Security – Page 179 – Computer Security Articles

Credit to Author: Lily Hay Newman| Date: Fri, 30 Sep 2022 21:16:38 +0000

People around the world are rallying to subvert Iran’s internet shutdown, but actually pulling it off is proving difficult and risky.

Microsoft Security

September 30, 2022 admin

Analyzing attacks using the Exchange vulnerabilities CVE-2022-41040 and CVE-2022-41082

Credit to Author: Katie McCafferty| Date: Sat, 01 Oct 2022 04:21:00 +0000

MSTIC observed activity related to a single activity group in August 2022 that achieved initial access and compromised Exchange servers by chaining CVE-2022-41040 and CVE-2022-41082 in a small number of targeted attacks.

The post Analyzing attacks using the Exchange vulnerabilities CVE-2022-41040 and CVE-2022-41082 appeared first on Microsoft Security Blog.

Security Wired

September 30, 2022 admin

Go Update iOS, Chrome, and HP Computers to Fix Serious Flaws

Credit to Author: Kate O’Flaherty| Date: Fri, 30 Sep 2022 11:00:00 +0000

Plus: WhatsApp plugs holes that could be used for remote execution attacks, Microsoft patches a zero-day vulnerability, and more.

Security Wired

September 30, 2022 admin

A Matrix Update Patches Serious End-to-End Encryption Flaws

Credit to Author: Dan Goodin, Ars Technica| Date: Thu, 29 Sep 2022 16:00:00 +0000

The messenger protocol had gained popularity for its robust security, but vulnerabilities allowed attackers to decrypt messages and impersonate users.

Security Wired

September 29, 2022 admin

A Matrix Update Will Patch Serious End-to-End Encryption Flaws

Credit to Author: Dan Goodin, Ars Technica| Date: Thu, 29 Sep 2022 16:00:00 +0000

The messenger protocol had gained popularity for its robust security, but vulnerabilities allowed attackers to decrypt messages and impersonate users.

Security Wired

September 29, 2022 admin

Mystery Hackers Are ‘Hyperjacking’ Targets for Insidious Spying

Credit to Author: Andy Greenberg| Date: Thu, 29 Sep 2022 13:00:00 +0000

For decades, security researchers warned about techniques for hijacking virtualization software. Now one group has put them into practice.

Security Wired

September 29, 2022 admin

The Race to Find the Nord Stream Saboteurs

Credit to Author: Matt Burgess| Date: Wed, 28 Sep 2022 20:00:26 +0000

Damage to the pipeline that runs between Russia and Germany is being treated as deliberate. Finding out what happened may not be straightforward.

Microsoft Security

September 29, 2022 admin

ZINC weaponizing open-source software

Credit to Author: Katie McCafferty| Date: Thu, 29 Sep 2022 16:00:00 +0000

In recent months, Microsoft detected weaponization of legitimate open-source software by an actor the Microsoft Threat Intelligence Center (MSTIC) tracks as ZINC, targeting employees at media, defense and aerospace, and IT service provider organizations in the US, UK, India, and Russia.

The post ZINC weaponizing open-source software appeared first on Microsoft Security Blog.