tldrdailynews.com logo
Tag

Wiper

All articles tagged with #wiper

State-Sized Cyber Week: Kernel Flaws, Wipers, and the Stuxnet Backstory
security27 days ago

State-Sized Cyber Week: Kernel Flaws, Wipers, and the Stuxnet Backstory

This week’s security digest spans state-sponsored cyber activity from a widespread Linux kernel LPE (CopyFail) tied to IPSec, to Venezuela’s targeted wiper against PDVSA, and expanded US bans on consumer, SMB, and ISP routers. It also highlights a serious CPanel authentication bypass (CVE-2026-41940) with active exploitation, discusses AI prompt injection risks, and revisits pre-Stuxnet history with possible early state malware (Fast16) that predates the famous worm. Rounding out the week is a GitHub Enterprise remote code-execution flaw (CVE-2026-3854) quickly patched, plus observations from a security honeypot and a Google post on prompt-injection.

via Hackaday|
#linux#security#stuxnet
Stryker breach spotlights risk of weaponized device-management tools
technology2 months ago

Stryker breach spotlights risk of weaponized device-management tools

A March 2026 Stryker cyberattack allegedly used Microsoft Intune to remotely wipe thousands of devices, with Iran-linked Handala claiming credit and up to 50 terabytes of data stolen. Researchers say the attack leveraged living-off-the-land techniques rather than a flaw in Intune, highlighting how MDM/UEM platforms can be abused. MFA and multi-account approvals for destructive actions are advised as Stryker works with forensic experts and the CISA investigates the incident.

via Cybersecurity Dive|
#cyberattack#microsoft-intune#mobile-device-management
Iran-Linked Wiper Wave Targets Global Networks via Identity Attacks
technology2 months ago

Iran-Linked Wiper Wave Targets Global Networks via Identity Attacks

Unit 42 warns of a rising risk of wiper attacks tied to the Iran conflict, led by Handala Hack (aka Void Manticore) using phishing and compromised admin access via Microsoft Intune to disrupt networks in Israel and the US; Israel's National Cyber Directorate reports cases where attackers used legitimate credentials to delete servers. The advisory outlines zero trust privileged access, Just-In-Time admin rights, MFA, break-glass accounts, PIM/PAM, MAA, RBAC with Intune Admin roles, and Group-based PIM; plus shorter session lifetimes, token protection, DSPM/DLP, MDR/XDR monitoring, offline immutable backups, and ongoing phishing training. If compromised, contact incident response teams.

via Unit 42|
#handala-hack#iran-mois#microsoft-intune