Mar 06, 2023Ravie LakshmananEncryption / Cybersecurity A group of researchers has revealed what it says is a vulnerability in a specific implementation of CRYSTALS-Kyber, one of the encryption algorithms chosen by the U.S. government as quantum-resistant last year. The exploit relates to "side-channel attacks on up to the fifth-order masked implementations of CRYSTALS-Kyber … [Read more...] about Experts Discover Flaw in U.S. Govt’s Chosen Quantum-Resistant Encryption Algorithm
Flaw
Chinese Hackers Exploited Recent Fortinet Flaw as 0-Day to Drop Malware
Jan 20, 2023Ravie LakshmananFirewall / Network Security A suspected China-nexus threat actor exploited a recently patched vulnerability in Fortinet FortiOS SSL-VPN as a zero-day in attacks targeting a European government entity and a managed service provider (MSP) located in Africa. Telemetry evidence gathered by Google-owned Mandiant indicates that the exploitation occurred … [Read more...] about Chinese Hackers Exploited Recent Fortinet Flaw as 0-Day to Drop Malware
Critical Flaw Reported in Move Virtual Machine Powering the Aptos Blockchain Network
Researchers have disclosed details about a now-patched critical flaw in the Move virtual machine that powers the Aptos blockchain network. The vulnerability "can cause Aptos nodes to crash and cause denial of service," Singapore-based Numen Cyber Labs said in a technical write-up published earlier this month. Aptos is a new entrant to the blockchain space, which launched its … [Read more...] about Critical Flaw Reported in Move Virtual Machine Powering the Aptos Blockchain Network
Researchers Detail Azure SFX Flaw That Could’ve Allowed Attackers to Gain Admin Access
Cybersecurity researchers have shared more details about a now-patched security flaw in Azure Service Fabric Explorer (SFX) that could potentially enable an attacker to gain administrator privileges on the cluster. The vulnerability, tracked as CVE-2022-35829, carries a CVSS severity rating of 6.2 and was addressed by Microsoft as part of its Patch Tuesday updates last … [Read more...] about Researchers Detail Azure SFX Flaw That Could’ve Allowed Attackers to Gain Admin Access
Hackers Exploiting Unpatched RCE Flaw in Zimbra Collaboration Suite
A severe remote code execution vulnerability in Zimbra's enterprise collaboration software and email platform is being actively exploited, with no patch currently available to remediate the issue. The shortcoming, assigned CVE-2022-41352, carries a critical-severity rating of CVSS 9.8, providing a pathway for attackers to upload arbitrary files and carry out malicious actions … [Read more...] about Hackers Exploiting Unpatched RCE Flaw in Zimbra Collaboration Suite
Fortinet Warns of New Auth Bypass Flaw Affecting FortiGate and FortiProxy
Fortinet has privately warned its customers of a security flaw affecting FortiGate firewalls and FortiProxy web proxies that could potentially allow an attacker to perform unauthorized actions on susceptible devices. Tracked as CVE-2022-40684, the high-severity flaw relates to an authentication bypass vulnerability that could permit an unauthenticated adversary to perform … [Read more...] about Fortinet Warns of New Auth Bypass Flaw Affecting FortiGate and FortiProxy
MIT Researchers Discover New Flaw in Apple M1 CPUs That Can’t Be Patched
A novel hardware attack dubbed PACMAN has been demonstrated against Apple's M1 processor chipsets, potentially arming a malicious actor with the capability to gain arbitrary code execution on macOS systems. It leverages "speculative execution attacks to bypass an important memory protection mechanism, ARM Pointer Authentication, a security feature that is used to enforce … [Read more...] about MIT Researchers Discover New Flaw in Apple M1 CPUs That Can’t Be Patched
Atlassian Releases Patch for Confluence Zero-Day Flaw Exploited in the Wild
Atlassian on Friday rolled out fixes to address a critical security flaw affecting its Confluence Server and Data Center products that have come under active exploitation by threat actors to achieve remote code execution. Tracked as CVE-2022-26134, the issue is similar to CVE-2021-26084 — another security flaw the Australian software company patched in August 2021. Both relate … [Read more...] about Atlassian Releases Patch for Confluence Zero-Day Flaw Exploited in the Wild
New “B1txor20” Linux Botnet Uses DNS Tunnel and Exploits Log4J Flaw
A previously undocumented backdoor has been observed targeting Linux systems with the goal of corralling the machines into a botnet and acting as a conduit for downloading and installing rootkits. Qihoo 360's Netlab security team called it B1txor20 "based on its propagation using the file name 'b1t,' the XOR encryption algorithm, and the RC4 algorithm key length of 20 … [Read more...] about New “B1txor20” Linux Botnet Uses DNS Tunnel and Exploits Log4J Flaw
Master Key for Hive Ransomware Retrieved Using a Flaw in its Encryption Algorithm
Researchers have detailed what they call the "first successful attempt" at decrypting data infected with Hive ransomware without relying on the private key used to lock access to the content. "We were able to recover the master key for generating the file encryption key without the attacker's private key, by using a cryptographic vulnerability identified through analysis," a … [Read more...] about Master Key for Hive Ransomware Retrieved Using a Flaw in its Encryption Algorithm