"Civil Defense" pushes hybrid espionage/influence campaign targeting recruits. Google researchers said they uncovered a Kremlin-backed operation targeting recruits for the Ukrainian military with information-ste
Published: 2024-10-28T17:58:54
Vulnerability allowing remote code execution has been discussed since at least 9 days ago. Fortinet, a maker of network security software, has kept a critical vulnerability under wraps for more than a week amid
Published: 2024-10-22T19:49:07
Once, FASTCash ran only on Unix. Then came Windows. Now it can target Linux, too. In the beginning, North Korean hackers compromised the banking infrastructure running AIX, IBM’s proprietary version of Unix. Nex
Published: 2024-10-15T21:16:05
'It was like watching a robot going rogue' says researcher OpenAI's language model GPT-4o can be tricked into writing exploit code by encoding the malicious instructions in hexadecimal, which allows an attacker to jump the model's built-in security g
Published: 2024-10-29T22:30:07
Microsoft agreed, then upped his payout 63% Comment Filings with the Securities and Exchange Commission show that, at SatNad's request, the Microsoft board agreed to halve his incentive package, but then more than made up for that with the rest of h
Published: 2024-10-28T13:29:05
How GitGuardian enables auditing of GitHub footprints to mitigate past, present, and future leaks Partner Content In an era where code is the backbone of modern businesses, GitHub is quickly becoming the biggest attack surface of all.
Published: 2024-10-25T09:06:12
Who doesn't love abusing buggy appliances, really? Cisco has patched an already exploited security hole in its Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software that miscreants have been brute-forcing in attempted denial o
Published: 2024-10-24T18:15:13
Insurance company UnitedHealth Group is confirming a ransomware attack earlier this year affected the private data of over 100 million people. The number was published in the US Department of Health and Human Services Office of Civil Rights...
Published: 2024-10-25T11:19:33
Apple is inviting investigations into the Private Cloud Compute (PCC) system that powers more computationally intensive Apple Intelligence requests. The company is also expanding its bug bounty program to offer payouts of up to $1,000,000 f...
Published: 2024-10-24T18:20:24
In an email to The Verge, press representative for WhatsApp Jessica Maskell wrote that the new contacts feature will be followed by a new username system where phone numbers won’t be required. Other end-to-end encrypted messaging apps like Si...
Published: 2024-10-22T11:13:41
Facebook and Instagram are testing new facial recognition tools that could help users quickly restore compromised accounts and combat fake celebrity-endorsed scams. Meta announced its plan to roll out experimental features that can scan a u...
Published: 2024-10-22T08:19:05
Early this morning, I received an email from “The Internet Archive Team,” replying to a message I’d sent on October 9th. Except its author doesn’t seem to have been the digital archivists’ support team it was apparently written by the hac...
Published: 2024-10-20T09:41:30
Activision says it has “disabled a workaround to a detection system” in Modern Warfare III and Call of Duty: Warzone that led to legitimate players getting banned by the Ricochet anti-cheat system. The company says the problem “impacted a s...
Published: 2024-10-17T17:47:53
Brazil’s Pol cia Federal announced the arrest of the hacker linked to a breach that leaked 2.9 billion records that included sensitive personal information, including some Social Security numbers. The data from that hack, which came to ligh...
Published: 2024-10-17T15:10:09
The FBI has arrested an Alabama man who is accused of hacking the Securities and Exchange Commission’s X account in January. The indictment (PDF) alleges that 25-year-old Eric Council Jr. worked with co-conspirators to take control of the a...
Published: 2024-10-17T12:32:33
The FIDO Alliance, the organization that’s helping shepherd passkey adoption, announced a draft of new specifications that would let users securely move their passkeys across different password managers. Passkeys are great it’s nice to be...
Published: 2024-10-15T14:13:22
Arlo is releasing a new floodlight security camera that connects directly to your home’s Wi-Fi and power source. That allows the Arlo Wired Floodlight Camera to monitor and illuminate outdoor spaces 24/7 without interruption, unlike battery...
Published: 2024-10-15T08:00:00
Free unofficial patches are now available for a new Windows Themes zero-day vulnerability that allows attackers to steal a target's NTLM credentials remotely. [...]
Published: 2024-10-29T16:21:44
Over 22,000 CyberPanel instances exposed online to a critical remote code execution (RCE) vulnerability were mass-targeted in a PSAUX ransomware attack that took almost all instances offline. [...]
Published: 2024-10-29T15:15:05
QNAP has fixed a critical zero-day vulnerability exploited by security researchers on Thursday to hack a TS-464 NAS device during the Pwn2Own Ireland 2024 competition. [...]
Published: 2024-10-29T13:35:13
The United States announced charges today against Maxim Rudometov, a Russian national, for being the suspected developer and administrator of the RedLine malware operation, one of the most prolific infostealers over the past few years. [...]
Published: 2024-10-29T09:04:02
A hybrid espionage/influence campaign conducted by the Russian threat group 'UNC5812' has been uncovered, targeting Ukrainian military recruits with Windows and Android malware. [...]
Published: 2024-10-28T14:36:32
Free, a major internet service provider (ISP) in France, confirmed over the weekend that hackers breached its systems and stole customer personal information. [...]
Published: 2024-10-28T13:45:16
The FBI and the U.S. Cybersecurity & Infrastructure Security Agency (CISA) have disclosed that Chinese hackers breached commercial telecommunication service providers in the United States. [...]
Published: 2024-10-28T12:05:34
The Dutch National Police seized the network infrastructure for the Redline and Meta infostealer malware operations in "Operation Magnus," warning cybercriminals that their data is now in the hands of law enforcement. [...]
Published: 2024-10-28T09:30:55
Fog and Akira ransomware operators have increased their exploitation efforts of CVE-2024-40766, a critical access control flaw that allows unauthorized access to resources on the SSL VPN feature of SonicWall SonicOS firewalls. [...]
Published: 2024-10-27T10:17:27
Austrian hi-fi brand Pro-Ject is probably best known for making high-end gear affordable, with its excellent Debut line a good example. But the company does make ultra-high-end models too, and now there's a new flagship Signature to rule the roost.Co...
Published: 2024-10-18T15:33:57
In September 2024, Google Threat Intelligence Group (consisting of Google’s Threat Analysis Group (TAG) and Mandiant) discovered UNC5812, a suspected Russian hybrid espionage and influence operation, delivering Windows and Android malware using a Tel...
Published: 2024-10-28T13:00:00
Written by: Foti Castelan, Max Thauer, JP Glab, Gabby Roncone, Tufail Ahmed, Jared Wilson Summary In October 2024, Mandiant collaborated with Fortinet to investigate the mass exploitation of FortiManager appliances across 50+ potentially compromised...
Published: 2024-10-23T20:00:00
Written by: Casey Charrier, Robert Weiner We note that the total number of vulnerabilities affecting a vendor does not directly relate to how secure or insecure a vendor's security posture is, nor does it s...
Published: 2024-10-15T14:00:00
Brazilian authorities reportedly have arrested a 33-year-old man on suspicion of being “USDoD,” a prolific cybercriminal who rose to infamy in 2022 after infiltrating the FBI’s InfraGard program and leaking contact information for 8...
