Connect with us

Cyber Security

A New Vulnerability Found in Apple’s macOS Finder Lets Attackers Run Commands Remotely

Published

on

New macOS zero-day bug lets attackers run commands remotely

A new vulnerability in Apple’s macOS Finder was revealed today, allowing attackers to run arbitrary instructions on Macs running any macOS version up to the most recent release, Big Sur.

Zero-day vulnerabilities are defects that have been publicly published but have not yet been patched by the vendor and are sometimes actively exploited by attackers or have publicly available proof-of-concept exploits.

The flaw, discovered by independent security researcher Park Minchan, is caused by the way macOS processes inetloc files, which permits it to mistakenly run any commands encoded inside by an attacker without any warnings or prompts.

Internet location files with on macOS.

inetloc extensions are system-wide bookmarks for opening internet resources (news:/, ftp:/, afp:/) or local files (file:/).

“A vulnerability in macOS Finder allows files whose extension is inetloc to execute arbitrary commands,” an SSD Secure Disclosure advisory published today revealed.

“These files can be embedded inside emails which if the user clicks on them will execute the commands embedded inside them without providing a prompt or warning to the user.”

SSD Secure Disclosure
Image: SSD Secure Disclosure

Apple botches the patch and fails to assign a CVE ID.

As Minchan later revealed, Apple’s patch only partially addressed the weakness, as it can still be exploited by changing the protocol used to execute the embedded commands from file:/ to FiLe:/.

SEE ALSO:

Guardicore Labs are Sharing Details of a Critical Vulnerability in Hyper-V

“Newer versions of macOS (from Big Sur) have blocked the file:// prefix (in the com.apple.generic-internet-location) however they did a case matching causing File:// or fIle:// to bypass the check,” the advisory adds.

“We have notified Apple that FiLe:// (just mangling the value) doesn’t appear to be blocked, but have not received any response from them since the report has been made. As far as we know, at the moment, the vulnerability has not been patched.”

Although the study did not specify how attackers may exploit this flaw, it might be exploited by threat actors to generate malicious email attachments that, when opened by the target, execute a packaged or remote payload.

BleepingComputer further examined the researcher’s proof-of-concept exploit and found that it could be used to perform arbitrary commands on macOS Big Sur without any prompts or warnings by utilising specially designed files received from the Internet.

An.inetloc file containing the PoC code was not recognised by any of the antimalware engines on VirusTotal, implying that macOS users who may be targeted by threat actors employing this attack vector will be unprotected.

PlatoAi. Web3 Reimagined. Data Intelligence Amplified.
Click here to access.

Source: https://cybersguards.com/a-new-vulnerability-found-in-apples-macos-finder-lets-attackers-run-commands-remotely/

Cyber Security

How to Choose CRM Software

Published

on

How to Choose CRM Software- Customer relationship management (CRM) software might be beneficial to your developing company. It allows you to keep track of your present and potential clients’ relationships. CRM software may track leads and retain critical client information such as phone numbers, email addresses, and previous interactions in a single platform using a data-driven approach.

This programme includes a number of tools for performing various activities, such as automating emails and creating real-time dashboards that display company performance data and other insights.

A CRM supplied via the Software-as-a-Service model is often hosted on a central server, with consumers paying a monthly subscription fee to access it. Subscriptions can be purchased per user, per month, or per year.

CRM plans are frequently separated into tiers, giving consumers the option of choosing between an enterprise-level tool and a less expensive solution with less features.

How do you choose what MSP CRM software to get? Here are some suggestions for you to consider.

Table of Contents

What kind of deployment do you like: Cloud or On-premise?

CRM can be deployed in two ways: in the cloud or on-premise. Both have their benefits and drawbacks.

SEE ALSO:

Dell announced New EMC PowerScale Features as Well as Other Security Enhancements

You won’t need a server or technical knowledge if you use cloud CRM software. You only need to log into the application to get started. The information will be stored on the server of the service provider. The disadvantage is that if your internet connection goes down, you won’t be able to access your data.

On the other hand, if you go for on-premise solutions, you will be responsible for purchasing your own software, which will be hosted on your premises. You’ll also need to hire in-house IT staff and buy the appropriate hardware.
The advantage is that you’ll have direct access to servers, allowing you to effortlessly integrate with other programmes. Furthermore, there will be no recurring subscription fees to consider.

Features and Functionality

Every company’s workflow, customer base, and growth trajectory are distinct. As a result, it’s critical to find MSP CRM software with a variety of features.

Pay for only the features you require and scale up as needed. Consider the kind of users you’ll have and the features that will be beneficial to them.

As your company grows, so will your requirements. With this in mind, you must make certain that the CRM software you select is easily upgradeable.

