"Team Security" Telegram-Gruppe .

❈ The malicious code in SolarWinds attack was the work of 1,000+ developers

Hacking securityaffairs.co

Microsoft says it found 1,000-plus developers’ fingerprints on the SolarWinds attack Microsoft’s analysis of the SolarWinds supply chain attack revealed that the code used by the threat actors was the work of a thousand developers. Microsoft president Brad Smith provided further details about the investigation of the SolarWinds supply chain attack, the company’s analysis of […]

The post The malicious code in SolarWinds attack was the work of 1,000+ developers appeared first on Security Affairs.

...


Kompletten Artikel lesen (externe Quelle: https://securityaffairs.co/wordpress/114598/apt/solarwinds-supply-chain-effort.html?utm_source=rss&utm_medium=rss&utm_campaign=solarwinds-supply-chain-effort)

Zur Team IT Security IT Sicherheit Nachrichtenportal Startseite

➤ Weitere Beiträge von Team Security | IT Sicherheit (tsecurity.de)

AA21-048A: AppleJeus: Analysis of North Korea’s Cryptocurrency Malware

vom 1169.16 Punkte
Original release date: February 17, 2021SummaryThis Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. This joint advisory is the result o

AA20-352A: Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations

vom 966.24 Punkte
Original release date: December 17, 2020<br/><h3>Summary</h3><p class="tip-intro" style="font-size: 15px;"><em>This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&amp;CK®) version 8 framework.

Regex Performance Improvements in .NET 5

vom 797.39 Punkte
The System.Text.RegularExpressions namespace has been in .NET for years, all the way back to .NET Framework 1.1. It’s used in hundreds of places within the .NET implementation itself, and directly by thousands upon thousands of applications. Across all of t

ConfigureAwait FAQ

vom 734.36 Punkte
.NET added async/await to the languages and libraries over seven years ago. In that time, it’s caught on like wildfire, not only across the .NET ecosystem, but also being replicated in a myriad of other languages and frameworks. It’s also seen a ton of im

Local Privilege Escalation in Win32k.sys Through Indexed Color Palettes

vom 715.44 Punkte
This is the second in our series of Top 5 interesting cases from 2019. Each of these bugs has some element that sets them apart from the more than 1,000 advisories released by the program this year. Today’s blog looks a local privilege escalation in t

AA20-301A: North Korean Advanced Persistent Threat Focus: Kimsuky

vom 706.31 Punkte
Original release date: October 27, 2020SummaryThis advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) version 7 framework. See the ATT&CK for Enterprise version 7 for all referenced threat actor tactics and techniques. This joint cybersecurity

Usb webcam not working

vom 666.23 Punkte
hi i have a usb webcam plugged in but computer does not see it and i cant find drivers for it, ​ System: Kernel: 5.11.1-zen1-1-zen x86_64 bits: 64 compiler: gcc v: 10.2.1 parameters: BOOT_IMAGE=/@/boot/vmlinuz-linux-zen root=UUID=1aaa9182-8f71-47d7-bd74-23

Malcolm - A Powerful, Easily Deployable Network Traffic Analysis Tool Suite For Full Packet Capture Artifacts (PCAP Files) And Zeek Logs

vom 649.35 Punkte
Malcolm is a powerful network traffic analysis tool suite designed with the following goals in mind: Easy to use – Malcolm accepts network traffic data in the form of full packet capture (PCAP) files and Zeek (formerly Bro) logs. These artifacts can be

GPOZaurr - Group Policy Eater Is A PowerShell Module That Aims To Gather Information About Group Policies

vom 610.96 Punkte
Group Policy Eater is a PowerShell module that aims to gather information about Group Policies but also allows fixing issues that you may find in them.Installing GPOZaurr requires RSAT installed to provide results. If you don't have them you can install the

Bunkerized-Nginx - Nginx Docker Image Secure By Default

vom 569.61 Punkte
nginx Docker image secure by default. Avoid the hassle of following security best practices each time you need a web server or reverse proxy. Bunkerized-nginx provides generic security configs, settings and tools so you don't need to do it yourself. Non

Announcing TypeScript 3.7

vom 569.35 Punkte
We’re thrilled to announce the release of TypeScript 3.7, a release packed with awesome new language, compiler, and tooling features. If you haven’t yet heard of TypeScript, it’s a language based on JavaScript that adds static type-checking along wit

CVE-2020-8835: Linux Kernel Privilege Escalation via Improper eBPF Program Verification

vom 561.86 Punkte
During the recent Pwn2Own 2020 competition, Manfred Paul (@_manfp) of RedRocket CTF used an improper input validation bug in the Linux kernel to go from a standard user to root. Manfred used this bug during the contest to win $30,000 in the Privilege Escalation categ

Team Security Diskussion über The malicious code in SolarWinds attack was the work of 1,000+ developers