FreshRSS

πŸ”’
❌ Secure Planet Training Courses Updated For 2019 - Click Here
There are new available articles, click to refresh the page.
☐ β˜† βœ‡ The Hacker News

TETRA:BURST β€” 5 New Vulnerabilities Exposed in Widely Used Radio Communication System

By: THN β€” July 25th 2023 at 10:28
A set of five security vulnerabilities have been disclosed in the Terrestrial Trunked Radio (TETRA) standard for radio communication used widely by government entities and critical infrastructure sectors, including what's believed to be an intentional backdoor that could have potentially exposed sensitive information. The issues, discovered by Midnight Blue in 2021 and held back until now, have
☐ β˜† βœ‡ The Hacker News

Azure AD Token Forging Technique in Microsoft Attack Extends Beyond Outlook, Wiz Reports

By: THN β€” July 21st 2023 at 15:14
The recent attack againstΒ Microsoft's email infrastructureΒ by a Chinese nation-state actor referred to as Storm-0558 is said to have a broader scope than previously thought. According to cloud security company Wiz, the inactive Microsoft account (MSA) consumer signing key used to forge Azure Active Directory (Azure AD or AAD) tokens to gain illicit access to Outlook Web Access (OWA) and
☐ β˜† βœ‡ The Hacker News

Mallox Ransomware Exploits Weak MS-SQL Servers to Breach Networks

By: THN β€” July 20th 2023 at 16:56
Mallox ransomware activities in 2023 have witnessed a 174% increase when compared to the previous year, new findings from Palo Alto Networks Unit 42 reveal. "Mallox ransomware, like many other ransomware threat actors, follows the double extortion trend: stealing data before encrypting an organization's files, and then threatening to publish the stolen data on a leak site as leverage to convince
☐ β˜† βœ‡ The Hacker News

North Korean State-Sponsored Hackers Suspected in JumpCloud Supply Chain Attack

By: THN β€” July 20th 2023 at 13:30
An analysis of the indicators of compromise (IoCs) associated with the JumpCloud hack has uncovered evidence pointing to the involvement of North Korean state-sponsored groups, in a style that's reminiscent of theΒ supply chain attack targeting 3CX. The findings come from SentinelOne, whichΒ mapped outΒ the infrastructure pertaining to the intrusion to uncover underlying patterns. It's worth noting
❌