Today's Core Dump is brought to you by ThreatPerspective

Biz & IT Ars Technica

Change Healthcare faces another ransomware threatand it looks credible

Hackers already received a $22 million payment. Now a second group demands money.

Medical Data Breach text write on keyboard isolated on laptop background
Enlarge (credit: iStock / Getty Images Plus)

For months, Change Healthcare has faced an immensely messy ransomware debacle that has left hundreds of pharmacies and medical practices across the United States unable to process claims. Now, thanks to an apparent dispute within the ransomware crimi...

Published: 2024-04-13T18:25:32

Biz & IT Ars Technica

Highly capable hackers root corporate networks by exploiting firewall 0-day

No patch yet for unauthenticated code-execution bug in Palo Alto Networks firewall.

The word ZERO-DAY is hidden amidst a screen filled with ones and zeroes.
Enlarge (credit: Getty Images)

Highly capable hackers are rooting multiple corporate networks by exploiting a maximum-severity zero-day vulnerability in a firewall product from Palo Alto Networks, researchers said Friday.The vulnerability, which has been under active exploitation ...

Published: 2024-04-12T20:48:47

Biz & IT Ars Technica

Hackable Intel and Lenovo hardware that went undetected for 5 years wont ever be fixed

Multiple links in the supply chain failed for years to identify an unfixed vulnerability.

Hackable Intel and Lenovo hardware that went undetected for 5 years wont ever be fixed
Enlarge (credit: Intel)

Hardware sold for years by the likes of Intel and Lenovo contains a remotely exploitable vulnerability that will never be fixed. The cause: a supply chain snafu involving an open source software package and hardware from multiple manufacturers that d...

Published: 2024-04-11T18:53:03

Biz & IT Ars Technica

Thousands of LG TVs are vulnerable to takeoverheres how to ensure yours isnt one

LG patches four vulnerabilities that allow malicious hackers to commandeer TVs.

Thousands of LG TVs are vulnerable to takeoverheres how to ensure yours isnt one
Enlarge (credit: Getty Images)

As many as 91,000 LG TVs face the risk of being commandeered unless they receive a just-released security update patching four critical vulnerabilities discovered late last year.The vulnerabilities are found in four LG TV models that collectively com...

Published: 2024-04-09T19:12:47

The Verge - Securities

The budget-friendly Blink Mini 2 security camera is on sale for the first time

The Blink Mini 2 sitting on a table outside.
The new Blink Mini offers both better image quality and audio quality than before. | Photo by Jennifer Pattison Tuohy / The Verge

Whether youre away at work or on vacation, a security camera can offer some extra peace of mind by allowing you to keep an eye on your pet, packages, and other valuables at home. And right now, one of the least expensive security cameras you ...

Published: 2024-04-15T14:00:00

The Verge - Securities

Roku hit with second major breach of 2024, this time affecting 576,000 users

Vector collage of the Roku logo.
Image: The Verge

Roku says it found another cyberattack on Friday that affected 576,000 users. This is the second breach to affect the company since March.Roku says the attackers used the login information of account holders, a technique called credential stu...

Published: 2024-04-12T13:29:03

The Verge - Securities

A popular open-source content delivery network went down for hours

Illustration of a computer screen with a blue exclamation point on it and an error box.
Photo by Amelia Holowaty Krales / The Verge

Unpkg, a content delivery network (CDN) that powers more than 4 billion requests per day, went down for several hours on Friday morning. The outage broke the thousands of websites that use the open-source CDN, leaving developers scrambling fo...

Published: 2024-04-12T10:13:48

The Verge - Securities

DuckDuckGo launches $9.99 per month privacy bundle with VPN

PrivacyPros personal information removal feature on the DuckDuckGo browser. DuckDuckGo
PrivacyPros personal information removal feature on the DuckDuckGo browser.

Lastly, DuckDuckGo says that PrivacyPro will help in the event a users identity gets stolen. That help will come through a partnership with identity theft protection company Iris. The service appears to be a 24/7 concierge for identity theft, h...

Published: 2024-04-11T08:00:00

The Verge - Securities

Microsoft left internal passwords exposed in latest security blunder

Illustration of a password above an open combination lock, implying a data breach.
Cath Virginia / The Verge | Photo from Getty Images

Microsoft reportedly locked down a server last month that exposed passwords, keys, and credentials of Microsoft employees to the open internet, as the company faces mounting pressure to bolster its software security. According to Techcrunch, ...

Published: 2024-04-10T06:45:21

The Verge - Securities

Why Cloudflare CEO Matthew Prince is the internets unlikely defender

Illustration featuring Cloudflare CEO Matthew Prince
Photo illustration by The Verge / Photo: Cloudflare

What free speech, war zones, and Aristotle have to do with internet infrastructure. Today, Im talking with Cloudflare co-founder and CEO Matthew Prince. Cloudflare might be the most important internet company youve never heard of, and thats a...

Published: 2024-04-08T10:45:00

The Verge - Securities

Microsoftreveals how much businesses will have to pay to keep using Windows 10 securely

Microsoft Windows 10 stock
Photo by Chris Welch / The Verge

Microsoft is ending support for Windows 10 on October 14th, 2025, and youll need to pay yearly if you want to continue using the operating system securely. Microsoft will offer Extended Security Updates (ESU) for Windows 10 users, with pricin...

