Artwork

Вміст надано Paul Torgersen. Весь вміст подкастів, включаючи епізоди, графіку та описи подкастів, завантажується та надається безпосередньо компанією Paul Torgersen або його партнером по платформі подкастів. Якщо ви вважаєте, що хтось використовує ваш захищений авторським правом твір без вашого дозволу, ви можете виконати процедуру, описану тут https://uk.player.fm/legal.
Player FM - додаток Podcast
Переходьте в офлайн за допомогою програми Player FM !

Lilith Not-Fair, Retbleed Spectre, Bandai Namco Gamed, and more.

2:40
 
Поширити
 

Архівні серії ("Канал неактуальний" status)

When? This feed was archived on May 25, 2023 16:09 (10M ago). Last successful fetch was on July 29, 2022 18:35 (1+ y ago)

Why? Канал неактуальний status. Нашим серверам не вдалося отримати доступ до каналу подкасту протягом тривалого періоду часу.

What now? You might be able to find a more up-to-date version using the search function. This series will no longer be checked for updates. If you believe this to be in error, please check if the publisher's feed link below is valid and contact support to request the feed be restored or if you have any other concerns about this.

Manage episode 334382738 series 2478053
Вміст надано Paul Torgersen. Весь вміст подкастів, включаючи епізоди, графіку та описи подкастів, завантажується та надається безпосередньо компанією Paul Torgersen або його партнером по платформі подкастів. Якщо ви вважаєте, що хтось використовує ваш захищений авторським правом твір без вашого дозволу, ви можете виконати процедуру, описану тут https://uk.player.fm/legal.
A daily look at the relevant information security news from overnight - 14 July, 2022
Episode 265 - 14 July 2022
Lilith Not-Fair- https://www.bleepingcomputer.com/news/security/new-lilith-ransomware-emerges-with-extortion-site-lists-first-victim/
Retbleed Spectre -
https://www.securityweek.com/retbleed-new-speculative-execution-attack-targets-intel-amd-processors
AWS Kubernetes Flaw -
https://portswigger.net/daily-swig/vulnerability-in-aws-iam-authenticator-for-kubernetes-could-allow-user-impersonation-privilege-escalation-attacks
Teams Sticker Shock- https://portswigger.net/daily-swig/microsoft-teams-security-vulnerability-left-users-open-to-xss-via-flawed-stickers-feature
Bandai Namco Gamed -
https://www.bleepingcomputer.com/news/security/bandai-namco-confirms-hack-after-alphv-ransomware-data-leak-threat/
Hi, I’m Paul Torgersen. It’s Thursday July 14th 2022, and this is a look at the information security news from overnight.
From BleepingComputer.com:
There’s a new ransomware group that has just hit the scene named Lilith. They have created the standard double-extortion leak site and added their first victim, a large construction group in South America, which has since been removed from the site. Analysis of the new family shows it does not appear to introduce any novelties, but another someone to keep an eye on. Details in the article.
From SecurityWeek.com:
Researchers have devised a new speculative execution attack called Retbleed, that can lead to information leaks and works on both Intel and AMD processors. The attack targets retpolines, or return trampolines, which was one of the defenses proposed in back 2018 to mitigate the Spectre side-channel attacks. You can see all the details and a link to the research paper in the article.
From PortSwigger.net:
A vulnerability in AWS IAM Authenticator for Kubernetes could allow a malicious actor to impersonate other users and escalate privileges in Kubernetes clusters. This impacts Elastic Kubernetes Service clusters configured with the AccessKeyID template parameter. If this is you, make sure you are running version 0.5.9.
Also from PortSwigger.net:
Attackers could abuse the sticker feature in Microsoft Teams to conduct cross-site scripting attacks. The Teams platform converts stickers into an image and uploads the content as RichText/HTML in the subsequent message. This can be manipulated for a potential HTML injection attack against multiple domains. All the sticky details in the article.
And last today, from BleepingComputer.com
Japanese game publishing giant Bandai Namco has confirmed that they suffered a cyberattack. The BlackCat ransomware gang has claimed responsibility for the attack on their data leak site. The company says the breach occurred on July 3rd to their internal systems in Asian regions other than Japan, and they are still evaluating the scope and type of information compromised.
That’s all for me today. Have a great rest of your day. Like and subscribe, and until tomorrow, be safe out there.
  continue reading

221 епізодів

Artwork
iconПоширити
 

Архівні серії ("Канал неактуальний" status)

When? This feed was archived on May 25, 2023 16:09 (10M ago). Last successful fetch was on July 29, 2022 18:35 (1+ y ago)

Why? Канал неактуальний status. Нашим серверам не вдалося отримати доступ до каналу подкасту протягом тривалого періоду часу.

