Experimental News Clipping Site

Tag: bypass

  • The Register: Expired Juniper routers find new life – as Chinese spy hubs

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/03/12/china_spy_juniper_routers/ Source: The Register Title: Expired Juniper routers find new life – as Chinese spy hubs Feedly Summary: Fewer than 10 known victims, but Mandiant suspects others compromised, too Chinese spies have for months exploited old Juniper Networks routers, infecting the buggy gear with custom backdoors and gaining root access to the compromised…

  • Cloud Blog: Ghost in the Router: China-Nexus Espionage Actor UNC3886 Targets Juniper Routers

    by

    Kurt Seifried
    in

    Source URL: https://cloud.google.com/blog/topics/threat-intelligence/china-nexus-espionage-targets-juniper-routers/ Source: Cloud Blog Title: Ghost in the Router: China-Nexus Espionage Actor UNC3886 Targets Juniper Routers Feedly Summary: Written by: Lukasz Lamparski, Punsaen Boonyakarn, Shawn Chew, Frank Tse, Jakub Jozwiak, Mathew Potaczek, Logeswaran Nadarajan, Nick Harbour, Mustafa Nasser Introduction In mid 2024, Mandiant discovered threat actors deployed custom backdoors on Juniper Networks’ Junos…

  • The Register: Choose your own Patch Tuesday adventure: Start with six zero day fixes, or six critical flaws

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/03/12/patch_tuesday/ Source: The Register Title: Choose your own Patch Tuesday adventure: Start with six zero day fixes, or six critical flaws Feedly Summary: Microsoft tackles 50-plus security blunders, Adobe splats 3D bugs, and Apple deals with a doozy Patch Tuesday Microsoft’s Patch Tuesday bundle has appeared, with a dirty dozen flaws competing for…

  • Hacker News: Polymorphic Chrome Extensions Impersonate Password Managers to Steal Credentials

    by

    Kurt Seifried
    in

    Source URL: https://cyberinsider.com/polymorphic-chrome-extensions-impersonate-password-managers-to-steal-credentials/ Source: Hacker News Title: Polymorphic Chrome Extensions Impersonate Password Managers to Steal Credentials Feedly Summary: Comments AI Summary and Description: Yes Summary: The emergence of polymorphic browser extensions presents a significant security threat, particularly to users relying on legitimate extensions for secure tasks. These malicious extensions cleverly impersonate existing ones, executing sophisticated…

  • Hacker News: Backdoor detected in ESP32 Espressif IoT chip

    by

    Kurt Seifried
    in

    Source URL: https://www.tarlogic.com/news/backdoor-esp32-chip-infect-ot-devices/ Source: Hacker News Title: Backdoor detected in ESP32 Espressif IoT chip Feedly Summary: Comments AI Summary and Description: Yes Summary: The text details significant new findings by Tarlogic Security regarding a backdoor in the widely used ESP32 microchip, affecting millions of IoT devices. This vulnerability poses serious risks for security and privacy…

  • Hacker News: Apple takes UK to court over ‘backdoor’ order

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/03/05/apple_reportedly_ipt_complaint/ Source: Hacker News Title: Apple takes UK to court over ‘backdoor’ order Feedly Summary: Comments AI Summary and Description: Yes Summary: Apple has lodged a legal complaint against the UK government’s order to break iCloud encryption, signaling significant implications for data privacy and security. This case raises critical concerns about the balance…

  • The Register: Cybercrims now licking stamps and sending extortion demands in snail mail

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/03/05/snail_mail_data_release_extortion/ Source: The Register Title: Cybercrims now licking stamps and sending extortion demands in snail mail Feedly Summary: First crooks gave up encrypting data, and just stole it – now they don’t even bother pilfering info. Sheesh! Ransomware extortionists are now using letters sent by snail mail to demand payments, without bothering to…

  • The Register: It’s bad enough we have to turn on cams for meetings, now the person staring at you may be an AI deepfake

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/03/04/faceswapping_scams_2024/ Source: The Register Title: It’s bad enough we have to turn on cams for meetings, now the person staring at you may be an AI deepfake Feedly Summary: Says the biz trying to sell us stuff to catch that, admittedly High-profile deepfake scams that were reported here at The Register and elsewhere…

  • Alerts: CISA Adds Five Known Exploited Vulnerabilities to Catalog

    by

    Kurt Seifried
    in

    Source URL: https://www.cisa.gov/news-events/alerts/2025/03/03/cisa-adds-five-known-exploited-vulnerabilities-catalog Source: Alerts Title: CISA Adds Five Known Exploited Vulnerabilities to Catalog Feedly Summary: CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-20118 Cisco Small Business RV Series Routers Command Injection Vulnerability CVE-2022-43939 Hitachi Vantara Pentaho BA Server Authorization Bypass Vulnerability CVE-2022-43769 Hitachi Vantara Pentaho BA Server…