31 million records containing email addresses and password hashes exposed. 
Archive.org, one of the only entities to attempt to preserve the entire history of the World Wide Web and much of the broader Internet, was recently compromised in a hack that revealed data on roughly 31 million users. A little after 2...
Published: 2024-10-10T00:12:56
The ability to remain installed and undetected makes Perfctl hard to fight. Thousands of machines running Linux have been infected by a malware strain that’s notable for its stealth, the number of misconfigurati
Published: 2024-10-03T23:42:05
When successful, attacks install a backdoor. Getting it to work reliably is another matter. Attackers are actively exploiting a critical vulnerability in mail servers sold by Zimbra in an attempt to remotely exe
Published: 2024-10-02T21:50:28
Microsoft's hardware compatibility gamble still hasn't paid off Windows 10 is now just a year from its end of support date, and it is clear that Microsoft's hardware compatibility gamble has yet to pay off.
Published: 2024-10-14T17:27:12
AI model safety only goes so far Anthropic's Claude 3.5 Sonnet, despite its reputation as one of the better behaved generative AI models, can still be convinced to emit racist hate speech and malware.
Published: 2024-10-12T10:30:07
Claims its models aren't making threat actors more sophisticated - but is helping debug their code OpenAI has alleged the company disrupted a spear-phishing campaign that saw a China-based group target its employees through both their personal and co
Published: 2024-10-10T04:05:39
The FIDO Alliance, the organization that’s helping shepherd passkey adoption, announced a draft of new specifications that would let users securely move their passkeys across different password managers. Passkeys are great it’s nice to be...
Published: 2024-10-15T14:13:22
Arlo is releasing a new floodlight security camera that connects directly to your home’s Wi-Fi and power source. That allows the Arlo Wired Floodlight Camera to monitor and illuminate outdoor spaces 24/7 without interruption, unlike battery...
Published: 2024-10-15T08:00:00
The Internet Archive is back online in a read-only state after a cyberattack brought down the digital library and Wayback Machine last week. A data breach and DDoS attack kicked the site offline on October 9th, with a user authentication da...
Published: 2024-10-14T04:55:32
Someone gained access to Ecovacs Deebot X2 Omni robotic vacuums across several US cities earlier this year and used them to chase pets and yell racist slurs at their owners, reported ABC News in Australia this week. The outlet spoke with m...
Published: 2024-10-12T13:23:49
The Internet Archive will come back within “days” following a cyberattack that brought down the organization’s vast digital library and the Wayback Machine, according to an update from founder Brewster Kahle. It’s been struggling due to a d...
Published: 2024-10-11T16:10:27
When visiting the Internet Archive (www.archive.org) on Wednesday afternoon, The Verge was greeted with a pop-up claiming the site had been hacked. Just after 9PM ET, Internet Archive founder Brewster Kahle confirmed the breach and said the...
Published: 2024-10-09T17:26:08
/cdn.vox-cdn.com/uploads/chorus_asset/file/25663031/06_sharing.jpg)
Finally, there’s password sharing here, too. To share a password with someone else via AirDrop, select any password stored in the app, then click the share button (the square with an arrow). To share with a group of people: Click the + butto...
Published: 2024-10-09T10:30:00
Citing US restrictions, Google removed Kaspersky Lab’s antivirus software from the Play Store and terminated its developer account in the days leading up to the September 29th deadline of the restrictions, according to a Kaspersky blog post...
Published: 2024-10-08T10:17:33
A data breach has exposed the names, addresses, social security numbers, and birthdates of more than 237,700 Comcast customers. The breach stems from a security incident at Financial Business and Consumer Solutions (FBCS), a debt collection...
Published: 2024-10-07T12:02:34
Google is rolling out a new set of features aimed at making it less easy for thieves to access your data. That’s according to Mishaal Rahman, who posted on Reddit that the features are showing up in a new update after seeing that his Xiaomi...
Published: 2024-10-05T12:04:10
A tool for red-team operations called EDRSilencer has been observed in malicious incidents attempting to identify security tools and mute their alerts to management consoles. [...]
Published: 2024-10-15T14:47:40
Google Play, the official store for Android, distributed over a period of one year more than 200 malicious applications, which cumulatively counted nearly eight million downloads. [...]
Published: 2024-10-15T10:26:27
Cisco has confirmed to BleepingComputer that it is investigating recent claims that it suffered a breach after a threat actor began selling allegedly stolen data on a hacking forum. [...]
Published: 2024-10-14T22:25:02
North Korean hackers are using a new Linux variant of the FASTCash malware to infect the payment switch systems of financial institutions and perform unauthorized cash withdrawals. [...]
Published: 2024-10-14T18:15:49
Forty new variants of the TrickMo Android banking trojan have been identified in the wild, linked to 16 droppers and 22 distinct command and control (C2) infrastructures, with new features designed to steal Android PINs. [...]
Published: 2024-10-14T13:34:35
Japanese video game developer Game Freak has confirmed it suffered a cyberattack in August after source code and game designs for unpublished games were leaked online. [...]
Published: 2024-10-14T11:43:14
The Iranian state-sponsored hacking group APT34, aka OilRig, has recently escalated its activities with new campaigns targeting government and critical infrastructure entities in the United Arab Emirates and the Gulf region. [...]