Published: 2024-04-03T20:42:38

The Verge - Securities

Microsoft could have prevented Chinese cloud email hack, US cyber report says

 Image: Microsoft
The timeline of the Microsoft Exchange Online hack.

Microsoft acknowledged to the Cyber Safety Review Board in November that its September blog post was inaccurate, but it was only corrected months later on March 12th after the Boards repeated questioning about Microsofts plans to issue a correc...

Published: 2024-04-03T06:57:53

The Verge - Securities

How one volunteer stopped a backdoor from exposing Linux systems worldwide

With your current rate, I very doubt to see 5.4.0 release this year. The only  progress since april has been small changes to test code. You ignore the many  patches bit rotting away on this mailing list. Right now you choke your repo.  Why wait until 5.4.0 to change maintainer? Why delay what your repo needs? Image: Screenshot from The Mail Archive
An email from Jigar Kumar pressuring the developer of XZ Utils to relinquish control of the project.

I am sorry about your mental health issues, but its important to be aware of your own limits. I get that this is a hobby project for all contributors, but the community desires more, wrote Ens in one message, while Kumar said in another that Pr...

Published: 2024-04-02T19:38:27

The Verge - Securities

The FTC is trying to help victims of impersonation scams get their money back

Lina Khan in purple hue on yellow background
Illustration by Laura Normand / The Verge

The Federal Trade Commission (FTC) has a new way to combat the impersonation scams that it says cost people $1.1 billion last year alone. Effective today, the agencys rule (PDF) prohibits the impersonation of government, businesses, and their...

Published: 2024-04-01T15:52:12


GitHub comments abused to push malware via Microsoft repo URLs

A GitHub flaw, or possiblya design decision, is being abused by threat actors to distribute malware using URLs associated with a Microsoft repository, making the files appear trustworthy. [...]

Published: 2024-04-20T10:14:28


The Week in Ransomware - April 19th 2024 - Attacks Ramp Up

While ransomware attacks decreased after the LockBit and BlackCat disruptions, they have once again started to ramp up with other operations filling the void. [...]

Published: 2024-04-19T19:36:54


CrushFTP warns users to patch exploited zero-day immediately

CrushFTP warned customers today in a private memo of an actively exploited zero-day vulnerability fixed in new versions released today, urging them to patch their servers immediately. [...]

Published: 2024-04-19T18:33:01


HelloKitty ransomware rebrands, releases CD Projekt and Cisco data

An operator of the HelloKitty ransomware operation announced they changed the name to 'HelloGookie,'releasing passwords for previously leaked CD Projekt source code, Cisco networkinformation,and decryption keys from old attacks.. [...]

Published: 2024-04-19T15:20:45


MITRE says state hackers breached its network via Ivanti zero-days

The MITRE Corporation says a state-backed hacking group breached its systems in January 2024 by chaining two Ivanti VPN zero-days. [...]

Published: 2024-04-19T15:02:09


United Nations agency investigates ransomware attack, data theft

The United Nations Development Programme (UNDP) is investigating a cyberattack after threat actors breached its IT systems to steal human resources data. [...]

Published: 2024-04-19T14:03:31


22,500 Palo Alto firewalls "possibly vulnerable" to ongoing attacks

Approximately 22,500 exposed Palo Alto GlobalProtect firewall devices are likely vulnerable to the CVE-2024-3400 flaw, a critical command injection vulnerability that has been actively exploited in attacks since at least March 26, 2024. [...]

Published: 2024-04-19T11:27:34


Fake cheat lures gamers into spreading infostealer malware

A new info-stealingmalware linked to Redline poses as a game cheat called 'Cheat Lab,'promising downloaders a free copy if they convince their friends to install it too. [...]

Published: 2024-04-18T20:46:29


Frontier Communications shuts down systems after cyberattack

American telecom provider Frontier Communications is restoring systems after a cybercrime group breached some of its IT systems in a recent cyberattack. [...]

Published: 2024-04-18T17:02:24


840-bed hospital in France postpones procedures after cyberattack

The Hospital Simone Veil in Cannes (CHC-SV) has announced that it was targeted by a cyberattack on Tuesday morning, severely impacting its operations and forcing staff togo backto pen and paper. [...]

Published: 2024-04-18T14:29:33


FBI: Akira ransomware raked in $42 million from 250+ victims

According to a joint advisory from the FBI, CISA, Europol's European Cybercrime Centre (EC3), and the Netherlands' National Cyber Security Centre (NCSC-NL), the Akiraransomware operation has breached the networks of over 250 organizations and raked

Published: 2024-04-18T14:11:29

The Register - Security

Sacramento airport goes no-fly after AT&T internet cable snipped

Police say this appears to be a 'deliberate act.' Sacramento International Airport (SMF) suffered hours of flight delays yesterday after what appears to be an intentional cutting of an AT&T internet cable serving the facility.

Published: 2024-04-19T20:30:11

The Register - Security

WhatsApp, Threads, more banished from Apple App Store in China

Still available in Hong Kong and Macau, for now Apple has removed four apps from its China-regional app store, including Meta's WhatsApp and Threads, after it was ordered to do so by Beijing for security reasons.

Published: 2024-04-19T14:30:09

The Register - Security

Cybercriminals threaten to leak all 5 million records from stolen database of high-risk individuals

Its the second time the World-Check list has fallen into the wrong hands The World-Check database used by businesses to verify the trustworthiness of users has fallen into the hands of cybercriminals.

