securityXspace: a blog about cyber-philosophy.

If you are running a KDE desktop environment on your Linux operating system, you need to be extra careful and avoid downloading any “.desktop” or “.directory” file for a while. A cybersecurity researcher has disclosed an unpatched zero-day vulnerability in the KDE software framework that could allow maliciously crafted .desktop and .directory files to silently…

The latest version of the popular SQL attack automation tool, SQLMAP, has been released. This new release includes the following features: Full support for MySQL, Oracle, PostgreSQL, MS SQL Server, MS Access, IBM DB2, SQLite, Firebird, Sybase, SQP, MaxDB, Informix, HSQLDB and H2; Full support for six SQL injection types: boolean-based blind; time-base blind; error-based;…

Microsoft has detected that Russian government-sponsored hackers are using IoT devices, such as internet-connected printers, to target and launch attacks against computer networks. Source: Microsoft catches Russian state hackers using IoT devices to breach networks

A series of critical vulnerabilities have been discovered in Qualcomm chipsets that could allow hackers to compromise Android devices remotely just by sending malicious packets over-the-air with no user interaction. Reality check: These flaws have been fixed on Android, so make sure your phone is up to date. These vulnerabilities are not being exploited in…

Researchers at Proofpoint discovered SystemBC, a new strain of proxy malware that is being distributed via Fallout and RIG Exploit Kits Source: SystemBC, a new proxy malware is being distributed via Fallout and RIG EK

Exploit kits come and go, rise and fall, like the ocean currents. In order to be successful they must be up-to-date and utilise the latest and greatest in consumable exploits. Virus Bulletin‘s Adrian Luca recently discovered a brand new exploit kit, which has called the Lord EK. Malwarebytes have be quick on the draw and…

Talos: Talos is publishing a glimpse into the most prevalent threats we’ve observed between July 26 and Aug. 2. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioural characteristics, indicators of compromise, and discussing how our customers are…

This BlueKeep exploit is now progressing very quickly now: A working BlueKeep exploit module is available now, at an “expensive” monthly rate: BlueKeep built into exploitation tool, sparks fear of Wannacry style infection

This is a fascinating read which acknowledges that current attacker methodologies have evolved beyond the old smash-and-grab approach to infiltrate and remain. This also highlights how far defenders actually are behind the curve, because attackers have been using these methods for a few years now and we are only just catching up. “The Cyber Kill…

A researcher said that he found a Honda ElasticSearch database exposing 40GB of internal system and device data. Source: Honda’s Security ‘Soft Spots’ Exposed in Unsecured Database