Published: 2024-10-13T10:17:27
In what might be described as a real-life Black Mirror episode, a Harvard student uses facial recognition with $379 Meta Ray-Ban 2 smart sunglasses - to dig up personal data on every face he sees in real time.Continue ReadingCategory: TechnologyTags:...
Published: 2024-10-02T22:10:52
Written by: Casey Charrier, Robert Weiner We note that the total number of vulnerabilities affecting a vendor does not directly relate to how secure or insecure a vendor's security posture is, nor does it s...
Published: 2024-10-15T14:00:00
The parents of a 19-year-old Connecticut honors student accused of taking part in a $243 million cryptocurrency heist in August were carjacked a week later — while out house-hunting in a brand new Lamborghini. Prosecutors say the couple was bea... 
Published: 2024-10-09T17:36:27
Microsoft today released security updates to fix at least 117 security holes in Windows computers and other software, including two vulnerabilities that are already seeing active attacks. Also, Adobe plugged 52 security holes across a range of produc... 
Published: 2024-10-08T22:21:19
Organizations that get relieved of credentials to their cloud environments can quickly find themselves part of a disturbing new trend: Cybercriminals using stolen cloud credentials to operate and resell sexualized AI-powered chat services. Researcher... 
Published: 2024-10-03T13:05:52
Volume of attacks still surging though, according to Digital Defense Report Microsoft says ransomware attacks are up 2.75 times compared to last year, but claims defenses are actually working better than ever.
Published: 2024-10-15T16:45:11
Who also worries misinformation on social media could threaten liquidity The governor of India's Reserve Bank, Shri Shaktikanta Das, yesterday warned that AI and the platforms that provide it could worsen systemic risk to the nation's financial system.
Published: 2024-10-15T03:42:10
Enough with the racist-sounding 'dragons' and 'pandas', Beijing complains then points the finger at koalas Chinese authorities have published another set of allegations that assert the Volt Typhoon cyber-crew is an invention of the US and its allies, and not a crew run by Beijing.
Published: 2024-10-15T01:15:08
It waited till just before Columbus Day weekend to make mandated filing, but don't worry, we saw it A Houston-based services provider to healthcare organizations says a crook may have grabbed up to 400,000 people's information after the miscreant accessed the systems of one of its customers.
Published: 2024-10-14T22:03:07
Technologies that help SOCs detect, analyze, and respond to emerging threats faster and more accurately Sponsored Post This article discusses some of the challenges traditional SOCs face and how integrating artificial intelligence/machine learning (AI/ML) modules could help solve the challenges faced by security professionals and organizations.
Published: 2024-10-14T14:43:05
Florida man gets his hands on 'the best ever' With less than a month to go before American voters head to the polls to choose their next president, the Trump campaign has been investing in secure tech to make sure it doesn't get compromised again.
Published: 2024-10-14T14:28:05
No excuses for not patching this nine-month-old issue More than 86,000 Fortinet instances remain vulnerable to the critical flaw that attackers started exploiting last week, according to Shadowserver's data.
Published: 2024-10-14T12:30:10
Let Okta lift the lid on customer identity in this series of webinars Sponsored Post Recent reports suggest that stolen identity and privileged access credentials now account for 61 percent of all data breaches.
Published: 2024-10-14T09:00:10
With an off-the-shelf D-Wave machine, but only against very short keys Chinese researchers claim they have found a way to use D-Wave's quantum annealing systems to develop a promising attack on classical encryption.
Published: 2024-10-14T06:30:09
Reading, writing, and cyber mayhem, amirite? If we were to draw an infosec Venn diagram, with one circle representing "sensitive info that attackers would want to steal" and the other "limited resources plus difficult-to-secure IT environments," education would sit in the overlap.
Published: 2024-10-13T13:00:05
Also, phishing's easier over the phone, and your F5 cookies might be unencrypted, and more in brief If you need an excuse to improve your patching habits, a joint advisory from the US and UK governments about a massive, ongoing Russian campaign exploiting known vulnerabilities should do the trick.
Published: 2024-10-12T03:05:11
Researchers point to evidence that scumbags visited the strategy boutique Researchers at Palo Alto's Unit 42 believe the INC ransomware crew is no more and recently rebranded itself as Lynx over a three-month period.
Published: 2024-10-11T23:00:14
Cyberspies abusing a backdoor? Groundbreaking Lawmakers are demanding answers about earlier news reports that China's Salt Typhoon cyberspies breached US telecommunications companies Verizon, AT&T, and Lumen Technologies, and hacked their wiretapping systems. They also urge federal regulators to hold these companies accountable for their infosec practices - or lack thereof.
Published: 2024-10-11T21:30:13
Roadside assistance biz praised for deploying security monitoring software and reporting workers to cops Two former workers at roadside assistance provider RAC were this week given suspended sentences after illegally copying and selling tens of thousands of lines of personal data on people involved in accidents.
Published: 2024-10-11T11:45:16
What's harder? Convincing people to invest in a beleaguered security business or a tiny island everybody hates? Keir Starmer's decision to appoint Poppy Gustafsson as the UK's new investment minister is being resoundingly praised despite the former Darktrace boss spending years failing to fully rebuild investor confidence in the embattled company.
Published: 2024-10-11T11:13:42
It worked alleged pump and dump schemers arrested in UK, US and Portugal this week The FBI created its own cryptocurrency so it could watch suspected fraudsters use it an idea that worked so well it produced arrests in three countries.
