The ability to remain installed and undetected makes Perfctl hard to fight. Thousands of machines running Linux have been infected by a malware strain that’s notable for its stealth, the number of misconfigurati
Published: 2024-10-03T23:42:05
When successful, attacks install a backdoor. Getting it to work reliably is another matter. Attackers are actively exploiting a critical vulnerability in mail servers sold by Zimbra in an attempt to remotely exe
Published: 2024-10-02T21:50:28
With hundreds of courts and agencies affected, chances are one near you is, too. Public records systems that courts and governments rely on to manage voter registrations and legal filings have been riddled with
Published: 2024-09-30T20:30:26
Recall nearly launched as a scraper that stored all its data in plaintext. Microsoft is having another whack at its controversial Recall feature for Copilot+ Windows PCs, after the original version crashed and b
Published: 2024-09-27T17:00:39
If you think VMware has gone to the dogs, maybe check it out? OpenStack Dalmatian, the 30th edition of the open source cloud stack, has bounded out of the kennel.
Published: 2024-10-03T02:30:15
Attacks began the day after public disclosure "Patch yesterday" is the advice from infosec researchers as the latest critical vulnerability affecting Zimbra mail servers is now being mass-exploited.
Published: 2024-10-02T10:50:45
As eggheads reckon Musk-mobiles need human interventions every 13 miles Owners of Tesla's Cybertruck are reporting that a software update enabling the self-styled Full Self Driving (FSD) has become an option for their giant rolling wedges of stainles
Published: 2024-09-30T23:45:12
Intruders accessed machines via tool bundled with ScienceLogic, 'limited' info taken, customers told not to worry Exclusive Rackspace has told customers intruders exploited a zero-day bug in a third-party application it was using, and abused that vu
Published: 2024-09-30T23:08:37
Blue is the color of some screens after optional KB5043145 update Updated Microsoft's Patch Tuesday preview, KB5043145, arrived last week and is already causing some headaches thanks to serious stability issues.
Published: 2024-09-30T13:07:58
A data breach has exposed the names, addresses, social security numbers, and birthdates of more than 237,700 Comcast customers. The breach stems from a security incident at Financial Business and Consumer Solutions (FBCS), a debt collection...
Published: 2024-10-07T12:02:34
Google is rolling out a new set of features aimed at making it less easy for thieves to access your data. That’s according to Mishaal Rahman, who posted on Reddit that the features are showing up in a new update after seeing that his Xiaomi...
Published: 2024-10-05T12:04:10
The new search experiment seems to be an extension of Google’s Brand Indicators for Message Identification (BIMI) feature, which is used to display checkmarks in Gmail’s web and mobile apps next to senders who have adopted the verification pl...
Published: 2024-10-04T04:31:09
When Adams turned in his personal cellphone the following day, charging documents say, he said he had changed the password a day prior after learning about the investigation and couldn’t remember it. Adams told investigators he changed th...
Published: 2024-10-02T16:06:42
The Federal Communications Commission is making up to $200 million available to help schools and libraries make their computer systems more secure. The Schools and Libraries Cybersecurity Pilot Program will be used to evaluate whether to f...
Published: 2024-10-02T13:42:05
Arc creator The Browser Company has officially started a bug bounty program to keep its growing Chromium-based browser’s security in check. The company is also launching a new security bulletin to maintain “transparent and proactive communi...
Published: 2024-09-27T17:37:11
The US Department of Justice has charged three Iranian nationals linked with a cyberattack against Donald Trump’s presidential campaign, according to an indictment on Friday. The three hackers, all of whom have ties to Iran’s Islamic Revolu...
Published: 2024-09-27T16:51:38
Google took a page out of a familiar playbook in court this week, defending itself from claims of anticompetitive conduct by raising security concerns. While the government argues it locked up the ad tech market to make more money, Google’s...
Published: 2024-09-26T09:04:58
Assa Abloy, the major Swedish conglomerate that owns a whole lot of lock and security companies like Kwikset, Level lock, and the non-US version of Yale, is partnering with Boston Dynamics to build a new digital door access system that enab...
Published: 2024-09-23T16:31:14
Telegram will now turn over a user’s phone number and IP address if it receives a request from authorities, according to its just-updated privacy policy: If Telegram receives a valid order from the relevant judicial authorities that confirm...
Published: 2024-09-23T14:59:03
Qualcomm has released security patches for a zero-day vulnerability in the Digital Signal Processor (DSP) service that impacts dozens of chipsets. [...]
Published: 2024-10-07T14:30:40
American Water, the largest publicly traded U.S. water and wastewater utility company, was forced to shut down some of its systems after a Thursday cyberattack. [...]
Published: 2024-10-07T13:29:24
Multiple U.S. broadband providers, including Verizon, AT&T, and Lumen Technologies, have been breached by a Chinese hacking group tracked as Salt Typhoon, the Wall Street Journal reports. [...]
Published: 2024-10-07T10:51:04
Comcast Cable Communications and Truist Bank have disclosed they were impacted by a data breach at FBCS, and are now informing their respective customers that their data has been compromised. [...]
Published: 2024-10-06T11:12:23
MoneyGram says there is no evidence that ransomware is behind a recent cyberattack that led to a five-day outage in September. [...]
Published: 2024-10-05T10:16:26
On Thursday, K-12 school district Highline Public Schools confirmed that a ransomware attack forced it to shut down all schools in early September. [...]
Published: 2024-10-04T16:32:53
In what might be described as a real-life Black Mirror episode, a Harvard student uses facial recognition with $379 Meta Ray-Ban 2 smart sunglasses - to dig up personal data on every face he sees in real time.Continue ReadingCategory: TechnologyTags:...
Published: 2024-10-02T22:10:52
Organizations that get relieved of credentials to their cloud environments can quickly find themselves part of a disturbing new trend: Cybercriminals using stolen cloud credentials to operate and resell sexualized AI-powered chat services. Researcher...
Published: 2024-10-03T13:05:52
The United States today unveiled sanctions and indictments against the alleged proprietor of Joker’s Stash, a now-defunct cybercrime store that peddled tens of millions of payment cards stolen in some of the largest data breaches of the past de...
Published: 2024-09-26T14:54:07
Withholding exculpatory evidence from suspects isn't a great look when the tech is already questionable Police around the United States are routinely using facial recognition technology to help identify suspects, but those departments rarely disclose they've done so - even to suspects and their lawyers.
Published: 2024-10-07T19:45:13
Salt Typhoon may have accessed court-ordered wiretaps and US internet traffic Verizon, AT&T, and Lumen Technologies were among the US broadband providers whose networks were reportedly hacked by Chinese cyberspies, possibly compromising the wiretapping systems used for court-ordered surveillance.
Published: 2024-10-07T17:17:54
Struggle ye not with cookies, lest ye become a cookie monster Opinion The people are defeated. Worn out, deflated, and apathetic about the barrage of banners and pop-ups about cookies and permissions.
Published: 2024-10-07T08:30:14
Irish data watchdog opens probe after 'numerous complaints' Ireland's Data Protection Commission (DPC) has launched an inquiry into Ryanair's Customer Verification Process for travelers booking flights through third-party websites or online travel agents (OTA).
