CyberX - The Ethical Hacking Services

😎 CyberX - The Ethical Hacking Services is proud to announce its sponsorship of the upcoming Security Summit in Lisbon this October.

📅 The Security Summit & Expo in Lisbon is scheduled to take place from October 8 to 10, 2024 at FIL - Feira Internacional de Lisboa. This event will focus on electronic security within smart cities, aiming to address the main challenges and innovations related to urban security and also cybersecurity.

🌐 The summit is expected to attract a diverse group of professionals, including those from both the public and private sectors, who are involved in promoting safer communities through technology.

😊 Come visit our booth at the expo to discover what we have to offer and learn how we can help secure your digital future.​

For more information: https://lnkd.in/d768sG45

😍 We're thrilled to announce that CyberX - The Ethical Hacking Services has been selected for the Road 2 Web Summit! We'll be showcasing our brand new product at Web Summit 2024 in Lisbon. Stay tuned for more updates—big things are coming! 👁

🚨 Google has disclosed that a security vulnerability, which was patched in a software update released last week for its Chrome browser, is being actively exploited in the wild. Identified as CVE-2024-7965, the flaw has been characterized as an inappropriate implementation bug in the V8 JavaScript and WebAssembly engine.

Read more at https://thehackernews.com/2024/08/google-warns-of-cve-2024-7965-chrome.html

Google Warns of CVE-2024-7965 Chrome Security Flaw Under Active Exploitation Google patches CVE-2024-7965, an actively exploited Chrome vulnerability, urging users to update for security.

🚨Security Flaw Discovered in RFID Cards Used Globally in Hotels and Offices 🚨

Cybersecurity experts have identified a significant vulnerability in a widely-used model of RFID cards, revealing a hardware backdoor that compromises security in hotels and offices worldwide. The backdoor, found in the FM11RF08S variant of MIFARE Classic contactless cards produced by Shanghai Fudan Microelectronics since 2020, allows unauthorized access to secure areas by exploiting an unknown key. The vulnerability could be exploited within minutes of accessing the card, enabling attackers to clone the cards and bypass security measures. This discovery has raised concerns, especially as these cards are commonly used across the U.S., Europe, and India.

Further investigations uncovered a similar backdoor in the earlier FM11RF08 model, dating back to 2007, increasing the risk of widespread breaches. Researchers warn that an optimized attack could significantly accelerate the process of cracking the security key, heightening the potential threat. The discovery comes on the heels of other vulnerabilities found in RFID systems, such as the recent flaws in Dormakaba's Saflok locks, highlighting ongoing security challenges in electronic locking systems.

Source: TheHackerNews

To enhance cybersecurity, it's essential to ensure that privilege levels are tailored to the specific roles and tasks of employees, preventing unnecessary access and reducing the risk of cybercrime.

👉 Stay vigilant and protect your organization!

🚨Microsoft Patches Critical Windows Vulnerability Exploited by North Korea's Lazarus Group🚨

Microsoft has released a patch for a critical zero-day vulnerability that was actively exploited by the North Korean state-sponsored hacking group, Lazarus. The flaw, identified as CVE-2024-38193 with a CVSS score of 7.8, affects the Windows Ancillary Function Driver (AFD.sys) for WinSock, allowing attackers to escalate privileges and gain SYSTEM-level access.

Discovered by researchers Luigino Camastra and Milánek from Gen Digital, the vulnerability was first identified in early June 2024. The flaw allowed attackers to bypass standard security measures and access restricted system areas, posing significant risks to affected systems. Microsoft addressed the issue as part of its latest Patch Tuesday update.

The Lazarus Group leveraged this vulnerability to deploy a rootkit known as FudModule, designed to evade detection. This attack bears similarities to a previous exploitation of CVE-2024-21338, another privilege escalation flaw patched by Microsoft in February 2024. Both incidents highlight the group’s sophisticated approach, bypassing traditional security defenses by exploiting vulnerabilities in pre-installed drivers rather than introducing new, vulnerable drivers.

Cybersecurity experts continue to analyze the technical details of these attacks, noting Lazarus’ cautious use of the FudModule rootkit, which is deployed only in specific circumstances to maximize its effectiveness while minimizing detection. The recent patch by Microsoft is a critical step in mitigating these threats, but the continued vigilance of cybersecurity professionals remains essential.