Published: 2024-10-11T05:28:09
Acknowledges bulk customer data leak weeks after Telegram channels dangled it online Updated Leading Indian health insurance provider Star Health has admitted to being the victim of a cyber attack after criminals claimed they had posted records of 30-milion-plus clients online.
Published: 2024-10-11T02:57:43
But hey, no worries, the firm claims no evidence of data misuse Fidelity Investments has notified 77,099 people that their personal information was stolen in an August data breach.
Published: 2024-10-10T21:30:06
Unlock the power of generative AI with AWS Webinar Generative AI (GenAI) has quickly transitioned from an emerging concept to a core driver of innovation across lots of different industries.
Published: 2024-10-10T14:16:16
Researcher spots 110 TB of sensitive info sitting in unprotected database Nearly 32 million records belonging to users of tech from Trackman were left exposed to the internet, sitting in a non-password protected database, for an undetermined amount of time, according to researcher Jeremiah Fowler.
Published: 2024-10-10T14:14:10
Usual three-week window to address significant risks to federal agencies applies The US Cybersecurity and Infrastructure Security Agency (CISA) says vulnerabilities in Fortinet and Ivanti products are now being exploited, earning them places in its Known Exploited Vulnerabilities (KEV) catalog.
Published: 2024-10-10T13:34:14
Firefixed: It's maintenance time for low-complexity, high-impact security flaw It's patch time for Firefox fans as Mozilla issues a security advisory for a critical code execution vulnerability in the browser.
Published: 2024-10-10T11:30:10
Let the SANS AI Toolkit promote secure and responsible use of AI tools in the workplace Sponsored Post It's Cybersecurity Awareness Month again this October - a timely reminder for public and private sector organisations to work together and raise awareness about the importance of cybersecurity.
Published: 2024-10-10T07:46:57
Apply comprehensive security with access control, secure coding, infrastructure protection and AI governance Partner Content As generative AI (GenAI) becomes increasingly integrated into the corporate world, it is transforming everyday operations across various industries.
Published: 2024-10-10T07:24:43
Two arrested after allegedly trying to make off with their ill-gotten gains The alleged administrators of the infamous Bohemia and Cannabia dark web marketplaces have been arrested after apparently shuttering the sites and trying to flee with their earnings.
Published: 2024-10-10T06:30:14
31M folks' usernames, email addresses, salted-encrypted passwords now out there The Internet Archive had a bad day on the infosec front, after being DDoSed and having had its user account data stolen in a security breach.
Published: 2024-10-10T01:33:05
USB sticks help, but it's unclear how tools that suck malware from them are delivered A cyberespionage APT crew named GoldenJackal hacked air-gapped PCs belonging to government and diplomatic entities at least twice using two sets of custom malware, according to researchers from antivirus vendor ESET.
Published: 2024-10-09T23:31:08
Regulators know this is a nightmare and have done little to stop it. Privacy advocacy group wants that to change Smart TVs are watching their viewers and harvesting their data to benefit brokers using the same ad technology that denies privacy on the internet.
Published: 2024-10-09T22:15:08
Intruders stayed for free on the network between 2014 and 2020 Marriott has agreed to pay a $52 million penalty and develop a comprehensive infosec program following a series of major data breaches between 2014 and 2020 that affected more than 344 million people worldwide.
Published: 2024-10-09T21:08:19
One-man-band faces a mountain of lawsuits but has few assets The Florida business behind data brokerage National Public Data has filed for bankruptcy, admitting "hundreds of millions" of people were potentially affected in one of the largest information leaks of the year.
Published: 2024-10-09T19:30:15
Go forth and install your important security fixes Microsoft says that the problems with the Windows 11 Patch Tuesday preview have now been resolved.
Published: 2024-10-09T15:14:13
As if hospitals and clinics didn't have enough to worry about At least one US healthcare provider has been infected by Trinity, an emerging cybercrime gang with eponymous ransomware that uses double extortion and other "sophisticated" tactics that make it a "significant threat," according to the feds.
Published: 2024-10-09T13:45:08
Plus: SAP re-patches a failed patch for critical-rated flaw Patch Tuesday It's the second Tuesday of the month, which means Patch Tuesday, bringing with it fixes for numerous flaws, bugs and vulnerabilities in major software. And this one is a doozy.
Published: 2024-10-08T23:30:11
Given Amnesty's involvement, it's a safe bet spyware is in play Qualcomm has issued 20 patches for its chipsets' firmware, including one Digital Signal Processor (DSP) software flaw that has been exploited in the wild.
Published: 2024-10-08T21:30:09
What does IT glimpse but a dating app on your wee little screen If you're using iPhone Mirroring at work: It's time to stop, lest you give your employer's IT department the capability to snoop through the list of apps you have on your phone dating apps, those tracking medical conditions or sexual history, or any other NSFW apps that you might want to keep to yourself.
Published: 2024-10-08T18:30:14
Pro-Ukraine hackers claim credit for Russian state broadcasting shutdown Ukrainian hackers shut down Russian state news agency VGTRK's online broadcasting and streaming services on Monday president Vladimir Putin's 72nd birthday as Kremlin officials vowed to bring those responsible for the "unprecedented" cyber attack to justice.
Published: 2024-10-08T06:30:10
Improved security features teased in May now appearing around the world Google has apparently started a global rollout of three features in Android designed to make life a lot harder for thieves to profit from purloined phones.
