With shades of the GoAnywhere attacks, a cyber threat actor linked to FIN11 is leveraging a bug in the widely used managed file transfer product to steal data from organizations in multiple countries. Read More
Related Posts
Cloud Atlas’ Spear-Phishing Attacks Target Russian Agro and Research Companies
Cloud Atlas’ Spear-Phishing Attacks Target Russian Agro and Research Companies
The threat actor referred to as Cloud Atlas has been linked to a set of spear-phishing attacks on Russian enterprises.
Targets included a Russian agro-industrial enterprise and a state-owned research company, according to a report from F.A.C.C.T., a standalone cybersecurity company formed after Group-IB’s formal exit from Russia earlier this year.
Cloud Atlas, active since at Read More
The Hacker News | #1 Trusted Cybersecurity News Site
Kali Linux 2023.3 Released – What’s New!
Kali Linux 2023.3 Released – What’s New!
Kali Linux is a free and open-source Linux-based operating system that is mainly dedicated to fulfilling two prime criteria:-
Ethical hacking
Penetration testing
In short, this OS, Kali Linux, is one of the most advanced Debian-derived Linux distributions that was originally developed and maintained by Offensive Security.
Offensive Security recently launched Kali Linux 2023.3 with several new mods, changes, and new tools, which bring a multitude of positive effects and benefits to end-users.
Highlights of Kali Linux 2023.3
Kali Linux 2023.3, the new updated version of Kali Linux, brings three key highlights of the changelog since the Kali Linux 2023.2 version, and here below we have mentioned those highlights:-
Internal Infrastructure: Major stack changes are underway.
Kali Autopilot: The automation attack framework has had a major overhaul.
New Tools: 9 new tools were added this time.
Kali Linux 2023.3 New updates and features
The Debian 12 release also prompts Offensive Security to overhaul and streamline its infrastructure and software stack.
Offensive Security introduces ‘mirror-traces.kali.org’ sub-domain in Kali Linux 2023.3 for enhanced troubleshooting.
While the Offensive Security’s Kali Purple in Kali 2023.1 unveiled the ‘Kali Autopilot,’ which is now revamped with a new GUI and extensive features in this latest release, Kali 2023.3.
Automated Attack Generator by Kali Autopilot (Source – Kali)
The Kali Autopilot is similar to ‘AutoPwner,’ which automates attacks based on pre-defined scenarios, initially developed for Kali’s defensive use.
In this new version, the Kali NetHunter app is also updated with a new design and new NetHunter Terminal. Even Offensive Security also added several new updates to the Kali NetHunter kernel, as now it has support for the following devices:-
LG V20 for Lineage 19.1
Nexus 6P for Android 8.0 (Oreo)
Nothing Phone (1) for Android 12 (Snowcone) and 13 (Tiramisu) (new)
Pixel 3/XL for Android 13 (Tiramisu)
Samsung Galaxy A7 for LineageOS 18.1 (new)
Xiaomi Mi A3 for Lineage 20
Xiaomi Redmi 4/4X for VoltageOS 2.5
Miscellaneous Updates
Here below, we have mentioned all the Miscellaneous updates:-
Added Pipewire support when using Hyper-V in enhanced session mode
Added kali-hidpi-mode to support Kali-Purple
Improved installation of Kali-Purple by removing the need to run any commands after installing kali-themes-purple
Kali-Purple has a purple menu icon!
The final reminder about the breaking change with Python 3.12 & PIP
Packaging Tools
Here below we have mentioned all the Packaging tools:-
AutoPkgTest
Britney2
Build-Logs
Janitor
Package Tracker
Packaging CI Overview
Upstream-Watch
New Tools
Here below we have mentioned all the new tools that are added in this new version of Kali Linux 2023.3:-
Calico
cri-tools
Hubble
ImHex
kustomize
Rekono
rz-ghidra
unblob
Villain
Packages & Libraries updates
Here below, we have mentioned all the packages and libraries that are updated:-
Greenbone
Humble
Impacket
jSQL
OWASP ZAP
Rizin
Tetragon
theHarvester
Wireshark
How to get Kali Linux 2023.3?