Source: TheHackerNews

🏖 While many companies close for vacations, leaving their offices empty and systems lightly monitored, attackers don't take breaks. Cybercriminals are often most active when defenses are down, knowing that with key personnel on vacation, any attacks may go unnoticed or take longer to respond to.

🚨 This delay in detection and response can lead to more severe breaches and greater damage, as the absence of a full team can slow down mitigation efforts. In the world of cybersecurity, vigilance is crucial, even when everyone else is on vacation.

🚨Cryptocurrency Plummets 99% After Hacker Exploits Vulnerability to Create Millions of New Tokens🚨

The decentralized finance (DeFi) protocol Convergence, which operates on the Curve platform and focuses on yield enhancement, suffered a devastating hacker attack on Thursday, resulting in its CVG cryptocurrency plummeting to nearly zero. The hacker exploited a vulnerability in the protocol’s code to mint 58 million new CVG tokens.

Subsequently, the attacker exchanged these tokens for 60 Wrapped Ether (wETH) and 15,900 crvFRAX stablecoins using liquidity pools on Curve, according to Web3 audit firm QuillAudits. Etherscan data shows that the hacker later converted the funds into Ether (ETH) and transferred the tokens to the controversial cryptocurrency mixer Tornado Cash. The attack inflicted a loss of approximately $210,000 on the protocol, but the greater impact was felt by CVG holders as the fully diluted value (FDV) of the token plummeted from $17 million to practically zero.

As a result, CVG’s price nosedived by 99% in Curve’s liquidity pools, dropping to $0.0004. In response, Convergence has urged its users to refrain from interacting with the protocol due to security concerns. This incident highlights the critical importance of robust security measures in DeFi protocols to protect against such vulnerabilities and safeguard investor assets. The abrupt collapse of CVG serves as a stark reminder of the risks inherent in the rapidly evolving DeFi landscape.

Source: PortaldoBitcoin UOL

🚨 WhatsApp for Windows Allows Python and PHP Scripts to Execute Without Warning 🚨

A security flaw in the latest version of WhatsApp for Windows allows Python and PHP scripts to execute without warning when opened by the recipient. This vulnerability, discovered by security researcher Saumyajeet Das, poses a risk primarily to software developers and power users who have Python installed on their systems. Unlike other risky file types that WhatsApp blocks, such as .EXE and .BAT, Python (.PYZ and .PYZW) and PHP (.PHP) files are not included in WhatsApp’s blocklist, making them executable directly from the messaging client.

Das reported the issue to Meta Bug Bounty Program, but the company dismissed it, stating that users are warned against opening files from unknown senders and that malware can take many forms. Despite the potential for malicious scripts to be sent to contacts or posted in chat groups, WhatsApp has no plans to add Python and PHP file types to its blocklist. Das expressed disappointment with this decision, emphasizing that blocking these file types could enhance user security and demonstrate Meta’s commitment to addressing security concerns promptly.

Credits: Bleeping Computer

🚨 Critical Docker Engine Flaw Allows Attackers to Bypass Authorization Plugins 🚨

Docker has issued a warning about a critical flaw affecting certain versions of Docker Engine, allowing attackers to sidestep authorization plugins (AuthZ) under specific circumstances. This vulnerability, tracked as CVE-2024-41110, has a CVSS score of 10.0, indicating maximum severity.

🔍 Key Details:

Vulnerability: Bypass and privilege escalation via API request with Content-Length set to 0.

Impacted Versions: Docker Engine v19.03.x and later (if AuthZ plugins are used for access control).

Resolved in: Docker Engine versions 23.0.14 and 27.1.0 (as of July 23, 2024).

Docker's advisory highlights that this is a regression issue, initially discovered in 2018 and addressed in v18.09.1 but not carried over to subsequent versions. The flaw was identified again in April 2024 and has now been patched.

Gabriela Georgieva from Docker clarified that users not relying on AuthZ plugins and users of Mirantis Container Runtime are not vulnerable. Docker Desktop up to version 4.32.0 is also affected, but exploitation likelihood is limited.

🛡️ Mitigation:

Ensure installations are updated to the latest versions to mitigate potential threats.

A forthcoming Docker Desktop release (version 4.33) will include the fix.

This warning follows Docker's earlier efforts this year to patch flaws known as Leaky Vessels, highlighting the ongoing need for vigilance in container security.