Published: 2024-10-18T12:33:51
'It was like watching a robot going rogue' says researcher OpenAI's language model GPT-4o can be tricked into writing exploit code by encoding the malicious instructions in hexadecimal, which allows an attacker to jump the model's built-in security guardrails and abuse the AI for evil purposes, according to 0Din researcher Marco Figueroa.
Published: 2024-10-29T22:30:07
US also charges an alleged Redline dev, no mention of an arrest International law enforcement officials have arrested two individuals and charged another in connection with the use and distribution of the Redline and Meta infostealer malware strains.
Published: 2024-10-29T16:35:11
Health care breaches lead to legislation Partner Content Breaches breed regulation; which hopefully in turn breeds meaningful change.
Published: 2024-10-29T16:00:08
Patch up: The Spring framework dominates the Java ecosystem If you're running an application built using the Spring development framework, now is a good time to check it's fully updated a new, critical-severity vulnerability has just been disclosed.
Published: 2024-10-29T14:33:08
It's not just the French president, Biden and Putin also reportedly trackable The French equivalent of the US Secret Service may have been letting their guard down, as an investigation showed they are easily trackable via the fitness app Strava.
Published: 2024-10-29T10:32:08
Only took 'em a year to dish up some scary travel advice, and a Secure Innovation Placemat? Cyber security agencies from the Five Eyes nations have delivered on a promise to offer tech startups more guidance on how to stay secure.
Published: 2024-10-29T08:29:08
GCHQ job ads seek top talent with bottom-end pay packets While the wages paid by governments seldom match those available in the private sector, it appears that the UK's intelligence, security and cyber agency is a long way short of being competitive in its quest for talent.
Published: 2024-10-29T06:26:09
ATMs paid customers thousands ... and now the bank wants its money back JPMorgan Chase has begun suing fraudsters who allegedly stole thousands of dollars from the bank's ATMs after a check fraud glitch went viral on social media.
Published: 2024-10-28T20:45:12
'They're taunting us,' investigator says and it looks like it's working The feds are investigating Chinese government-linked cyberspies breaking into the infrastructure of US telecom companies, as reports suggest Salt Typhoon - the same crew believed to be behind those hacks - has also been targeting phones belonging to people affiliated with US Democratic presidential candidate Kamala Harris, along with Republican candidate Donald Trump and his running mate, JD Vance.
Published: 2024-10-28T20:00:08
The platform 'continues to take action' against illegal posts, we're told Exclusive Brazen crooks are selling people's pilfered financial information on Meta's Threads, in some cases posting full credit card details, plus stolen credentials, alongside images of the cards themselves.
Published: 2024-10-28T15:45:06
Legal action comes months after alleging negligence by Falcon vendor Delta Air Lines is suing CrowdStrike in a bid to recover the circa $500 million in estimated lost revenue months after the cybersecurity company "caused" an infamous global IT outage.
Published: 2024-10-28T14:17:09
Legal proceedings underway with more details to follow Dutch police (Politie) say they've dismantled the servers powering the Redline and Meta infostealers two key tools in a modern cyber crook's arsenal.
Published: 2024-10-28T12:01:10
One told to take down posts that said nice things about WP Engine Organisers of WordCamps, community-organized events for WordPress users, have been ordered to take down some social media posts and share their login credentials for social networks.
Published: 2024-10-28T06:27:07
Also, Change Healthcare sets a record, cybercrime cop suspect indicted, a new Mallox decryptor, and more in brief Senate intelligence committee chair Mark Warner (D-VA) is demanding to know why, in the wake of the bust-up of a massive online Russian disinformation operation, the names of six US-based domain registrars seem to keep popping up as, at best, negligent facilitators of election meddling.
Published: 2024-10-27T15:44:06
US Consumer Financial Protection Bureau demands transparency, accountability from sellers of employee metrics The US Consumer Financial Protection Bureau on Thursday published guidance advising businesses that third-party reports about workers must comply with the consent and transparency requirements set forth in the Fair Credit Reporting Act.
Published: 2024-10-26T05:30:10
Also updates bug bounty program with $1M payout In June, Apple used its Worldwide Developer Conference to announce the creation of the Private Cloud Compute platform to run its AI Intelligence applications, and now it's asking people to stress test the system for security holes.
Published: 2024-10-25T15:04:14
Plus: Iran's IRGC probes election-related websites in swing states Russian, Iranian, and Chinese trolls are all ramping up their US election disinformation efforts ahead of November 5, but aside from undermining faith in the democratic process and confidence in the election result with very different objectives, according to Microsoft.
Published: 2024-10-25T01:30:10
Remember Bucket Monopoly? Yeah, it gets worse Amazon Web Services has fixed a flaw in its open source Cloud Development Kit that, under the right conditions, could allow an attacker to hijack a user's account completely.
Published: 2024-10-24T22:33:11
Who doesn't love abusing buggy appliances, really? Cisco has patched an already exploited security hole in its Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software that miscreants have been brute-forcing in attempted denial of service attacks.
Published: 2024-10-24T18:15:13
Arguments continue but change suggests it's not Free Software anymore The Bitwarden online credentials storage service is changing its build requirements which some commentators feel mean it's no longer FOSS.
Published: 2024-10-24T11:36:14
389 US healthcare orgs infected this year alone Ransomware infected 389 US healthcare organizations this fiscal year, putting patients' lives at risk and costing facilities up to $900,000 a day in downtime alone, according to Microsoft.
Published: 2024-10-24T10:37:06
All for the low, low price of a mere dollar Scammers, rejoice. OpenAI's real-time voice API can be used to build AI agents capable of conducting successful phone call scams for less than a dollar.
Published: 2024-10-24T06:30:13
Google and WhatsApp also binned, which is far easier to explain than canning a local hero Hong Kong's government has updated infosec guidelines to restrict the use of Chinese messaging app WeChat, alongside Meta and Google products like WhatsApp and Google Drive, on computers it operates.
Published: 2024-10-24T05:11:37
For starters, it could launch a prompt injection attack on itself... The latest version of AI startup Anthropic's Claude 3.5 Sonnet model can use computers and the developer makes it sound like that's a good thing.
Published: 2024-10-24T04:30:13
Attacks on unprotected servers reach 'critical level' An unknown attacker is abusing exposed Docker Remote API servers to deploy perfctl cryptomining malware on victims' systems, according to Trend Micro researchers.
Published: 2024-10-24T02:30:07
Don't ignore this nasty zero day exploit says TAG A nasty bug in Samsung's mobile chips is being exploited by miscreants as part of an exploit chain to escalate privileges and then remotely execute arbitrary code, according to Google security researchers.
Published: 2024-10-24T00:16:09
Fight On, State? Not this time Pennsylvania State University has agreed to pay the Justice Department $1.25 million to settle claims of misrepresenting its cybersecurity compliance to the federal government and leaving sensitive data improperly secured.
Published: 2024-10-23T23:29:10
Security shop and CISA urge rapid action Updated Fortinet has gone public with news of a critical flaw in its software management platform.
Published: 2024-10-23T22:47:07
We know where you got your skinny jeans - big deal A data thief calling themselves Satanic claims to have purloined the records of around 350 million customers of fashion retailer Hot Topic.
