Artwork

Paul Torgersen द्वारा प्रदान की गई सामग्री. एपिसोड, ग्राफिक्स और पॉडकास्ट विवरण सहित सभी पॉडकास्ट सामग्री Paul Torgersen या उनके पॉडकास्ट प्लेटफ़ॉर्म पार्टनर द्वारा सीधे अपलोड और प्रदान की जाती है। यदि आपको लगता है कि कोई आपकी अनुमति के बिना आपके कॉपीराइट किए गए कार्य का उपयोग कर रहा है, तो आप यहां बताई गई प्रक्रिया का पालन कर सकते हैं https://hi.player.fm/legal
Player FM - पॉडकास्ट ऐप
Player FM ऐप के साथ ऑफ़लाइन जाएं!

Follina’s Tuesday Patch, Hertzbleed Attack, Mighty Bot, and more.

3:27
 
साझा करें
 

संग्रहीत श्रृंखला ("निष्क्रिय फ़ीड" status)

When? This feed was archived on May 25, 2023 16:09 (10M ago). Last successful fetch was on July 29, 2022 18:35 (1+ y ago)

Why? निष्क्रिय फ़ीड status. हमारे सर्वर निरंतर अवधि के लिए एक वैध डिजिटल ऑडियो फ़ाइल फ़ीड पुनर्प्राप्त करने में असमर्थ थे।

What now? You might be able to find a more up-to-date version using the search function. This series will no longer be checked for updates. If you believe this to be in error, please check if the publisher's feed link below is valid and contact support to request the feed be restored or if you have any other concerns about this.

Manage episode 331706691 series 2478053
Paul Torgersen द्वारा प्रदान की गई सामग्री. एपिसोड, ग्राफिक्स और पॉडकास्ट विवरण सहित सभी पॉडकास्ट सामग्री Paul Torgersen या उनके पॉडकास्ट प्लेटफ़ॉर्म पार्टनर द्वारा सीधे अपलोड और प्रदान की जाती है। यदि आपको लगता है कि कोई आपकी अनुमति के बिना आपके कॉपीराइट किए गए कार्य का उपयोग कर रहा है, तो आप यहां बताई गई प्रक्रिया का पालन कर सकते हैं https://hi.player.fm/legal
Follina’s Tuesday Patch, Hertzbleed Attack, Mighty Bot, and more.
A daily look at the relevant information security news from overnight - 15 June, 2022
Episode 245 - 15 June 2022
Follina’s Tuesday PAtch- https://www.zdnet.com/article/microsoft-june-2022-patch-tuesday-55-fixes-remote-code-execution-in-abundance/
Hertzbleed Attack -
https://www.securityweek.com/new-hertzbleed-remote-side-channel-attack-affects-intel-amd-processors
Travis Exposed Tokens- https://www.bleepingcomputer.com/news/security/thousands-of-github-aws-docker-tokens-exposed-in-travis-ci-logs/
Citrix ADM Error -
https://www.securityweek.com/attackers-can-exploit-critical-citrix-adm-vulnerability-reset-admin-passwords
Linux Panchan Bot -
https://www.bleepingcomputer.com/news/security/new-go-botnet-panchan-spreading-rapidly-in-education-networks/
Mighty Bot -
https://www.zdnet.com/article/a-tiny-botnet-launched-the-largest-ddos-attack-on-record/
Hi, I’m Paul Torgersen. It’s Wednesday June 15th, 2022, and this is a look at the information security news from overnight.
From ZDNet.com
June Patch Tuesday is a popular one with everyone from Siemens to Schneider to Adobe to SAP rolling out updates. In fact, 141 updates just from those four. The one I am going to call out is Microsoft. Redmond rolled out 55 fixes, That’s down from 74 last month, and only three of which are critical, but one of those is a fix for the Follina zero-day. At long last. Get your patch on kids.
From SecurityWeek.com:
Researchers have identified a new side-channel attack that can allow hackers to remotely extract sensitive information from a targeted system through a CPU timing attack they are calling Hertzbleed. This impacts devices powered by Intel and AMD and possibly others. Details on the article.
From BleepingComputer.com:
The Travis CI platform, which is used for software development and testing, has exposed user data containing tens of thousands of authentication tokens for GitHub, AWS, and Docker Hub. Aqua Security, who discovered the flaw, shared their findings with Travis hoping for a fix, but they were told that the issue was “by design” and left the data exposed.
From SecurityWeek.com:
Citrix has warned of a critical vulnerability in their Citrix Application Delivery Management that could essentially allow an attacker to trigger an administrator password reset at the next reboot. The vulnerabilities impact all supported versions of Citrix ADM server and Citrix ADM agent. Customers will need to update the server as well as all associated agents. The company says it has already taken care of the ADM cloud service and no additional action is required there.
From BleepingComputer.com
A new peer-to-peer botnet named Panchan has popped up targeting Linux servers in the education sector to mine crypto. It is empowered with SSH worm functions to move laterally within the compromised network, and has powerful detection avoidance capabilities, such as using memory-mapped miners and dynamically detecting process monitoring to pause the mining module.
And last today, from ZDNet.com
Speaking of botnets, Cloudflare says it mitigated a DDoS attack that peaked at 26 million requests per second, and was caused by a botnet of only just over 5,000 devices. Rather than being based in IoT devices, this botnet was hiding in cloud service providers. For this particular attack, each device was averaging 5,200 requests per second, which is about 4,000 times more than a typical IoT botnet can generate. Details on the article.
That’s all for me today. Have a great rest of your day. Like and subscribe, and until tomorrow, be safe out there.
  continue reading

