Detox Shield

Motors America has suffered a attack by the gang who has demanded a of $20 million for a decryptor and to prevent leak of stolen data.



Kia Motors America (KMA) which is headquartered in Irvine, California is a Kia Motors Corporation subsidiary.

Our new video is up on YouTube. In this video we tried to explain the Java memory structure. Knowing how memory actually works in Java is important, as it gives you the advantage of writing high-performance and optimized applications that will never ever crash with an OutOfMemoryError.

On the other hand, when you find yourself in a bad situation, you will be able to quickly find the memory leak.

https://youtu.be/PAc7faltyb4

JVM MEMORY STRUCTURE | DETOX SHIELD Java Memory StructureJVM defines various run time data area which are used during ex*****on of a program. Some of the areas are created by the JVM whereas so...

A joint operation between French and Ukrainian law enforcement has reportedly led to the arrest of the members of the Egregor ransomware group last week in Ukraine. The Egreror gang, operates based on a Ransomware-as-a-Service (RaaS) model.

, Antivirus Firm revealed a data breach on one of their test systems. The company used the system to evaluate and benchmark possible solutions relating to the storage and management of the log data generated by their products and services.

Quickly after becoming aware of the breach, the company took the affected system offline and started an investigation.

The importance of cyber security in business should never be overlooked, as year upon year, cyberattacks are occurring at an alarming rate across the globe. If one of the biggest name in cybersecurity (FireEye) can be compromised, than other businesses should not overlook the importance of cybersecurity.

The Importance of Computer Security In The Business Environment Today, the vast majority of companies have information stored on computer systems or in cloud systems (“clouds”). The protection of…

Microsoft Warns Customers to Fix Critical TCP/IP Bugs

Microsoft released a set of fixes affecting Windows TCP/IP implementation that include two Critical Remote Code Ex*****on (RCE) vulnerabilities (CVE-2021-24074, CVE-2021-24094) and an important Denial of Service (DoS) vulnerability (CVE-2021-24086).

Two of them expose unpatched systems to remote code ex*****on (RCE) attacks, while the third one enables attackers to trigger a DoS state, taking down the targeted device.

“The DoS exploits for these CVEs would allow a remote attacker to cause a stop error. Customers might receive a blue screen on any Windows system that is directly exposed to the internet with minimal network traffic,” the Microsoft Security Response Center team said.

Microsoft also says, it is important to apply today’s security updates on all Windows devices as soon as possible, the company also provides workarounds for those who can’t immediately deploy them.

A lot of you don’t know about cross-site scripting. It is a common type of attack among hackers. It works by manipulating a vulnerable web site so that it returns malicious JavaScript to users. When the malicious code executes inside a victim's browser, the attacker can fully compromise their interaction with the application. Learn about the different cross-site scripting attack scenarios in the video below.

https://youtu.be/JACjZiaFAbM

Cross Site Scripting Attack Scenarios | Detox Shield This is an example of a Project or Chapter Page. Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into oth...

Hackers Auctions Witcher & Cyberpunk Source Code

Threat actors are auctioning the alleged source code for CD Projekt Red games which includes Witcher 3, Thronebreaker, and Cyberpunk 2077, which they stole in a ransomware attack.

The gaming firm CD Projekt Red, that developed these games have disclosed a ransomware attack in which the attackers have stolen unencrypted source code for Cyberpunk 2077, Witcher 3, Gwent, and an unreleased version of Witcher 3.

French cyber-security firm Stormshield, a major provider of security services and network security devices to the French government disclosed a data breach in which a threat actor obtained access to one of its customer support portals and stole information on some of its clients.

The company also states that the cybercriminals managed to steal parts of the source code for the Stormshield Network Security (SNS) firewall, a product certified to be used in sensitive French government networks.

Critical RCE Bugs in Cisco SMB Routers.

Recently, the Cisco Small Business Routers has manifested numerous security issues. Cisco has approached multiple pre-auth remote code ex*****on (RCE) vulnerabilities attacking many small business VPN routers.

This vulnerability was allowing the threat actors to execute arbitrary code as root on successfully exploited devices. Cisco affirmed that there are three major security bugs that were discovered in the Cisco RV320 and RV325 Dual Gigabit WAN VPN Routers firmware termed as: -

CSCvq34465

CSCvq34469

CSCvq34472

However, all these vulnerabilities endure because HTTP requests are not correctly validated. And the threat actors could easily exploit these vulnerabilities by transferring a crafted HTTP request to the web-based management interface of an attacked device.