Published: 2024-10-05T09:31:10
Radioactive hazards and cyber failings ... what could possibly go wrong? The outfit that runs Britain's Sellafield nuclear waste processing and decommissioning site has been fined 332,500 ($440,000) by the nation's Office for Nuclear Regulation (ONR) for its shoddy cybersecurity practices between 2019 and 2023.
Published: 2024-10-05T06:07:06
Cable giant says ransomware involved, FBCS keeps schtum Comcast says data on 237,703 of its customers was in fact stolen in a cyberattack on a debt collector it was using, contrary to previous assurances it was given that it was unaffected by that intrusion.
Published: 2024-10-04T20:13:14
Get together with the European cybersecurity community at a two-day conference in London this December Sponsored Post This year's CyberThreat returns to London to provide a place for cybersecurity professionals to share experiences, new tools and techniques to help organisations stay ahead of the latest cyber threats.
Published: 2024-10-04T08:02:06
'You can build this in a few days even as a very na ve developer' A pair of inventive Harvard undergraduates have created what they believe could be one of the most intrusive devices ever built a wake-up call, they tell The Register, for the world to take privacy seriously in the AI era.
Published: 2024-10-04T06:32:05
Gangs hit 5% of all Adobe Commerce, Magento-powered stores, Sansec says Updated Ray-Ban, National Geographic, Whirlpool, and Segway are among thousands of brands whose web stores were reportedly compromised by criminals exploiting the CosmicSting flaw in hope of stealing shoppers' payment card info as they order stuff online.
Published: 2024-10-04T03:42:08
Best way to boost your package is to leave, or pretend to A survey of nearly 700 CISOs in the US and Canada has found their pay has risen over the past year to an average of $565,000 and a median of $403,000, with the top 10 percent of execs pulling in over $1 million.
Published: 2024-10-03T14:01:08
Fraudsters targeted local government, colleges, and construction firms in Texas and North Carolina Two British-Nigerian men were sentenced for serious business email compromise schemes in the US this week, netting them millions of dollars from local government entities, construction companies, and colleges.
Published: 2024-10-03T12:30:18
Crooks 'like a sysadmin, with a malicious slant' Exclusive An extortionist armed with a new variant of MedusaLocker ransomware has infected more than 100 organizations a month since at least 2022, according to Cisco Talos, which recently discovered a "substantial" Windows credential data dump that sheds light on the criminal and their victims.
Published: 2024-10-03T10:00:09
Managing the endless stream of cookie banners leaves little energy for anything else Fewer than one in five Brits report being happy with the way their personal data is handled by big tech companies, yet the furthest many will go is to reject optional cookies on the web.
Published: 2024-10-03T09:15:13
With 14 serious security flaws found, what a gift for spies and crooks Fourteen newly found bugs in DrayTek Vigor routers including one critical remote-code-execution flaw that received a perfect 10 out of 10 CVSS severity rating could be abused by crooks looking to seize control of the equipment to then steal sensitive data, deploy ransomware, and launch denial-of-service attacks.
Published: 2024-10-02T21:33:09
Poor use of PHP include() strikes again Two trivial but critical security holes have been found in Optigo's Spectra Aggregation Switch, and so far no patch is available.
Published: 2024-10-02T20:39:50
Logjam 'hurting infosec processes world over' one expert tells us as US body blows its own Sept deadline NIST has made some progress clearing its backlog of security vulnerability reports to process though it's not quite on target as hoped.
Published: 2024-10-02T12:31:05
Attacks began the day after public disclosure "Patch yesterday" is the advice from infosec researchers as the latest critical vulnerability affecting Zimbra mail servers is now being mass-exploited.
Published: 2024-10-02T10:50:45
Bother, given the White House has bet big on RPKI just like we all rely on immature internet infrastructure that usually works The Resource Public Key Infrastructure (RPKI) protocol has "software vulnerabilities, inconsistent specifications, and operational challenges" according to a pre-press paper from a trio of German researchers.
Published: 2024-10-02T06:31:07
And what looks like proof stolen data was never deleted even after ransom paid Building on the success of what's known around here as LockBit Leak Week in February, the authorities say they've arrested a further four individuals with ties to the now-scuppered LockBit ransomware empire.
Published: 2024-10-01T17:35:00
Ransomware criminals believed to have taken orders from intel services The relationship between infamous cybercrime outfit Evil Corp and the Russian state is thought to be extraordinarily close, so close that intelligence officials allegedly ordered the criminals to carry out cyberattacks on NATO members.
Published: 2024-10-01T15:35:16
Aleksandr Ryzhenkov alleged to have extorted around $100M from victims, built 60 LockBit attacks The latest installment of the National Crime Agency's (NCA) series of ransomware revelations from February's LockBit Leak Week emerges today as the agency identifies a man it not only believes is a member of the long-running Evil Corp crime group but also a LockBit affiliate.
Published: 2024-10-01T14:08:10
Full names, contact details, and company info all the fixings for a phishing holiday Data allegedly belonging to more than 304,000 customers of Australian camera and tech e-tailer digiDirect has been leaked to an online cyber crime forum.
Published: 2024-10-01T00:26:06
Intruders accessed machines via tool bundled with ScienceLogic, 'limited' info taken, customers told not to worry Exclusive Rackspace has told customers intruders exploited a zero-day bug in a third-party application it was using, and abused that vulnerability to break into its internal performance monitoring environment.
Published: 2024-09-30T23:08:37
Only level-one trauma unit in 400 miles crippled Ransomware scumbags have caused a vital hospital to turn away ambulances after infecting its computer systems with malware.
Published: 2024-09-30T22:16:18
At least seven intrusions in five years? Yeah, those promises of improvement more than 'long overdue' T-Mobile US has agreed to fork out $31.5 million to improve its cybersecurity and pay a fine after a string of network intrusions affected millions of customers between 2021 and 2023.
Published: 2024-09-30T21:59:17
It's election year for more than 50 countries and the Islamic Republic threatens a bunch of them US and UK national security agencies are jointly warning about Iranian spearphishing campaigns, which remain an ongoing threat to various industries and governments.
Published: 2024-09-30T13:35:14
Only 2 out of 5 tested products were equitable across demographics A study by the US General Services Administration (GSA) has revealed that five remote identity verification (RiDV) technologies are unreliable, inconsistent, and marred by bias across different demographic groups.
Published: 2024-09-30T12:40:11
Ransomware? More like 'we don't care' for everyone but CISOs Efficiency and scalability are key benefits of enterprise cloud computing, but they come at a cost. Security threats specific to cloud environments are the leading cause of concern among top executives and they're also the ones organizations are least prepared to address.
Published: 2024-09-30T11:30:17
LLMs are helpful, but don't use them for anything important AI models just can't seem to stop making things up. As two recent studies point out, that proclivity underscores prior warnings not to rely on AI advice for anything that really matters.