Published: 2024-04-19T11:28:46

The Register - Security

Germany cuffs alleged Russian spies over plot to bomb industrial and military targets

Apparently an attempt to damage Ukraine's war effort Bavarian state police have arrested two German-Russian citizens on suspicion of being Russian spies and planning to bomb industrial and military facilities that participate in efforts to assist Ukraine defend itself against Vladimir Putins illegal invasion.

Published: 2024-04-19T10:15:09

The Register - Security

Ransomware feared as IT 'issues' force Octapharma Plasma to close 150+ centers

Source blames BlackSuit infection as separately ISP Frontier confirms cyberattack Updated Octapharma Plasma has blamed IT "network issues" for the ongoing closure of its 150-plus centers across the US. It's feared a ransomware infection may be the root cause of the medical firm's ailment.

Published: 2024-04-18T22:27:09

The Register - Security

Crooks exploit OpenMetadata holes to mine crypto and leave a sob story for victims

'I want to buy a car. That's all' Crooks are exploiting month-old OpenMetadata vulnerabilities in Kubernetes environments to mine cryptocurrency using victims' resources, according to Microsoft.

Published: 2024-04-18T21:53:47

The Register - Security

House passes bill banning Uncle Sam from snooping on citizens via data brokers

Vote met strong opposition from Biden's office A draft law to restrict the US government's ability to procure data on citizens through data brokers will progress to the Senate after being passed in the House of Representatives.

Published: 2024-04-18T17:29:08

The Register - Security

Fraudsters abused Apple Stores' third-party pickup policy to phish for profits

Scam prevalent across Korea and Japan actually had some winners Black Hat Asia Speaking at the Black Hat Asia conference on Thursday, a Korean researcher revealed how the discovery of a phishing operation led to the exposure of a criminal operation that used stolen credit cards and second-hand stores to make money by abusing Apple Stores practice of letting third parties pick up purchases.

Published: 2024-04-18T16:00:08

The Register - Security

185K people's sensitive data in the pits after ransomware raid on Cherry Health

Extent of information seized will be a concern for those affected Ransomware strikes at yet another US healthcare organization led to the theft of sensitive data belonging to just shy of 185,000 people.

Published: 2024-04-18T14:00:15

The Register - Security

EU tells Meta it can't paywall privacy

Platforms should not confront users with 'binary choice' over personal data use The EU's Data Protection Board (EDPB) has told large online platforms they should not offer users a binary choice between paying for a service and consenting to their personal data being used to provide targeted advertising.

Published: 2024-04-18T12:19:19

The Register - Security

Prolific phishing-made-easy emporium LabHost knocked offline in cyber-cop op

Police emit Spotify Wrapped-style videos to let crims know they're being hunted Feature Cops have brought down a dark-web souk that provided cyber criminals with convincing copies of trusted brands' websites for use in phishing campaigns.

Published: 2024-04-18T10:15:10

The Register - Security

Cisco creates architecture to improve security and sell you new switches

Hypershield detects bad behavior and automagically reconfigures networks to snuff out threats Cisco has developed a product called Hypershield that it thinks represents a new way to do network security.

Published: 2024-04-18T07:01:10

The Register - Security

Singapore infosec boss warns China/West tech split will be bad for interoperability

When you decide not to trust a big chunk of the supply chain, tech (and trade) get harder One of the biggest challenges Singapore faces is the potential for a split between tech stacks developed and used by China and the West, according to the island nation's Cyber Security Administration (CSA) chief executive David Koh.

Published: 2024-04-18T05:32:06

The Register - Security

Taiwanese film studio snaps up Chinese surveillance camera specialist Dahua

Stymied by sanctions, it had to go but where? Chinese surveillance camera manufacturer Zhejiang Dahua Technology, which has found itself on the USAs entity list of banned orgs, has fully sold off its stateside subsidiary for $15 million to Taiwan's Central Motion Picture Corporation, according to the firm's annual report released on Monday.

Published: 2024-04-18T03:30:13

The Register - Security

Hugely expanded Section 702 surveillance powers set for US Senate vote

Opponents warn almost anyone could be asked to share info with Uncle Sam On Thursday the US Senate is expected to reauthorize the contentious warrantless surveillance powers conferred by Section 702 of the Foreign Intelligence Surveillance Act (FISA), and may even strengthen them with language that, according to US Senator Ron Wyden (D-OR), "will force a huge range of companies and individuals to spy for the government."

Published: 2024-04-17T23:44:09

The Register - Security

Kremlin's Sandworm blamed for cyberattacks on US, European water utilities

Water tank overflowed during one system malfunction, says Mandiant The Russian military's notorious Sandworm crew was likely behind cyberattacks on US and European water plants that, in at least one case, caused a tank to overflow.

Published: 2024-04-17T19:56:05

The Register - Security

Exploit code for Palo Alto Networks zero-day now public

Race on to patch as researchers warn of mass exploitation of directory traversal bug Various infosec researchers have released proof-of-concept (PoC) exploits for the maximum-severity vulnerability in Palo Alto Networks' PAN-OS used in GlobalProtect gateways.

Published: 2024-04-17T13:30:13

The Register - Security

OpenAI's GPT-4 can exploit real vulnerabilities by reading security advisories

While some other LLMs appear to flat-out suck AI agents, which combine large language models with automation software, can successfully exploit real world security vulnerabilities by reading security advisories, academics have claimed.