Published: 2024-10-08T02:59:13
A couple million will do for a start but Kim's crews are suspected of stealing much more The US government is attempting to claw back more than $2.67 million stolen by North Korea's Lazarus Group, filing two lawsuits to force the forfeiture of millions in Tether and Bitcoin.
Published: 2024-10-08T00:27:08
It's still safe to drink, top provider tells us Updated American Water, which supplies over 14 million people in the US and numerous military bases, has stopped issuing bills and has taken its MyWater app offline while it investigates a cyber attack on its systems.
Published: 2024-10-07T21:30:12
Withholding exculpatory evidence from suspects isn't a great look when the tech is already questionable Police around the United States are routinely using facial recognition technology to help identify suspects, but those departments rarely disclose they've done so - even to suspects and their lawyers.
Published: 2024-10-07T19:45:13
Salt Typhoon may have accessed court-ordered wiretaps and US internet traffic Verizon, AT&T, and Lumen Technologies were among the US broadband providers whose networks were reportedly hacked by Chinese cyberspies, possibly compromising the wiretapping systems used for court-ordered surveillance.
Published: 2024-10-07T17:17:54
Struggle ye not with cookies, lest ye become a cookie monster Opinion The people are defeated. Worn out, deflated, and apathetic about the barrage of banners and pop-ups about cookies and permissions.
Published: 2024-10-07T08:30:14
Irish data watchdog opens probe after 'numerous complaints' Ireland's Data Protection Commission (DPC) has launched an inquiry into Ryanair's Customer Verification Process for travelers booking flights through third-party websites or online travel agents (OTA).
Published: 2024-10-05T09:31:10
Radioactive hazards and cyber failings ... what could possibly go wrong? The outfit that runs Britain's Sellafield nuclear waste processing and decommissioning site has been fined 332,500 ($440,000) by the nation's Office for Nuclear Regulation (ONR) for its shoddy cybersecurity practices between 2019 and 2023.
Published: 2024-10-05T06:07:06
Cable giant says ransomware involved, FBCS keeps schtum Comcast says data on 237,703 of its customers was in fact stolen in a cyberattack on a debt collector it was using, contrary to previous assurances it was given that it was unaffected by that intrusion.
Published: 2024-10-04T20:13:14
Get together with the European cybersecurity community at a two-day conference in London this December Sponsored Post This year's CyberThreat returns to London to provide a place for cybersecurity professionals to share experiences, new tools and techniques to help organisations stay ahead of the latest cyber threats.
Published: 2024-10-04T08:02:06
'You can build this in a few days even as a very na ve developer' A pair of inventive Harvard undergraduates have created what they believe could be one of the most intrusive devices ever built a wake-up call, they tell The Register, for the world to take privacy seriously in the AI era.
Published: 2024-10-04T06:32:05
Gangs hit 5% of all Adobe Commerce, Magento-powered stores, Sansec says Updated Ray-Ban, National Geographic, Whirlpool, and Segway are among thousands of brands whose web stores were reportedly compromised by criminals exploiting the CosmicSting flaw in hope of stealing shoppers' payment card info as they order stuff online.
Published: 2024-10-04T03:42:08
Best way to boost your package is to leave, or pretend to A survey of nearly 700 CISOs in the US and Canada has found their pay has risen over the past year to an average of $565,000 and a median of $403,000, with the top 10 percent of execs pulling in over $1 million.
Published: 2024-10-03T14:01:08
Fraudsters targeted local government, colleges, and construction firms in Texas and North Carolina Two British-Nigerian men were sentenced for serious business email compromise schemes in the US this week, netting them millions of dollars from local government entities, construction companies, and colleges.
Published: 2024-10-03T12:30:18
Global Intelligence claims its Cybercheck technology can help cops find key evidence to nail a case. But a WIRED investigation reveals the smoking gun often appears far less solid.
Published: 2024-10-15T11:00:00
Bots that “remove clothes” from images have run rampant on the messaging app, allowing people to create nonconsensual deepfake images even as lawmakers and tech companies try to crack down.
Published: 2024-10-15T10:30:00
“Passkeys,” the secure authentication mechanism built to replace passwords, are getting more portable and easier for organizations to implement thanks to new initiatives the FIDO Alliance announced on Monday.
Published: 2024-10-14T14:00:00
Some companies let you opt out of allowing your content to be used for generative AI. Here’s how to take back (at least a little) control from ChatGPT, Google’s Gemini, and more.
Published: 2024-10-12T13:30:00
Plus: New details emerge in the National Public Data breach, Discord gets blocked in Russia and Turkey over alleged illegal activity on the platform, and more.
Published: 2024-10-12T10:30:00
Scammers in Southeast Asia are increasingly turning to AI, deepfakes, and dangerous malware in a way that makes their pig butchering operations even more convincing.
Published: 2024-10-12T10:00:00
It's hard enough creating one air-gap-jumping tool. Researchers say the group GoldenJackal did it twice in five years.
Published: 2024-10-12T09:30:00
The hack exposed the data of 31 million users as the embattled Wayback Machine maker scrambles to stay online and contain the fallout of digital and legal attacks.
Published: 2024-10-10T02:00:19
The $4.4 billion in crypto is set to be the largest pile of criminal proceeds ever sold off by the US. The former IRS agent who seized the record-breaking sum, meanwhile, languishes in a Nigerian jail cell.
Published: 2024-10-09T16:02:20
Earlier this year, Google ditched its plans to abolish support for third-party cookies in its Chrome browser. While privacy advocates called foul, the implications for users is not so clear cut.