SEE ALSO:

Top 10 Best Payment Gateways for 2021

Integration with other applications

When selecting MSP CRM software, another factor to consider is the platform’s capacity to interact with other systems. Some CRM providers encourage Microsoft connection, while others function well with Google. There are additional solutions that offer comprehensive third-party application support.

Select a CRM product that can help you streamline your company’s operations. Check to see if it works well with the applications you already have. Accounting software, HR software, billing and e-commerce platforms, as well as marketing solutions, are examples of these. Request for a free trial

Don’t be fooled by the appearance of an MSP CRM system. It’s best to give it a shot initially. Request a live or online demonstration to get started. You can ask specific questions about their product as the sales staff leads you through the basics of the software. Then you can continue with the trial version. You’ll be able to gain a sense of how everything operates and understand its strengths and shortcomings as a result of this. Examine its usability, main features, and scalability.

How is its user experience?

When choosing MSP CRM software, you must also consider the user experience. Ask the following questions to the vendor:

  • Is it assisting you in completing your task?
  • Is it designed with a user-friendly interface?
  • Is it slow or rapid in response to your actions?
  • Are the buttons well labelled?
  • Is the sequence of events logically organised?
  • Is the user interface easy to use?

SEE ALSO:

How do you Find a Song by Humming Online?

Also consider the amount of time you spend on a certain task. All of these things contribute to the overall user experience.

You don’t want to end up with a piece of software that isn’t well-designed, so go over the trial version thoroughly.

Conclusion

When looking for MSP CRM software, it’s important to consider your company’s needs as well as the size and breadth of your staff. The proper amount of innovation can be brought to your firm by having balanced features.

ITarian can assist you in upgrading and streamlining your technology management solutions.

PlatoAi. Web3 Reimagined. Data Intelligence Amplified.
Click here to access.

Source: https://cybersguards.com/how-to-choose-crm-software/

Continue Reading

Cyber Security

Ransomware Took a New Twist with US Leading a Law Enforcement Effort to Hack Back

Published

on

This week, the worldwide fight against ransomware took a new turn, with the US joining a law enforcement attempt to hack back and disrupt the extortion ring behind the Colonial Pipeline breach.

The Tor servers linked to the REvil ransomware group were seized in what was characterised as a “multi-country” hack-back operation that is still ongoing, according to a Reuters storey.

The ransomware group’s public blog was taken down, which was used to shame corporations into paying multi-million dollar data recovery ransoms. One of the operators sent a goodbye message that read: “The server had been hacked, and they were on the lookout for me. Good luck to everyone; I’m leaving now.”

The REvil takedown, which was carried out by a foreign partner of the US government, was confirmed by threat hunters investigating underground human-operated ransomware activities.

Several other ransomware gangs reacted to the REvil network takeover by transferring cryptocurrency reserves and even openly criticising the hacking operation.

In human-operated ransomware operations against various U.S. companies, the notorious REvil gang was captured employing the Darkside data encryption programme. The Colonial Pipeline cyberattack, which prompted the closure of gas stations, and the Kaseya supply-chain compromise were among them.

Officials from law enforcement are refusing to comment on the takedown, citing the ongoing nature of the operation.

SEE ALSO:

Russian FSB Intel Agency Contractor Hacked, Exposed Secret Projects

Colonial Pipeline spent $4.4 million to buy a decryption key in the aftermath of the incident, which resulted in gasoline shortages in areas of the United States.

The REvil takedown comes after the US government discovered $5.2 billion in outgoing Bitcoin transactions that could be tied to ransomware payments, particularly to Russian and Eastern European cybercriminal organisations.

PlatoAi. Web3 Reimagined. Data Intelligence Amplified.
Click here to access.

Source: https://cybersguards.com/ransomware-took-a-new-twist-with-us-leading-a-law-enforcement-effort-to-hack-back/

Continue Reading

Cyber Security

How to Secure Remote Desktop from Malware?

Published

on

Built For Mobility

The Threats of Remote Access

Remote access control is becoming a need for corporate success. However, by allowing access from anywhere, at any time, enterprises run the danger of malware spreading and data loss. Criminals get remote access to a network and gain access to sensitive information as well as login passwords and identities. These credentials can also be used to distribute ransomware.

Understand High-Level Security Implications

For high-level security:

  • On very sensitive systems, use two-factor authentication.
  • Change the Remote Desktop listening port.
  • RDP Gateways should be used.
  • For RDP logging and configuration, use current administration tools.
  • Limit the number of users who can use Remote Desktop to log in.

Focus On Corporate Assets, Not Devices.

IT can utilise firewalls, personal usage limitations, connectivity rules, and antivirus upgrades to protect company assets from both deliberate and unintentional loss and disruption. Intellectual property, information compliance, and confidentiality can all be protected by remote access control policies.

