使用Player FM应用程序离线!
Elastix VoIP Attack, Botnet Targeting ICS, Blitz.JS Polluted, and more.
已归档的系列专辑 ("不活跃的收取点" status)
When? This feed was archived on May 25, 2023 16:09 (). Last successful fetch was on July 29, 2022 18:35 ()
Why? 不活跃的收取点 status. 我们的伺服器已尝试了一段时间,但仍然无法截取有效的播客收取点
What now? You might be able to find a more up-to-date version using the search function. This series will no longer be checked for updates. If you believe this to be in error, please check if the publisher's feed link below is valid and contact support to request the feed be restored or if you have any other concerns about this.
Manage episode 334744551 series 2478053
Episode 267 - 18 July 2022
Elastix VoIP Attack- https://www.bleepingcomputer.com/news/security/elastix-voip-systems-hacked-in-massive-campaign-to-install-php-web-shells/
Botnet Targeting ICS -
https://thehackernews.com/2022/07/hackers-distributing-password-cracking.html
Play Store Purge -
https://threatpost.com/google-boots-malware-marketplace/180241/
Juniper Patches- https://www.securityweek.com/juniper-networks-patches-over-200-third-party-component-vulnerabilities
Blitz.JS Polluted -
https://portswigger.net/daily-swig/prototype-pollution-in-blitz-js-leads-to-remote-code-execution
Hi, I’m Paul Torgersen. It’s Monday July 18th, 2022, and from Port Angeles, this is a look at the information security news from overnight.
From BleepingComputer.com:
Threat analysts have uncovered a large-scale campaign targeting Elastix VoIP telephony servers with more than 500,000 malware samples over a period of about three months. The attackers are likely exploiting CVE-2021-45461, a remote code execution vulnerability with a 9.8 severity. The goal is to plant a PHP web shell that could run arbitrary commands on the compromised communications server. Details in the article.
From TheHackerNews.com:
Industrial engineers and operators are the target of a new campaign that leverages password cracking software to seize control of Programmable Logic Controllers and co-opt the machines to a botnet. Attackers are exploiting a vulnerability in the firmware which allows it to retrieve the password on command. They then drop the Sality malware and turn the host into a peer in Sality's peer-to-peer botnet. More details inside.
From ThreatPost.com:
Google has removed eight apps from its Play store that were propagating a new variant of the Joker spyware. Unfortunately those apps had already accounted for a total of over 3 million downloads. Those apps are: Vlog Star Video Editor, Creative 3D Launcher, Wow Beauty Camera, Gif Emoji Keyboard, (yes I said gif not jif) Freeglow Camera, Coco Camera, Funny Camera, and Razer Keyboard & Theme.
From SecurityWeek.com:
Juniper Networks has published 21 security advisories to inform customers about patches for more than 200 vulnerabilities. Six of those advisories impact their own products, including Junos OS, Junos Space, Contrail Networking, and Northstar Controller products. The rest were vulnerabilities affecting third-party components such as Nginx, OpenSSL, Samba, Java SE, SQLite and Linux. Details in the article.
And last today, from PortSwigger.net:
Blitz.js, a JavaScript web application framework, has patched a dangerous prototype pollution vulnerability that could lead to remote code execution on Node.js servers. The bug allows attackers to manipulate the code in the Blitz.js app to create a reverse shell and run arbitrary commands on the server. You can find all the dirty details in the article.
That’s all for me. Have a great rest of your day. Like and subscribe, and until next time, be safe out there.
221集单集
已归档的系列专辑 ("不活跃的收取点" status)
When? This feed was archived on May 25, 2023 16:09 (). Last successful fetch was on July 29, 2022 18:35 ()
Why? 不活跃的收取点 status. 我们的伺服器已尝试了一段时间,但仍然无法截取有效的播客收取点
What now? You might be able to find a more up-to-date version using the search function. This series will no longer be checked for updates. If you believe this to be in error, please check if the publisher's feed link below is valid and contact support to request the feed be restored or if you have any other concerns about this.
Manage episode 334744551 series 2478053
Episode 267 - 18 July 2022
Elastix VoIP Attack- https://www.bleepingcomputer.com/news/security/elastix-voip-systems-hacked-in-massive-campaign-to-install-php-web-shells/
Botnet Targeting ICS -
https://thehackernews.com/2022/07/hackers-distributing-password-cracking.html
Play Store Purge -
https://threatpost.com/google-boots-malware-marketplace/180241/
Juniper Patches- https://www.securityweek.com/juniper-networks-patches-over-200-third-party-component-vulnerabilities
Blitz.JS Polluted -
https://portswigger.net/daily-swig/prototype-pollution-in-blitz-js-leads-to-remote-code-execution
Hi, I’m Paul Torgersen. It’s Monday July 18th, 2022, and from Port Angeles, this is a look at the information security news from overnight.
From BleepingComputer.com:
Threat analysts have uncovered a large-scale campaign targeting Elastix VoIP telephony servers with more than 500,000 malware samples over a period of about three months. The attackers are likely exploiting CVE-2021-45461, a remote code execution vulnerability with a 9.8 severity. The goal is to plant a PHP web shell that could run arbitrary commands on the compromised communications server. Details in the article.
From TheHackerNews.com:
Industrial engineers and operators are the target of a new campaign that leverages password cracking software to seize control of Programmable Logic Controllers and co-opt the machines to a botnet. Attackers are exploiting a vulnerability in the firmware which allows it to retrieve the password on command. They then drop the Sality malware and turn the host into a peer in Sality's peer-to-peer botnet. More details inside.
From ThreatPost.com:
Google has removed eight apps from its Play store that were propagating a new variant of the Joker spyware. Unfortunately those apps had already accounted for a total of over 3 million downloads. Those apps are: Vlog Star Video Editor, Creative 3D Launcher, Wow Beauty Camera, Gif Emoji Keyboard, (yes I said gif not jif) Freeglow Camera, Coco Camera, Funny Camera, and Razer Keyboard & Theme.
From SecurityWeek.com:
Juniper Networks has published 21 security advisories to inform customers about patches for more than 200 vulnerabilities. Six of those advisories impact their own products, including Junos OS, Junos Space, Contrail Networking, and Northstar Controller products. The rest were vulnerabilities affecting third-party components such as Nginx, OpenSSL, Samba, Java SE, SQLite and Linux. Details in the article.
And last today, from PortSwigger.net:
Blitz.js, a JavaScript web application framework, has patched a dangerous prototype pollution vulnerability that could lead to remote code execution on Node.js servers. The bug allows attackers to manipulate the code in the Blitz.js app to create a reverse shell and run arbitrary commands on the server. You can find all the dirty details in the article.
That’s all for me. Have a great rest of your day. Like and subscribe, and until next time, be safe out there.
221集单集
所有剧集
×欢迎使用Player FM
Player FM正在网上搜索高质量的播客,以便您现在享受。它是最好的播客应用程序,适用于安卓、iPhone和网络。注册以跨设备同步订阅。