securityXspace: a blog about cyber-philosophy.

A researcher has released proof-of-concept code for a critical code execution vulnerability (CVE-2019-11580) in Atlassian Crowd, a centralized identity management solution providing single sign-on and user identity. Atlassian plugged the hole in late May, but administrators that failed to implement it should consider doing so now, as full-fledged exploits are likely to pop up soon.…

Recently, we uncovered a new DNS-changer called Extenbro that comes with an adware bundler. These DNS-changers block access to security-related sites, so the adware victims can’t download and install security software to get rid of the pests. Source: Meet Extenbro, a new DNS-changer Trojan protecting adware

A MongoDB database that held records sourced from websites including Pipl.com and LexisNexis, was accessible to anyone with an internet connection Source: 188m records exposed on MongoDB database

Brian Krebs: The cybercriminals behind the GandCrab ransomware-as-a-service (RaaS) offering recently announced they were closing up shop and retiring after having allegedly earned more than $2 billion in extortion payments from victims . But a growing body of evidence suggests the GandCrab team have instead quietly regrouped behind a more exclusive and advanced ransomware program…

Enlarge / Germany’s government continues its history of principled Microsoft opposition. (credit: Flickr user fdecomite ) Last week, the German state of Hesse declared that its schools may not legally use the Office 365 cloud product . Source: Office 365 declared illegal in German schools due to privacy risks

A dropper called “Topinambour” is the first-stage implant, which in turn fetches a spy trojan built in several coding languages. Source: Turla APT Returns with New Malware, Anti-Censorship Angle

The same security vulnerabilities that were recently reported in Zoom for macOS also affect two other popular video conferencing software that under the hood, are just a rebranded version of Zoom video conferencing software. Security researchers confirmed The Hacker News that RingCentral, used by over 350,000 businesses, and Zhumu, a Chinese version of Zoom, also…

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between July 5 and July 12. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are…

FIRST, the global Forum of Incident Response and Security Teams, who maintain the Common Vulnerability Scoring System, have release version 3.1. On their website, you can find a neat calculator with full documentation of changes and user guides.  

Tokyo-based cryptocurrency exchange said Friday it had halted all services after losing cryptocurrency worth more than $32 million in the latest apparent hack involving virtual money. read more Source: Japan Firm Says $32 Million Missing in Cryptocurrency Hack