Linux 6.1 on NanoPi R4S – On fixing SD-card support, Heisenbugs and Rabbit Holes
Article URL: https://kohlschuetter.github.io/blog/posts/2022/10/28/linux-nanopi-r4s/ Comments URL: https://news.ycombinator.com/item?id=33370882 Points: 46 # Comments: 7
Raspberry Robin Operators Selling Cybercriminals Access to Thousands of Endpoints
The Raspberry Robin worm is becoming an access-as-a-service malware for deploying other payloads, including IcedID, Bumblebee, TrueBot (aka Silence), and Clop ransomware. It is "part of a complex and interconnected malware ecosystem, with links to other malware...
Microsoft: Raspberry Robin USB worm hits nearly 1,000 organizations in the past month
Widely distributed worm evolves into one of the largest currently active malware distribution platforms.
2022 cyber threat report details growing trends
SonicWall’s mid-year report update has been released with new information on malware, ransomware, cryptojacking and more. The post 2022 cyber threat report details growing trends appeared first on TechRepublic.
Researchers Expose Over 80 ShadowPad Malware C2 Servers
As many as 85 command-and-control (C2) servers have been discovered supported by the ShadowPad malware since September 2021, with infrastructure detected as recently as October 16, 2022. That's according to VMware's Threat Analysis Unit (TAU), which studied three...
Windows 11 Is Causing Issues for AMD Ryzen 9 CPUs, Nvidia GPUs
Windows 11 Is Causing Issues for AMD Ryzen 9 CPUs, Nvidia GPUs Go to Source The centered Taskbar can be moved back to its usual position if you don't like the option. Gamer adoption of Windows 11 has been an ongoing topic of interest...
Windows Event Log Vulnerabilities Could Be Exploited to Blind Security Products
Windows Event Log Vulnerabilities Could Be Exploited to Blind Security Products Go to Source Remote attackers could exploit two Event Log vulnerabilities in Windows to crash the Event Log application and cause a denial-of-service...
CVE-2022-20776
Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an attacker to conduct path traversal attacks, view sensitive data, or write arbitrary files on an affected device. For more information about...
CVE-2022-20811
Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an attacker to conduct path traversal attacks, view sensitive data, or write arbitrary files on an affected device. For more information about...
CVE-2022-20822
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to read and delete files on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An...
CVE-2022-20933
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z3 Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to...
CVE-2022-20953
Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an attacker to conduct path traversal attacks, view sensitive data, or write arbitrary files on an affected device. For more information about...
CVE-2022-20954
Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an attacker to conduct path traversal attacks, view sensitive data, or write arbitrary files on an affected device. For more information about...
CVE-2022-20955
Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an attacker to conduct path traversal attacks, view sensitive data, or write arbitrary files on an affected device. For more information about...
CVE-2022-20959
A vulnerability in the External RESTful Services (ERS) API of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This...
Feds accuse Ukrainian of renting out PC-raiding Raccoon malware to fiends
Separately, charges slapped on alleged operator of dark market, The Real Deal Mark Sokolovsky, 26, a Ukrainian national, is being held in the Netherlands while he awaits extradition to America on cybercrime charges, the US Justice Department said on Tuesday.…
Apple MacOS Ventura Bug Breaks Third-Party Security Tools
Your anti-malware software may not work if you upgraded to the new operating system. But Apple says a fix is on the way.
Cisco AnyConnect Windows client under active attack
Cisco AnyConnect Windows client under active attack Go to Source Make sure you're patched – and update VMware Cloud Foundation, too, by the way Cisco says miscreants are exploiting two vulnerabilities in its AnyConnect Secure Mobility...
U.S. Charges Ukrainian Hacker Over Role in Raccoon Stealer Malware Service
A 26-year-old Ukrainian national has been charged in the U.S. for his alleged role in the Raccoon Stealer malware-as-a-service (MaaS) operation. Mark Sokolovsky, who was arrested by Dutch law enforcement after leaving Ukraine on March 4, 2022, in what's said to be a...
Kimsuky Hackers Spotted Using 3 New Android Malware to Target South Koreans
The North Korean espionage-focused actor known as Kimsuky has been observed using three different Android malware strains to target users located in its southern counterpart. That's according to findings from South Korean cybersecurity company S2W, which named the...
US charges Ukrainian national over alleged role in Raccoon Infostealer malware operation
U.S. officials have charged a Ukrainian national over his alleged role in the Raccoon Infostealer malware-as-a-service operation that infected millions of computers worldwide. Mark Sokolovsky — also known online as “raccoonstealer,” according to an indictment unsealed...
Valence Security raises fresh capital to secure the SaaS app supply chain
Valence Security raises fresh capital to secure the SaaS app supply chain Go to Source Valence Security, a company securing business app infrastructure, today announced that it raised $25 million in a Series A round led by M12,...
Cisco Confirms In-the-Wild Exploitation of Two VPN Vulnerabilities
Cisco has confirmed that two vulnerabilities affecting one of its VPN products are being exploited in the wild. read more
Hackers Actively Exploiting Cisco AnyConnect and GIGABYTE Drivers Vulnerabilities
Cisco has warned of active exploitation attempts targeting a pair of two-year-old security flaws in the Cisco AnyConnect Secure Mobility Client for Windows. Tracked as CVE-2020-3153 (CVSS score: 6.5) and CVE-2020-3433 (CVSS score: 7.8), the vulnerabilities could...
US Charges Ukrainian ‘Raccoon Infostealer’ With Cybercrimes
A Ukrainian man has been charged with computer fraud for allegedly infecting millions of computers with malware in a cybercrime operation known as "Raccoon Infostealer," the US Justice Department said Tuesday. read more
Google will end Chrome support on Windows 7 and 8.1 in early 2023
Google will end Chrome support on Windows 7 and 8.1 in early 2023 Go to Source Google has announced it will end Chrome support on Windows 7 and Windows 8.1 early next year. Chrome 110, which is scheduled for release on February 7th,...
Researchers Detail Windows Event Log Vulnerabilities: LogCrusher and OverLog
Researchers Detail Windows Event Log Vulnerabilities: LogCrusher and OverLog Go to Source Cybersecurity researchers have disclosed details about a pair of vulnerabilities in Microsoft Windows, one of which could be exploited to result...
Massive Typosquatting Racket Pushes Malware at Windows, Android Users
A large-scale phishing attack built on typosquatting is targeting Windows and Android users with malware. The campaign currently underway uses more than 200 typosquatting domains that impersonate 27 brands to trick web surfers into downloading malicious software to...
Cybercriminals Used Two PoS Malware to Steal Details of Over 167,000 Credit Cards
Two point-of-sale (PoS) malware variants have been put to use by a threat actor to steal information related to more than 167,000 credit cards from payment terminals. According to Singapore-headquartered cybersecurity company Group-IB, the stolen data dumps could net...
CISA Warns of Attacks Exploiting Cisco, Gigabyte Vulnerabilities
The US Cybersecurity and Infrastructure Security Agency (CISA) has added two Cisco and four Gigabyte product flaws to its Known Exploited Vulnerabilities catalog. Only one of the Gigabyte vulnerabilities was previously mentioned as being involved in attacks. read more