Tag: attacker

Source URL: https://www.schneier.com/blog/archives/2025/09/microsoft-still-uses-rc4.html Source: Schneier on Security Title: Microsoft Still Uses RC4 Feedly Summary: Senator Ron Wyden has asked the Federal Trade Commission to investigate Microsoft over its continued use of the RC4 encryption algorithm. The letter talks about a hacker technique called Kerberoasting, that exploits the Kerberos authentication system. AI Summary and Description: Yes…

The Register: Careless engineer stored recovery codes in plaintext, got whole org pwned

Sep 15, 2025

—

by

Source URL: https://www.theregister.com/2025/09/15/ransomware_recovery_codes_plaintext/ Source: The Register Title: Careless engineer stored recovery codes in plaintext, got whole org pwned Feedly Summary: Cautionary tale from the recent SonicWall attacks Failing to encrypt sensitive data leaves you wide open to attack. During the recent SonicWall attack spree, intruders bypassed multi-factor authentication (MFA) in at least one case, because…

Google Online Security Blog: Supporting Rowhammer research to protect the DRAM ecosystem

Sep 15, 2025

—

by

Source URL: http://security.googleblog.com/2025/09/supporting-rowhammer-research-to.html Source: Google Online Security Blog Title: Supporting Rowhammer research to protect the DRAM ecosystem Feedly Summary: AI Summary and Description: Yes Summary: The text discusses the Rowhammer vulnerability in DRAM memory, which allows attackers to manipulate memory cells leading to unauthorized access or data corruption. It highlights the inadequacy of current mitigations…

The Register: Hijacker helper VoidProxy boosts Google, Microsoft accounts on demand

—

by

Source URL: https://www.theregister.com/2025/09/11/voidproxy_phishing_service/ Source: The Register Title: Hijacker helper VoidProxy boosts Google, Microsoft accounts on demand Feedly Summary: Okta uncovers new phishing-as-a-service operation with ‘multiple entities’ falling victim Multiple attackers using a new phishing service dubbed VoidProxy to target organizations’ Microsoft and Google accounts have successfully stolen users’ credentials, multi-factor authentication codes, and session tokens…

The Register: AI-powered penetration tool, an attacker’s dream, downloaded 10K times in 2 months

—

by

Source URL: https://www.theregister.com/2025/09/11/cobalt_strikes_ai_successor_downloaded/ Source: The Register Title: AI-powered penetration tool, an attacker’s dream, downloaded 10K times in 2 months Feedly Summary: Shady, China-based company, all the apps needed for a fully automated attack – sounds totally legit Villager, a new penetration-testing tool linked to a suspicious China-based company and described by researchers as “Cobalt Strike’s…

The Register: Senator blasts Microsoft for ‘dangerous, insecure software’ that helped pwn US hospitals

—

by

Source URL: https://www.theregister.com/2025/09/11/wyden_microsoft_insecure/ Source: The Register Title: Senator blasts Microsoft for ‘dangerous, insecure software’ that helped pwn US hospitals Feedly Summary: Ron Wyden urges FTC to probe failure to secure Windows after attackers used Kerberoasting to cripple Ascension Microsoft is back in the firing line after US Senator Ron Wyden accused Redmond of shipping “dangerous,…

Cisco Security Blog: SnortML: Cisco’s ML-Based Detection Engine Gets Powerful Upgrade

—

by

Source URL: https://blogs.cisco.com/security/snortml-cisco-ml-based-detection-engine-gets-powerful-upgrade Source: Cisco Security Blog Title: SnortML: Cisco’s ML-Based Detection Engine Gets Powerful Upgrade Feedly Summary: SnortML, Cisco’s innovative ML engine for Snort IPS, proactively detects evolving exploits like SQL Injection, Command Injection & XSS on-device for privacy. AI Summary and Description: Yes Summary: The text highlights the introduction of SnortML, a machine…

The Register: Akira ransomware crims abusing trifecta of SonicWall security holes for extortion attacks

Sep 10, 2025

—

by

Source URL: https://www.theregister.com/2025/09/10/akira_ransomware_abusing_sonicwall/ Source: The Register Title: Akira ransomware crims abusing trifecta of SonicWall security holes for extortion attacks Feedly Summary: Patch, turn on MFA, and restrict access to trusted networks…or else Affiliates of the Akira ransomware gang are again exploiting a critical SonicWall vulnerability abused last summer, after a suspected zero-day flaw actually turned…

Slashdot: Wyden Says Microsoft Flaws Led to Hack of US Hospital System

Sep 10, 2025

—

by