All posts by Charlie

Misconfigured Windows Servers Are Contributing To DDoS Attacks, Researchers Warn

Misconfigured Windows Servers Are Contributing To DDoS Attacks, Researchers Warn

Posted on November 3, 2022 at 6:37 AM Security researchers at Black Lotus Labs have discovered that Windows Server misconfigurations have kept servers at risk of being hit by a distributed denial of service (DDoS) attacks. Already, organizations are falling...

/ November 3, 2022
SandStrike Spyware Infecting Android Devices through VPN Apps

SandStrike Spyware Infecting Android Devices through VPN Apps

Did you know 38% of VPN apps on Google Play Store are plagued with malware? Nonetheless, the IT security researchers at Kaspersky have discovered that threat actors are increasingly relying on SandStrike spyware that is specifically impacting Android devices. The...

/ November 2, 2022
Hacker AFK: the_arch_angel

Hacker AFK: the_arch_angel

Today’s hacker the_arch_angel  JXoaT: What was your first experience with hacking growing up?  the_arch_angel: I actually didn’t do any hacking growing up. It wasn’t until post-college that I started showing interest in computer security. Growing up, I had seen movies with...

/ November 2, 2022
Multiple Vulnerabilities Reported in Checkmk IT Infrastructure Monitoring Software

Multiple Vulnerabilities Reported in Checkmk IT Infrastructure Monitoring Software

Multiple vulnerabilities have been disclosed in Checkmk IT Infrastructure monitoring software that could be chained together by an unauthenticated, remote attacker to fully take over affected servers. “These vulnerabilities can be chained together by an unauthenticated, remote attacker to gain...

/ November 2, 2022
Server-side attacks, C&C in public clouds and other MDR cases we observed

Server-side attacks, C&C in public clouds and other MDR cases we observed

Introduction This report describes several interesting incidents observed by the Kaspersky Managed Detection and Response (MDR) team. The goal of the report is to inform our customers about techniques used by attackers. We hope that learning about the attacks that took...

/ November 2, 2022
How I Found My Next Mission In Cybersecurity

How I Found My Next Mission In Cybersecurity

Trevor Granger is a Technical Manager in Operations, Federal. He has 18 years of service and is currently in Officer Training School for the Air Force. I was a freshman in high school when September 11th, 2001 happened. I will...

/ November 2, 2022
Leaked Amazon Prime Video Server Exposed Users Viewing Habits

Leaked Amazon Prime Video Server Exposed Users Viewing Habits

Remember when a Chinese server leaked 7GB worth of data including fake Amazon reviews? Well now, an Elasticsearch database dubbed Sauron was left unprotected in cyberspace without any security authentication. According to security researcher Anurag Sen, the database was stored...

/ November 1, 2022
Samsung Galaxy Store Flaw Allows Remote Attacker to Run Code on Affected Phones

Samsung Galaxy Store Flaw Allows Remote Attacker to Run Code on Affected Phones

A security flaw in the Galaxy Store allows attackers to trigger remote code execution on affected smartphones.  The now patched vulnerability, which affects Galaxy Store version 4.5.32.4, relates to a cross-site scripting (XSS) bug that occurs when handling certain deep...

/ November 1, 2022
OpenSSL Releases Patch for 2 New High-Severity Vulnerabilities

OpenSSL Releases Patch for 2 New High-Severity Vulnerabilities

The OpenSSL project has rolled out fixes to contain two high-severity flaws in its widely used cryptography library that could result in a denial-of-service (DoS) and remote code execution. The issues, tracked as CVE-2022-3602 and CVE-2022-3786, have been described as...

/ November 1, 2022
An Unofficial Patch Has Been Released for Actively Exploited Windows MoTW Zero-Day

An Unofficial Patch Has Been Released for Actively Exploited Windows MoTW Zero-Day

There is an unofficial patch from 0patch for a Zero-Day flaw in Microsoft Windows that allows bypassing the MotW (Mark-of-the-Web) protections that are built into the operating system and at moment it’s actively exploited. By utilizing files signed with malformed...

/ November 1, 2022
Growing into the Synack Red Team

Growing into the Synack Red Team

Mohammad Jassim is a 17-year-old member of the Synack Red Team.  In 2017, I was that rare seventh grader who had Ubuntu installed on their laptop. Typing “sudo apt-get install software-center” every chance I got boosted my ego – I...

/ November 1, 2022
APT trends report Q3 2022

APT trends report Q3 2022

For more than five years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. These summaries are based on our threat intelligence research; and they provide a representative snapshot...

/ November 1, 2022