Published: 2024-10-08T15:39:49
Perfctl malware is hard to detect, persists after reboots, and can perform a breadth of malicious activities.
Published: 2024-10-05T13:30:00
Plus: Harvard students pack Meta’s smart glasses with privacy-invading face-recognition tech, Microsoft and the DOJ seize Russian hackers’ domains, and more.
Published: 2024-10-05T10:30:00
After decades of relying on buttons, switches, and toggles, the Pentagon has embraced simple, ergonomic video-game-style controllers already familiar to millions of potential recruits.
Published: 2024-10-04T11:30:00
From Trump campaign signs to Planned Parenthood bumper stickers, license plate readers around the US are creating searchable databases that reveal Americans’ political leanings and more.
Published: 2024-10-03T10:30:00
US Immigration and Customs Enforcement’s one-year contract with Paragon’s US subsidiary comes amid the Biden administration’s years-long crackdown on commercial spyware vendors.
Published: 2024-10-01T18:15:53
UK law enforcement and international partners have released new details about the cybercriminal gang Evil Corp, including its use of the Lockbit ransomware platform and ties to Russian intelligence.
Published: 2024-10-01T16:59:21
Scamming operations that once originated in Southeast Asia are now proliferating around the world, likely raking in billions of dollars in the process.
Published: 2024-09-30T10:00:00
New variants of an Android banking trojan called TrickMo have been found to harbor previously undocumented features to steal a device's unlock pattern or PIN. "This new addition enables the threat actor to operate on the device even while it is locked," Zimperium security researcher Aazim Yaswant said in an analysis published last week. First spotted in the wild in 2019, TrickMo is so named for
Published: 2024-10-15T21:17:00
Cybersecurity researchers have disclosed a new malware campaign that leverages a malware loader named PureCrypter to deliver a commodity remote access trojan (RAT) called DarkVision RAT. The activity, observed by Zscaler ThreatLabz in July 2024, involves a multi-stage process to deliver the RAT payload. "DarkVision RAT communicates with its command-and-control (C2) server using a custom network
Published: 2024-10-15T20:50:00
North Korean threat actors have been observed using a Linux variant of a known malware family called FASTCash to steal funds as part of a financially-motivated campaign. The malware is "installed on payment switches within compromised networks that handle card transactions for the means of facilitating the unauthorized withdrawal of cash from ATMs," a security researcher who goes by HaxRob said.
Published: 2024-10-15T20:13:00
In recent years, the number and sophistication of zero-day vulnerabilities have surged, posing a critical threat to organizations of all sizes. A zero-day vulnerability is a security flaw in software that is unknown to the vendor and remains unpatched at the time of discovery. Attackers exploit these flaws before any defensive measures can be implemented, making zero-days a potent weapon for
Published: 2024-10-15T16:30:00
China's National Computer Virus Emergency Response Center (CVERC) has doubled down on claims that the threat actor known as Volt Typhoon is a fabrication of the U.S. and its allies. The agency, in collaboration with the National Engineering Laboratory for Computer Virus Prevention Technology, went on to accuse the U.S. federal government, intelligence agencies, and Five Eyes countries of
Published: 2024-10-15T13:33:00
Cybersecurity researchers have disclosed a new malware campaign that delivers Hijack Loader artifacts that are signed with legitimate code-signing certificates. French cybersecurity company HarfangLab, which detected the activity at the start of the month, said the attack chains aim to deploy an information stealer known as Lumma. Hijack Loader, also known as DOILoader, IDAT Loader, and
Published: 2024-10-15T12:13:00
The maintainers of the Jetpack WordPress plugin have released a security update to remediate a critical vulnerability that could allow logged-in users to access forms submitted by others on a site. Jetpack, owned by WordPress maker Automattic, is an all-in-one plugin that offers a comprehensive suite of tools to improve site safety, performance, and traffic growth. It's used on 27 million
Published: 2024-10-15T10:26:00
A suspected nation-state adversary has been observed weaponizing three security flaws in Ivanti Cloud Service Appliance (CSA) a zero-day to perform a series of malicious actions. That's according to findings from Fortinet FortiGuard Labs, which said the vulnerabilities were abused to gain unauthenticated access to the CSA, enumerate users configured in the appliance, and attempt to access the
Published: 2024-10-14T17:05:00
The link between detection and response (DR) practices and cloud security has historically been weak. As global organizations increasingly adopt cloud environments, security strategies have largely focused on "shift-left" practices securing code, ensuring proper cloud posture, and fixing misconfigurations. However, this approach has led to an over-reliance on a multitude of DR tools spanning
Published: 2024-10-14T16:39:00
Cybersecurity researchers have found that entry points could be abused across multiple programming ecosystems like PyPI, npm, Ruby Gems, NuGet, Dart Pub, and Rust Crates to stage software supply chain attacks. "Attackers can leverage these entry points to execute malicious code when specific commands are run, posing a widespread risk in the open-source landscape," Checkmarx researchers Yehuda
Published: 2024-10-14T16:38:00
Hey there, it's your weekly dose of "what the heck is going on in cybersecurity land" and trust me, you NEED to be in the loop this time. We've got everything from zero-day exploits and AI gone rogue to the FBI playing crypto kingpin it's full of stuff they don't want you to know. So let's jump in before we get FOMO. Threat of the Week GoldenJackal Hacks Air-Gapped Systems: Meet
Published: 2024-10-14T16:13:00