Published: 2024-04-17T10:15:07

The Register - Security

Japanese government rejects Yahoo! infosec improvement plan

Just doesn't believe it will sort out the mess that saw data leak from LINE messaging app Japan's government has considered the proposed security improvements developed by Yahoo!, found them wanting, and ordered the onetime web giant to take new measures.

Published: 2024-04-17T05:44:08

The Register - Security

Fire in the Cisco! Networking giant's Duo MFA message logs stolen in phish attack

Also warns of brute force attacks targeting its own VPNs, Check Point, Fortinet, SonicWall and more Cisco is fighting fires on a couple cybersecurity fronts this week involving its Duo multi-factor authentication (MFA) service and its remote-access VPN services.

Published: 2024-04-17T00:06:10

The Register - Security

MGM says FTC can't possibly probe its ransomware downfall watchdog chief Lina Khan was a guest at the time

What a twist! MGM Resorts wants the FTC to halt a probe into last year's ransomware infection at the mega casino chain because the watchdog's boss Lina Khan was a guest at one of its hotels during the cyberattack.

Published: 2024-04-16T20:32:06

The Register - Security

Alleged cryptojacker accused of stealing $3.5M from cloud to mine under $1M in crypto

No prizes for guessing the victims A Nebraska man will appear in court today to face charges related to allegations that he defrauded cloud service providers of more than $3.5 million in a long-running cryptojacking scheme.

Published: 2024-04-16T16:31:11

The Register - Security

SIM swap crooks solicit T-Mobile US, Verizon staff via text to do their dirty work

No breach responsible for employee contact info getting out, says T-Mo T-Mobile US employees say they are being sent text messages that offer them cash to perform illegal SIM swaps for supposed criminals.

Published: 2024-04-16T15:30:12

The Register - Security

Open sourcerers say suspected xz-style attacks continue to target maintainers

Social engineering patterns spotted across range of popular projects Open source groups are warning the community about a wave of ongoing attacks targeting project maintainers similar to those that led to the recent attempted backdooring of a core Linux library.

Published: 2024-04-16T14:07:15

The Register - Security

Change Healthcares ransomware attack costs edge toward $1B so far

First glimpse at attack financials reveals huge pain UnitedHealth, parent company of ransomware-besieged Change Healthcare, says the total costs of tending to the February cyberattack for the first calendar quarter of 2024 currently stands at $872 million.

Published: 2024-04-16T12:50:33

The Register - Security

Google location tracking deal could be derailed by politics

$62 million settlement plan challenged over payments to progressive nonprofits Google's plan to pay $62 million to settle allegations that it tracked people even when their Location History setting was switched off may have to be renegotiated based on several objections.

Published: 2024-04-16T10:45:06

The Register - Security

CISA in a flap as Chirp smart door locks can be trivially unlocked remotely

Hard-coded credentials last thing you want in home security app Some smart locks controlled by Chirp Systems' software can be remotely unlocked by strangers thanks to a critical security vulnerability.

Published: 2024-04-15T22:35:33

The Register - Security

Roku makes 2FA mandatory for all after nearly 600K accounts pwned

Streamer says access came via credential stuffing Streaming giant Roku is making 2FA mandatory after attackers accessed around 591,000 customer accounts earlier this year.

Published: 2024-04-15T15:32:08

The Register - Security

Delinea Secret Server customers should apply latest patches

Attackers could nab an org's most sensitive keys if left unaddressed Updated Customers of Delinea's Secret Server are being urged to upgrade their installations "immediately" after a researcher claimed a critical vulnerability could allow attackers to gain admin-level access.

Published: 2024-04-15T14:00:11

The Register - Security

US senator wants to put the brakes on Chinese EVs

Fears of low-cost invasion and data spies spark call for ban Electric vehicles may become a new front in America's tech war with China after a US senator called for Washington DC to block Chinese-made EVs to protect domestic industries and national security.

Published: 2024-04-15T13:00:14

The Register - Security

US House approves FISA renewal warrantless surveillance and all

PLUS: Chinese chipmaker Nexperia attacked; A Microsoft-signed backdoor; CISA starts scanning your malware; and more Infosec in brief US Congress nearly killed a reauthorization of FISA Section 702 last week over concerns that it would continue to allow warrantless surveillance of Americans, but an amendment to require a warrant failed to pass.

Published: 2024-04-15T01:58:06

The Register - Security

Zero-day exploited right now in Palo Alto Networks' GlobalProtect gateways

Out of the PAN-OS and into the firewall, a Python backdoor this way comes Palo Alto Networks on Friday issued a critical alert for an under-attack vulnerability in the PAN-OS software used in its firewall-slash-VPN products.

Published: 2024-04-12T22:43:31

The Register - Security

Google One VPN axed for everyone but Pixel loyalists ... for now

Another one bytes the dust In an incredibly rare move, Google is killing off one of its online services this time, VPN for Google One.

Published: 2024-04-12T20:21:06

The Register - Security

Microsoft breach allowed Russian spies to steal emails from US government

Affected federal agencies must comb through mails, reset API keys and passwords The US government's Cybersecurity and Infrastructure Security Agency (CISA) warns that Russian spies who gained access to Microsoft's email system were able to steal sensitive data, including authentication details and that immediate remedial action is required by affected agencies.

Published: 2024-04-12T14:37:12

The Register - Security

French issue alerte rouge after local governments knocked offline by cyber attack

Embarrassing, as its officials are in the US to discuss Olympics cyber threats Several French municipal governments' services have been knocked offline following a "large-scale cyber attack" on their shared servers.