Published: 2024-10-23T20:30:15
Plus, a POC to make it extra easy for attackers A Microsoft SharePoint bug that can allow an attacker to remotely inject code into vulnerable versions is under active exploitation, according to the US Cybersecurity and Infrastructure Security Agency (CISA).
Published: 2024-10-23T19:30:13
Azure Blob Storage, AWS, and Twilio keys all up for grabs An analysis of widely used mobile apps offered on Google Play and the Apple App Store has found hardcoded and unencrypted cloud service credentials, exposing millions of users to major security problems.
Published: 2024-10-23T00:31:09
TaxSlayer, H&R Block, TaxAct, and Ramsey Solutions accused of sharing info with Meta and Google A quartet of lawmakers have penned a letter to the Department of Justice asking it to prosecute tax preparation companies for sharing customer data, including tax return information, with Meta and Google.
Published: 2024-10-22T22:31:09
Chip giant tells Uncle Sam someone could be making orders on the sly TSMC has reportedly tipped off US officials to a potential attempt by Huawei to circumvent export controls and obtain AI chips manufactured by the Taiwanese company.
Published: 2024-10-22T17:45:05
If the first patches don't work, try, try again VMware has pushed a second patch for a critical, heap-overflow bug in the vCenter Server that could allow a remote attacker to fully compromise vulnerable systems after the first software update, issued last month, didn't work.
Published: 2024-10-22T17:02:27
Unisys, Avaya, Check Point, and Mimecast settled with the agency without admitting or denying wrongdoing Four high-profile tech companies reached an agreement with the Securities and Exchange Commission to pay millions of dollars in penalties for misleading investors about their exposure to the 2020 SolarWinds hack.
Published: 2024-10-22T16:31:05
Crooks revert to old ways for greater efficiency Experts believe the Akira ransomware operation is up to its old tricks again, encrypting victims' files after a break from the typical double extortion tactics.
Published: 2024-10-22T15:31:14
Miscreants combine it with an equally tricky piece of social engineering The Ghostpulse malware strain now retrieves its main payload via a PNG image file's pixels. This development, security experts say, is "one of the most significant changes" made by the crooks behind it since launching in 2023.
Published: 2024-10-22T05:30:14
Note to Xi: Marco and Ted Cruz aren't the same person China's Spamouflage disinformation crew has been targeting US Senator Marco Rubio (R-Florida) with its fake news campaigns over the past couple of months, trolling the Republican lawmaker's official X account and posting negative stories about Rubio on Reddit and Medium.
Published: 2024-10-21T22:30:13
Private equity giant Thoma Bravo adds another trophy to its growing collection British security biz Sophos has announced a plan to gobble up competitor Secureworks in an $859 million deal that will make Dell happy.
Published: 2024-10-21T21:30:15
Dan O'Dowd tells El Reg about the OS secrets and ongoing clash with Musk Interview This month, presidential hopeful Donald Trump got a tool in his arsenal: some allegedly "unhackable" communications kit. The Register has talked to the man behind the operating system, who also ran for the US Senate on a campaign to get self-driving Teslas off the road and is on something of a crusade about the matter.
Published: 2024-10-21T19:30:13
Like keeping your camera and microphone private? Patch up In revealing details about a vulnerability that threatens the privacy of Apple fans, Microsoft urges all macOS users to update their systems.
Published: 2024-10-21T13:32:08
As TSMC defends itself against report it may have helped Huawei Tesla has denied it was involved in illegal-map making activities in China after Beijing asserted an unnamed foreign firm working on a smart car project had done so and even stolen state secrets through a collaboration with a local business.
Published: 2024-10-21T05:33:11
Org turns its woes into a fundraising opportunity Despite the Internet Archive's assurances that it's back on its feet after a recent infosec incident, the org still appears to be in trouble after parties unknown claimed to hold access tokens to its Zendesk implementation and to have used them to send a mass email blast.
Published: 2024-10-21T01:29:07
The static analyzer uses Claude AI to identify vulns and suggest exploit code Researchers with Seattle-based Protect AI plan to release a free, open source tool that can find zero-day vulnerabilities in Python codebases with the help of Anthropic's Claude AI model.
Published: 2024-10-20T09:00:08
Also, new EU cyber reporting rules are live, exploiters hit the gas pedal, free PDNS for UK schools, and more In Brief - Updated A critical security update for the near-ubiquitous WordPress plugin Jetpack was released last week. Site administrators should ensure the latest version is installed to keep their sites secure.
Published: 2024-10-18T22:30:07
SIM swappers strike again, warping cryptocurrency prices An Alabama man faces five years in prison for allegedly attempting to manipulate the price of Bitcoin by pwning the US Securities and Exchange Commission's X account earlier this year.
Published: 2024-10-18T12:30:09
Says 'limited' incident isolated to 'partner company' ESET denies being compromised after an infosec researcher highlighted a wiper campaign that appeared to victims as if it was launched using the Slovak security shop's infrastructure.
Published: 2024-10-18T11:00:15
Chipzilla says it obeys the law wherever it is, which is nice Intel has responded to Chinese claims that its chips include security backdoors at the direction of America's NSA.
Published: 2024-10-18T05:32:13
'My webcam isn't working today' is the new 'The dog ate my network' It's a pattern cropping up more and more frequently: a company fills an IT contractor post, not realizing it's mistakenly hired a North Korean operative. The phony worker almost immediately begins exfiltrating sensitive data, before being fired for poor performance. Then the six-figure ransom demands accompanied by proof of the stolen files start appearing.
Published: 2024-10-18T04:28:12
Propaganda op focuses on anti-West narratives to meddle with elections The US has placed a $10 million bounty on Russian media network Rybar and a number of its key staffers following alleged attempts to sway the upcoming US presidential election.
Published: 2024-10-18T01:00:10
A report distributed by the US Department of Homeland Security warned that financially motivated cybercriminals are more likely to attack US election infrastructure than state-backed hackers.
Published: 2024-10-28T13:00:00
Plus: Apple offers $1 million to hack its AI cloud infrastructure, Iranian hackers successfully peddle stolen Trump campaign docs, Russia hacks the nation of Georgia, and a “cyberattack” that wasn’t.
Published: 2024-10-26T10:30:00
He just untangled a $243 million bitcoin theft, what may be the biggest-ever crypto heist to target a single victim. And he has never shown his face.
Published: 2024-10-24T09:00:00
Russia, Iran, and China are targeting the US election with an evolving array of influence operations in the last days of campaign season.
Published: 2024-10-23T16:00:00
After eight months, one of the US’s most prominent crypto-crime investigators may finally be coming home.
Published: 2024-10-23T14:17:52
The 115,000-plus files related to UN Women included detailed financial disclosures from organizations around the world and personal details and testimonials from vulnerable individuals.
Published: 2024-10-22T17:49:01
The North Atlantic Fella Organization, which started as a way to fight Kremlin propaganda, has raised millions of dollars to send vital equipment directly to soldiers fighting Russia.
Published: 2024-10-22T14:34:37
Immigration and Customs Enforcement's contract with Paragon Solutions faces scrutiny over whether it complies with the Biden administration's executive order on spyware, WIRED has learned.
Published: 2024-10-21T19:03:22
Donald Trump's opposition to “woke” safety standards for artificial intelligence would likely mean the dismantling of regulations that protect Americans from misinformation, discrimination, and worse.