As containers become an integral part of cloud infrastructure, it's crucial to address vulnerabilities that could allow attackers to escape container confines and access host systems. Stay updated and secure!

Source: Hackernews

🚨 A massive IT outage has wreaked havoc around the world, impacting major banks, media outlets, and airlines. The disruption has grounded many flights, causing long queues and delays at airports, while also affecting shops and communication services.

Both Australia's home affairs ministry and American Airlines have indicated that the outage might be connected to an issue at Crowdstrike. Australia's National Cyber Security Coordinator described the incident as a "large-scale technical outage," emphasizing there is no current evidence to suggest a cyberattack. American Airlines, the world's largest airline by passenger numbers, confirmed that a "technical issue with Crowdstrike" is affecting multiple carriers.

Affected Industries: Airlines, banks, railways, telecommunications, media outlets, and supermarkets have been hit, leading to widespread disruptions.

Global Impact: Reports of issues have emerged from the United States, Portugal, India, New Zealand, and the United Kingdom, among other places.

Technical Glitch: Initial investigations suggest the issue might be linked to a global cyber-security firm, Crowdstrike.

Crowdstrike, a company known for its antivirus software, is at the center of this incident. There are reports that a software update from Crowdstrike might have caused Windows devices to crash, leading to the global outage. The situation has severely impacted Crowdstrike's market value, with its shares plunging as much as 14% in early trading. Microsoft and other related stocks have also seen declines.

Possible Workaround Steps:
>Boot Windows into Safe Mode or the Windows Recovery Environment.
>Navigate to the C:\Windows\System32\drivers\CrowdStrike directory.
>Locate the file matching “C-00000291*.sys”, and delete it.
>Boot the host normally.

🌐 In the tech world, it’s not uncommon to see a room full of hands go up when asked, "Who has Kali Linux installed?" Yet, the crowd drastically shrinks when the follow-up question is, "Who can actually hack?" This highlights a prevalent issue: many label themselves as hackers after merely installing software or completing a basic course.

👉 True hacking skills, however, require deep knowledge, continuous learning, and practical experience. It's a reminder that tools alone don’t make the craftsman; it's the mastery of their use that does.

🚀 Exciting News from CyberX! 🚀

We are thrilled to announce that starting today, CyberX - The Ethical Hacking Services is expanding its operations to Canada!

😎 Joining us in this exciting journey is our new team member, Dant Viana, a Cyber Sales Specialist with over 10 years of experience in the industry. With Dant's expertise, we are ready to explore new opportunities and bring top-notch cybersecurity solutions to more companies and individuals across Canada.

🌎 Our commitment to society remains unwavering – to ensure robust cybersecurity for all. Here's to a new chapter of growth and protection! (And we're just starting...)

Welcome, Dant!

🔍 Top Search Engines for Pe*******on Testers! 🔍

As cybersecurity professionals, having the right tools at our fingertips is crucial. Equip yourself with these powerful resources to enhance your security assessments and stay ahead in the game!

Credits: Cyber Threat Intelligence ®

🎉Happy São João to all our esteemed clients and partners!🎉

🎇 As we celebrate this vibrant festival in Porto, we extend our heartfelt thanks for your continuous support and collaboration. May this joyous occasion bring you happiness, prosperity, and countless moments of celebration.

🎉Last Friday, we had the pleasure of attending DDC Samsys - Consultoria e Soluções Informáticas 2024. It was an amazing event filled with numerous opportunities for networking and inspiring talks. We are extremely grateful and would like to extend our heartfelt thanks to Ruben Soares, Samuel Soares, Helder Mesquita, and all the Samsys collaborators for organizing such an awesome event.

🍿🍬Our stand was extremely busy, with lines of people eager to talk to us and enjoy the free, delicious popcorn that filled the entire event with its delightful aroma and our exclusive candy.

🤝Additionally, we want to thank our partners, Hacker Rangers and 2Business Serviços, for their invaluable collaboration. Hacker Rangers contributed significantly with their expertise in cybersecurity awareness, while 2Business Partner enriched the event with their focus on people development and recruitment.

😎Expect to see us again in 2025 with amazing news!

🤔 Curious why hackers are focusing on the Paris Olympics? The stakes are higher than ever with nation-states in the mix. Click to read more! https://www.cyberx.pt/post/discover-why-hackers-are-eyeing-the-paris-olympics?lang=en