White House networks hacked

Attackers broke into unclassified White House computer networks in the past 2-3 weeks. It's far from surprising, one unnamed official said, given that it's a "constant battle" between the government, trying to secure its sensitive systems, and bad actors seeking to intrude on them.

[web applications] – EspoCRM 2.5.2 XSS / LFI / Access Control Vulnerabilities

[remote exploits] – Konke Smart Plug K – Authentication Bypass Vulnerability

[local exploits] – IBM Tivoli Monitoring 6.2.2 kbbacf1 – Privilege Escalation Exploit

[web applications] – MAARCH 1.4 – SQL Injection / Arbitrary File Upload Vulnerabilities

Infographic: The Many Faces of Today’s Hackers

The “Dirty Dozen” SPAMPIONSHIP – who’s got the biggest zombie problem?

Our latest quarterly SPAMPIONSHIP charts are out, showing which countries have the most zombies, and therefore send the most spam. Take a look, and then ask yourself, "What can I do to help?" Simple: kill-a-zombie today!

White House unclassified network hacked, apparently by Russians

The unclassified network of the Executive Office of the President—the administrative network of the White House—was breached by attackers thought to be working for the Russian government, according to multiple reports. The Washington Post reported that an investigation is ongoing, and White House officials are not saying what data, if any, was stolen from the computers on the network. “We are still assessing the activity of concern,” an unnamed White House official told the Post.

According to the Post’s anonymous sources, the breach was discovered in early October after a friendly foreign government alerted US officials. The network’s virtual private network access was shut down, and some staff members were told to change passwords. "We took immediate measures to evaluate and mitigate the activity,” the Post’s source at the White House said. “Unfortunately, some of that resulted in the disruption of regular services to users. But people were on it and are dealing with it.”

This isn’t the first time attackers, apparently sponsored by a foreign state, have targeted the White House’s network. In 2008 and 2012, Chinese hackers penetrated the White House’s network. On the first occasion, the attackers gained access to the White House’s e-mail server; in 2012, a phishing attack against White House staffers gave attackers access to the network, though officials said no sensitive data was exposed.

Read 1 remaining paragraphs | Comments

TeamDigi7al US navy hacker sentenced to 2 years in jail

One of the two leaders of the cyber criminal group known as Team Digi7al was last week sentenced to two years in federal prison for his role in breaking into the computer systems of a pretty random mix of targets.

Arrests made after ‘specialist malware’ used in £1.6 million ATM heist

"Specialist malware" allowed a gang of crooks to empty the cash machines of large amounts of money, averaging over £30,000 per machine. Now, the police have made three arrests in connection with the incidents.

Hackers Are Using Gmail Drafts to Update Their Malware and Steal Data

Hackers Are Using Gmail Drafts to Update Their Malware and Steal Data

In his career-ending extramarital affair that came to light in 2012, General David Petraeus used a stealthy technique to communicate with his lover Paula Broadwell: the pair left messages for each other in the drafts folder of a shared Gmail account. Now hackers have learned the same trick. Only instead of a mistress, they're sharing their love letters with data-stealing malware buried deep on a victim's computer.

The post Hackers Are Using Gmail Drafts to Update Their Malware and Steal Data appeared first on WIRED.








Cyber Espionage Attacks Attributed To Russian Government

FireEye report meticulously details clues that all point to state-sponsorship of the Sofacy/Sourface malware and tracks its evolution over seven years.

[remote] – Konke Smart Plug K – Authentication Bypass Vulnerability

Konke Smart Plug K - Authentication Bypass Vulnerability

[remote exploits] – CUPS Filter Bash Environment Variable Code Injection Exploit

[web applications] – Enalean Tuleap 7.2 – XXE File Disclosure Vulnerability

[local exploits] – Windows TrackPopupMenu Win32k NULL Pointer Dereference Exploit

[web applications] – Enalean Tuleap 7.4.99.5 – Remote Command Execution / Blind SQL Injection Vulnerabilities

Security Companies Team Up, Take Down Chinese Hacking Group

Novetta, Microsoft, and others form Operation SMN to eradicate Hikit malware and disrupt the cyber espionage gang Axiom's extensive information gathering.

Retailers Facing Intensified Cyberthreat This Holiday Season

After the Year of the Retail Breach, retail's annual holiday shopping season "freeze" on new technology and some security patching is just around the corner.

Researcher Shows Why Tor Anonymity Is No Guarantee Of Security

Tor exit node in Russia spotted downloading malicious code.

[web applications] – vBulletin 4.x Verify Email Before Registration Plugin – SQL Injection Vulnerability

[web applications] – Change CMS 3.6.8 – Multiple CSRF Vulnerabilities

[web applications] – Mulesoft ESB Runtime 3.5.1 – Privilege Escalation Vulnerability

[web applications] – HttpCombiner ASP.NET – Remote File Disclosure Vulnerability

[web applications] – Incredible PBX 2.0.6.5.0 – Remote Command Execution Exploit

[web applications] – Parallels Plesk Sitebuilder 9.5 – Multiple Vulnerabilities

[web applications] – CBN CH6640E/CG6640E Wireless Gateway Series Multiple Vulnerabilities

[webapps] – Enalean Tuleap 7.2 – XXE File Disclosure

Enalean Tuleap 7.2 - XXE File Disclosure

NY Senator Calls for Renewed Crackdown on Dark Web Drug Sales

NY Senator Calls for Renewed Crackdown on Dark Web Drug Sales

Three years ago, New York Senator Chuck Schumer held a press conference to pressure federal law enforcement to crack down on the Silk Road, the anonymous online drug market that had only just come to light. Now, over a year since that contraband bazaar was seized by the FBI, Schumer seems to have discovered that […]

The post NY Senator Calls for Renewed Crackdown on Dark Web Drug Sales appeared first on WIRED.








[webapps] – Mulesoft ESB Runtime 3.5.1 – Privilege Escalation Vulnerability

Mulesoft ESB Runtime 3.5.1 - Privilege Escalation Vulnerability

[webapps] – CBN CH6640E/CG6640E Wireless Gateway Series Multiple Vulnerabilities

CBN CH6640E/CG6640E Wireless Gateway Series Multiple Vulnerabilities

[webapps] – WebDisk+ 2.1 iOS – Code Execution Vulnerability

WebDisk+ 2.1 iOS - Code Execution Vulnerability

[webapps] – Folder Plus 2.5.1 iOS – Persistent XSS Vulnerability

Folder Plus 2.5.1 iOS - Persistent XSS Vulnerability

[webapps] – WordPress CP Multi View Event Calendar 1.01 – SQL Injection

Wordpress CP Multi View Event Calendar 1.01 - SQL Injection

[webapps] – Change CMS 3.6.8 – Multiple CSRF Vulnerabilities

Change CMS 3.6.8 - Multiple CSRF Vulnerabilities