Published: 2024-10-21T10:30:00
A new document shows the Department of Homeland Security is concerned that Chinese investment in lithium batteries to power energy grids will make them a threat to US supply chain security.
Published: 2024-10-21T10:00:00
Plus: The alleged SEC X account hacker gets charged, Kroger wriggles out of a face recognition scandal, and Microsoft deals with missing customer security logs.
Published: 2024-10-19T10:30:00
Moldova is facing a tide of disinformation unprecedented in complexity and aggression, the head of a new center meant to combat it tells WIRED. And platforms like Facebook, TikTok, Telegram and YouTube could do more.
Published: 2024-10-19T06:00:00
Sixty-five years ago, the Army's leaders unveiled its “ultimate weapon” for the age of atomic warfare. Here’s how the service’s vision stands up to today's reality.
Published: 2024-10-18T09:00:00
So much jamming is taking place in northeastern Norway, regulators no longer want to know.
Published: 2024-10-17T10:32:52
Security researchers created an algorithm that turns a malicious prompt into a set of hidden instructions that could send a user's personal information to an attacker.
Published: 2024-10-17T10:30:00
The US has accused two brothers of being part of the hacker group Anonymous Sudan, which allegedly went on a wild cyberattack spree that hit hundreds of targets and, for one of the two men, even put lives at risk.
Published: 2024-10-16T17:44:44
Global Intelligence claims its Cybercheck technology can help cops find key evidence to nail a case. But a WIRED investigation reveals the smoking gun often appears far less solid.
Published: 2024-10-15T11:00:00
Bots that “remove clothes” from images have run rampant on the messaging app, allowing people to create nonconsensual deepfake images even as lawmakers and tech companies try to crack down.
Published: 2024-10-15T10:30:00
“Passkeys,” the secure authentication mechanism built to replace passwords, are getting more portable and easier for organizations to implement thanks to new initiatives the FIDO Alliance announced on Monday.
Published: 2024-10-14T14:00:00
A little over three dozen security vulnerabilities have been disclosed in various open-source artificial intelligence (AI) and machine learning (ML) models, some of which could lead to remote code execution and information theft. The flaws, identified in tools like ChuanhuChatGPT, Lunary, and LocalAI, have been reported as part of Protect AI's Huntr bug bounty platform. The most severe of the
Published: 2024-10-29T18:30:00
Sherlock Holmes is famous for his incredible ability to sort through mounds of information; he removes the irrelevant and exposes the hidden truth. His philosophy is plain yet brilliant: “When you have eliminated the impossible, whatever remains, however improbable, must be the truth.” Rather than following every lead, Holmes focuses on the details that are needed to move him to the solution. In
Published: 2024-10-29T16:30:00
The Dutch National Police, along with international partners, have announced the disruption of the infrastructure powering two information stealers tracked as RedLine and MetaStealer. The takedown, which took place on October 28, 2024, is the result of an international law enforcement task force codenamed Operation Magnus that involved authorities from the U.S., the U.K., Belgium, Portugal, and
Published: 2024-10-29T16:29:00
The U.S. government (USG) has issued new guidance governing the use of the Traffic Light Protocol (TLP) to handle threat intelligence information shared between the private sector, individual researchers, and Federal Departments and Agencies. "The USG follows TLP markings on cybersecurity information voluntarily shared by an individual, company, or other any organization, when not in conflict
Published: 2024-10-29T13:06:00
More than six years after the Spectre security flaw impacting modern CPU processors came to light, new research has found that the latest AMD and Intel processors are still susceptible to speculative execution attacks. The attack, disclosed by ETH Z rich researchers Johannes Wikner and Kaveh Razavi, aims to undermine the Indirect Branch Predictor Barrier (IBPB) on x86 chips, a crucial mitigation
Published: 2024-10-29T11:23:00
A government entity and a religious organization in Taiwan were the target of a China-linked threat actor known as Evasive Panda that infected them with a previously undocumented post-compromise toolset codenamed CloudScout. "The CloudScout toolset is capable of retrieving data from various cloud services by leveraging stolen web session cookies," ESET security researcher Anh Ho said. "Through
Published: 2024-10-28T22:56:00
Cybersecurity news can sometimes feel like a never-ending horror movie, can't it? Just when you think the villains are locked up, a new threat emerges from the shadows. This week is no exception, with tales of exploited flaws, international espionage, and AI shenanigans that could make your head spin. But don't worry, we're here to break it all down in plain English and arm you with the
Published: 2024-10-28T21:14:00
A suspected Russian hybrid espionage and influence operation has been observed delivering a mix of Windows and Android malware to target the Ukrainian military under the Telegram persona Civil Defense. Google's Threat Analysis Group (TAG) and Mandiant are tracking the activity under the name UNC5812. The threat group, which operates a Telegram channel named civildefense_com_ua, was created on
Published: 2024-10-28T19:32:00
Three malicious packages published to the npm registry in September 2024 have been found to contain a known malware called BeaverTail, a JavaScript downloader and information stealer linked to an ongoing North Korean campaign tracked as Contagious Interview. The Datadog Security Research team is monitoring the activity under the name Tenacious Pungsan, which is also known by the monikers
Published: 2024-10-28T19:21:00
Cybersecurity researchers have warned of a spike in phishing pages created using a website builder tool called Webflow, as threat actors continue to abuse legitimate services like Cloudflare and Microsoft Sway to their advantage. "The campaigns target sensitive information from different crypto wallets, including Coinbase, MetaMask, Phantom, Trezor, and Bitbuy, as well as login credentials for
Published: 2024-10-28T16:40:00
Operational Technology (OT) security has affected marine vessel and port operators, since both ships and industrial cranes are being digitalized and automated at a rapid pace, ushering in new types of security challenges. Ships come to shore every six months on average. Container cranes are mostly automated. Diagnostics, maintenance, upgrade and adjustments to these critical systems are done
Published: 2024-10-28T16:30:00
A new attack technique could be used to bypass Microsoft's Driver Signature Enforcement (DSE) on fully patched Windows systems, leading to operating system (OS) downgrade attacks. "This bypass allows loading unsigned kernel drivers, enabling attackers to deploy custom rootkits that can neutralize security controls, hide processes and network activity, maintain stealth, and much more," SafeBreach
Published: 2024-10-28T10:59:00
The infamous cryptojacking group known as TeamTNT appears to be readying for a new large-scale campaign targeting cloud-native environments for mining cryptocurrencies and renting out breached servers to third-parties. "The group is currently targeting exposed Docker daemons to deploy Sliver malware, a cyber worm, and cryptominers, using compromised servers and Docker Hub as the infrastructure
