securityXspace: a blog about cyber-philosophy.

Tavis Ormandy, a white hat hacker Google Project Zero announced to have found a zero-day flaw in the SymCrypt cryptographic library of Microsoft’s operating system. The recently released Microsoft Patch Tuesday security updates for June 2019 failed to address a flaw in SymCrypt , a core cryptographic function library currently used by Windows. Source: Google…

Security experts discovered a vulnerability in the popular Evernote Web Clipper for Chrome can be exploited to steal sensitive data from sites visited by users. Security experts at browser security firm Guardio discovered a critical universal cross-site scripting (XSS) vulnerability in the Evernote Web Clipper for Chrome . Source: Flaw in Evernote Web Clipper for…

Encrypted messaging service Telegram suffered a major cyber-attack that appeared to originate from China, the company’s CEO said Thursday, linking it to the ongoing political unrest in Hong Kong. read more Source: Telegram Hit by Cyber-attack, CEO Points to HK Protests, China

Advances in data science are making it possible to shift vulnerability management from a reactive to a proactive discipline. Keeping pace with the endless deluge of security vulnerabilities has become one of the truly Sisyphean tasks for enterprise IT and security teams. Every operating system, device, and application is a potential source of vulnerabilities. This can include…

TA505 is a prolific cybercriminal group known for its attacks against multiple financial institutions and retail companies using malicious spam campaigns and different malware. We have been following TA505 closely and detected various related activities for the past two months. In the group’s latest campaign, they started using HTML attachments to deliver malicious .XLS files…

The Preempt research team found two critical Microsoft vulnerabilities that consist of three logical flaws in NTLM, the company’s proprietary authentication protocol. These vulnerabilities allow attackers to remotely execute malicious code on any Windows machine or authenticate to any web server that supports Windows Integrated Authentication (WIA) such as Exchange or ADFS. The research shows that…

In vulnerability disclosure programs, organizations are paying more in total for XSS issues than any other vulnerability type, HackerOne says. Cross-site scripting (XSS) errors that allow attackers to inject malicious code into otherwise benign websites continue to be the most common web application vulnerability across organizations. Bug bounty firm HackerOne recently analyzed data on more…

At least 3.4 billion fake emails are sent around the world every day — with most industries remaining vulnerable to spear-phishing and “spoofing” cyberattacks simply because they’re not implementing industry-standard authentication protocols, according to a Valimail report. The research report also found that the vast majority of suspicious emails emanate from U.S.-based sources. It’s not all bad…

Researchers have detected a new campaign against the hotel-entertainment industry employing the first documented use of the ShellTea/PunchBuggy backdoor since 2017. It is also thought to be the first observed attack delivered by the FIN8 group in 2019. FIN8’s obfuscation techniques were analyzed by FireEye in June 2017 together with the use of “their PUNCHTRACK…

A team of researchers representing several universities has disclosed the details of RAMBleed, a new type of side-channel attack on dynamic random-access memory (DRAM) that can be used to obtain potentially sensitive data from a device’s memory. RAMBleed, which is tracked as CVE-2019-0174, is based on Rohammer, a technique whose security impact was first demonstrated in 2015…