If you are an existing user of Kali Linux and already using it, then in that case, you can upgrade to the latest version. So, for a quick update, you have to follow the steps that we have mentioned below:-
┌──(kali㉿kali)-[~]
└─$ echo “deb http://http.kali.org/kali kali-rolling main contrib non-free non-free-firmware” | sudo tee /etc/apt/sources.list
[…]
┌──(kali㉿kali)-[~]
└─$ sudo apt update && sudo apt -y full-upgrade
[…]
┌──(kali㉿kali)-[~]
└─$ cp -vrbi /etc/skel/. ~/
[…]
┌──(kali㉿kali)-[~]
└─$ [ -f /var/run/reboot-required ] && sudo reboot -f
Once done with the above steps, now you will be on the latest version, Kali Linux 2023.3 and to check that you can proceed with the following steps:-
┌──(kali㉿kali)-[~]
└─$ grep VERSION /etc/os-release
VERSION=”2023.3″
VERSION_ID=”2023.3″
VERSION_CODENAME=”kali-rolling”
┌──(kali㉿kali)-[~]
└─$ uname -v
#1 SMP PREEMPT_DYNAMIC Debian 6.3.7-1kali1 (2023-06-29)
┌──(kali㉿kali)-[~]
└─$ uname -r
6.3.0-kali1-amd64
Moreover, you can visit the official website of Kali Linux to download the latest version of Kali Linux (Kali Linux 2023.3), available in 32-bit and 64-bit versions.
Keep informed about the latest Cyber Security News by following us on Google News, Linkedin, Twitter, and Facebook.
The post Kali Linux 2023.3 Released – What’s New! appeared first on Cyber Security News.
Cyber Security News
Microsoft Exchange vulnerability actively exploited
Microsoft Exchange vulnerability actively exploited
[[{“value”:”
As it turns out, there was another actively exploited vulnerability included in Microsoft’s patch Tuesday updates for February.
When Microsoft said in its update guide for CVE-2024-21410 that the vulnerability was likely to be exploited by attackers, they weren’t kidding. Soon after they changed the status to “Exploitation Detected”.
Today, I was alerted to the fact after spotting a warning by the German Federal Office for Information Security (BSI) about the same vulnerability, Something the BSI does not do lightly.
The Exchange vulnerability is listed in the Common Vulnerabilities and Exposures (CVE) database as CVE-2024-21410, an elevation of privilege vulnerability with a CVSS score of 9.8 out of 10.
Microsoft’s description of the vulnerability is a bit more revealing:
“An attacker could target an NTLM client such as Outlook with an NTLM credentials-leaking type vulnerability. The leaked credentials can then be relayed against the Exchange server to gain privileges as the victim client and to perform operations on the Exchange server on the victim’s behalf.”
In a Windows network, NTLM (New Technology LAN Manager) is a suite of Microsoft security protocols intended to provide authentication, integrity, and confidentiality to users. An attacker being able to impersonate a legitimate user could prove to be catastrophic.
Microsoft Exchange Servers, and mail servers in general, are central communication nodes in every organization and as such they are attractive targets for cybercriminals. Being able to perform a pass-the-hash attack would provide an attacker with a paved way into the heart of the network.
As part of the update, Microsoft has enabled Extended Protection for Authentication (EPA) by default with the Exchange Server 2019 Cumulative Update 14 (CU14). Without the protection enabled, an attacker can target Exchange Server to relay leaked NTLM credentials from other targets (for example Outlook).
If you are running Exchange Server 2019 CU13 or earlier and you have previously run the script that enables NTLM credentials Relay Protections then you are protected from this vulnerability. However, Microsoft strongly suggests installing the latest cumulative update.
Last year, Microsoft introduced Extended Protection support as an optional feature for Exchange Server 2016 CU23.
If you are unsure whether your organization has configured Extended Protection, you can use the latest version of the Exchange Server Health Checker script. The script will provide you with an overview of the Extended Protection status of your server.
Our business solutions remove all remnants of ransomware and prevent you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.
“}]] Read More
Malwarebytes