Published: 2024-10-26T14:36:00
Four members of the now-defunct REvil ransomware operation have been sentenced to several years in prison in Russia, marking one of the rare instances where cybercriminals from the country have been convicted of hacking and money laundering charges. Russian news publication Kommersant reported that a court in St. Petersburg found Artem Zaets, Alexei Malozemov, Daniil Puzyrevsky, and Ruslan
Published: 2024-10-26T14:04:00
The Computer Emergency Response Team of Ukraine (CERT-UA) has detailed a new malicious email campaign targeting government agencies, enterprises, and military entities. "The messages exploit the appeal of integrating popular services like Amazon or Microsoft and implementing a zero-trust architecture," CERT-UA said. "These emails contain attachments in the form of Remote Desktop Protocol ('.rdp'
Published: 2024-10-26T09:36:00
A security flaw impacting the Wi-Fi Test Suite could enable unauthenticated local attackers to execute arbitrary code with elevated privileges. The CERT Coordination Center (CERT/CC) said the susceptible code from the Wi-Fi Alliance has been found deployed on Arcadyan FMIMG51AX000J routers. The vulnerability is being tracked as CVE-2024-41992. "This flaw allows an unauthenticated local attacker
Published: 2024-10-25T19:11:00
Apple has publicly made available its Private Cloud Compute (PCC) Virtual Research Environment (VRE), allowing the research community to inspect and verify the privacy and security guarantees of its offering. PCC, which Apple unveiled earlier this June, has been marketed as the "most advanced security architecture ever deployed for cloud AI compute at scale." With the new technology, the idea is
Published: 2024-10-25T17:55:00
Artificial Intelligence (AI) has rapidly evolved from a futuristic concept to a potent weapon in the hands of bad actors. Today, AI-based attacks are not just theoretical threats they're happening across industries and outpacing traditional defense mechanisms. The solution, however, is not futuristic. It turns out a properly designed identity security platform is able to deliver defenses
Published: 2024-10-25T16:30:00
The U.S. Securities and Exchange Commission (SEC) has charged four current and former public companies for making "materially misleading disclosures" related to the large-scale cyber attack that stemmed from the hack of SolarWinds in 2020. The SEC said the companies Avaya, Check Point, Mimecast, and Unisys are being penalized for how they handled the disclosure process in the aftermath of
Published: 2024-10-25T15:06:00
The Irish data protection watchdog on Thursday fined LinkedIn 310 million ($335 million) for violating the privacy of its users by conducting behavioral analyses of personal data for targeted advertising. "The inquiry examined LinkedIn's processing of personal data for the purposes of behavioral analysis and targeted advertising of users who have created LinkedIn profiles (members)," the Data
Published: 2024-10-25T11:19:00
Cybersecurity researchers have discovered an advanced version of the Qilin ransomware sporting increased sophistication and tactics to evade detection. The new variant is being tracked by cybersecurity firm Halcyon under the moniker Qilin.B. "Notably, Qilin.B now supports AES-256-CTR encryption for systems with AESNI capabilities, while still retaining Chacha20 for systems that lack this support
Published: 2024-10-24T22:08:00
Cybersecurity researchers have disclosed a security flaw impacting Amazon Web Services (AWS) Cloud Development Kit (CDK) that could have resulted in an account takeover under specific circumstances. "The impact of this issue could, in certain scenarios, allow an attacker to gain administrative access to a target AWS account, resulting in a full account takeover," Aqua researchers Ofek Itach and
Published: 2024-10-24T18:30:00
Cisco on Wednesday said it has released updates to address an actively exploited security flaw in its Adaptive Security Appliance (ASA) that could lead to a denial-of-service (DoS) condition. The vulnerability, tracked as CVE-2024-20481 (CVSS score: 5.8), affects the Remote Access VPN (RAVPN) service of Cisco ASA and Cisco Firepower Threat Defense (FTD) Software. Arising due to resource
Published: 2024-10-24T18:11:00
Sometimes, it turns out that the answers we struggled so hard to find were sitting right in front of us for so long that we somehow overlooked them. When the Department of Homeland Security, through the Cybersecurity and Infrastructure Security Agency (CISA), in coordination with the FBI, issues a cybersecurity warning and prescribes specific action, it’s a pretty good idea to at least read the
Published: 2024-10-24T16:30:00
The North Korean threat actor known as Lazarus Group has been attributed to the zero-day exploitation of a now-patched security flaw in Google Chrome to seize control of infected devices. Cybersecurity vendor Kaspersky said it discovered a novel attack chain in May 2024 that targeted the personal computer of an unnamed Russian national with the Manuscrypt backdoor. This entails triggering the
Published: 2024-10-24T15:23:00
Fortinet has confirmed details of a critical security flaw impacting FortiManager that has come under active exploitation in the wild. Tracked as CVE-2024-47575 (CVSS score: 9.8), the vulnerability is also known as FortiJump and is rooted in the FortiGate to FortiManager (FGFM) protocol. "A missing authentication for critical function vulnerability [CWE-306] in FortiManager fgfmd daemon may
Published: 2024-10-24T11:53:00
New variants of a banking malware called Grandoreiro have been found to adopt new tactics in an effort to bypass anti-fraud measures, indicating that the malicious software is continuing to be actively developed despite law enforcement efforts to crack down on the operation. "Only part of this gang was arrested: the remaining operators behind Grandoreiro continue attacking users all over the
Published: 2024-10-23T23:03:00
Identity security is front, and center given all the recent breaches that include Microsoft, Okta, Cloudflare and Snowflake to name a few. Organizations are starting to realize that a shake-up is needed in terms of the way we approach identity security both from a strategic but also a technology vantage point. Identity security is more than just provisioning access The conventional view
Published: 2024-10-23T18:33:00
A high-severity flaw impacting Microsoft SharePoint has been added to the Known Exploited Vulnerabilities (KEV) catalog by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday, citing evidence of active exploitation. The vulnerability, tracked as CVE-2024-38094 (CVSS score: 7.2), has been described as a deserialization vulnerability impacting SharePoint that could result
Published: 2024-10-23T18:24:00
Cybersecurity researchers have shed light on a new adversarial technique that could be used to jailbreak large language models (LLMs) during the course of an interactive conversation by sneaking in an undesirable instruction between benign ones. The approach has been codenamed Deceptive Delight by Palo Alto Networks Unit 42, which described it as both simple and effective, achieving an average
Published: 2024-10-23T15:24:00
It may come as a surprise to learn that 34% of security practitioners are in the dark about how many SaaS applications are deployed in their organizations. And it’s no wonder the recent AppOmni 2024 State of SaaS Security Report reveals that only 15% of organizations centralize SaaS security within their cybersecurity teams. These statistics not only highlight a critical security blind spot,