221 एपिसोडस

Artwork
iconसाझा करें
 

संग्रहीत श्रृंखला ("निष्क्रिय फ़ीड" status)

When? This feed was archived on May 25, 2023 16:09 (10M ago). Last successful fetch was on July 29, 2022 18:35 (1+ y ago)

Why? निष्क्रिय फ़ीड status. हमारे सर्वर निरंतर अवधि के लिए एक वैध डिजिटल ऑडियो फ़ाइल फ़ीड पुनर्प्राप्त करने में असमर्थ थे।

What now? You might be able to find a more up-to-date version using the search function. This series will no longer be checked for updates. If you believe this to be in error, please check if the publisher's feed link below is valid and contact support to request the feed be restored or if you have any other concerns about this.

Manage episode 331706691 series 2478053
Paul Torgersen द्वारा प्रदान की गई सामग्री. एपिसोड, ग्राफिक्स और पॉडकास्ट विवरण सहित सभी पॉडकास्ट सामग्री Paul Torgersen या उनके पॉडकास्ट प्लेटफ़ॉर्म पार्टनर द्वारा सीधे अपलोड और प्रदान की जाती है। यदि आपको लगता है कि कोई आपकी अनुमति के बिना आपके कॉपीराइट किए गए कार्य का उपयोग कर रहा है, तो आप यहां बताई गई प्रक्रिया का पालन कर सकते हैं https://hi.player.fm/legal
Follina’s Tuesday Patch, Hertzbleed Attack, Mighty Bot, and more.
A daily look at the relevant information security news from overnight - 15 June, 2022
Episode 245 - 15 June 2022
Follina’s Tuesday PAtch- https://www.zdnet.com/article/microsoft-june-2022-patch-tuesday-55-fixes-remote-code-execution-in-abundance/
Hertzbleed Attack -
https://www.securityweek.com/new-hertzbleed-remote-side-channel-attack-affects-intel-amd-processors
Travis Exposed Tokens- https://www.bleepingcomputer.com/news/security/thousands-of-github-aws-docker-tokens-exposed-in-travis-ci-logs/
Citrix ADM Error -
https://www.securityweek.com/attackers-can-exploit-critical-citrix-adm-vulnerability-reset-admin-passwords
Linux Panchan Bot -
https://www.bleepingcomputer.com/news/security/new-go-botnet-panchan-spreading-rapidly-in-education-networks/
Mighty Bot -
https://www.zdnet.com/article/a-tiny-botnet-launched-the-largest-ddos-attack-on-record/
Hi, I’m Paul Torgersen. It’s Wednesday June 15th, 2022, and this is a look at the information security news from overnight.
From ZDNet.com
June Patch Tuesday is a popular one with everyone from Siemens to Schneider to Adobe to SAP rolling out updates. In fact, 141 updates just from those four. The one I am going to call out is Microsoft. Redmond rolled out 55 fixes, That’s down from 74 last month, and only three of which are critical, but one of those is a fix for the Follina zero-day. At long last. Get your patch on kids.
From SecurityWeek.com:
Researchers have identified a new side-channel attack that can allow hackers to remotely extract sensitive information from a targeted system through a CPU timing attack they are calling Hertzbleed. This impacts devices powered by Intel and AMD and possibly others. Details on the article.
From BleepingComputer.com:
The Travis CI platform, which is used for software development and testing, has exposed user data containing tens of thousands of authentication tokens for GitHub, AWS, and Docker Hub. Aqua Security, who discovered the flaw, shared their findings with Travis hoping for a fix, but they were told that the issue was “by design” and left the data exposed.
From SecurityWeek.com:
Citrix has warned of a critical vulnerability in their Citrix Application Delivery Management that could essentially allow an attacker to trigger an administrator password reset at the next reboot. The vulnerabilities impact all supported versions of Citrix ADM server and Citrix ADM agent. Customers will need to update the server as well as all associated agents. The company says it has already taken care of the ADM cloud service and no additional action is required there.
From BleepingComputer.com
A new peer-to-peer botnet named Panchan has popped up targeting Linux servers in the education sector to mine crypto. It is empowered with SSH worm functions to move laterally within the compromised network, and has powerful detection avoidance capabilities, such as using memory-mapped miners and dynamically detecting process monitoring to pause the mining module.
And last today, from ZDNet.com
Speaking of botnets, Cloudflare says it mitigated a DDoS attack that peaked at 26 million requests per second, and was caused by a botnet of only just over 5,000 devices. Rather than being based in IoT devices, this botnet was hiding in cloud service providers. For this particular attack, each device was averaging 5,200 requests per second, which is about 4,000 times more than a typical IoT botnet can generate. Details on the article.
That’s all for me today. Have a great rest of your day. Like and subscribe, and until tomorrow, be safe out there.
  continue reading

221 एपिसोडस

همه قسمت ها

×
 
Loading …

प्लेयर एफएम में आपका स्वागत है!

प्लेयर एफएम वेब को स्कैन कर रहा है उच्च गुणवत्ता वाले पॉडकास्ट आप के आनंद लेंने के लिए अभी। यह सबसे अच्छा पॉडकास्ट एप्प है और यह Android, iPhone और वेब पर काम करता है। उपकरणों में सदस्यता को सिंक करने के लिए साइनअप करें।

 

त्वरित संदर्भ मार्गदर्शिका