What Is NTP?

What Is NTP? – NTP stands for Network Time Protocol. It is an Internet standard protocol (built on top of TCP/IP) that is used to synchronize the clocks of client computers. NTP sends time requests to known servers and obtains server time stamps. Using those stamps, it adjusts the client’s time. What Is NTP? The following are some of the features of NTP:• It is fault tolerant and dynamically autoconfiguring.• It synchronizes accuracy up to one millisecond.• It can be used to synchronize all computers in a network.• It uses…

Read More

Google Discloses Poorly-Patched, Now Unpatched, Windows 0-Day Bug

Google’s Project Zero team has made public details of an improperly patched zero-day security vulnerability in Windows print spooler API that could be leveraged by a bad actor to execute arbitrary code. Details of the unpatched flaw were revealed publicly after Microsoft failed to rectify it within 90 days of responsible disclosure on September 24. Originally tracked as CVE-2020-0986, the flaw concerns an elevation of privilege exploit in the GDI Print / Print Spooler API (“splwow64.exe”) that was reported to Microsoft by an anonymous user working with Trend Micro’s Zero…

Read More

Police Arrest 21 WeLeakInfo Customers Who Bought Breached Personal Data

21 people have been arrested across the UK as part of a nationwide cyber crackdown targeting customers of WeLeakInfo[.]com, a now-defunct online service that had been previously selling access to data hacked from other websites. The suspects used stolen personal credentials to commit further cyber and fraud offences, the UK National Crime Agency (NCA) said. Of the 21 arrested — all men aged between 18 and 38 — nine have been detained on suspicion of Computer Misuse Act offences, nine for Fraud offences, and three are under investigation for both.…

Read More

What Is a Cryptocurrency?

What Is a Cryptocurrency? – Over the past few years, the term cryptocurrency has become a well-used term in financial circles, new business plans, and news headlines. Often the term is associated with criminal activity on the so called “dark web,” but more recently with the increasing value of currencies like Bitcoin, the word, concept, and products are entering mainstream consciousness. But what really is a cryptocurrency and how does it work? In this chapter, we will examine the concept, the history, and the uses for cryptocurrencies and look at…

Read More

CrowdStrike Fends Off Attack Attempted By SolarWinds Hackers

The suspected Russian hackers behind the massive SolarWinds attack attempted to hack CrowdStrike through a Microsoft reseller’s Azure account but were ultimately unsuccessful, CrowdStrike said. The Sunnyvale, Calif.-based endpoint security giant said it was contacted on Dec. 15 by Microsoft’s Threat Intelligence Center, which had identified a reseller’s Microsoft Azure account making abnormal calls to Microsoft cloud APIs during a 17-hour period several months ago, CrowdStrike Chief Technology Officer Michael Sentonas wrote in a blog post Wednesday. The reseller’s Azure account was used for managing CrowdStrike’s Microsoft Office licenses, and…

Read More

Biden Assails Trump Over Handling of Russia Hacking

WASHINGTON — President-elect Joseph R. Biden Jr. accused President Trump on Tuesday of “irrational downplaying” of the widespread hack of the federal government and American industries, saying that the current administration was denying him intelligence and warning Russia that he would not allow the intrusion to “go unanswered” after he takes office. “This assault happened on Donald Trump’s watch when he wasn’t watching,” Mr. Biden said at a news conference in Delaware. “It is still his responsibility as president to defend American interests for the next four weeks, but rest…

Read More

BRIGHT SPOTS ON THE DARKNET

BRIGHT SPOTS ON THE DARKNET – The darknet is not all creepy, prohibited content. There is definitely no Lack of criminal malware or forums marketplaces under the surface net, but there is also a few valid sites and communities. To be clear, the darknet Remains, well, dangerous and dark. You should not simply download a Tor browser and go digging for hazard intelligence. Not everybody who heads under the surface net, however, is hoping to purchase stolen passwords or lease a botnet for hire. Some Tor consumers are just hoping…

Read More

SolarWinds Issues Second Hotfix for Orion Platform Supply Chain Attack

Network monitoring services provider SolarWinds officially released a second hotfix to address a critical vulnerability in its Orion platform that was exploited to insert malware and breach public and private entities in a wide-ranging espionage campaign. In a new update posted to its advisory page, the company urged its customers to update Orion Platform to version 2020.2.1 HF 2 immediately to secure their environments. The malware, dubbed SUNBURST (aka Solorigate), affects Orion app versions 2019.4 through 2020.2.1, released between March 2020 and June 2020. “Based on our investigation, we are…

Read More

Over 23,000 hacked databases shared over Telegram and Discord

Over 50GB of data from 23,000 hacked databases have been shared by hackers across Telegram channels and two hacking forums, it has emerged. A total of 23,618 databases were able to be downloaded through the Mega file hosting service, amounting to a dataset of around 13 billion personal files. The link was later taken down following abuse reports but there are fears that the data has entered the public domain, according to reports from ZDNet. The databases are said to have come from Cit0Day.in, an underground service launched in January 2018 that provides…

Read More

How to Use Password Length to Set Best Password Expiration Policy

One of the many features of an Active Directory Password Policy is the maximum password age. Traditional Active Directory environments have long using password aging as a means to bolster password security. Native password aging in the default Active Directory Password Policy is relatively limited in configuration settings. Let’s take a look at a few best practices that have changed in regards to password aging. What controls can you enforce in regards to password aging using the default Active Directory Password Policy? Are there better tools that organizations can use…

Read More