Published: 2024-09-30T03:59:07
Plus: UK man charged with compromising firms for stock secrets; ransomware actor foils self; and more Infosec In Brief Put away that screwdriver and USB charging cable the latest way to steal a Kia just requires a cellphone and the victim's license plate number.
Published: 2024-09-30T03:02:09
Plus: SpaceX plans Vietnam investment; Yahoo! Japan content moderation secrets; LG offloads Chinese display factory; and more ASIA IN BRIEF It's not often The Register writes about a cryptocurrency outfit being on the right side of a scam or crime, but last week crypto exchange Binance claimed it helped Indian authorities to investigate a scam gaming app.
Published: 2024-09-30T01:28:05
Alethe Denis exposes tricks that made you fall for that return-to-office survey Interview A hacker walked into a "very big city" building on a Wednesday morning with no keys to any doors or elevators, determined to steal sensitive data by breaking into both the physical space and the corporate Wi-Fi network.
Published: 2024-09-29T16:39:06
Snoops allegedly camped out in inboxes well into September The US Department of Justice has charged three Iranians for their involvement in a "wide-ranging hacking campaign" during which they allegedly stole massive amounts of materials from Donald Trump's 2024 presidential campaign and then leaked the information to media organizations.
Published: 2024-09-27T21:45:04
AI screengrab service to be opt-in, features encryption, biometrics, enclaves, more Microsoft has revised the Recall feature for its Copilot+ PCs and insists that the self-surveillance system is secure.
Published: 2024-09-27T20:18:09
Defenders beware: Data theft, extortion, and backdoors on Storm-0501's agenda Microsoft's latest threat intelligence blog issues a warning to all organizations about Storm-0501's recent shift in tactics, targeting, and backdooring hybrid cloud environments.
Published: 2024-09-27T13:35:11
33% of cloud environments using the toolkit impacted, we're told A critical bug in Nvidia's widely used Container Toolkit could allow a rogue user or software to escape their containers and ultimately take complete control of the underlying host.
Published: 2024-09-26T21:42:46
More 9.8 bugs? Ay, papi! Aruba access points running AOS-8 and AOS-10 need to be patched urgently after HPE emitted fixes for three critical flaws in its networking subsidiary's networking access points.
Published: 2024-09-26T19:30:14
No patches yet, can be mitigated, requires user interaction Final update After days of anticipation, what was billed as one or more critical unauthenticated remote-code execution vulnerabilities in all Linux systems was today finally revealed.
Published: 2024-09-26T17:34:01
Attackers got 10K people to download 'trusted' web3 brand cheat before Mountain View intervened The latest in a long line of cryptocurrency wallet-draining attacks has stolen $70,000 from people who downloaded a dodgy app in a single campaign researchers describe as a world-first.
Published: 2024-09-26T14:08:09
See it, say it not sorted just yet as network access remains offline Updated A cybersecurity incident is being probed at Network Rail, the UK non-departmental public body responsible for repairing and developing train infrastructure, after unsavory messaging was displayed to those connecting to major stations' free Wi-Fi portals.
Published: 2024-09-26T10:29:53
Access to account info needed to tackle benefit fraud, latest bill claims Privacy campaigners are criticizing UK proposals to force banks to share data from the accounts of government benefit claimants, saying the ploy amounts to "a financial snoopers' charter targeted to automate suspicion."
Published: 2024-09-26T08:31:06
That escalated quickly Updated WordPress on Wednesday escalated its conflict with WP Engine, a hosting provider, by blocking the latter's servers from accessing WordPress.org resources and therefore from potentially vital software updates.
Published: 2024-09-26T01:45:09
Expecting a longer storm season this year? Updated Another Beijing-linked cyberspy crew, this one dubbed Salt Typhoon, has reportedly been spotted on networks belonging to US internet service providers in stealthy data-stealing missions and potential preparation for future cyberattacks.
Published: 2024-09-25T21:46:09
Extorting underfunded public services for $1M isn't a good look Despite being top of the ransomware tree at the moment, RansomHub specifically, one of its affiliates clearly isn't that bright as they are reportedly trying to extort Delaware Libraries for around $1 million.
Published: 2024-09-25T17:30:14
Taipei laughs it off and so does Beijing, which says political slurs hit sites nobody reads anyway Taiwan has dismissed Chinese allegations that its military sponsored a recent wave of anti-Beijing cyber attacks.
Published: 2024-09-25T01:25:34
Argues worse could happen if it loses kernel access CrowdStrike is "deeply sorry" for the "perfect storm of issues" that saw its faulty software update crash millions of Windows machines, leading to the grounding of thousands of planes, passengers stranded at airports, the cancellation of surgeries, and disruption to emergency services hotlines among many more inconveniences.
Published: 2024-09-25T01:23:43
Four Chocolate Factory trackers cracked the Top 25 in all regions Google, once again, is the "undisputed leader" when it comes to monitoring people's behavior on the internet, according to Kaspersky's annual web tracking report.
Published: 2024-09-24T19:45:12
Severe incidents may be down, but Putin had to throw one in for good measure Russia's use of malware to support its military efforts in Ukraine is showing no signs of waning while its tactics continually evolve to bypass protections.
Published: 2024-09-24T18:30:11
Thousands of devices remain vulnerable, US most exposed to the threat Tens of thousands of fuel storage tanks in critical infrastructure facilities remain vulnerable to zero-day attacks due to buggy Automatic Tank Gauge systems from multiple vendors, say infosec researchers.
Published: 2024-09-24T15:30:11
Mandiant publishes cheat sheet for weeding out fraudulent IT staff Against a backdrop of rising exposure to North Korean agents seeking (mainly) US IT roles, organizations now have a cheat sheet to help spot potential operatives.
Published: 2024-09-24T12:01:07
Perfctl malware is hard to detect, persists after reboots, and can perform a breadth of malicious activities.
Published: 2024-10-05T13:30:00
Plus: Harvard students pack Meta’s smart glasses with privacy-invading face-recognition tech, Microsoft and the DOJ seize Russian hackers’ domains, and more.
Published: 2024-10-05T10:30:00
After decades of relying on buttons, switches, and toggles, the Pentagon has embraced simple, ergonomic video-game-style controllers already familiar to millions of potential recruits.
Published: 2024-10-04T11:30:00
From Trump campaign signs to Planned Parenthood bumper stickers, license plate readers around the US are creating searchable databases that reveal Americans’ political leanings and more.
Published: 2024-10-03T10:30:00
US Immigration and Customs Enforcement’s one-year contract with Paragon’s US subsidiary comes amid the Biden administration’s years-long crackdown on commercial spyware vendors.
Published: 2024-10-01T18:15:53
UK law enforcement and international partners have released new details about the cybercriminal gang Evil Corp, including its use of the Lockbit ransomware platform and ties to Russian intelligence.
Published: 2024-10-01T16:59:21
Scamming operations that once originated in Southeast Asia are now proliferating around the world, likely raking in billions of dollars in the process.
Published: 2024-09-30T10:00:00
Plus: The US Justice Department indicts three Iranians over Trump campaign hack, EU regulators fine Meta $100 million for a password security lapse, and the Tor Project enters a new phase.