SEE ALSO:

Spotify Web Player

Employ Strong Encryption, User Authentication

Your data is stored in a secure database protected by encryption technology using remote network access software.

When certain users access a remote workstation, authentication limits their access. It can be configured at both the network and machine levels. After getting access to a distant machine, authorization allows the user to limit the operations that can be performed on the machine.

Built For Mobility

To transition to a new paradigm of efficient workloads, businesses must embrace mobility. Corporate companies benefit from implementing mobility since it leads to increased productivity.

What is Remote Access, and how does it work?

Many people can now work from home or anywhere they like thanks to technical advancements in the age of computing technology. Accessing one’s file and device can be done without a physical presence or being in a central work area thanks to a slew of third-party software. Understand what remote access is and how it may lead to increased productivity and boost the growth of a company that invests in it.

PlatoAi. Web3 Reimagined. Data Intelligence Amplified.
Click here to access.

Source: https://cybersguards.com/how-to-secure-remote-desktop-from-malware/

Continue Reading

Cyber Security

Facebook Designed a New Tool for Finding SSRF Vulnerabilities

Published

on

On Thursday, Facebook launched a new tool to aid security researchers in their search for Server-Side Request Forgery (SSRF) flaws.

A SSRF attack, according to the OWASP definition, allows an attacker to access or edit internal resources by abusing a server’s functionality.

“By carefully picking the URLs, the attacker may be able to retrieve server configuration such as AWS information, connect to internal services like http enabled databases, or make post requests towards internal services that are not supposed to be exposed,” OWASP adds.

The new Facebook tool, dubbed SSRF Dashboard, has a simple UI that allows researchers to define unique internal endpoint URLs for targeting and then see if those URLs have been hit during an SSRF attempt.

The tool displays the creation date, a unique ID, and the amount of hits the URL has received in addition to the created unique SSRF attempt URL, which is presented in a table with other URLs.

Security researchers will be able to reliably verify whether their SSRF proof-of-concept (PoC) code was successful with the new tool, according to the social media platform, because only successful PoCs receive hits.

Researchers that hunt for and uncover SSRF vulnerabilities are encouraged to provide the ID of the SSRF attempt URL, as well as the proof-of-concept, in their reports.

SEE ALSO:

400 Mn Facebook Users’ Phone Numbers Exposed in Privacy Lapse: Reports

“Server Side Request Forgery (SSRF) vulnerabilities are among the most difficult to identify,” Facebook writes, “since external researchers aren’t able to directly detect the server’s vulnerable behaviour.”

Here you may find more information about the tool and how to use it, as well as information on the social media platform’s bug bounty programme.

PlatoAi. Web3 Reimagined. Data Intelligence Amplified.
Click here to access.

Source: https://cybersguards.com/facebook-designed-a-new-tool-for-finding-ssrf-vulnerabilities/

Continue Reading
Blockchain3 days ago

People’s payment attitude: Why cash Remains the most Common Means of Payment & How Technology and Crypto have more Advantages as a Means of payment

Automotive3 days ago

7 Secrets That Automakers Wish You Don’t Know

Startups3 days ago

The 12 TikTok facts you should know

Gaming4 days ago

New Steam Games You Might Have Missed In August 2021

Energy2 days ago

U Power ties up with Bosch to collaborate on Super Board technology

Supply Chain3 days ago

LPG tubes – what to think about

Blockchain4 days ago

What Is the Best Crypto IRA for Me? Use These 6 Pieces of Criteria to Find Out More

Gaming3 days ago

How do casinos without an account work?

IOT3 days ago

The Benefits of Using IoT SIM Card Technology

Blockchain4 days ago

The Most Profitable Cryptocurrencies on the Market

Gaming4 days ago

Norway will crack down on the unlicensed iGaming market with a new gaming law

Blockchain4 days ago

What does swapping crypto mean?

Energy2 days ago

Piperylene Market Size to Grow by USD 428.50 mn from 2020 to 2024 | Growing Demand for Piperylene-based Adhesives to Boost Growth | Technavio

Energy2 days ago

Notice of Data Security Breach Incident

AR/VR4 days ago

Preview: Little Cities – Delightful City Building on Quest

Blockchain2 days ago

Blockchain & Infrastructure Post-Event Release

Blockchain2 days ago

Week Ahead – Between a rock and a hard place

Cyber Security2 days ago

Ransomware Took a New Twist with US Leading a Law Enforcement Effort to Hack Back

Code2 days ago

How does XML to JSON converter work?

Esports2 days ago

How to get Shiny Zacian and Zamazenta in Pokémon Sword and Shield

Trending