Published: 2024-04-12T05:30:05

The Register - Security

Apple stops warning of 'state-sponsored' attacks, now alerts about 'mercenary spyware'

Report claims India's government, which is accused of using Pegasus at home, was displeased Apple has made a significant change to the wording of its threat notifications, opting not to attribute attacks to a specific source or perpetrator, but categorizing them broadly as "mercenary spyware."

Published: 2024-04-12T04:46:11

The Register - Security

Space Force boss warns 'the US will lose' without help from Musk and Bezos

China, Russia have muscled up, and whoever wins up there wins down here The commander of the US Space Force (USSF) has warned that America risks losing its dominant position in space, and therefore on Earth too.

Published: 2024-04-11T23:30:13

The Register - Security

96% of US hospital websites share visitor info with Meta, Google, data brokers

Could have been worse last time researchers checked it was 98.6% Hospitals despite being places where people implicitly expect to have their personal details kept private frequently use tracking technologies on their websites to share user information with Google, Meta, data brokers, and other third parties, according to research published today.

Published: 2024-04-11T15:00:07

The Register - Security

Global taxi software vendor exposes details of nearly 300K across UK and Ireland

High-profile individuals including MPs said to be caught up in leak Exclusive Taxi software biz iCabbi recently fixed an issue that exposed the personal information of nearly 300,000 individuals via an unprotected database.

Published: 2024-04-11T09:30:07

The Register - Security

It's 2024 and Intel silicon is still haunted by data-spilling Spectre

Go, go InSpectre Gadget Intel CPU cores remain vulnerable to Spectre data-leaking attacks, say academics at VU Amsterdam.

Published: 2024-04-10T20:22:12

The Register - Security

Rust rustles up fix for 10/10 critical command injection bug on Windows in std lib

BatBadBut hits Erlang, Go, Python, Ruby as well Programmers are being urged to update their Rust versions after the security experts working on the language addressed a critical vulnerability that could lead to malicious command injections on Windows machines.

Published: 2024-04-10T13:15:08

The Register - Security

X fixes URL blunder that could enable convincing social media phishing campaigns

Poorly implemented rule allowed miscreants to deceive users with trusted URLs Elon Musk's X has apparently fixed an embarrassing issue implemented earlier in the week that royally bungled URLs on the social media platform formerly known as Twitter.

Published: 2024-04-10T10:37:14

The Register - Security

Chrome Enterprise Premium promises extra security for a fee

Paying for browsers is no longer a memory from the 1990s Cloud Next Hoping to upsell freeloading corporate users of its Chrome browser, Google has announced Chrome Enterprise Premium which comes with a dash of AI security sauce for just $6 per user per month.

Published: 2024-04-10T06:26:05

The Register - Security

Microsoft squashes SmartScreen security bypass bug exploited in the wild

Plus: Adobe, SAP, Fortinet, VMware, Cisco issue pressing updates Patch Tuesday Microsoft fixed 149 security flaws in its own products this week, and while Redmond acknowledged one of those vulnerabilities is being actively exploited, we've been told another hole is under attack, too.

Published: 2024-04-10T00:15:14

The Register - Security

Got an unpatched LG 'smart' television? It could be watching you back

Four fatal flaws allow TV takeover A handful of bugs in LG smart TVs running WebOS could allow an attacker to bypass authorization and gain root access on the device.

Published: 2024-04-09T18:00:06

The Register - Security

UK businesses shockingly unaware of how to handle security threats

Many decide to make no changes after detecting a breach UK businesses' response to security breaches has "astounded" experts following the release of the government's official cybercrime stats for 2024.

Published: 2024-04-09T12:41:14

The Register - Security

US insurers use drone photos to deny home insurance policies

Of course, it helps if you don't live in a potential disaster zone US insurance companies are reportedly relying on aerial photos from drones to deny claims.

Published: 2024-04-08T20:30:08

The Register - Security

Home Depot confirms worker data leak after miscreant dumps info online

SaaS slip up leads to scumbags seeking sinecure Home Depot has confirmed that a third-party company accidentally exposed some of its employees' personal details after a criminal copy-pasted the data online.

Published: 2024-04-08T18:01:48

The Register - Security

Puppies, kittens, data at risk after 'cyber incident' at veterinary giant

IT systems pulled offline for chance to paws and reflect First, they came for hospitals, then it was charities and cancer centers. Now, cyber scumbags are coming for the puppies and kittens.

Published: 2024-04-08T14:30:13

The Register - Security

Change Healthcare faces second ransomware dilemma weeks after ALPHV attack

Theories abound over who's truly responsible Change Healthcare is allegedly being extorted by a second ransomware gang, mere weeks after recovering from an ALPHV attack.

Published: 2024-04-08T13:00:09

Security Latest

AI-Controlled Fighter Jets Are Dogfighting With Human Pilots Now

Plus: New Yorks legislature suffers a cyberattack, police disrupt a global phishing operation, and Apple removes encrypted messaging apps in China.

Published: 2024-04-20T10:00:00

Security Latest

The Biggest Deepfake Porn Website Is Now Blocked in the UK

The world's most-visited deepfake website and another large competing site are stopping people in the UK from accessing them, days after the UK government announced a crackdown.

Published: 2024-04-19T16:54:17

Security Latest

The Trump Jury Has a Doxing Problem

One juror in former US president Donald Trumps criminal case in New York has been excused over fears she could be identified. It could get even messier.

