📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #13/2025 is out!

It includes the following and much more:

➝ DNA of 15 Million People for Sale in #23andMe Bankruptcy,

➝ #Trump administration accidentally texted a journalist its war plans,

➝ Critical Ingress #NGINX controller vulnerability allows RCE without authentication,

➝ #Cyberattack hits Ukraine's state railway,

➝ Troy Hunt's Mailchimp account was successfully phished,

➝ #OpenAI Offering $100K Bounties for Critical #Vulnerabilities,

➝ #Meta AI is now available in #WhatsApp for users in 41 European countries... and cannot be turned off

Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️

https://infosec-mashup.santolaria.net/p/infosec-mashup-13-2025

A clear realistic assesment of the vulnerability of European defence systems to US/Russian interference - worth a read as it brings many different aspects together.

http://archive.today/2025.03.11-032649/https://www.ft.com/content/1503a69e-13e4-4ee8-9d05-b9ce1f7cc89e (archived)

#EuropeanDefence #Trump #Vulnerabilities #TimeToChange #FinancialTimes

The Key to COMpromise, Writing to the Registry (again), Part 4

In joined research between cirosec and Neodyme several vulnerabilities were found in Antivirus (AV) and Endpoint Detection and Response (EDR) products that could, in theory, allow privilege escalation to SYSTEM on millions of devices, assuming initial access was gained.

In this final part of our series on COM hijacking, we will examine a custom-named pipe IPC protocol implemented by Bitdefender Total Security and detail our approach to reverse engineering it. We will explore how we could use COM hijacking and this custom communication to gain SYSTEM privileges (CVE-2023-6154). Additionally, we will examine how to mitigate the vulnerabilities discussed throughout this series of blog posts. Lastly, we will demonstrate how COM hijacking can be exploited to perform a Denial-of-Service (DoS) attack on security products.

Find out more on our website at https://cirosec.de/en/news/the-key-to-compromise-part-4/.

#ITSecurity #cybersecurity #ITSicherheit #research #blog #vulnerabilities

The Key to COMpromise - Abusing a TOCTOU race to gain SYSTEM, Part 2

In joined research between cirosec and Neodyme several vulnerabilities were found in Antivirus (AV) and Endpoint Detection and Response (EDR) products that could, in theory, allow privilege escalation to SYSTEM on millions of devices, assuming initial access was gained.

In part two of this blog series we demonstrate how COM hijacking was leveraged to gain SYSTEM privileges for exploiting AVG Internet Security (CVE-2024-6510 ) to gain privileges.

Find out more on our website at https://cirosec.de/en/news/the-key-to-compromise-part-2/.

#itsecurity #cybersecurity #itsicherheit #research #blog #vulnerabilities

The Federal Trade Commission (FTC) will require web hosting giant GoDaddy to implement basic security protections, including HTTPS APIs and mandatory multifactor authentication, to settle charges that it failed to secure its hosting services against attacks since 2018.

FTC says the Arizona-based company’s claims of reasonable security practices also misled millions of web-hosting customers because GoDaddy was instead “blind to vulnerabilities and threats in its hosting environment” due to its failings to implement standard security tools and practices.

The big problem is the company claimed to have robust security measures in place, but lots of basic security practices were found not to be in place, and they had multiple major security breaches over time.

According to a proposed settlement order, the FTC will require GoDaddy to establish a robust information security program and prohibits the company from misleading customers about its security protections. The order also mandates that GoDaddy hire an independent third-party assessor to conduct biennial reviews of its information security program.

It really appears that this was almost tantamount to fraud — where you promise something in writing to customers, but in fact, that is not what you are delivering behind the scenes.

Hopefully it is a major wakeup call to other hosting providers. Promise what you are delivering on, and don’t promise what you are not doing. It is really as simple as that. Independent security audits are certainly a desirable practice to have in place, along with how regularly it is performed.

See https://www.bleepingcomputer.com/news/security/ftc-orders-godaddy-to-fix-poor-web-hosting-security-practices
#Blog, #security, #technology, #vulnerabilities

Researchers find Security Flaws in Skoda Cars that may let Threat Actors remotely track them.

IT-Security researchers have discovered multiple vulnerabilities in the infotainment units used in some Skoda cars that could allow malicious actors to remotely trigger certain controls and track the car’s location in real time.

https://pcautomotive.com/vulnerabilities-in-skoda-and-volkswagen-vehicles

#skoda #mib3 #vulnerabilities #car #it #security #privacy #engineering #media #tech #news

IoT Security Failures Can Be Sh*tty – Source: securityboulevard.com https://ciso2ciso.com/iot-security-failures-can-be-shtty-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #CyberSecurityNews #SecurityBoulevard #IoT&ICSSecurity #vulnerabilities #remediation #sewage #cyber #Blog #IoT