Published: 2024-09-28T10:30:00
A handful of Tesla’s electric pickup trucks are armed and ready for battle in the hands of Chechen forces fighting in Ukraine as part of Russia’s ongoing invasion. Can the EV take the heat?
Published: 2024-09-27T10:00:00
As Israel intensifies its attacks on Lebanon, eerie messages have been arriving on the phones of civilians on both sides of the border, with authorities in each country accusing the other of psychological warfare.
Published: 2024-09-26T12:24:17
Researchers found a flaw in a Kia web portal that let them track millions of cars, unlock doors, and start engines at will the latest in a plague of web bugs that’s affected a dozen carmakers.
Published: 2024-09-26T11:00:00
The US government says outlets like RT work closely with Russian intelligence, and platforms have removed or banned their content. But they’re still influential all around the world.
Published: 2024-09-24T11:30:00
Cybersecurity researchers have discovered a new botnet malware family called Gorilla (aka GorillaBot) that is a variant of the leaked Mirai botnet source code. Cybersecurity firm NSFOCUS, which identified the activity last month, said the botnet "issued over 300,000 attack commands, with a shocking attack density" between September 4 and September 27, 2024. No less than 20,000 commands designed
Published: 2024-10-07T19:22:00
Organizations are losing between $94 - $186 billion annually to vulnerable or insecure APIs (Application Programming Interfaces) and automated abuse by bots. That’s according to The Economic Impact of API and Bot Attacks report from Imperva, a Thales company. The report highlights that these security threats account for up to 11.8% of global cyber events and losses, emphasizing the escalating
Published: 2024-10-07T16:55:00
The interest in passwordless authentication has increased due to the rise of hybrid work environments and widespread digitization. This has led to a greater need for reliable data security and user-friendly interfaces. Without these measures, organizations are at risk of experiencing data breaches, leaks, and significant financial losses. While traditional password-based systems offer
Published: 2024-10-07T15:35:00
A critical security flaw has been disclosed in the Apache Avro Java Software Development Kit (SDK) that, if successfully exploited, could allow the execution of arbitrary code on susceptible instances. The flaw, tracked as CVE-2024-47561, impacts all versions of the software prior to 1.11.4. "Schema parsing in the Java SDK of Apache Avro 1.11.3 and previous versions allows bad actors to execute
Published: 2024-10-07T15:00:00
Ever heard of a "pig butchering" scam? Or a DDoS attack so big it could melt your brain? This week's cybersecurity recap has it all government showdowns, sneaky malware, and even a dash of app store shenanigans. Get the scoop before it's too late! Threat of the Week Double Trouble: Evil Corp & LockBit Fall: A consortium of international law enforcement agencies took steps to arrest four
Published: 2024-10-07T14:46:00
Google has announced that it's piloting a new security initiative that automatically blocks sideloading of potentially unsafe Android apps in India, after similar tests in Singapore, Thailand, and Brazil. The enhanced fraud protection feature aims to keep users safe when they attempt to install malicious apps from sources other than the Google Play Store, such as web browsers, messaging apps,
Published: 2024-10-07T14:45:00
Europe's top court has ruled that Meta Platforms must restrict the use of personal data harvested from Facebook for serving targeted ads even when users consent to their information being used for advertising purposes, a move that could have serious consequences for ad-driven companies operating in the region. "An online social network such as Facebook cannot use all of the personal data
Published: 2024-10-07T12:02:00
Apple has released iOS and iPadOS updates to address two security issues, one of which could have allowed a user's passwords to be read out aloud by its VoiceOver assistive technology. The vulnerability, tracked as CVE-2024-44204, has been described as a logic problem in the new Passwords app impacting a slew of iPhones and iPads. Security researcher Bistrit Daha has been credited with
Published: 2024-10-05T10:20:00
Microsoft and the U.S. Department of Justice (DoJ) on Thursday announced the seizure of 107 internet domains used by state-sponsored threat actors with ties to Russia to facilitate computer fraud and abuse in the country. "The Russian government ran this scheme to steal Americans' sensitive information, using seemingly legitimate email accounts to trick victims into revealing account credentials
Published: 2024-10-04T18:36:00
Continuous Threat Exposure Management (CTEM) is a strategic framework that helps organizations continuously assess and manage cyber risk. It breaks down the complex task of managing security threats into five distinct stages: Scoping, Discovery, Prioritization, Validation, and Mobilization. Each of these stages plays a crucial role in identifying, addressing, and mitigating vulnerabilities -
Published: 2024-10-04T15:23:00
Cloudflare has disclosed that it mitigated a record-breaking distributed denial-of-service (DDoS) attack that peaked at 3.8 terabits per second (Tbps) and lasted 65 seconds. The web infrastructure and security company said it fended off "over one hundred hyper-volumetric L3/4 DDoS attacks throughout last month, with many exceeding 2 billion packets per second (Bpps) and 3 terabits per second (
Published: 2024-10-04T15:20:00
A new high-severity security flaw has been disclosed in the LiteSpeed Cache plugin for WordPress that could enable malicious actors to execute arbitrary JavaScript code under certain conditions. The flaw, tracked as CVE-2024-47374 (CVSS score: 7.2), has been described as a stored cross-site scripting (XSS) vulnerability impacting all versions of the plugin up to and including 6.5.0.2. It was
Published: 2024-10-04T14:41:00
Google has revealed the various security guardrails that have been incorporated into its latest Pixel devices to counter the rising threat posed by baseband security attacks. The cellular baseband (i.e., modem) refers to a processor on the device that's responsible for handling all connectivity, such as LTE, 4G, and 5G, with a mobile phone cell tower or base station over a radio interface. "This
Published: 2024-10-03T22:30:00
For years, securing a company’s systems was synonymous with securing its “perimeter.” There was what was safe “inside” and the unsafe outside world. We built sturdy firewalls and deployed sophisticated detection systems, confident that keeping the barbarians outside the walls kept our data and systems safe. The problem is that we no longer operate within the confines of physical on-prem
Published: 2024-10-03T20:36:00
Misconfigured and vulnerable Linux servers are the target of an ongoing campaign that delivers a stealthy malware dubbed perfctl with the primary aim of running a cryptocurrency miner and proxyjacking software. "Perfctl is particularly elusive and persistent, employing several sophisticated techniques," Aqua security researchers Assaf Morag and Idan Revivo said in a report shared with The Hacker
Published: 2024-10-03T19:45:00
Threat actors with ties to North Korea have been observed delivering a previously undocumented backdoor and remote access trojan (RAT) called VeilShell as part of a campaign targeting Cambodia and likely other Southeast Asian countries. The activity, dubbed SHROUDED#SLEEP by Securonix, is believed to be the handiwork of APT37, which is also known as InkySquid, Reaper, RedEyes, Ricochet Chollima,
Published: 2024-10-03T18:30:00
INTERPOL has announced the arrest of eight individuals in C te d'Ivoire and Nigeria as part of a crackdown on phishing scams and romance cyber fraud. Dubbed Operation Contender 2.0, the initiative is designed to tackle cyber-enabled crimes in West Africa, the agency said. One such threat involved a large-scale phishing scam targeting Swiss citizens that resulted in financial losses to the tune
Published: 2024-10-03T14:40:00
A new wave of international law enforcement actions has led to four arrests and the takedown of nine servers linked to the LockBit (aka Bitwise Spider) ransomware operation, marking the latest salvo against what was once a prolific financially motivated group. This includes the arrest of a suspected LockBit developer in France while on holiday outside of Russia, two individuals in the U.K. who
Published: 2024-10-03T12:45:00
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a security flaw impacting Ivanti Endpoint Manager (EPM) that the company patched in May to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability, tracked as CVE-2024-29824, carries a CVSS score of 9.6 out of a maximum of 10.0, indicating critical severity.