Threat actors are actively attempting to exploit a now-patched security flaw in Veeam Backup & Replication to deploy Akira and Fog ransomware. Cybersecurity vendor Sophos said it has been tracking a series of attacks in the past month leveraging compromised VPN credentials and CVE-2024-40711 to create a local account and deploy the ransomware. CVE-2024-40711, rated 9.8 out of 10.0 on the
Published: 2024-10-14T14:25:00
The Iranian threat actor known as OilRig has been observed exploiting a now-patched privilege escalation flaw impacting the Windows Kernel as part of a cyber espionage campaign targeting the U.A.E. and the broader Gulf region. "The group utilizes sophisticated tactics that include deploying a backdoor that leverages Microsoft Exchange servers for credentials theft, and exploiting vulnerabilities
Published: 2024-10-13T15:10:00
The U.S. Department of Justice (DoJ) has announced arrests and charges against several individuals and entities in connection with allegedly manipulating digital asset markets as part of a widespread fraud operation. The law enforcement action codenamed Operation Token Mirrors is the result of the U.S. Federal Bureau of Investigation (FBI) taking the "unprecedented step" of creating its own
Published: 2024-10-12T10:36:00
A new tax-themed malware campaign targeting insurance and finance sectors has been observed leveraging GitHub links in phishing email messages as a way to bypass security measures and deliver Remcos RAT, indicating that the method is gaining traction among threat actors. "In this campaign, legitimate repositories such as the open-source tax filing software, UsTaxes, HMRC, and InlandRevenue were
Published: 2024-10-11T22:43:00
Threat actors constantly change tactics to bypass cybersecurity measures, developing innovative methods to steal user credentials. Hybrid password attacks merge multiple cracking techniques to amplify their effectiveness. These combined approaches exploit the strengths of various methods, accelerating the password-cracking process. In this post, we’ll explore hybrid attacks what they are
Published: 2024-10-11T16:30:00
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning that it has observed threat actors leveraging unencrypted persistent cookies managed by the F5 BIG-IP Local Traffic Manager (LTM) module to conduct reconnaissance of target networks. It said the module is being used to enumerate other non-internet-facing devices on the network. The agency, however, did not disclose who
Published: 2024-10-11T14:04:00
GitLab has released security updates for Community Edition (CE) and Enterprise Edition (EE) to address eight security flaws, including a critical bug that could allow running Continuous Integration and Continuous Delivery (CI/CD) pipelines on arbitrary branches. Tracked as CVE-2024-9164, the vulnerability carries a CVSS score of 9.6 out of 10. "An issue was discovered in GitLab EE
Published: 2024-10-11T11:59:00
The Dutch police have announced the takedown of Bohemia and Cannabia, which has been described as the world's largest and longest-running dark web market for illegal goods, drugs, and cybercrime services. The takedown is the result of a collaborative investigation with Ireland, the United Kingdom, and the United States that began towards the end of 2022, the Politie said. The marketplace
Published: 2024-10-11T11:31:00
OpenAI on Wednesday said it has disrupted more than 20 operations and deceptive networks across the world that attempted to use its platform for malicious purposes since the start of the year. This activity encompassed debugging malware, writing articles for websites, generating biographies for social media accounts, and creating AI-generated profile pictures for fake accounts on X. "Threat
Published: 2024-10-10T18:57:00
Cybersecurity researchers are warning about an unpatched vulnerability in Nice Linear eMerge E3 access controller systems that could allow for the execution of arbitrary operating system (OS) commands. The flaw, assigned the CVE identifier CVE-2024-9441, carries a CVSS score of 9.8 out of a maximum of 10.0, according to VulnCheck. "A vulnerability in the Nortek Linear eMerge E3 allows remote
Published: 2024-10-10T17:40:00
The current SOC model relies on a scarce resource: human analysts. These professionals are expensive, in high demand, and increasingly difficult to retain. Their work is not only highly technical and high-risk, but also soul-crushingly repetitive, dealing with a constant flood of alerts and incidents. As a result, SOC analysts often leave in search of better pay, the opportunity to move beyond
Published: 2024-10-10T16:30:00
Cybersecurity researchers have shed light on a new digital skimmer campaign that leverages Unicode obfuscation techniques to conceal a skimmer dubbed Mongolian Skimmer. "At first glance, the thing that stood out was the script's obfuscation, which seemed a bit bizarre because of all the accented characters," Jscrambler researchers said in an analysis. "The heavy use of Unicode characters, many
Published: 2024-10-10T12:48:00
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting Fortinet products to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2024-23113 (CVSS score: 9.8), relates to a case of remote code execution that affects FortiOS, FortiPAM, FortiProxy, and FortiWeb. "A
Published: 2024-10-10T11:14:00
Mozilla has revealed that a critical security flaw impacting Firefox and Firefox Extended Support Release (ESR) has come under active exploitation in the wild. The vulnerability, tracked as CVE-2024-9680 (CVSS score: 9.8), has been described as a use-after-free bug in the Animation timeline component. "An attacker was able to achieve code execution in the content process by exploiting a
Published: 2024-10-10T09:54:00
Google on Wednesday announced a new partnership with the Global Anti-Scam Alliance (GASA) and DNS Research Federation (DNS RF) to combat online scams. The initiative, which has been codenamed the Global Signal Exchange (GSE), is designed to create real-time insights into scams, fraud, and other forms of cybercrime pooling together threat signals from different data sources in order to create
