but says that vehicle driving safety isn't impacted.

  • Hospital
     

The Week in Ransomware - August 11th 2023 - Targeting Healthcare

  • While some ransomware operations claim not to target hospitals, one relatively new ransomware gang named Rhysida doesn't seem to care.

  • Microsoft Exchange
     

US cyber safety board to analyze Microsoft Exchange hack of govt emails

  • The Department of Homeland Security's Cyber Safety Review Board (CSRB) has announced plans to conduct an in-depth review of cloud security practices following recent Chinese hacks of Microsoft Exchange accounts used by US government agencies.

  • Telegram
     

Xiaomi's MIUI now flags Telegram as dangerous in China

  • Asian smartphone giant Xiaomi is now blocking Telegram from being installed on devices using its MIUI system and firmware interface.

  • Police arrests hacker
     

LOLEKHosted admin arrested for aiding Netwalker ransomware gang

  • Police have taken down the Lolek bulletproof hosting provider, arresting five individuals and seizing servers for allegedly facilitating Netwalker ransomware attacks and other malicious activities.

  • CodeSYS
     

Industrial PLCs worldwide impacted by CODESYS V3 RCE flaws

  • Millions of PLC (programmable logic controllers) used in industrial environments worldwide are at risk to 15 vulnerabilities in the CODESYS V3 software development kit, allowing remote code execution (RCE) and denial of service (DoS) attacks.

  • Amazon AWS
     

Amazon AWS distances itself from Moq amid data collection controversy

  • Amazon AWS has withdrawn its association with open source project Moq after the project drew sharp criticism for its quiet addition of data collection features, as first reported by BleepingComputer.

  • Hacker monitors
     

Lapsus$ hackers took SIM-swapping attacks to the next level

  • The U.S. government released a report after analyzing simple techniques, e.g. SIM swapping, used by the Lapsus$ extortion group to breach dozens of organizations with a strong security posture.

  • Botnet robot
     

Gafgyt malware exploits five-years-old flaw in EoL Zyxel router

  • Fortinet has issued an alert warning that the Gafgyt botnet malware is actively trying to exploit a vulnerability in the end-of-life Zyxel P660HN-T1A router in thousands of daily attacks.

  • Microsoft Exchange
     

Microsoft Exchange updates pulled after breaking non-English installs

  • Microsoft has pulled Microsoft Exchange Server's August security updates from Windows Update after finding they break Exchange on non-English installs.

  • Bouncer Bar Guard
     

MoustachedBouncer hackers use AiTM attacks to spy on diplomats

  • A cyberespionage group named 'MoustachedBouncer' has been observed using adversary-in-the-middle (AitM) attacks at ISPs to hack foreign embassies in Belarus.

  • Barracuda
     

CISA: New Whirlpool backdoor used in Barracuda ESG hacks

  • The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has discovered a new backdoor malware named 'Whirlpool' used in attacks on compromised Barracuda Email Security Gateway (ESG) devices.

  • Key Decryptor Unlock
     

Dell Compellent hardcoded key exposes VMware vCenter admin creds

  • An unfixed hardcoded encryption key flaw in Dell's Compellent Integration Tools for VMware (CITV) allows attackers to decrypt stored vCenter admin credentials and retrieve the cleartext password.

VIEW MORE

Comments

Popular posts from this blog

SecurityWeek Briefing.

Cyber War Newswire

SecurityWeek Briefing.