Published: 2024-10-23T15:04:00
Threat actors have been observed abusing Amazon S3 (Simple Storage Service) Transfer Acceleration feature as part of ransomware attacks designed to exfiltrate victim data and upload them to S3 buckets under their control. "Attempts were made to disguise the Golang ransomware as the notorious LockBit ransomware," Trend Micro researchers Jaromir Horejsi and Nitesh Surana said. "However, such is
Published: 2024-10-23T15:00:00
Russian-speaking users have become the target of a new phishing campaign that leverages an open-source phishing toolkit called Gophish to deliver DarkCrystal RAT (aka DCRat) and a previously undocumented remote access trojan dubbed PowerRAT. "The campaign involves modular infection chains that are either Maldoc or HTML-based infections and require the victim's intervention to trigger the
Published: 2024-10-22T22:36:00
Details have emerged about a now-patched security flaw in Styra's Open Policy Agent (OPA) that, if successfully exploited, could have led to leakage of New Technology LAN Manager (NTLM) hashes. "The vulnerability could have allowed an attacker to leak the NTLM credentials of the OPA server's local user account to a remote server, potentially allowing the attacker to relay the authentication or
Published: 2024-10-22T19:42:00
Bad actors have been observed targeting Docker remote API servers to deploy the SRBMiner crypto miner on compromised instances, according to new findings from Trend Micro. "In this attack, the threat actor used the gRPC protocol over h2c to evade security solutions and execute their crypto mining operations on the Docker host," researchers Abdelrahman Esmail and Sunil Bharti said in a technical
Published: 2024-10-22T19:30:00
Service accounts are vital in any enterprise, running automated processes like managing applications or scripts. However, without proper monitoring, they can pose a significant security risk due to their elevated privileges. This guide will walk you through how to locate and secure these accounts within Active Directory (AD), and explore how Silverfort’s solutions can help enhance your
Published: 2024-10-22T16:30:00
Two malware families that suffered setbacks in the aftermath of a coordinated law enforcement operation called Endgame have resurfaced as part of new phishing campaigns. Bumblebee and Latrodectus, which are both malware loaders, are designed to steal personal data, along with downloading and executing additional payloads onto compromised hosts. Tracked under the names BlackWidow, IceNova, Lotus,
Published: 2024-10-22T15:30:00
Cybersecurity researchers have discovered a number of suspicious packages published to the npm registry that are designed to harvest Ethereum private keys and gain remote access to the machine via the secure shell (SSH) protocol. The packages attempt to "gain SSH access to the victim's machine by writing the attacker’s SSH public key in the root user’s authorized_keys file," software supply
Published: 2024-10-22T15:03:00
VMware has released software updates to address an already patched security flaw in vCenter Server that could pave the way for remote code execution. The vulnerability, tracked as CVE-2024-38812 (CVSS score: 9.8), concerns a case of heap-overflow vulnerability in the implementation of the DCE/RPC protocol. "A malicious actor with network access to vCenter Server may trigger this vulnerability by
Published: 2024-10-22T12:33:00
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical security flaw impacting ScienceLogic SL1 to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation as a zero-day. The vulnerability in question, tracked as CVE-2024-9537 (CVSS v4 score: 9.3), refers to a bug involving an unspecified third-party component that could
Published: 2024-10-22T10:17:00
Pentest Checklists Are More Important Than Ever Given the expanding attack surface coupled with the increasing sophistication of attacker tactics and techniques, penetration testing checklists have become essential for ensuring thorough assessments across an organization’s attack surface, both internal and external. By providing a structured approach, these checklists help testers systematically
Published: 2024-10-21T16:55:00
Hi there! Here’s your quick update on the latest in cybersecurity. Hackers are using new tricks to break into systems we thought were secure like finding hidden doors in locked houses. But the good news? Security experts are fighting back with smarter tools to keep data safe. Some big companies were hit with attacks, while others fixed their vulnerabilities just in time. It's a constant battle.
Published: 2024-10-21T16:41:00
Cybersecurity researchers have discovered severe cryptographic issues in various end-to-end encrypted (E2EE) cloud storage platforms that could be exploited to leak sensitive data. "The vulnerabilities range in severity: in many cases a malicious server can inject files, tamper with file data, and even gain direct access to plaintext," ETH Zurich researchers Jonas Hofmann and Kien Tuong Truong
Published: 2024-10-21T12:29:00
Unknown threat actors have been observed attempting to exploit a now-patched security flaw in the open-source Roundcube webmail software as part of a phishing attack designed to steal user credentials. Russian cybersecurity company Positive Technologies said it discovered last month an email that was sent to an unspecified governmental organization located in one of the Commonwealth of
Published: 2024-10-20T13:07:00
North Korean information technology (IT) workers who obtain employment under false identities in Western companies are not only stealing intellectual property, but are also stepping up by demanding ransoms in order to not leak it, marking a new twist to their financially motivated attacks. "In some instances, fraudulent workers demanded ransom payments from their former employers after gaining
Published: 2024-10-20T12:53:00
In the modern enterprise, data security is often discussed using a complex lexicon of acronyms DLP, DDR, DSPM, and many others. While these acronyms represent critical frameworks, architectures, and tools for protecting sensitive information, they can also overwhelm those trying to piece together an effective security strategy. This article aims to demystify some of the most important acronyms
Published: 2024-10-19T15:00:00
A nascent threat actor known as Crypt Ghouls has been linked to a set of cyber attacks targeting Russian businesses and government agencies with ransomware with the twin goals of disrupting business operations and financial gain. "The group under review has a toolkit that includes utilities such as Mimikatz, XenAllPasswordPro, PingCastle, Localtonet, resocks, AnyDesk, PsExec, and others,"
Published: 2024-10-19T13:09:00
Picture your company's data as a vast, complex jigsaw puzzle scattered across clouds, devices, and networks. Some pieces are hidden, some misplaced, and others might even be missing entirely. Keeping your data secure in today’s fast-evolving landscape can feel like an impossible challenge. But there’s a game-changing solution: Data Security Posture Management (DSPM). Think of it as a high-tech,
Published: 2024-10-18T16:55:00
Cybersecurity and intelligence agencies from Australia, Canada, and the U.S. have warned about a year-long campaign undertaken by Iranian cyber actors to infiltrate critical infrastructure organizations via brute-force attacks. "Since October 2023, Iranian actors have used brute force and password spraying to compromise user accounts and obtain access to organizations in the healthcare and