Published: 2024-10-03T11:36:00
A large-scale fraud campaign leveraged fake trading apps published on the Apple App Store and Google Play Store, as well as phishing sites, to defraud victims, per findings from Group-IB. The campaign is part of a consumer investment fraud scheme that's also widely known as pig butchering, in which prospective victims are lured into making investments in cryptocurrency or other financial
Published: 2024-10-02T22:24:00
A previously undocumented threat actor called CeranaKeeper has been linked to a string of data exfiltration attacks targeting Southeast Asia. Slovak cybersecurity firm ESET, which observed campaigns targeting governmental institutions in Thailand starting in 2023, attributed the activity cluster as aligned to China, leveraging tools previously identified as used by the Mustang Panda actor. "The
Published: 2024-10-02T20:51:00
A spear-phishing email campaign has been observed targeting recruiters with a JavaScript backdoor called More_eggs, indicating persistent efforts to single out the sector under the guise of fake job applications. "A sophisticated spear-phishing lure tricked a recruitment officer into downloading and executing a malicious file disguised as a resume, leading to a more_eggs backdoor infection,"
Published: 2024-10-02T20:38:00
A little over a dozen new security vulnerabilities have been discovered in residential and enterprise routers manufactured by DrayTek that could be exploited to take over susceptible devices. "These vulnerabilities could enable attackers to take control of a router by injecting malicious code, allowing them to persist on the device and use it as a gateway into enterprise networks," Forescout
Published: 2024-10-02T18:30:00
Cybersecurity researchers have disclosed that 5% of all Adobe Commerce and Magento stores have been hacked by malicious actors by exploiting a security vulnerability dubbed CosmicSting. Tracked as CVE-2024-34102 (CVSS score: 9.8), the critical flaw relates to an improper restriction of XML external entity reference (XXE) vulnerability that could result in remote code execution. The shortcoming,
Published: 2024-10-02T17:43:00
Dynamic malware analysis is a key part of any threat investigation. It involves executing a sample of a malicious program in the isolated environment of a malware sandbox to monitor its behavior and gather actionable indicators. Effective analysis must be fast, in-depth, and precise. These five tools will help you achieve it with ease. 1. Interactivity Having the ability to interact with the
Published: 2024-10-02T16:30:00
Three different organizations in the U.S. were targeted in August 2024 by a North Korean state-sponsored threat actor called Andariel as part of a likely financially motivated attack. "While the attackers didn't succeed in deploying ransomware on the networks of any of the organizations affected, it is likely that the attacks were financially motivated," Symantec, part of Broadcom, said in a
Published: 2024-10-02T15:30:00
Cybersecurity researchers are warning about active exploitation attempts targeting a newly disclosed security flaw in Synacor's Zimbra Collaboration. Enterprise security firm Proofpoint said it began observing the activity starting September 28, 2024. The attacks seek to exploit CVE-2024-45519, a severe security flaw in Zimbra's postjournal service that could enable unauthenticated attackers to
Published: 2024-10-02T11:26:00
A new set of malicious packages has been unearthed in the Python Package Index (PyPI) repository that masqueraded as cryptocurrency wallet recovery and management services, only to siphon sensitive data and facilitate the theft of valuable digital assets. "The attack targeted users of Atomic, Trust Wallet, Metamask, Ronin, TronLink, Exodus, and other prominent wallets in the crypto ecosystem,"
Published: 2024-10-02T11:01:00
The threat actors behind the Rhadamanthys information stealer have added new advanced features to the malware, including using artificial intelligence (AI) for optical character recognition (OCR) as part of what's called "Seed Phrase Image Recognition." "This allows Rhadamanthys to extract cryptocurrency wallet seed phrases from images, making it a highly potent threat for anyone dealing in
Published: 2024-10-01T22:04:00
Since its emergence, Generative AI has revolutionized enterprise productivity. GenAI tools enable faster and more effective software development, financial analysis, business planning, and customer engagement. However, this business agility comes with significant risks, particularly the potential for sensitive data leakage. As organizations attempt to balance productivity gains with security
Published: 2024-10-01T16:00:00
More than 140,000 phishing websites have been found linked to a phishing-as-a-service (PhaaS) platform named Sniper Dz over the past year, indicating that it's being used by a large number of cybercriminals to conduct credential theft. "For prospective phishers, Sniper Dz offers an online admin panel with a catalog of phishing pages," Palo Alto Networks Unit 42 researchers Shehroze Farooqi,
Published: 2024-10-01T12:02:00
Cybersecurity researchers have uncovered a new cryptojacking campaign targeting the Docker Engine API with the goal of co-opting the instances to join a malicious Docker Swarm controlled by the threat actor. This enabled the attackers to "use Docker Swarm's orchestration features for command-and-control (C2) purposes," Datadog researchers Matt Muir and Andy Giron said in an analysis. The attacks
Published: 2024-10-01T10:42:00
The U.S. Department of Justice (DoJ) has charged a 39-year-old U.K. national for perpetrating a hack-to-trade fraud scheme that netted him nearly $3.75 million in illegal profits. Robert Westbrook of London was arrested last week and is expected to be extradited to the U.S. to face charges related to securities fraud, wire fraud, and five counts of computer fraud. According to the court
Published: 2024-10-01T07:32:00
Hold onto your hats, folks, because the cybersecurity world is anything but quiet! Last week, we dodged a bullet when we discovered vulnerabilities in CUPS that could've opened the door to remote attacks. Google's switch to Rust is paying off big time, slashing memory-related vulnerabilities in Android. But it wasn't all good news Kaspersky's forced exit from the US market left users with more
Published: 2024-09-30T18:39:00
Critical security vulnerabilities have been disclosed in six different Automatic Tank Gauge (ATG) systems from five manufacturers that could expose them to remote attacks. "These vulnerabilities pose significant real-world risks, as they could be exploited by malicious actors to cause widespread damage, including physical damage, environmental hazards, and economic losses," Bitsight researcher
Published: 2024-09-30T17:25:00