Published: 2024-04-18T19:25:53

Security Latest

The Real-Time Deepfake Romance Scams Have Arrived

Watch how smooth-talking scammers known as Yahoo Boys use widely available face-swapping tech to carry out elaborate romance scams.

Published: 2024-04-18T11:00:00

Security Latest

Big Tech Says Spy Bill Turns Its Workers Into Informants

One of Silicon Valleys most influential lobbying arms joins privacy reformers in a fight against the Biden administrationbacked expansion of a major US surveillance program.

Published: 2024-04-17T18:11:29

Security Latest

Hackers Linked to Russias Military Claim Credit for Sabotaging US Water Utilities

Cyber Army of Russia Reborn, a group with ties to the Kremlins Sandworm unit, is crossing lines even that notorious cyberwarfare unit wouldnt dare to.

Published: 2024-04-17T10:00:00

Security Latest

Change Healthcares New Ransomware Nightmare Goes From Bad to Worse

A cybercriminal gang called RansomHub claims to be selling highly sensitive patient information stolen from Change Healthcare following a ransomware attack by another group in February.

Published: 2024-04-16T19:09:01

Security Latest

US Senate to Vote on a Wiretap Bill That Critics Call Stasi-Like

A controversial bill reauthorizing the Section 702 spy program may force whole new categories of businesses to eavesdrop on the US governments behalf, including on fellow Americans.

Published: 2024-04-16T17:02:58

Security Latest

The US Government Has a Microsoft Problem

Microsoft has stumbled through a series of major cybersecurity failures over the past few years. Experts say the US governments reliance on its systems means the company continues to get a free pass.

Published: 2024-04-15T10:30:00

Security Latest

How Israel Defended Against Iran's Drone and Missile Attack

The Iron Dome, US allies, and long-range interceptor missiles all came into play.

Published: 2024-04-14T01:01:10

Security Latest

Space Force Is Planning a Military Exercise in Orbit

Two satellites will engage in a realistic threat response scenario when Victus Haze gets underway.

Published: 2024-04-13T11:30:00

Security Latest

Roku Breach Hits 567,000 Users

Plus: Apple warns iPhone users about spyware attacks, CISA issues an emergency directive about a Microsoft breach, and a ransomware hacker tangles with an unimpressed HR manager named Beth.

Published: 2024-04-13T10:30:00

Security Latest

House Votes to Extendand Expanda Major US Spy Program

The US House of Representatives voted on Friday to extend the Section 702 spy program. It passed without an amendment that would have required the FBI to obtain a warrant to access Americans information.

Published: 2024-04-12T19:30:44

Security Latest

Change Healthcare Faces Another Ransomware Threatand It Looks Credible

Change Healthcare ransomware hackers already received a $22 million payment. Now a second group is demanding money, and it has sent WIRED samples of what they claim is the company's stolen data.

Published: 2024-04-12T18:25:44

Security Latest

The Best Personal Safety Devices, Apps, and Wearables (2024)

Your smartphone or wearable could help you out in a truly dangerous situation. Here are some options to consider.

Published: 2024-04-11T14:30:00

Security Latest

DuckDuckGo Is Taking Its Privacy Fight to Data Brokers

Privacy-focused company DuckDuckGo is launching a tool to remove data from people-search websites, a VPN, and an identity theft restoration service.

Published: 2024-04-11T12:00:00

Security Latest

Trump Loyalists Kill Vote on US Wiretap Program

An attempt to reauthorize Section 702, the so-called crown jewel of US spy powers, failed for a third time in the House of Representatives after former president Donald Trump criticized the law.

Published: 2024-04-10T20:15:05

Security Latest

How to Stop Your Data From Being Used to Train AI

Some companies let you opt out of allowing your content to be used for generative AI. Heres how to take back (at least a little) control from ChatGPT, Googles Gemini, and more.

Published: 2024-04-10T11:30:00

Security Latest

Section 702: The Future of the Biggest US Spy Program Hangs in the Balance

The US Congress will this week decide the fate of Section 702, a major surveillance program that will soon expire if lawmakers do not act. WIRED is tracking the major developments as they unfold.

Published: 2024-04-09T20:21:16

Security Latest

AI Scam Calls: How to Protect Yourself, How to Detect

AI tools are getting better at cloning peoples voices, and scammers are using these new capabilities to commit fraud. Avoid getting swindled by following these expert tips.

Published: 2024-04-08T11:30:00

News Packet Storm

Russia's Sandworm APT Linked To Attack On Texas Water Plant

EU Tells Meta It Can't Paywall Privacy

Kremlin-Backed Actors Spread Disinformation Ahead Of US Elections

Lawmakers Are Kicking Warrantless Wiretapping Into Overdrive

Five Eyes Agencies Release New AI Security Guidance

Phishing Platform LabHost Shut Down By Law Enforcement

Scammers Offer Cash To Phone Carrier Staff To Swap SIM Cards

Ivanti Patches 27 Vulns In Avalanche MDM Product

Attackers Are Pummeling Networks Around The World With Millions Of Login Attempts

