Is it possible for any intelligence agency to keep its ‘zero-day’ supply from falling into the wrong hands? The question that bothers security community heads since four years ago accident with a group of hackers Shadow Brokers, who launched leaking of NSA hacking tools onto the Internet.
Recently, security firm Check Point revealed that Shadow Brokers weren’t the first to use the NSA hacking tool. Chinese attackers APT31, known as Zirconium or Judgment Panda, appeared to obtain and reuse another NSA instrument years before the famous hacker gang. The prooves confirm that Zirconium used EpMe Windows-hacking tool developed by the Equation Group, which is supposed to belong to NSA.
A new hacker attack threatening VMware vCenter servers has been revealed recently. Not only unpatched devices, but also companies’ entire networks appear to be vulnerable.
Threat intelligence firm Bad Packets affirms that Scans for VMware vCenter devices have already been initiated.
On their blog, Chinese security researchers disclosed proof-of-concept code CVE-2021-21972 for weakness detection. As a result, the scans were launched tracked.
Brazilian authorities came out with a bill offering to put back the reinforcement of fines for non-compliance with data protection regulations.
In September 2020, was launched a country’s General Data Protection Law (LGPD, in the Portuguese acronym), mentioning the sanctions for defiance. They result in warnings, daily fines of up to 50 million reais (US$ 9 million) as well as in a prohibition of data processing activities.
The act provoked two sensational scandals in 2021. The first one led to the exposure of personal information of 220 million citizens, while the second one concerned the leakage of 102 mobile phone accounts.
An XSS security vulnerability in icloud.com has been recently discovered by Vishal Bharad, bug bounty hunter and penetration tester.
Stored or persistent XSS flaws serve not only to store payloads on a target server, but also to penetrate threatening scripts into websites and could be exploited for stealing cookies, session tokens, and browser data.
Hacker should create new Pages or Keynote content with an XSS payload sent into the name field to provoke the vulnerability.
Cisco System intersite policy manager software appeared to be vulnerable to remote hackers who can now bypass authorization.
Unfortunately, this is not the first weakness discovered and eradicated by Cisco this week. The vulnerability resides in Cisco’s ACI Multi-Site Orchestrator (ACI MSO) – business-management software that monitors interconnected policy-management sites condition.
According to the CVSS vulnerability-rating scale, Cisco’s vulnerability (CVE-2021-1388) ranks 10 (out of 10). Hackers could bypass the authorization and use it by sending a crafted request to the affected API. That’s why such a gotcha is considered to be dangerous.
Subscribe to our newsletter
Enter your email address to subscribe to Hacken Reseach and receive notifications of new posts by email.