Attackers are increasingly turning to session hijacking to get around widespread MFA adoption. The data supports this, as: 147,000 token replay attacks were detected by Microsoft in 2023, a 111% increase year-over-year (Microsoft). Attacks on session cookies now happen in the same order of magnitude as password-based attacks (Google). But session hijacking isn’t a new technique so
Published: 2024-09-30T16:50:00
Imagine a sophisticated cyberattack cripples your organization’s most critical productivity and collaboration tool the platform you rely on for daily operations. In the blink of an eye, hackers encrypt your emails, files, and crucial business data stored in Microsoft 365, holding it hostage using ransomware. Productivity grinds to a halt and your IT team races to assess the damage as the clock
Published: 2024-09-30T16:00:00
The Irish Data Protection Commission (DPC) has fined Meta 91 million ($101.56 million) as part of a probe into a security lapse in March 2019, when the company disclosed that it had mistakenly stored users' passwords in plaintext in its systems. The investigation, launched by the DPC the next month, found that the social media giant violated four different articles under the European Union's
Published: 2024-09-30T11:42:00
Cybersecurity researchers have discovered a malicious Android app on the Google Play Store that enabled the threat actors behind it to steal approximately $70,000 in cryptocurrency from victims over a period of nearly five months. The dodgy app, identified by Check Point, masqueraded as the legitimate WalletConnect open-source protocol to trick unsuspecting users into downloading it. "Fake
Published: 2024-09-28T15:24:00
U.S. federal prosecutors on Friday unsealed criminal charges against three Iranian nationals who are allegedly employed with the Islamic Revolutionary Guard Corps (IRGC) for their targeting of current and former officials to steal sensitive data. The Department of Justice (DoJ) accused Masoud Jalili, 36, Seyyed Ali Aghamiri, 34, and Yasar (Yaser) Balaghi, 37, of participating in a conspiracy
Published: 2024-09-28T11:33:00
Progress Software has released another round of updates to address six security flaws in WhatsUp Gold, including two critical vulnerabilities. The issues, the company said, have been resolved in version 24.0.1 released on September 20, 2024. The company has yet to release any details about what the flaws are other than listing their CVE identifiers - CVE-2024-46905 (CVSS score: 8.8)
Published: 2024-09-27T21:14:00
A new set of security vulnerabilities has been disclosed in the OpenPrinting Common Unix Printing System (CUPS) on Linux systems that could permit remote command execution under certain conditions. "A remote unauthenticated attacker can silently replace existing printers' (or install new ones) IPP urls with a malicious one, resulting in arbitrary command execution (on the computer) when a print
Published: 2024-09-27T18:03:00
As security technology and threat awareness among organizations improves so do the adversaries who are adopting and relying on new techniques to maximize speed and impact while evading detection. Ransomware and malware continue to be the method of choice by big game hunting (BGH) cyber criminals, and the increased use of hands-on or “interactive intrusion” techniques is especially alarming.
Published: 2024-09-27T16:56:00
The threat actor known as Storm-0501 has targeted government, manufacturing, transportation, and law enforcement sectors in the U.S. to stage ransomware attacks. The multi-stage attack campaign is designed to compromise hybrid cloud environments and perform lateral movement from on-premises to cloud environment, ultimately resulting in data exfiltration, credential theft, tampering, persistent
Published: 2024-09-27T16:41:00
In today's fast-evolving digital landscape, cybersecurity has become a cornerstone of organizational resilience. As cyber threats grow increasingly sophisticated, the demand for skilled cybersecurity professionals has never been higher. Whether you're a seasoned cyber professional or just starting your journey, signing up for the GIAC Newsletter ensures you're always informed and equipped for
Published: 2024-09-27T14:34:00
Russian-speaking users have been targeted as part of a new campaign distributing a commodity trojan called DCRat (aka DarkCrystal RAT) by means of a technique known as HTML smuggling. The development marks the first time the malware has been deployed using this method, a departure from previously observed delivery vectors such as compromised or fake websites, or phishing emails bearing PDF
Published: 2024-09-27T14:30:00
The U.S. government on Thursday sanctioned two cryptocurrency exchanges and unsealed an indictment against a Russian national for his alleged involvement in the operation of several money laundering services that were offered to cybercriminals. The virtual currency exchanges, Cryptex and PM2BTC, have been alleged to facilitate the laundering of cryptocurrencies possibly obtained through
Published: 2024-09-27T13:17:00
A critical security flaw has been disclosed in the NVIDIA Container Toolkit that, if successfully exploited, could allow threat actors to break out of the confines of a container and gain full access to the underlying host. The vulnerability, tracked as CVE-2024-0132, carries a CVSS score of 9.0 out of a maximum of 10.0. It has been addressed in NVIDIA Container Toolkit version v1.16.2 and
Published: 2024-09-27T11:24:00
Cybersecurity researchers have disclosed a set of now patched vulnerabilities in Kia vehicles that, if successfully exploited, could have allowed remote control over key functions simply by using only a license plate. "These attacks could be executed remotely on any hardware-equipped vehicle in about 30 seconds, regardless of whether it had an active Kia Connect subscription," security
Published: 2024-09-26T21:32:00
Threat actors with ties to North Korea have been observed leveraging two new malware strains dubbed KLogEXE and FPSpy. The activity has been attributed to an adversary tracked as Kimsuky, which is also known as APT43, ARCHIPELAGO, Black Banshee, Emerald Sleet (formerly Thallium), Sparkling Pisces, Springtail, and Velvet Chollima. "These samples enhance Sparkling Pisces' already extensive arsenal
Published: 2024-09-26T17:58:00
Universal Music Group notified hundreds of individuals about a data breach compromising their personal information. Universal Music Group is notifying 680 individuals about a data breach that compromised their personal information, including their Social Security number. The data breach occurred on July 15, 2024, and was discovered on August 30, 2024. “In early July, we detected […]
Published: 2024-10-07T18:08:57