Wind River Systems, the global leader of embedded system software discloses a data breach that resulted in the theft of customers’ personal information.

The company that develops run-time software, middleware, development and simulation platforms claims that their technology is found in over 2 billion products.

Sudo vulnerability allows attackers to gain root privileges on Linux systems (CVE-2021-3156). The vulnerability is the most significant sudo vulnerability in recent times and has been hiding in plain sight for nearly 10 years. Also dubbed Baron Samedit (a play on Baron Samedi and sudoedit), the heap-based buffer overflow flaw is present in sudo legacy versions (1.8.2 to 1.8.31p2) and all stable versions (1.9.0 to 1.9.5p1) in their default configuration. When sudo runs a command in shell mode, either via the -s or -i command line option, it escapes special characters in the command’s arguments with a backslash. The sudoers policy plugin will then remove the escape characters from the arguments before evaluating the sudoers policy (which doesn’t expect the escape characters) if the command is being run in shell mode. A bug in the code that removes the escape characters will read beyond the last character of a string if it ends with an unescaped backslash character. Under normal circumstances, this bug would be harmless since sudo has escaped all the backslashes in the command’s arguments. However, due to a different bug, this time in the command line parsing code, it is possible to run sudoedit with either the -s or -i options, setting a flag that indicates shell mode is enabled. Because a command is not actually being run, sudo does not escape special characters. Finally, the code that decides whether to remove the escape characters did not check whether a command is actually being run, just that the shell flag is set. This inconsistency is what makes the bug exploitable. The bug has been fixed in sudo 1.9.5p2. Patched vendor-supported version has been provided by Ubuntu, RedHat, Debian, Fedora, Gentoo, and others.

The Covid-19 pandemic fundamentally changed the world of technology and the cybersecurity sector was itself profoundly affected. we’ve seen some big-name companies, with presumable top-notch security, become victims of cyberattacks in 2020. Below are the top cybersecurity incidents that took place in 2020.

The Fonix Ransomware operators have shut down their operation and released the master decryption for their victims to recover their files for free. The ransomware had started its operations in June 2020 and has been steadily encrypting victims since then.

Data of more than 2.28 million users registered on a popular dating website, MeetMindful.com was leaked by a hacker. The data has been shared as a free download on a publicly accessible hacking forum known for its trade in hacked databases.

SonicWall, a popular internet security provider of firewall and VPN products, disclosed that it fell victim to a coordinated attack on its internal systems. The company said that attacks leveraged zero-day flaws in SonicWall secure remote access products that are used to provide users with remote access to internal resources.

A gentle reminder.

“It takes 20 years to build a reputation and few minutes of cyber-incident to ruin it.” – Stephane Nappo

Apple released iOS 14.4 update for iPhone yesterday. Here's why you need to update to iOS 14.4 immediately.

https://medium.com/detox-blog/apple-fixes-3-bugs-in-ios-14-4-that-put-iphone-owners-at-risk-e5234f72e69b

Apple Fixes 3 Bugs in iOS 14.4 That Put iPhone Owners at Risk Apple, with the release of iOS 14.4, has fixed several security problems that were affecting Apple phones. Bugs that would have been…

Cryptocurrency startup BuyUcoin hacked. The financial data of 3.3 lakh users of the Indian Cryptocurrency Exchange Company leaked on the DarkWeb by ShinyHunters. According to the researcher Rajaharia, the hacker is the same who earlier leaked BigBasket and JusPay data in India.

Check out our new video
“ Bypass Techniques for URL Redirection Attacks “

https://youtu.be/witxrDeEdNs

Bypass Techniques for URL Redirection | Detox Shield What is an Open Redirection Attack? Any web application that redirects to a URL that is specified via the request such as the query string or form data can p...

Freedom in the mind, Strength in the words, Pureness in our blood, Pride in our souls, Zeal in our hearts, Let's salute our India on Republic Day.

Police have seized Bitcoins worth Rs 9 crore from Bengaluru hacker, Srikrishna alias Shreeki, who was arrested on Nov 18 for allegedly breaking into government websites, online gaming portals and websites. It was found that Shreeki had hacked three Bitcoin exchanges and 10 poker sites.