Published: 2024-10-18T16:30:00
Threat actors are leveraging fake Google Meet web pages as part of an ongoing malware campaign dubbed ClickFix to deliver infostealers targeting Windows and macOS systems. "This tactic involves displaying fake error messages in web browsers to deceive users into copying and executing a given malicious PowerShell code, finally infecting their systems," French cybersecurity company Sekoia said in
Published: 2024-10-18T15:13:00
A global law enforcement operation disrupted RedLine and Meta infostealers, seizing their infrastructure and making arrests. The Dutch police announced it has dismantled infrastructure used by RedLine and Meta infostealers as part of an international law enforcement operation led by Eurojust that was code-named Operation Magnus. RedLine and META targeted millions of victims worldwide, according to Eurojust […]
Published: 2024-10-29T21:24:59
Fog and Akira ransomware operators are exploiting SonicWall VPN flaw CVE-2024-40766 to breach enterprise networks. Fog and Akira ransomware operators are exploiting the critical SonicWall VPN vulnerability CVE-2024-40766 (CVSS v3 score: 9.3) to breach corporate networks via SSL VPN access. CVE-2024-40766 is an Improper Access Control Vulnerability impacting SonicWall SonicOS, the company addressed it in August […]
Published: 2024-10-29T11:51:49
Suspected Russia-linked espionage group UNC5812 targets Ukraine’s military with Windows and Android malware via Telegram. Google TAG and Mandiant observed a Russia-linked group, tracked as UNC5812, targeting Ukraine’s military with Windows and Android malware via the Telegram channel “Civil Defense.” The Telegram channel was created on September 10, 2024 and at this time has 189 […]
Published: 2024-10-29T07:48:56
French internet service provider (ISP) Free disclosed a cyber attack, threat actors allegedly had access to customer personal information. Free S.A.S. is a French telecommunications company, subsidiary of Iliad S.A. that provides voice, video, data, and Internet telecommunications to consumers in France. The company is the second-largest ISP in France with over 22.9 million mobile and fixed subscribers. Free disclosed a cyber attack over the […]
Published: 2024-10-28T21:05:39
Italian police arrested four and are investigating dozens, including Leonardo Maria Del Vecchio, for alleged unauthorized access to state databases. Italian authorities have arrested four individuals as part of an investigation into alleged illegal access to state databases. The police are also investigating dozens of other individuals, including the son of Luxottica founder Leonardo Maria […]
Published: 2024-10-28T14:34:12
A long supply chain adds third-party risks, as each partner’s security affects your own, making identity and access management more challenging. Identity-related attack vectors are a significant concern, with a substantial percentage of cyberattacks often cited as over 70% involving compromised credentials or identity theft. However, this problem primarily stems from a lack of visibility. Do you […]
Published: 2024-10-28T11:36:21
ReliaQuest researchers observed Black Basta affiliates relying on Microsoft Teams to gain initial access to target networks. ReliaQuest researchers warn that Black Basta ransomware affiliates switched to Microsoft Teams, posing as IT support to deceive employees into granting access. The BlackBasta ransomware operators were spotted posing as corporate help desks and contacting employees to help […]
Published: 2024-10-28T08:07:00
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. New Bumblebee Loader Infection Chain Signals Possible Resurgence Trojanized Ethers Forks on npm Attempting to Steal Ethereum […]
Published: 2024-10-27T13:54:47
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Chinese cyber spies targeted phones used by Trump and Vance Irish Data Protection Commission fined LinkedIn 310M for […]
Published: 2024-10-27T13:30:09
Russian authorities sentenced four members of the REvil ransomware operation to several years in prison in Russia. Four former members of the REvil ransomware group were sentenced in Russia for hacking and money laundering, marking a rare case of Russian gang members being convicted in the country. The four men are Artem Zaets, Alexei Malozemov, […]
Published: 2024-10-27T09:38:27
ChatGPT Jailbreak: Researchers Bypass AI Safeguards Using Hexadecimal Encoding And Emojis
Kremlin-Backed Hackers Have New Windows And Android Malware To Foist On Ukrainian Foes
Windows Update Takeover Lets An Attacker Revive A Patched Vuln
Five Eyes Agencies Offer Security Advice For Small Businesses
Admins Better Spring Into Action Over Latest Critical Vuln
The Failure That Started The Internet
Dutch Cops Pwn The Redline And Meta Infostealers, Leak VIP Aliases
Worker Surveillance Must Comply With Credit Reporting Rules
Senator Accuses Sloppy Domain Registrars Of Aiding Russian Disinfo Campaigns
AWS Breaks Up Massive Russian Phishing Operation
Dildog On Building Privacy And What Makes Hackers Unique
Chinese Hackers Collected Audio From A Trump Advisor's Call
100 Million Impacted By Change Healthcare Attack
AWS Cloud Development Kit Flaw Exposed Accounts To Full Takeover
Third-Party Vendors Drive 45% Of Breaches In Energy Sector
White House Endorses Collaboration With Cybersecurity Researchers
Cisco Patches Vulnerability Exploited In Large Scale Brute Force Campaign
SEC Fines 4 Firms Related To SolarWinds Case
Poor MFA, Identity Attacks Dominate Threat Landscape In Q3 2024
New LLM Jailbreak Method With 65% Success Rate Developed
Location Tracking Of Phones Is Out Of Control. Here's How To Fight Back.
Ransomware's Ripple Effect Felt Across ERs As Patient Care Suffers
FortiGate Admins Report Active Exploitation 0-Day. Vendor Isn't Talking.
White Hat Hackers Earn $500,000 On First Day Of Pwn2Own Ireland 2024
Russia Hit By DDoS During BRICS Summit
Proofpoint to Acquire Data Security Posture Management Firm NormalyzeIndustry Moves for the week of October 28, 2024 - SecurityWeek
RedLine and Meta Infostealers Disrupted by Law Enforcement
Zenity Raises $38 Million to Secure Agentic AI
Fitness App Strava Gives Away Location of Biden, Trump and other Leaders, French Newspaper Says
How to Improve the Security of AI-Assisted Software Development
Canada Says Chinese Reconnaissance Scans Targeting Government Organizations
Apple Patches Over 70 Vulnerabilities Across iOS, macOS, Other Products
ChatGPT Jailbreak: Researchers Bypass AI Safeguards Using Hexadecimal Encoding and Emojis
Armis Raises $200M at $4.2B Valuation, Eyes IPO
Google Invests in Alternative Neutral Atom Quantum Technology
CISA Releases Its First Ever International Strategic Plan
CISA Launches #PROTECT2024 Election Threat Updates Webpage
Joint ODNI, FBI, and CISA Statement
Joint Statement by FBI and CISA on PRC Activity Targeting Telecommunications
CISA and USPIS Release Two Election Mail Security Resources
FBI and CISA Issue Public Service Announcement Warning of Tactics Foreign Threat Actors are Using to Spread Disinformation in the 2024 U.S. General Election
CISA and FBI Release Product Security Bad Practices for Public Comment
CISA and FBI Warn of Iranian-Backed Cyber Activity to Undermine U.S. Democratic Institutions
CISA Kicks Off 21st Anniversary of Cybersecurity Awareness Month
CISA Releases Anonymous Threat Response Guidance and Toolkit for K-12 Schools
Engaging with Security Researchers: Embracing a “See Something, Say Something” Culture