Russian state media VGTRK faced a major cyberattack, which a Ukrainian source claimed was conducted by Kyiv’s hackers. A Ukrainian government source told Reuters that Kyiv’s hackers are behind the cyber attack that disrupted operations at the Russian state media company VGTRK on Putin’s birthday. The All-Russia State Television and Radio Broadcasting Company (VGTRK, Russian: […]
Published: 2024-10-07T14:11:58
238,000 Comcast customers were impacted by the FBCS data breach following the February ransomware attack, Comcast reports. Telecommunications giant Comcast is notifying approximately 238,000 customers impacted by the Financial Business and Consumer Solutions (FBCS) data breach. FBCS, a third-party debt collection agency, collects personal information from its clients to facilitate debt collection activities on behalf […]
Published: 2024-10-07T12:57:27
A critical vulnerability in the Apache Avro Java Software Development Kit (SDK) could be exploited to execute arbitrary code on vulnerable instances. A critical vulnerability, tracked as CVE-2024-47561, in the Apache Avro Java Software Development Kit (SDK) could allow the execution of arbitrary code on vulnerable instances. The flaw, tracked as CVE-2024-47561, impacts all versions of […]
Published: 2024-10-07T11:04:15
A man from Indiana pleaded guilty to stealing over $37M in cryptocurrency from 571 victims during a 2022 cyberattack. Evan Frederick Light, 21, of Lebanon, Indiana, pleaded guilty to conspiracy to commit wire fraud and conspiracy to launder monetary instruments. In February 2022, Light participated in a cyber attack on an investment firm in Sioux […]
Published: 2024-10-07T06:50:24
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Zimbra Collaboration vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the Zimbra Collaboration vulnerability CVE-2024-45519 (CVSS score of 10) to its Known Exploited Vulnerabilities (KEV) catalog. This week, Proofpoint cybersecurity researchers reported that threat actors are attempting to exploit a recently disclosed […]
Published: 2024-10-07T05:23:58
China-linked APT group Salt Typhoon breached U.S. broadband providers, potentially accessing systems for lawful wiretapping and other data. China-linked APT group Salt Typhoon (also known as FamousSparrow and GhostEmperor) breached U.S. broadband providers, including Verizon, AT&T, and Lumen Technologies, potentially accessing systems for lawful wiretapping and other data. According to the Wall Street Journal, which reported the news […]
Published: 2024-10-06T21:04:00
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Rhadamanthys Stealer Adds Innovative AI Feature in Version 0.7.0 Threat Actors leverage Docker Swarm and Kubernetes to […]
Published: 2024-10-06T13:16:37
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. WordPress LiteSpeed Cache plugin flaw could allow site takeover Apple iOS 18.0.1 and iPadOS 18.0.1 fix media session […]
Published: 2024-10-06T12:05:37
Google announced that its Pixel 9 has implemented new security features, and it supports measures to mitigate baseband attacks. Pixel phones are known for their strong security features, particularly in protecting the cellular baseband, which is the processor handling LTE, 4G, and 5G communications. While basebands in smartphones are often vulnerable to attacks due to […]
Published: 2024-10-06T08:44:36
About A Quarter Million Comcast Subscribers Had Their Data Stolen From Debt Collector
Apple Couldn't Tell Fake iPhones From Real Ones, Lost $2.5M In Scam
Hacker Attack Disrupts Russian State Media On Putin's Birthday
MITRE Announces AI Incident Sharing Project
China's Salt Typhoon Hacked Multiple Telcos
Antimatter Could Be The Key To Solving The Universe's Biggest Mysteries
Ryanair Faces GDPR Turbulence Over Customer ID Checks
LLM Hijacking Of Cloud Infrastructure Uncovered By Researchers
Ransomware Hits Critical Infrastructure Hard, Costs Adding Up
Thousands Of Linux Systems Infected By Malware Since 2021
DOJ, Microsoft Take Down 107 Russian-Backed Star Blizzards Domains
Harvard Duo Hacks Meta Ray-Bans To Dox Strangers On Site In Seconds
Ransowmare Crew Infects 100+ Orgs Monthly With New MedusaLocker Variant
CIA Seeks Informants In North Korea, Iran, And China
Ivanti EPM Vulnerability Exploited In The Wild
Zero-Day Breach At Rackspace Sparks Vendor Blame Game
14 DrayTek Vulns Patched, Including RCE Flaw
Evil Corp/REvil Malware Crime Group Outed As Family Affair
The Fix For BGP's Weaknesses Has Issues Of Its Own
NIST's Security Flaw Database Still Backlogged With 17k+ Unprocessed Bugs. Not Great
Record Breaking DDoS Attack Peaked At 3.8 Tbps, 2.14 Billion Pps
More LockBit Hackers Arrested, Unmasked As Servers Siezed
T-Mobile Pays $16 Million Fine For Three Years' Worth Of Data Breaches
Zimbra Mail Servers Under Siege Through RCE Vuln
Cybersecurity Experts Praise Veto Of California's AI Safety Bill
American Water Confirms Hack: Customer Portal and Billing Services SuspendedIndustry Moves for the week of October 7, 2024 - SecurityWeek
MFA Isn’t Failing, But It’s Not Succeeding: Why a Trusted Security Tool Still Falls Short
Smart TV Surveillance? How Samsung and LG’s ACR Technology Tracks What You Watch
Stealthy ‘Perfctl’ Malware Infects Thousands of Linux Servers
MITRE Announces AI Incident Sharing Project
ICS Cybersecurity Conference to Take Place October 21-24 in Atlanta
Personal Information Compromised in Universal Music Data Breach
Okta Tells Users to Check for Potential Exploitation of Newly Patched Vulnerability
238,000 Comcast Customers Hit by FBCS Ransomware Attack
China’s Salt Typhoon Hacked AT&T, Verizon: Report
CISA Kicks Off 21st Anniversary of Cybersecurity Awareness Month
CISA Releases Anonymous Threat Response Guidance and Toolkit for K-12 Schools
Joint ODNI, FBI, and CISA Statement
CISA Releases Plan to Align Operational Cybersecurity Priorities for Federal Agencies
FBI and CISA Release Joint PSA, Just So You Know: False Claims of Hacked Voter Information Likely Intended to Sow Distrust of U.S. Elections
CISA Releases Election Security Focused Checklists for Both Cybersecurity and Physical Security
CISA Launches New Portal to Improve Cyber Reporting
Election Security Partners Host 7th Annual Tabletop the Vote Exercise for 2024
Joint ODNI, FBI, and CISA Statement on Iranian Election Influence Efforts
FBI and CISA Release Joint PSA, Just So You Know: Ransomware Disruptions During Voting Periods Will Not Impact the Security and Resilience of Vote Casting or Counting
Region 8 Invites You to Secure Our World
CISA Director Jen Easterly Remarks at the Election Center 39th Annual National Conference in Detroit
Learn with Region 8’s Webinar Program
Shaping the legacy of partnership between government and private sector globally: JCDC
SAFECOM and NCSWIC Develop Global Positioning System (GPS) for Public Safety Location Services: Use Cases and Best Practices
Region 10 Team Provides Vital Election Security Training for Idaho
SAFECOM Membership Spotlight ft. Red Grasso, North Carolina Department of Information Technology