Recent OT And Espionage Attacks Linked To Russia's Sandworm, Now Named APT44

OpenAI's ChatGPT Can Exploit Real Vulnerabilities By Reading Advisories

Google Location Tracking Deal Could Be Derailed By Politics

Cryptojacker Arrested For Defrauding Cloud Providers Of $3.5 Million

Delinea Scrambles To Patch Critical Flaw After Ignoring Researcher

AI Watchdog Defends Against New LLM Jailbreak Method

Juniper Networks Publishes Dozens Of New Security Advisories

Ransomware Group Claims Theft Of Data From Chipmaker Nexperia

Palo Alto Networks Releases Fixes For Firewall Zero-Day As Attribution Attempts Emerge

Roku Makes 2FA Mandatory For All After Nearly 600k Accounts Pwned

Delinea Secret Server Customers Should Apply Latest Patches

LockBit Copycat DarkVault Spurs Rebranding Rumor

French Issue Alerte Rouge After Local Govs Knocked Offline By Cyberattack

More Legal Acrimony For Truth Social, As Executive Says He Was Hacked

Palo Alto Networks Warns Of Exploited Firewall Vulnerability

Roku Says More Than 500,000 Accounts Impacted In Cyberattack


BreachRx Raises $6.5M to Revamp Incident Response Reporting Systems

Threat-Intelligence Startup VulnCheck Closes $8M Seed Financing

In Other News: OSS Backdooring Attempts, Botnet Operator Charged, Automotive Firm Attack

First Major Attempts to Regulate AI Face Headwinds From All Sides

US Government Releases Guidance on Securing Election Infrastructure

Akira Ransomware Made Over $42 Million in One Year: Agencies

Frontier Communications Shuts Down Systems Following Cyberattack

OpenMetadata Vulnerabilities Exploited to Abuse Kubernetes Clusters for Cryptomining

SAP Applications Increasingly in Attacker Crosshairs, Report Shows

Watch Now: Ransomware Resilience & Recovery SummitSessions Now on Demand


CISA Announces Winners of the 5th Annual Presidents Cup Cybersecurity Competition

CISA, FBI, and ODNI Release Guidance for Securing Election Infrastructure Against the Tactics of Foreign Malign Influence Operations

CISA Directs Federal Agencies to Immediately Mitigate Significant Risk From Russian State-Sponsored Cyber Threat

CISA Announces Malware Next-Gen Analysis

CISA Publishes High-Risk Communities Webpage

April is Emergency Communications Month

CISA Marks Important Milestone in Addressing Cyber Incidents; Seeks Input on CIRCIA Notice of Proposed Rulemaking

CISA, DC HSEMA and Regional Partners Conduct Exercise to Ensure National Capital Region Water Service Resilience

CISA Publishes Repository for Software Attestation and Artifacts

CISA Announces New Efforts to Help Secure Open Source Ecosystem


NCSWIC Releases Roles and Responsibilities: Statewide Interoperability Coordinators Document

SAFECOM Publishes SAFECOM Governance Operating Processes and Procedures (March 2024 Update)

Resilient Together, Highlighting the Importance of Emergency Communications

Idahos Higher Ed Leaders Participate in CISA-Led Cybersecurity Exercise

CISA Plays Important Role in Northwest Economic Summit

CISA Briefs World Travel Organization Expedia with Advice on Security

Lessons from XZ Utils: Achieving a More Sustainable Open Source Ecosystem

CISA Partners with States K-12 Schools Fighting Cyberattacks to Keep Kids Learning

Cyber Resilient 911 Symposium Blog Post

CISA Joins the Minimum Viable Secure Product Working Group

All CISA Advisories

Cisco Releases Security Advisories for Cisco Integrated Management Controller

#StopRansomware: Akira Ransomware

Unitronics Vision Series PLCs

Oracle Releases Critical Patch Update Advisory for April 2024

CISA Releases Three Industrial Control Systems Advisories

CISA and Partners Release Advisory on Akira Ransomware

Rockwell Automation ControlLogix and GuardLogix

Measuresoft ScadaPro

RoboDK RoboDK

Electrolink FM/DAB/TV Transmitter

Full Disclosure

BACKDOOR.WIN32.DUMADOR.C / Remote Stack Buffer Overflow (SEH)

SEC Consult SA-20240418-0 :: Broken authorization inDreamehome app

MindManager 23 - full disclosure


SEC Consult SA-20240411-0 :: Database Passwords in Server Response in Amazon AWS Glue

[KIS-2024-03] Invision Community <= 4.7.16 (toolbar.php) Remote Code Execution Vulnerability

[KIS-2024-02] Invision Community <= 4.7.15 (store.php) SQLInjection Vulnerability

Multiple Issues in concretecmsv9.2.7

OXAS-ADV-2024-0001: OX App Suite Security Advisory / Insecure Permissions (In memory IPC)

CVE-2023-27195: Broken Access Control - Registration Code inTM4Web v22.2.0

[CFP] IEEE CSR Workshop on Cyber Forensics& Advanced Threat Investigations in Emerging Technologies 2024

Backdoor.Win32.Agent.ju (PSYRAT) / Authentication Bypass RCE

CVE-2024-30929: XSS Vulnerability in DerbyNet v9.0 via 'back'Parameter in playlist.php

CVE-2024-30928: SQL Injection Vulnerability in DerbyNet v9.0via 'classids' Parameter

Open Source Security

Re: Linux: Disabling network namespaces

Re: Linux: Disabling network namespaces

Re: Linux: Disabling network namespaces

Re: Linux: Disabling network namespaces

CVE-2024-29733: Apache Airflow FTP Provider: FTP_TLS instance with unverified SSL context

