Cybersecurity Highlights

Unauthorized access to a Nitro database

The global document management company, Nitro, reported, on October 21, on limited access to one of its databases by an unauthorized third party.The affected database supports certain online...

References:

ir.gonitro.com

bleepingcomputer.com

siliconangle.com

redeszone.net

Tags:

Microsoft and several cybersecurity firms dismantle the TrickBot botnet

Microsoft and Lumen's cybersecurity firms ESET, FS-ISAC, NTT, Symantec and Black Lotus Labs have teamed up to dismantle the TrickBot botnet, one of the most active and dangerous in the world,...

References:

blogs.microsoft.com

microsoft.com

welivesecurity.com

Symantec Enterprise Blogs

zdnet.com

news.microsoft.com

xataka.com

Tags:

Industrial Control System

Other critical infrastructures

Public administration

Tool

Leaked Bing search data through an Elasticsearch server

Ata Hakcil, a security researcher at WizCas, discovered an information leak in Microsoft's Bing search service. Through a misconfigured Elasticsearch server, 6.5TB of information from searches made...

References:

zdnet.com

blogs.masterhacks.net

wizcase.com

theregister.com

unaaldia.hispasec.com

Tags:

Information leak in Microsoft account on GitHub

A cybercriminal has accessed the private repositories of the profile on Microsoft's GitHub and has stolen about 500 GB of information. The stolen data corresponds mainly to code samples, test...

References:

bleepingcomputer.com

elespanol.com

redeszone.net

zdnet.com

Tags:

Security breach in Microsoft Outlook

Microsoft was the victim of a security breach in its Outlook email service, which includes @hotmail.com and @msn.com email accounts, after attackers stole Outlook support staff credentials and used...

References:

techcrunch.com

adslzone.net

motherboard.vice.com

threatpost.com

unaaldia.hispasec.com

Tags:

The Turla group attacks again

According to different sources, the Turla group is carrying out several attack campaigns. The first campaign has been discovered by ESET researchers where the objectives are embassies and...

References:

welivesecurity.com

securityaffairs.co

ncsc.gov.uk

Tags:

Windows 10 kernel source filtering

According to the news portal "theverge.com", a Microsoft spokesman would have confirmed the leakage of a large amount of source code from the Windows 10 kernel, even without releasing, from...

References:

thehackernews.com

theregister.co.uk

theverge.com

computerhoy.com

Tags:

Kaspersky denounces Microsoft for monopolistic practices

The Russian cybersecurity company Kaspersky Lab has filed a complaint with the European Union and the German antitrust office against Microsoft for conducting monopolistic practices. According to...

References:

blog.kaspersky.com

theverge.com

nytimes.com

reuters.com

adslzone.net

genbeta.com

Tags:

Tool

Microsoft

Lenovo bloatware installed from the BIOS of your laptop

Lenovo uses rootkit techniques to modify the Windows boot and install software from the BIOS of the laptop with security flaws. The tool, called Lenovo Service Engine or LSE, tool send non-personal...

References:

us-cert.gov

theregister.co.uk

es.gizmodo.com

Tags:

Microsoft

Vulnerability

FREAK, a vulnerability that reduces security in Android and Apple users

A group of investigators, named SMACK, have discovered several vulnerabilities in OpenSSL and Apple's TLS/SSL, that could allow a MiTM attack, degrading the security of the connections, moving from...

References:

washingtonpost.com

cryptographyengineering.com

freakattack.com

securityaffairs.co/

incibe.es

cert.org

Tags:

Corporate access

Cybersecurity Highlights

Unauthorized access to a Nitro database

Microsoft and several cybersecurity firms dismantle the TrickBot botnet

Leaked Bing search data through an Elasticsearch server

Information leak in Microsoft account on GitHub

Security breach in Microsoft Outlook

The Turla group attacks again

Windows 10 kernel source filtering

Kaspersky denounces Microsoft for monopolistic practices

Lenovo bloatware installed from the BIOS of your laptop

FREAK, a vulnerability that reduces security in Android and Apple users

Pages