Hexafusion Blog

The group of hackers who stole a wealth of data from game publishing giant Electronic Arts broke into the company in part by tricking an employee over Slack to provide a login token, Motherboard has learned.

Researchers have disclosed a new type of attack that exploits misconfigurations in transport layer security (TLS) servers to redirect HTTPS traffic from a victim's web browser to a different TLS service endpoint located on another IP address to steal sensitive information.

Attention readers, if you are using Google Chrome browser on your Windows, Mac, or Linux computers, you need to update it immediately to the latest version Google released earlier today.

Meat processing company JBS on Wednesday confirmed it paid extortionists $11 million in bitcoins to regain access to its systems following a destructive ransomware attack late last month.

As businesses move to a remote workforce, hackers have increased their activity to capitalize on new security holes. Cybercriminals often use unsophisticated methods that continue to be extremely successful.

These include phishing emails to harvest credentials and gain easy access to business-critical environments.

An emerging ransomware strain in the threat landscape claims to have breached 30 organizations in just four months since it went operational, riding on the coattails of a notorious ransomware syndicate.

It's the second tuesday of the month: time for the Microsoft Patch Tuesday, June 2021 edition. This month, it contains 52 fixes for several security flaws for Windows and other products. We have discussed the most critical ones and made a list of all the other vulnerabilities.

Fancy Product Designer, a WordPress plugin installed on over 17,000 sites, has been discovered to contain a critical file upload vulnerability that's being actively exploited in the wild to upload malware onto sites that have the plugin installed.

Wordfence's threat intelligence team, which discovered the flaw, said it reported the issue to the plugin's developer on May 31. While the flaw has been acknowledged, it's yet to be addressed.

Global food distributor JBS Foods suffered an unspecified incident over the weekend that disrupted several servers supporting IT systems and could affect the supply chain for some time.

The world’s largest meat distributor shut down some operations in both the United States and Australia over the Memorial Day weekend after a cyberattack on its IT systems that could have a significant effect on the food supply chain if not resolved quickly.

Starting June 8, Amazon will automatically enable a feature on its family of hardware devices, including Echo speakers, Ring Video Doorbells, Ring Floodlight Cams, and Ring Spotlight Cams, that will share a small part of your Internet bandwidth with nearby neighbors — unless you choose to opt-out.

These days, it seems whenever technology is mentioned in the media, there is a new buzzword to boot.

Navigating them can become a nightmare, and you’d be forgiven for not being able to tell your VR from your AI and your IoT.

We have decided to gather the super-futuristic tech lingo in one place and lay it out in layman’s terms.

Tech giant disables ProjectWEB cloud-based collaboration platform after threat actors gained access and nabbed files belonging to several state entities.

Threat actors have stolen files from several official government agencies of Japan by hacking into Fujitsu’s software-as-a-service (SaaS) platform and gaining access to its systems.

Microsoft uncovered the SolarWinds crooks using mass-mail service Constant Contact and posing as a U.S.-based development organization to deliver malicious URLs to more than 150 organizations.

The cybercriminal group behind the notorious SolarWinds attack is at it again with a sophisticated mass email campaign aimed at delivering malicious URLs with payloads enabling network persistence so the actors can conduct further nefarious activities.

Three weeks ago, the shutdown of operations of Colonial Pipeline captured the attention of the security community, government and consumers that suddenly couldn’t fill their gas tanks. Interestingly, interpretation of the incident – and the significance of the incident – varied.

The breach aggregator Have I Been Pwned, one of the most popular tools to test the real-world strength of passwords, made two significant announcements on Friday: A collaboration with the FBI to obtain new, hacked passwords, and contributing some of its code-base to the open-source community.

VMware’s virtualization management platform, vCenter Server, has a critical severity bug the company is urging customers to patch “as soon as possible”.

VMware patched a critical bug impacting its vCenter Server platform with a severity rating of 9.8 out of 10. The company said the flaw could allow a remote attacker to exploit its products and take control of a company’s affected system.

Microsoft is finally retiring Internet Explorer 11 from some Windows 10 versions and replacing it with the Chromium-based Microsoft Edge.

"Microsoft Edge has Internet Explorer mode (“IE mode”) built in, so you can access those legacy Internet Explorer-based websites and applications straight from Microsoft Edge," said Sean Lyndersay, Microsoft Edge Partner Group Program Manager.

Microsoft released its Patch Tuesday, May 2021 with updates and security patches to fix 55 security flaws within Windows and other products. From these flaws, 4 are rated as critical and 3 are zero-day vulnerabilities.

3 Zero-Day Vulnerabilities Fixed

In their Patch Tuesday of May 2021, three publicly-disclosed zero-day vulnerabilities were patched:

• CVE-2021-31204 - .NET and Visual Studio Elevation of Privilege vulnerability
• CVE-2021-31207 - Exchange Server Security Bypass Feature Vulnerability
• CVE-2021-31200 - Common Utilities Remote Code Execution vulnerability.

When Spectre, a class of critical vulnerabilities impacting modern processors, was publicly revealed in January 2018, the researchers behind the discovery said, "As it is not easy to fix, it will haunt us for quite some time," explaining the inspiration behind naming the speculative execution attacks.

Networking equipment major Cisco has rolled out software updates to address multiple critical vulnerabilities impacting HyperFlex HX and SD-WAN vManage Software that could allow an attacker to perform command injection attacks, execute arbitrary code, and gain access to sensitive information.

In a series of advisories published on May 5, the company said there are no workarounds that remediate the issues.