Hackerzhome

hackerzhome-logo-bg
Hackerzhome-logo-sm

Cybersecurity news all over the world

HACKERZHOME NEWS

May 17, 2023

www.hackerzhome.org

Wednesday

Among cybersecurity professionals, new ZIP domains cause discussion

Concerns have been expressed by security experts and IT managers over Google’s new ZIP domains and MOV Internet domain, warning that threat actors may exploit them to spread malware and conduct phishing attacks.


Eight new top-level domains (TLDs) that may be purchased for hosting websites or email addresses were released by Google earlier this month.


The new top-level domains (TLDs) include the following :.dad,.esq,.prof,.phd,.nexus, .foo, and, most importantly for our article, zip and.mov.


Although the ZIP and MOV TLDs have been accessible since 2014, it wasn’t until this month that they were made broadly accessible, making it possible for anybody to buy a name for a website like bleepingcomputer.zip.


These domains might be seen as hazardous, though, because certain websites or programs will now automatically transform the TLDs of some files that are often shared in forum posts, emails, and online chats into URLs.

NEWS 1
among cybersecurity professionals, new ZIP domains cause discussion

Breaking news

LIVE

You are not up to date!

Subscribe to our newsletter and stay updated on cybersecurity news

After May upgrades, Microsoft is looking at the sluggish Windows VPN speeds.

Following the installation of recent upgrades for Windows 11, Microsoft is looking into serious performance issues impacting L2TP/IPsec VPN connections.

Windows users and administrators have reported that the optional KB5025305 April 2023 non-security update was the first to cause connection capacity problems.

The connectivity problems were noticed by a greater number of Windows users as a result of Redmond rolling the same repairs and enhancements included in the KB5025305 preview update into the necessary KB5026372 cumulative version published during this month’s Patch Tuesday.

The L2TP/IPsec VPN performance difficulties are being caused by both upgrades after deployment, according to reports viewed by BleepingComputer since the patches were available.

Until Microsoft releases a remedy, there is no way to get around this on impacted Windows 11 PCs, however, Windows administrators have reported that deleting the faulty updates would cure the problem.

NEWS 2

For placing advertisements and promotions in this newspaper, or anywhere on our website, contact us through email at [email protected] or fill out this contact form.

Share this news:

May 17, 2023 /

Wednesday

Hackerzhome News

2

Have you heard?
After The Announcement Of The PoC Vulnerability, Hackers Target A WordPress Plugin Issue Know more!

In 2022, Apple rejected 1.7 million applications due to privacy and security concerns.

In 2022, Apple rejected 1.7 million applications due to privacy and security concerns.

More than $2 billion in transactions that were detected as possibly fraudulent were blocked by the Apple App Store team in 2022. Additionally, nearly 1.7 million app submissions were stopped for breaching the company’s privacy, security, and content regulations.

The business also deactivated 282 million fraudulent customer accounts, canceled 428,000 developer accounts for the possibility of fraud, and prevented 105 million developer account creations as part of continuous efforts to combat account fraud.

Nearly 400,000 apps were rejected by the App Store team last year for privacy violations such as attempting to gather the user’s personal data without their knowledge or consent. This helped to safeguard Apple consumers from hundreds of thousands of harmful apps.

Around 29,000 apps were refused access to the App Store for using undocumented or hidden functionalities, while another 153,000 were rejected for deceiving customers and being copycats of previously submitted apps.

This year, App Review discovered several apps that might potentially steal users’ login information from third-party services by employing malicious code.

NEWS 3

Azure Serial Console is used by hackers to get covert access to VMs.

Azure Serial Console is used by hackers to get covert access to VMs.
NEWS 4

Phishing and SIM swapping attacks are being used by a financially driven cybergang Mandiant has identified as “UNC3944” to take control of Microsoft Azure admin accounts and access virtual machines.

From there, the attackers make use of Azure Extensions for covert surveillance and the Azure Serial Console to install remote management software for persistence.

According to Mandiant, UNC3944 has been operating since at least May 2022, and their operation attempts to use Microsoft’s cloud computing service to steal data from their target organizations.

The tools for stopping security programs, STONESTOP (loader) and POORTRY (kernel-mode driver), were formerly attributed to UNC3944.

The threat actors utilized identities that belonged to kidnapped Microsoft hardware developers to sign their kernel drivers.

Using stolen credentials obtained by SMS phishing, a frequent UNC3944 strategy, the Azure administrator’s account is initially accessed.

Recent blog posts

Popular Belkin Wemo Smart Plugs Have a Serious Unpatched Vulnerability

A buffer overflow vulnerability has been discovered in Belkin’s Wemo Mini Smart Plug’s second generation, which may be exploited by a threat actor to remotely inject arbitrary instructions.

Sternum, an Israeli IoT security startup, reverse-engineered the device and acquired access to the firmware before identifying the flaw and reporting it to Belkin on January 9, 2023.

With the Wemo Mini Smart Plug V2 (F7C063), customers may easily turn on or off electronic devices using a companion app that has been downloaded on a smartphone or tablet.

A buffer overflow issue may therefore be successfully exploited to crash the device or, alternatively, mislead the code into issuing malicious commands and seize control by getting around the character restriction by utilizing the Python package pyWeMo.

As a result of the discovery, Belkin has said that it has no plans to fix the problem because the product is nearing its end-of-life (EOL) and has been replaced by newer variants.

The researchers issued a warning that it appears that this vulnerability might be exploited over the Cloud interface (i.e., without a physical connection to the device).

Popular Belkin Wemo Smart Plugs Have a Serious Unpatched Vulnerability
NEWS 5

For placing advertisements and promotions in this newspaper, or anywhere on our website, contact us through email at [email protected] or fill out this contact form.

Share this news:

Cyberghost

Cyberghost

A Computer science Engineer, Certified Ethical hacker (CEH), Offensive Security Certified professional (OSCP), SOC Analyst & Content Creator.