Re: backdoor in upstream xz/liblzma leading to ssh server compromise

CVE-2024-29217: Apache Answer: XSS vulnerability when changing personal website

flatpak CVE-2024-32462 : Sandbox escape via RequestBackground portal and CWE-88

Re: The GNU C Library security advisories update for 2024-04-17: GLIBC-SA-2024-0004/CVE-2024-2961: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence

Re: Make your own backdoor: CFLAGS code injection, Makefile injection, pkg-config

libreswan: IKEv1 default AH/ESP responder can crash and restart

Re: backdoor in upstream xz/liblzma leading to ssh server compromise

CVE-2024-31869: Apache Airflow: Sensitive configuration for providers displayed when "non-sensitive-only" config used

The GNU C Library security advisories update for 2024-04-17: GLIBC-SA-2024-0004/CVE-2024-2961: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence

Terrapin vulnerability in Jenkins CLI client RSS Feed

[webapps] OpenClinic GA 5.247.01 - Path Traversal (Authenticated)

[webapps] OpenClinic GA 5.247.01 - Information Disclosure

[webapps] Jenkins 2.441 - Local File Inclusion

[webapps] djangorestframework-simplejwt 5.3.1 - Information Disclosure

[webapps] BMC Compuware iStrobe Web - 20.13 - Pre-auth RCE

[webapps] Stock Management System v1.0 - Unauthenticated SQL Injection

[webapps] Online Fire Reporting System OFRS - SQL Injection Authentication Bypass

[webapps] Savsoft Quiz v6.0 Enterprise - Stored XSS

[webapps] Wordpress Plugin WP Video Playlist 1.1.1 - Stored Cross-Site Scripting (XSS)

[webapps] WBCE CMS Version 1.6.1 - Remote Command Execution (Authenticated)

[webapps] WBCE 1.6.0 - Unauthenticated SQL injection

[webapps] Moodle 3.10.1 - Authenticated Blind Time-Based SQL Injection - "sort" parameter

[local] PrusaSlicer 2.6.1 - Arbitrary code execution

[webapps] PopojiCMS Version 2.0.1 - Remote Command Execution

[webapps] Wordpress Plugin Playlist for Youtube 1.32 - Stored Cross-Site Scripting (XSS)

[webapps] HTMLy Version v2.9.6 - Stored XSS

[webapps] Ray OS v2.6.3 - Command Injection RCE(Unauthorized)

[local] Terratec dmx_6fire USB - Unquoted Service Path

[remote] MinIO < 2024-01-31T20-20-33Z - Privilege Escalation

[webapps] GUnet OpenEclass E-learning platform 3.15 - 'certbadge.php' Unrestricted File Upload

[webapps] Open Source Medicine Ordering System v1.0 - SQLi

[webapps] Daily Expense Manager 1.0 - 'term' SQLi

[webapps] Best Student Result Management System v1.0 - Multiple SQLi

[webapps] Human Resource Management System v1.0 - Multiple SQLi

[remote] Positron Broadcast Signal Processor TRA7005 v1.20 - Authentication Bypass

[webapps] Wordpress Theme Travelscape v1.0.3 - Arbitrary File Upload

[local] AnyDesk 7.0.15 - Unquoted Service Path

[webapps] Wordpress Plugin Alemha Watermarker 1.3.1 - Stored Cross-Site Scripting (XSS)

[webapps] Computer Laboratory Management System v1.0 - Multiple-SQLi

[local] ESET NOD32 Antivirus - Unquoted Service Path

[webapps] Axigen < 10.5.7 - Persistent Cross-Site Scripting

[webapps] Gibbon LMS v26.0.00 - SSTI vulnerability

[webapps] Casdoor < v1.331.0 - '/api/set-password' CSRF

[local] Microsoft Windows Defender - Detection Mitigation Bypass TrojanWin32Powessere.G

[webapps] Wordpress Plugin - Membership For WooCommerce < v2.1.7 - Arbitrary File Upload to Shell (Unauthenticated)

[webapps] Smart School 6.4.1 - SQL Injection

[webapps] CE Phoenix v1.0.8.20 - Remote Code Execution

[webapps] Elementor Website Builder < 3.12.2 - Admin+ SQLi

[webapps] Blood Bank v1.0 - Stored Cross Site Scripting (XSS)

[webapps] Daily Habit Tracker 1.0 - Broken Access Control

[webapps] Daily Habit Tracker 1.0 - SQL Injection

[webapps] Daily Habit Tracker 1.0 - Stored Cross-Site Scripting (XSS)

[webapps] Employee Management System 1.0 - `txtusername` and `txtpassword` SQL Injection (Admin Login)

[webapps] Employee Management System 1.0 - `txtfullname` and `txtphone` SQL Injection

[webapps] LeptonCMS 7.0.0 - Remote Code Execution (RCE) (Authenticated)

[webapps] FoF Pretty Mail 1.1.2 - Server Side Template Injection (SSTI)

[webapps] FoF Pretty Mail 1.1.2 - Local File Inclusion (LFI)

[local] Microsoft Windows 10.0.17763.5458 - Kernel Privilege Escalation

[webapps] Hospital Management System v1.0 - Stored Cross Site Scripting (XSS)

[webapps] E-INSUARANCE v1.0 - Stored Cross Site Scripting (XSS)

© Ethical Hacking News . All rights reserved.

Privacy | Terms of Use | Contact Us