DecryptedTech Feed (3878)
Monday, 10 July 2023 12:08
Vishing Efforts in South Korea get a Boost from new “Letscall” Malware
Written by Sean Kalinich
Social engineering efforts via voice calls (Vishing) is nothing new. The use of phone calls for malicious activity is pretty old and include such popular scams as extended car warranties, IRS collection attempts, and the ever popular “there is a…
Read 660 times
Published in
News
Monday, 10 July 2023 10:52
Progress Software’s MOVEit has yet another Unauthenticated SQL Injection Flaw
Written by Sean Kalinich
Last week Progress Software, the company behind MOVEit file transfer software, announced another SQL injection flaw had been identified and patched. This flaw is just the latest in a series of vulnerabilities that have been identified in the application after…
Read 656 times
Published in
News
Thursday, 06 July 2023 12:40
Let’s Talk a Minute About Meta’s Threads and the Data it Wants
Written by Sean Kalinich
Yesterday (July 5, 2023) Social Networking Giant, Meta launched their competitor to Twitter. This new app is a companion app to Instagram called threads. Ironically, Twitter had a lot of buzz about the new app including from people that routinely…
Read 1496 times
Published in
News
Wednesday, 05 July 2023 13:58
NPM is back in the news as Node.js is found to be open to a Manifest Confusion Attack
Written by Sean Kalinich
It has been a few days since we talked about NPM and node.js. The popular repository has been taking a bit of a beating in recent months as attackers, hacktivists, and others seek to compromise their packages as part of…
Read 778 times
Published in
News
Wednesday, 05 July 2023 12:17
Microsoft Teams Flaw Leveraged by New Red Team Tool to Push Malware
Written by Sean Kalinich
There is nothing like an unresolved security flaw in a major product. Especially when the flaw is one that the developer knows about but does not consider important enough to fix in a timely manner. If the flaw is in…
Read 1078 times
Published in
News
Tuesday, 27 June 2023 14:11
New Process Injection Method Found that can Potentially Avoid EDR Detection
Written by Sean Kalinich
EDR, XDR, and MDR are acronyms that are well known to most organizations. The operative letters here are DR which stands for Detection and Response. The E, X, and M stand for Endpoint, E(x)tended, and Managed respectively. Each one of…
Read 544 times
Published in
News
Friday, 23 June 2023 16:04
Microsoft’s Cloud Feature Runs at a Loss According to Testimony to FTC
Written by Sean Kalinich
So, it seems that under direct questioning Microsoft has been forced to admit that cloud gaming is not as big of a deal as they have been saying it is. We have long held that their generous 10-year cloud licensing…
Read 809 times
Published in
Game Thoughts
Friday, 23 June 2023 12:29
Flaws in Microsoft Teams External Tenant Handling Allow for Easy Malware Distribution
Written by Sean Kalinich
You have to love Microsoft Teams. Teams is the Frankenstein Monster of Microsoft’s Lync, which then became Skype for Business, and then morphed into the problematic service we now know as Teams. The journey from Lync to Teams has been…
Read 798 times
Published in
News
Friday, 23 June 2023 11:31
Crypto Mining Malware Targeting Linux and Linux Based IoT Devices Show How Little we have Progressed in IoT Security
Written by Sean Kalinich
IoT (Internet of Things) devices have long been a source of security concerns. Back in 2012-2014 we wrote a series of articles following the comedy of errors that is the IoT market. At the time I dubbed it the Internet…
Read 1320 times
Published in
Security Talk
Thursday, 22 June 2023 13:30
Why the Microsoft Activision Blizzard Deal is such a Big Deal
Written by Sean Kalinich
Unless you have been living under a rock or just do not care about gaming at all, you have probably heard a lot about the Microsoft Activision merger/acquisition. The deal, one of the largest in history, is a monster. Microsoft…
Read 991 times
Published in
Game Thoughts
Thursday, 22 June 2023 11:41
FTC Changes the Focus from Cloud to Xbox Vs PlayStation in Microsoft Activision Blizzard Deal (as it should be)
Written by Sean Kalinich
In our coverage of the Microsoft Activision/Blizzard deal we have often wondered why so many of the groups that approved the deal, and one that opposed it, focused only on cloud gaming. We saw the UK say that the deal…
Read 758 times
Published in
Game Thoughts
Thursday, 22 June 2023 10:39
Apple Patches Flaw that Allowed for Spyware Which Russia Blamed on the US
Written by Sean Kalinich
Remember the iMessage flaw that allowed for a zero click installation of malware? You know, the one that was discovered by Russian cybersecurity firm Kaspersky which was allegedly targeting Russian Apple devices? The one that Russia said was a US…
Read 721 times
Published in
News
Thursday, 22 June 2023 09:26
Flaw in MS Azure AD OAuth Could Allow for Complete Account Take Over
Written by Sean Kalinich
Microsoft’s Azure AD, the cloud-based flavor of the on-premises service is an interesting construct. On the surface you think that it has some decent protections enabled by default. The sad truth of the matter is that this is not the…
Read 781 times
Published in
News
Monday, 19 June 2023 14:04
New Info Stealer Malware, Mystic Stealer, can Target an Impressive 40 Web Browsers
Written by Sean Kalinich
There is nothing like hearing about a new information stealer on a Monday. In this case the malware in question goes by the name of Mystic Stealer and was first pushed onto the world in April of 2023. It boasts…
Read 719 times
Published in
News
Monday, 19 June 2023 11:19
Fragments of a New Sophisticated macOS Toolkit found in the Wild
Written by Sean Kalinich
As I have often said, the idea that an operating system, or brand of computer is somehow immune to attack or malware is just a false one. We have seen time and time again where attackers are all too capable…
Read 552 times
Published in
News
Monday, 19 June 2023 10:12
Microsoft Says June Azure Outages Caused by Coordinated DDoS Attack
Written by Sean Kalinich
According to a statement that Microsoft released on Friday, several outrages in their Azure environment were caused by a large-scale Distributed Denial of Service attack. The attack began in early June 2023 when “surges in traffic” began causing availability impacts.…
Read 864 times
Published in
News