Published: 2024-10-09T22:30:00
Details have emerged about multiple security vulnerabilities in two implementations of the Manufacturing Message Specification (MMS) protocol that, if successfully exploited, could have severe impacts in industrial environments. "The vulnerabilities could allow an attacker to crash an industrial device or in some cases, enable remote code execution," Claroty researchers Mashav Sapir and Vera
Published: 2024-10-09T21:03:00
Threat actors with ties to North Korea have been observed targeting job seekers in the tech industry to deliver updated versions of known malware families tracked as BeaverTail and InvisibleFerret. The activity cluster, tracked as CL-STA-0240, is part of a campaign dubbed Contagious Interview that Palo Alto Networks Unit 42 first disclosed in November 2023. "The threat actor behind CL-STA-0240
Published: 2024-10-09T19:03:00
Social media accounts help shape a brand’s identity and reputation. These public forums engage directly with customers as they are a hub to connect, share content and answer questions. However, despite the high profile role these accounts have, many organizations overlook social media account security. Many lack the safeguards to prevent unauthorized access a situation no organization wants as
Published: 2024-10-09T16:30:00
Microsoft has released security updates to fix a total of 118 vulnerabilities across its software portfolio, two of which have come under active exploitation in the wild. Of the 118 flaws, three are rated Critical, 113 are rated Important, and two are rated Moderate in severity. The Patch Tuesday update doesn't include the 25 additional flaws that the tech giant addressed in its Chromium-based
Published: 2024-10-09T12:23:00
Microsoft is warning of cyber attack campaigns that abuse legitimate file hosting services such as SharePoint, OneDrive, and Dropbox that are widely used in enterprise environments as a defense evasion tactic. The end goal of the campaigns are broad and varied, allowing threat actors to compromise identities and devices and conduct business email compromise (BEC) attacks, which ultimately result
Published: 2024-10-09T09:52:00
Ivanti has warned that three new security vulnerabilities impacting its Cloud Service Appliance (CSA) have come under active exploitation in the wild. The zero-day flaws are being weaponized in conjunction with another flaw in CSA that the company patched last month, the Utah-based software services provider said. Successful exploitation of these vulnerabilities could allow an authenticated
Published: 2024-10-08T22:08:00
Users searching for game cheats are being tricked into downloading a Lua-based malware that is capable of establishing persistence on infected systems and delivering additional payloads. "These attacks capitalize on the popularity of Lua gaming engine supplements within the student gamer community," Morphisec researcher Shmuel Uzan said in a new report published today, adding "this malware
Published: 2024-10-08T21:56:00
Russian government agencies and industrial entities are the target of an ongoing activity cluster dubbed Awaken Likho. "The attackers now prefer using the agent for the legitimate MeshCentral platform instead of the UltraVNC module, which they had previously used to gain remote access to systems," Kaspersky said, detailing a new campaign that began in June 2024 and continued at least until
Published: 2024-10-08T16:47:00
A little-known threat actor tracked as GoldenJackal has been linked to a series of cyber attacks targeting embassies and governmental organizations with an aim to infiltrate air-gapped systems using two disparate bespoke toolsets. Victims included a South Asian embassy in Belarus and a European Union (E.U.) government organization, Slovak cybersecurity company ESET said. "The ultimate goal of
Published: 2024-10-08T16:28:00
Is your store at risk? Discover how an innovative web security solution saved one global online retailer and its unsuspecting customers from an “evil twin” disaster. Read the full real-life case study here. The Invisible Threat in Online Shopping When is a checkout page, not a checkout page? When it's an “evil twin”! Malicious redirects can send unsuspecting shoppers to these perfect-looking
Published: 2024-10-08T16:28:00
Introduction Artificial intelligence (AI) deepfakes and misinformation may cause worry in the world of technology and investment, but this powerful, foundational technology has the potential to benefit organizations of all kinds when harnessed appropriately. In the world of cybersecurity, one of the most important areas of application of AI is augmenting and enhancing identity management
Published: 2024-10-08T15:40:00
Ukraine has claimed responsibility for a cyber attack that targeted Russia state media company VGTRK and disrupted its operations, according to reports from Bloomberg and Reuters. The incident took place on the night of October 7, VGTRK confirmed, describing it as an "unprecedented hacker attack." However, it said "no significant damage" was caused and that everything was working normally
Published: 2024-10-08T11:19:00
Qualcomm has rolled out security updates to address nearly two dozen flaws spanning proprietary and open-source components, including one that has come under active exploitation in the wild. The high-severity vulnerability, tracked as CVE-2024-43047 (CVSS score: 7.8), has been described as a user-after-free bug in the Digital Signal Processor (DSP) Service that could lead to "memory corruption
Published: 2024-10-08T09:37:00
Cybersecurity researchers have discovered a new botnet malware family called Gorilla (aka GorillaBot) that draws its inspiration from the leaked Mirai botnet source code. Cybersecurity firm NSFOCUS, which identified the activity last month, said the botnet "issued over 300,000 attack commands, with a shocking attack density" between September 4 and September 27, 2024. No less than 20,000
Published: 2024-10-07T19:22:00