What now? You might be able to find a more up-to-date version using the search function. This series will no longer be checked for updates. If you believe this to be in error, please check if the publisher's feed link below is valid and contact support to request the feed be restored or if you have any other concerns about this.

Manage episode 334382738 series 2478053
Вміст надано Paul Torgersen. Весь вміст подкастів, включаючи епізоди, графіку та описи подкастів, завантажується та надається безпосередньо компанією Paul Torgersen або його партнером по платформі подкастів. Якщо ви вважаєте, що хтось використовує ваш захищений авторським правом твір без вашого дозволу, ви можете виконати процедуру, описану тут https://uk.player.fm/legal.
A daily look at the relevant information security news from overnight - 14 July, 2022
Episode 265 - 14 July 2022
Lilith Not-Fair- https://www.bleepingcomputer.com/news/security/new-lilith-ransomware-emerges-with-extortion-site-lists-first-victim/
Retbleed Spectre -
https://www.securityweek.com/retbleed-new-speculative-execution-attack-targets-intel-amd-processors
AWS Kubernetes Flaw -
https://portswigger.net/daily-swig/vulnerability-in-aws-iam-authenticator-for-kubernetes-could-allow-user-impersonation-privilege-escalation-attacks
Teams Sticker Shock- https://portswigger.net/daily-swig/microsoft-teams-security-vulnerability-left-users-open-to-xss-via-flawed-stickers-feature
Bandai Namco Gamed -
https://www.bleepingcomputer.com/news/security/bandai-namco-confirms-hack-after-alphv-ransomware-data-leak-threat/
Hi, I’m Paul Torgersen. It’s Thursday July 14th 2022, and this is a look at the information security news from overnight.
From BleepingComputer.com:
There’s a new ransomware group that has just hit the scene named Lilith. They have created the standard double-extortion leak site and added their first victim, a large construction group in South America, which has since been removed from the site. Analysis of the new family shows it does not appear to introduce any novelties, but another someone to keep an eye on. Details in the article.
From SecurityWeek.com:
Researchers have devised a new speculative execution attack called Retbleed, that can lead to information leaks and works on both Intel and AMD processors. The attack targets retpolines, or return trampolines, which was one of the defenses proposed in back 2018 to mitigate the Spectre side-channel attacks. You can see all the details and a link to the research paper in the article.
From PortSwigger.net:
A vulnerability in AWS IAM Authenticator for Kubernetes could allow a malicious actor to impersonate other users and escalate privileges in Kubernetes clusters. This impacts Elastic Kubernetes Service clusters configured with the AccessKeyID template parameter. If this is you, make sure you are running version 0.5.9.
Also from PortSwigger.net:
Attackers could abuse the sticker feature in Microsoft Teams to conduct cross-site scripting attacks. The Teams platform converts stickers into an image and uploads the content as RichText/HTML in the subsequent message. This can be manipulated for a potential HTML injection attack against multiple domains. All the sticky details in the article.
And last today, from BleepingComputer.com
Japanese game publishing giant Bandai Namco has confirmed that they suffered a cyberattack. The BlackCat ransomware gang has claimed responsibility for the attack on their data leak site. The company says the breach occurred on July 3rd to their internal systems in Asian regions other than Japan, and they are still evaluating the scope and type of information compromised.
That’s all for me today. Have a great rest of your day. Like and subscribe, and until tomorrow, be safe out there.
  continue reading

221 епізодів

Todos los episodios

×
 
Loading …

Ласкаво просимо до Player FM!

Player FM сканує Інтернет для отримання високоякісних подкастів, щоб ви могли насолоджуватися ними зараз. Це найкращий додаток для подкастів, який працює на Android, iPhone і веб-сторінці. Реєстрація для синхронізації підписок між пристроями.

 

Короткий довідник