Decryptedtech Decryptedtech Decryptedtech Decryptedtech
  • Home
  • Articles
    • News
    • Security Talk
    • Game Thoughts
    • Editorials
    • Shows and Events
    • Leaks and Rumors
    • My Ramblings
    • In Other News
    • Bits, Bytes, and Bourbon
  • Consulting
    • Security Consulting
    • Why Us
    • Services
  • Privacy Policy
  • Archived Items
    • Reviews
      • Enthusiast Gear
        • Motherboards
        • CPUs
        • GPUs
        • Audio
        • Storage and Networking
        • Entusiast Peripherals
      • Pro Gear
        • Motherboards
        • Memory
        • Storage and Networking
      • Consumer Gear
        • Motherboards
        • Audio
        • Storage and Networking
        • Consumer Peripherals
      • Home Theater
      • Mobile Computing
      • Tech Unplugged
      • Gadgets
      • Systems
        • Pro Systems
      • Software and Games
        • Consumer Software
        • Games
      • Peripherals
      • Power and Cooling
  • Bits, Bytes, and Bourbon Store

News

News

When Patching is Not Enough: How Attackers are Looking at Patches to Find the Next Flaw

Microsoft’s Patch Tuesday for May included a patch that was a fix for a flaw that was created from another patch back in March 2023. The March patch was meant to fix vulnerability CVE-2023-23397 which was a known exploited critical vulnerability in Microsoft Outlook’s MapUrlToZone security measure. It was allegedly abused by Russian based threat actors since April 2022. The new flaw is a bypass for the fix put in place in March.

Details
By Sean Kalinich
Sean Kalinich
May 11
Hits: 781
  • Vulnerabilities
  • mshtml
  • edgehtml
  • ntlm
  • cve202323397
  • cve202329324

Read more: When Patching is Not Enough: How Attackers are...

No comments on “When Patching is Not Enough: How Attackers are Looking at Patches to Find the Next Flaw”
News

The Greatness Phishing as a Service Platform Intended to Make Targeting MS365 Easier

There is an old saying that says, when you can no longer do, you teach. This might be a relatively true axiom in the regular world, but in the world of cybercrime it is certainly not what you find happening. Instead, we tend to see that when organized groups no longer want the headache and hassle of doing the heavy lifting for attacks, they just build a platform to sell their tools to others. We have seen ransomware as a service, malware as a service, malvertising as a service, and even phishing as a service.

Details
By Sean Kalinich
Sean Kalinich
May 10
Hits: 1659
  • Hacking
  • Malware
  • Email Security
  • greateness
  • phishing as a service
  • phaas

Read more: The Greatness Phishing as a Service Platform...

No comments on “The Greatness Phishing as a Service Platform Intended to Make Targeting MS365 Easier”
News

Intel Investigating MSI Data Breach and Private Code Signing Key Theft

Yesterday we reported on a ransomware attack that impacted PC and component manufacturer MSI. When they, MSI, disclosed the attack they claimed there was no significant impact, but failed to consider that most, if not all, modern ransomware attacks also incorporate exfiltration techniques to ensure a ransom is paid. This this case, the group Money Message had exfiltrated data a claimed 1.5TB of data that included firmware, source code, and databases. This sounds a bit significant at this point.

Details
By Sean Kalinich
Sean Kalinich
May 09
Hits: 2129
  • Intel
  • MSI
  • UEFI
  • Code Signing
  • Ransomware
  • bios hacking
  • money message group

Read more: Intel Investigating MSI Data Breach and Private...

No comments on “Intel Investigating MSI Data Breach and Private Code Signing Key Theft”
News

More Threat Groups Pile onto PaperCut Vulnerability Including State-Sponsored Ones

In January of 2023 the Print Management Software company PaperCut was advised of two Remote Code Execution (RCE) bugs. These bugs were in their PaperCut MF and PaperCut NG software products. PaperCut worked with the group that identified the bugs, TrendMicro, to develop a patch prior to disclosure of the flaw. The patch was made available to PaperCut clients on March 8th and the vulnerability was disclosed on April 20th. However, as is the case with things like this, the patches were not rolled out as one would have hoped.

Details
By Sean Kalinich
Sean Kalinich
May 09
Hits: 809
  • Ransomware
  • papercut
  • cve202327350
  • mint sandstorm
  • mango sandstorm
  • lance tempest
  • cl0p ransomware
  • lockbit ransomware

Read more: More Threat Groups Pile onto PaperCut...

No comments on “More Threat Groups Pile onto PaperCut Vulnerability Including State-Sponsored Ones”
News

PC Component Maker MSI has Private Code Signing Keys Leaked **Updated**

Updated May-08-2023 with statement from Intel
Back in early April MSI, a popular PC and PC component maker, disclosed that it had a security incident. They stated that they quickly rolled out their Incident Response Team and enacted their recovery procedures (IR and BC/DR plans). Not much was known about the attack at the time, including when the incident happened, just that the disclosure was made to the relevant authorities.

Details
By Sean Kalinich
Sean Kalinich
May 08
Hits: 1141
  • MSI
  • Hacking
  • Data Theft
  • UEFI
  • Ransomware
  • money message
  • code signing key
  • boot guard

Read more: PC Component Maker MSI has Private Code Signing...

No comments on “PC Component Maker MSI has Private Code Signing Keys Leaked **Updated**”

More Articles …

  1. New Cactus Ransomware Uses Encrypted 7-Zip to Get Around Detection
  2. Try2Check Dismantled by Authorities, $10M Reward Posted for its Creator
  3. Double DLL Sideloading, it’s a Thing as Attackers Grow More Sophisticated
  4. Level Finance Crypto Finds Out Passing an Audit is not Security the Hard Way
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20

Page 16 of 570

Follow Us

Follow DecryptedTech on Social Media

facebook twitter linkedin
Decryptedtech