A Message to Election Officials from CISA Director Jen Easterly
Region 8 Invites You to Secure Our World
CISA Director Jen Easterly Remarks at the Election Center 39th Annual National Conference in Detroit
Learn with Region 8’s Webinar Program
Shaping the legacy of partnership between government and private sector globally: JCDC
SAFECOM and NCSWIC Develop Global Positioning System (GPS) for Public Safety Location Services: Use Cases and Best Practices
Region 10 Team Provides Vital Election Security Training for Idaho
SAFECOM Membership Spotlight ft. Red Grasso, North Carolina Department of Information Technology
SAFECOM Releases New Resource for Cloud Adoption
Solar-Log Base 15
Delta Electronics InfraSuite Device Master
Siemens InterMesh Subscriber Devices
JCDC’s Industry-Government Collaboration Speeds Mitigation of CrowdStrike IT Outage
Apple Releases Security Updates for Multiple Products
CISA Releases Three Industrial Control Systems Advisories
iniNet Solutions SpiderControl SCADA PC HMI Editor
VIMESA VHF/FM Transmitter Blue Plus
Deep Sea Electronics DSE855
CISA Adds Two Known Exploited Vulnerabilities to Catalog
Cisco Releases Security Bundle for Cisco ASA, FMC, and FTD Software
CISA, US, and International Partners Release Joint Guidance to Assist Software Manufacturers with Safe Software Deployment Processes
CISA Releases Four Industrial Control Systems Advisories
CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog
ICONICS and Mitsubishi Electric Products
CISA Releases One Industrial Control Systems Advisory
CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog
LCDS LAquis SCADA
HMS Networks EWON FLEXY 202
Oracle Releases Quarterly Critical Patch Update Advisory for October 2024
Kieback&Peter DDC4000 Series
CISA Releases Seven Industrial Control Systems Advisories
Elvaco M-Bus Metering Gateway CMe3100
Mitsubishi Electric CNC Series
Iranian Cyber Actors’ Brute Force and Credential Access Activity Compromises Critical Infrastructure Organizations
CISA, FBI, NSA, and International Partners Release Advisory on Iranian Cyber Actors Targeting Critical Infrastructure Organizations Using Brute Force
CISA and FBI Release Joint Guidance on Product Security Bad Practices for Public Comment
Siemens Siveillance Video Camera
[webapps] reNgine 2.2.0 - Command Injection (Authenticated)
[webapps] openSIS 9.1 - SQLi (Authenticated)
[webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
[webapps] NoteMark < 0.13.0 - Stored XSS
[webapps] Gitea 1.22.0 - Stored XSS
[webapps] Invesalius3 - Remote Code Execution
[dos] Windows TCP/IP - RCE Checker and Denial of Service
[webapps] Aurba 501 - Authenticated RCE
[webapps] HughesNet HT2000W Satellite Modem - Password Reset
[webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Device Config Disclosure
[webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
[webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
[webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
[webapps] Helpdeskz v2.0.2 - Stored XSS
[webapps] Calibre-web 0.6.21 - Stored XSS
[webapps] Devika v1 - Path Traversal via 'snapshot_path'
[local] Genexus Protection Server 9.7.2.10 - 'protsrvservice' Unquoted Service Path
[local] SolarWinds Kiwi Syslog Server 9.6.7.1 - Unquoted Service Path
[local] Oracle Database 12c Release 1 - Unquoted Service Path
[webapps] Ivanti vADC 9.9 - Authentication Bypass
[local] Bonjour Service 'mDNSResponder.exe' - Unquoted Service Path Privilege Escalation
[webapps] Xhibiter NFT Marketplace 1.10.2 - SQL Injection
[webapps] Azon Dominator Affiliate Marketing Script - SQL Injection
[webapps] Microweber 2.0.15 - Stored XSS
[webapps] Customer Support System 1.0 - Stored XSS
[webapps] Automad 2.0.0-alpha.4 - Stored Cross-Site Scripting (XSS)
[webapps] SolarWinds Platform 2024.1 SR1 - Race Condition
[webapps] Flatboard 3.2 - Stored Cross-Site Scripting (XSS) (Authenticated)
[webapps] Poultry Farm Management System v1.0 - Remote Code Execution (RCE)
[webapps] Boelter Blue System Management 1.3 - SQL Injection
[webapps] WP-UserOnline 2.88.0 - Stored Cross Site Scripting (XSS) (Authenticated)
[webapps] PHP < 8.3.8 - Remote Code Execution (Unauthenticated) (Windows)
[webapps] AEGON LIFE v1.0 Life Insurance Management System - SQL injection vulnerability.
[webapps] AEGON LIFE v1.0 Life Insurance Management System - Unauthenticated Remote Code Execution (RCE)
[webapps] XMB 1.9.12.06 - Stored XSS
[webapps] Carbon Forum 5.9.0 - Stored XSS
[webapps] AEGON LIFE v1.0 Life Insurance Management System - Stored cross-site scripting (XSS)
[webapps] appRain CMF 4.0.5 - Remote Code Execution (RCE) (Authenticated)
[webapps] CMSimple 5.15 - Remote Code Execution (RCE) (Authenticated)
[webapps] WBCE CMS v1.6.2 - Remote Code Execution (RCE)
[webapps] Monstra CMS 3.0.4 - Remote Code Execution (RCE)
[webapps] Dotclear 2.29 - Remote Code Execution (RCE)
[webapps] Serendipity 2.5.0 - Remote Code Execution (RCE)
[webapps] Sitefinity 15.0 - Cross-Site Scripting (XSS)
[webapps] FreePBX 16 - Remote Code Execution (RCE) (Authenticated)
[webapps] Akaunting 3.1.8 - Server-Side Template Injection (SSTI)
[webapps] Check Point Security Gateway - Information Disclosure (Unauthenticated)
[webapps] Aquatronica Control System 5.1.6 - Information Disclosure
[webapps] changedetection < 0.45.20 - Remote Code Execution (RCE)
[webapps] ElkArte Forum 1.1.9 - Remote Code Execution (RCE) (Authenticated)
SEC Consult SA-20241023-0 :: Authenticated Remote Code Execution in Multiple Xerox printers (CVE-2024-6333)
APPLE-SA-10-28-2024-8 visionOS 2.1
APPLE-SA-10-28-2024-7 tvOS 18.1
APPLE-SA-10-28-2024-6 watchOS 11.1
APPLE-SA-10-28-2024-5 macOS Ventura 13.7.1
APPLE-SA-10-28-2024-4 macOS Sonoma 14.7.1
APPLE-SA-10-28-2024-3 macOS Sequoia 15.1
APPLE-SA-10-28-2024-2 iOS 17.7.1 and iPadOS 17.7.1
APPLE-SA-10-28-2024-1 iOS 18.1 and iPadOS 18.1
Open Redirect / Reflected XSS - booked-schedulerv2.8.5
SEC Consult SA-20241024-0 :: Unauthenticated Path Traversal Vulnerability in Lawo AG - vsm LTC Time Sync (vTimeSync) (CVE-2024-6049)
[RESEARCH] DTLS 'ClientHello' Race Conditions in WebRTC Implementations
Adversary3 updated with 700 malware and C2 panel vulnerabilities
SEC Consult SA-20241015-0 :: Multiple Vulnerabilities in Rittal IoT Interface & CMC III Processing Unit (CVE-2024-47943, CVE-2024-47944, CVE-2024-47945)
CVE-2024-48939: Unauthorized enabling of API in Paxton Net2 software
CVE-2024-9632: X.Org X server and Xwayland: Heap-based buffer overflow privilege escalation in _XkbSetCompatMap
CVE-2024-36905: Linux kernel: Divide-by-zero on shutdown of TCP_SYN_RECV sockets
CVE-2024-45477: Apache NiFi: Improper Neutralization of Input in Parameter Description
CVE-2024-9050: NetworkManager-libreswan IPSec VPN plugin local code execution
CVE-2024-45031: Apache Syncope: Stored XSS in Console and Enduser
Re: CVE-2024-9143: OpenSSL: Low-level invalid GF(2^m) parameters lead to OOB memory access
Re: CVE-2024-9143: OpenSSL: Low-level invalid GF(2^m) parameters lead to OOB memory access
Re: CVE-2024-47191: Local root exploit in the PAM module pam_oath.so
Re: CVE-2024-47191: Local root exploit in the PAM module pam_oath.so
Re: CVE-2024-47191: Local root exploit in the PAM module pam_oath.so
CVE-2024-9143: OpenSSL: Low-level invalid GF(2^m) parameters lead to OOB memory access
CVE-2024-45217: Apache Solr: ConfigSets created during a backup restore command are trusted implicitly
CVE-2024-45216: Apache Solr: Authentication bypass possible using a fake URL Path ending
Re: CVE-2024-47191: Local root exploit in the PAM module pam_oath.so
Re: CVE-2024-47191: Local root exploit in the PAM module pam_oath.so