SAFECOM Releases New Resource for Cloud Adoption
With Open Source Artificial Intelligence, Don’t Forget the Lessons of Open Source Software
SAFECOM and NCSWIC Publish Fall 2023 Joint SAFECOM-NCSWIC Bi-Annual Meeting Executive Summaries
Subnet Solutions Inc. PowerSYSTEM Center
CISA Adds One Known Exploited Vulnerability to Catalog
Delta Electronics DIAEnergie
TEM Opera Plus FM Family Transmitter
CISA Releases Three Industrial Control Systems Advisories
CISA Adds One Known Exploited Vulnerability to Catalog
CISA Releases Two Industrial Control Systems Advisories
Optigo Networks ONS-S8 Spectra Aggregation Switch
ASD’s ACSC, CISA, FBI, NSA, and International Partners Release Guidance on Principles of OT Cybersecurity for Critical Infrastructure Organizations
Mitsubishi Electric MELSEC iQ-F FX5-OPC
CISA Adds Four Known Exploited Vulnerabilities to Catalog
CISA’s VDP Platform 2023 Annual Report Showcases Success
Advantech ADAM-5630
goTenna Pro ATAK Plugin
Cisco Releases Security Updates for IOS and IOS XE Software
Atelmo Atemio AM 520 HD Full HD Satellite Receiver
CISA Releases Five Industrial Control Systems Advisories
ASD’s ACSC, CISA, and US and International Partners Release Guidance on Detecting and Mitigating Active Directory Compromises
Advantech ADAM-5550
goTenna Pro X and Pro X2
Citrix Releases Security Updates for XenServer and Citrix Hypervisor
CISA Warns of Hurricane-Related Scams
Threat Actors Continue to Exploit OT/ICS through Unsophisticated Means
Alisonic Sibylla
Moxa MXview One
CISA Adds One Known Exploited Vulnerability to Catalog
Franklin Fueling Systems TS-550 EVO
OMNTEC Proteus Tank Monitoring
OPW Fuel Management Systems SiteSentinel
Dover Fueling Solutions ProGauge MAGLINK LX CONSOLE
[webapps] reNgine 2.2.0 - Command Injection (Authenticated)
[webapps] openSIS 9.1 - SQLi (Authenticated)
[webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
[webapps] NoteMark < 0.13.0 - Stored XSS
[webapps] Gitea 1.22.0 - Stored XSS
[webapps] Invesalius3 - Remote Code Execution
[dos] Windows TCP/IP - RCE Checker and Denial of Service
[webapps] Aurba 501 - Authenticated RCE
[webapps] HughesNet HT2000W Satellite Modem - Password Reset
[webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Device Config Disclosure
[webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
[webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
[webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
[webapps] Helpdeskz v2.0.2 - Stored XSS
[webapps] Calibre-web 0.6.21 - Stored XSS
[webapps] Devika v1 - Path Traversal via 'snapshot_path'
[local] Genexus Protection Server 9.7.2.10 - 'protsrvservice' Unquoted Service Path
[local] SolarWinds Kiwi Syslog Server 9.6.7.1 - Unquoted Service Path
[local] Oracle Database 12c Release 1 - Unquoted Service Path
[webapps] Ivanti vADC 9.9 - Authentication Bypass
[local] Bonjour Service 'mDNSResponder.exe' - Unquoted Service Path Privilege Escalation
[webapps] Xhibiter NFT Marketplace 1.10.2 - SQL Injection
[webapps] Azon Dominator Affiliate Marketing Script - SQL Injection
[webapps] Microweber 2.0.15 - Stored XSS
[webapps] Customer Support System 1.0 - Stored XSS
[webapps] Automad 2.0.0-alpha.4 - Stored Cross-Site Scripting (XSS)
[webapps] SolarWinds Platform 2024.1 SR1 - Race Condition
[webapps] Flatboard 3.2 - Stored Cross-Site Scripting (XSS) (Authenticated)
[webapps] Poultry Farm Management System v1.0 - Remote Code Execution (RCE)
[webapps] Boelter Blue System Management 1.3 - SQL Injection
[webapps] WP-UserOnline 2.88.0 - Stored Cross Site Scripting (XSS) (Authenticated)
[webapps] PHP < 8.3.8 - Remote Code Execution (Unauthenticated) (Windows)
[webapps] AEGON LIFE v1.0 Life Insurance Management System - SQL injection vulnerability.
[webapps] AEGON LIFE v1.0 Life Insurance Management System - Unauthenticated Remote Code Execution (RCE)
[webapps] XMB 1.9.12.06 - Stored XSS
[webapps] Carbon Forum 5.9.0 - Stored XSS
[webapps] AEGON LIFE v1.0 Life Insurance Management System - Stored cross-site scripting (XSS)
[webapps] appRain CMF 4.0.5 - Remote Code Execution (RCE) (Authenticated)
[webapps] CMSimple 5.15 - Remote Code Execution (RCE) (Authenticated)
[webapps] WBCE CMS v1.6.2 - Remote Code Execution (RCE)
[webapps] Monstra CMS 3.0.4 - Remote Code Execution (RCE)
[webapps] Dotclear 2.29 - Remote Code Execution (RCE)
[webapps] Serendipity 2.5.0 - Remote Code Execution (RCE)
[webapps] Sitefinity 15.0 - Cross-Site Scripting (XSS)
[webapps] FreePBX 16 - Remote Code Execution (RCE) (Authenticated)
[webapps] Akaunting 3.1.8 - Server-Side Template Injection (SSTI)
[webapps] Check Point Security Gateway - Information Disclosure (Unauthenticated)
[webapps] Aquatronica Control System 5.1.6 - Information Disclosure
[webapps] changedetection < 0.45.20 - Remote Code Execution (RCE)
[webapps] ElkArte Forum 1.1.9 - Remote Code Execution (RCE) (Authenticated)
Some SIM / USIM card security (and ecosystem) info
SEC Consult SA-20240930-0 :: Local Privilege Escalation via MSI Installer in Nitro PDF Pro (CVE-2024-35288)
Backdoor.Win32.Benju.a / Unauthenticated Remote Command Execution
Backdoor.Win32.Prorat.jz / Remote Stack Buffer Overflow (SEH)
Backdoor.Win32.Amatu.a / Remote Arbitrary File Write (RCE)
Backdoor.Win32.Agent.pw / Remote Stack Buffer Overflow (SEH)
Backdoor.Win32.Boiling / Remote Command Execution
Defense in depth -- the Microsoft way (part 88): a SINGLE command line shows about 20, 000 instances of CWE-73
SEC Consult SA-20240925-0 :: Uninstall Password Bypass in BlackBerry CylanceOPTICS Windows Installer Package (CVE-2024-35214)
Apple iOS 17.2.1 - Screen Time Passcode Retrieval (Mitigation Bypass)
CyberDanube Security Research 20240919-0 | Multiple Vulnerabilities in Netman204
Submit Exploit CVE-2024-42831
Stored XSS in "Edit Profile" - htmlyv2.9.9
Stored XSS in "Menu Editor" - htmlyv2.9.9
Backdoor.Win32.BlackAngel.13 / Unauthenticated Remote Command Execution
[vim-security] use-after-free when closing buffers in Vim < 9.1.0764
OSSA-2024-004 / CVE-2024-47211: OpenStack Ironic <26.1.1 fails to verify checksums of supplied image_source URLs when configured to convert images to raw for streaming
Re: CVE-2024-47191: Local root exploit in the PAM module pam_oath.so
CVE-2024-8508 in Unbound DNS server prior to 1.21.1
Re: CVE-2024-42415: Integer Overflow in GNOME libgsf
CVE-2024-42415: Integer Overflow in GNOME libgsf
CVE-2024-47191: Local root exploit in the PAM module pam_oath.so
Re[2]: cups-browsed vulnerable to DDoS amplification attack
Re: cups-browsed vulnerable to DDoS amplification attack
Re: cups-browsed vulnerable to DDoS amplification attack
cups-browsed vulnerable to DDoS amplification attack
PowerDNS Security Advisory 2024-04
CVE-2024-47554: Apache Commons IO: Possible denial of service attack on untrusted input to XmlStreamReader
CVE-2024-47561: Apache Avro Java SDK: Arbitrary Code Execution when reading Avro Data (Java SDK)
Multiple vulnerabilities in Jenkins and Jenkins plugins