New Zero Day Exploit.

in #cybersecuritylast month

New zero-day in the Log4j Java library is already being exploited

A newly discovered zero-day vulnerability in the widely used Java logging library Apache Log4j is easy to exploit and enables attackers to gain full control of affected servers.


Source: https://QUE.com

Tracked as CVE-2021-44228, the vulnerability is classed as severe and allows unauthenticated remote code execution as the user running the application utilises the Java logging library. CERT New Zealand warns that it’s already being exploited in the wild.

continue reading: https://www.zdnet.com/article/security-warning-new-zero-day-in-the-log4j-java-library-is-already-being-exploited/

Data breach impacts 80,000 South Australian govt employees
The South Australian government has disclosed that the sensitive personal information belonging to tens of thousands of its employees was compromised following a ransomware attack that hit the system of an external payroll software provider last month.

The number of records accessed by hackers corresponds to at least 38,000 SA government employees, but it could be as high as 80,000 according to South Australia’s Treasurer Rob Lucas.

continue reading: https://www.bleepingcomputer.com/news/security/data-breach-impacts-80-000-south-australian-govt-employees/

How to hide from the State’s Big Brother? Snowden’s method to use
The article also discusses Edward Snowden’s methods to help you stay anonymous on the Internet. For example — using the Whonix distribution kit ensures user anonymity.

Disclaimer
The article discusses the technologies used to protect your data and confidential information on the Internet. All presented information here is to inform PC users and political activists about information security measures. The author of the article does not in any way intend to harm or offend users and politicians.

If you suddenly need to hide from the state, there will be no time to think. How should you proceed to guarantee yourself complete anonymity on the Internet and in life? Read more about the methods of successful disappearance and the methods of Edward Snowden in our article.

continue reading: https://medium.com/@prcooltechzone/how-to-hide-from-the-states-big-brother-snowden-s-method-to-use-96797c8e5ee9

Kali Linux 2021.4 released with 9 new tools, further Apple M1 support
Kali Linux 2021.4 was released today by Offensive Security and includes further Apple M1 support, increased Samba compatibility, nine new tools, and an update for all three main desktop.

Kali Linux is a Linux distribution allowing cybersecurity professionals and ethical hackers to perform penetration testing and security audits against internal and remote networks.

With this release, the Kali Linux Team introduces a bunch of new features, including:
Apple M1 support for the VMware Fusion Public Tech Preview
Wide compatibility is enabled for Samba
Making it easier to switch to Cloudflare’s package manager mirror
Kaboxer updated with support for window themes and icon theme
Updates to the Xfce, GNOME and KDE desktops
Raspberry Pi Zero 2 W + USBArmory MkII ARM images
Nine more tools!

continue reading: https://www.bleepingcomputer.com/news/security/kali-linux-20214-released-with-9-new-tools-further-apple-m1-support/

US Cyber Command head confirms direct actions against ransomware gangs
General Paul M. Nakasone, head of US Cyber Command confirmed during a recent national security event that his agency has begun taking direct action against international ransomware gangs as part of a larger effort to curtail attacks on American companies and infrastructure.

The General explained that his agency is working hand-in-hand with the NSA, FBI, and other federal entities while during a talk at the Reagan National Defense Forum, a meeting of national security officials held on Saturday. After the talk, he noted to The New York Times that he sees Cyber Command’s mission right now as focusing on trying to “understand the adversary and their insights better than we’ve ever understood them before.”

continue reading: https://www.zdnet.com/article/us-cyber-command-head-confirms-direct-actions-against-ransomware-gangs/

Ottawa man charged following international cyberattack investigation
Ontario Provincial Police arrested 31-year-old Matthew Philbert on Nov. 30 following a 23-month investigation. Philbert faces three cybercrime-related charges and is being held in custody in Ottawa awaiting further court appearances, the OPP said.

“(Philbert) cast a very wide range net over his victims,” said Det. Insp. Matt Watson of the OPP’s Criminal Investigation Branch. “We had individuals, just individuals whose home computers were compromised. We had small, medium-sized businesses. Many of these businesses were just hanging on by their fingernails through COVID and then they get hit with a very expensive ransomware demand. That’s pretty tough.”

continue reading: https://ottawacitizen.com/news/ottawa-man-charged-following-international-cyberattack-investigation

Everyone is burned out. That’s becoming a security nightmare
Cybersecurity workers and other employees are suffering from a high level of burnout that is putting organisations at greater risks from cyberattacks and data breaches.

Research by cybersecurity company 1Password suggests that the challenge of remote working two years into the COVID-19 pandemic is leaving staff feeling burned out and less likely to pay attention to security guidelines.

continue reading: https://www.zdnet.com/article/everyone-is-burned-out-thats-becoming-a-security-nightmare/

Read more Cyber Security News at https://que.com/tag/cybersecurity/

Thank you for reading. Stay safe and stay healthy.
@Yehey [ Witness ]


Posted via Onlinebuzz.com