Organizations are losing between $94 - $186 billion annually to vulnerable or insecure APIs (Application Programming Interfaces) and automated abuse by bots. That’s according to The Economic Impact of API and Bot Attacks report from Imperva, a Thales company. The report highlights that these security threats account for up to 11.8% of global cyber events and losses, emphasizing the escalating
Published: 2024-10-07T16:55:00
The interest in passwordless authentication has increased due to the rise of hybrid work environments and widespread digitization. This has led to a greater need for reliable data security and user-friendly interfaces. Without these measures, organizations are at risk of experiencing data breaches, leaks, and significant financial losses. While traditional password-based systems offer
Published: 2024-10-07T15:35:00
A critical security flaw has been disclosed in the Apache Avro Java Software Development Kit (SDK) that, if successfully exploited, could allow the execution of arbitrary code on susceptible instances. The flaw, tracked as CVE-2024-47561 (CVSS score: 9.3), impacts all versions of the software prior to 1.11.4. "Schema parsing in the Java SDK of Apache Avro 1.11.3 and previous versions allows bad
Published: 2024-10-07T15:00:00
Ever heard of a "pig butchering" scam? Or a DDoS attack so big it could melt your brain? This week's cybersecurity recap has it all government showdowns, sneaky malware, and even a dash of app store shenanigans. Get the scoop before it's too late! Threat of the Week Double Trouble: Evil Corp & LockBit Fall: A consortium of international law enforcement agencies took steps to arrest four
Published: 2024-10-07T14:46:00
Google has announced that it's piloting a new security initiative that automatically blocks sideloading of potentially unsafe Android apps in India, after similar tests in Singapore, Thailand, and Brazil. The enhanced fraud protection feature aims to keep users safe when they attempt to install malicious apps from sources other than the Google Play Store, such as web browsers, messaging apps,
Published: 2024-10-07T14:45:00
Europe's top court has ruled that Meta Platforms must restrict the use of personal data harvested from Facebook for serving targeted ads even when users consent to their information being used for advertising purposes, a move that could have serious consequences for ad-driven companies operating in the region. "An online social network such as Facebook cannot use all of the personal data
Published: 2024-10-07T12:02:00
Apple has released iOS and iPadOS updates to address two security issues, one of which could have allowed a user's passwords to be read out aloud by its VoiceOver assistive technology. The vulnerability, tracked as CVE-2024-44204, has been described as a logic problem in the new Passwords app impacting a slew of iPhones and iPads. Security researcher Bistrit Daha has been credited with
Published: 2024-10-05T10:20:00
Microsoft and the U.S. Department of Justice (DoJ) on Thursday announced the seizure of 107 internet domains used by state-sponsored threat actors with ties to Russia to facilitate computer fraud and abuse in the country. "The Russian government ran this scheme to steal Americans' sensitive information, using seemingly legitimate email accounts to trick victims into revealing account credentials
Published: 2024-10-04T18:36:00
Continuous Threat Exposure Management (CTEM) is a strategic framework that helps organizations continuously assess and manage cyber risk. It breaks down the complex task of managing security threats into five distinct stages: Scoping, Discovery, Prioritization, Validation, and Mobilization. Each of these stages plays a crucial role in identifying, addressing, and mitigating vulnerabilities -
Published: 2024-10-04T15:23:00
Cloudflare has disclosed that it mitigated a record-breaking distributed denial-of-service (DDoS) attack that peaked at 3.8 terabits per second (Tbps) and lasted 65 seconds. The web infrastructure and security company said it fended off "over one hundred hyper-volumetric L3/4 DDoS attacks throughout last month, with many exceeding 2 billion packets per second (Bpps) and 3 terabits per second (
Published: 2024-10-04T15:20:00
North Korea-linked actors deploy a new Linux variant of FASTCash malware to target financial systems, researcher HaxRob revealed. The cybersecurity researcher HaxRob analyzed a new variant of the FASTCash “payment switch” malware which targets Linux systems. The variant discovered by the researcher was previously unknown and targets Ubuntu 22.04 LTS distributions. In November 2018, Symantec […]
Published: 2024-10-15T17:57:50
WordPress Jetpack plugin issued an update to fix a critical flaw allowing logged-in users to view form submissions by others on the same site. The maintainers of the WordPress Jetpack plugin have addressed a critical vulnerability that could allow logged-in users to access forms submitted by other users on the same site. Jetpack is a […]
Published: 2024-10-15T09:43:04
Pokemon dev Game Freak confirmed that an August cyberattack led to source code leaks and designs for unpublished games online. Game Freak Inc. is a popular Japanese video game developer, founded on April 26, 1989, by Satoshi Tajiri, Ken Sugimori, and Junichi Masuda. It is primarily known as the main developer of the Pok mon video game series. The […]
Published: 2024-10-15T05:23:53
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: Last week, Ivanti warned of three new security vulnerabilities (CVE-2024-9379, CVE-2024-9380, and CVE-2024-9381) in its Cloud Service Appliance (CSA) […]
Published: 2024-10-14T20:46:58
An alleged nation-state actor exploited three zero-day vulnerabilities in Ivanti Cloud Service Appliance (CSA) in recent attacks. Fortinet FortiGuard Labs researchers warn that a suspected nation-state actor has been exploiting three Ivanti Cloud Service Appliance (CSA) zero-day issues to carry out malicious activities. The three vulnerabilities exploited by the threat actor are: “an advanced adversary […]
Published: 2024-10-14T16:58:51
Dutch police dismantled Bohemia/Cannabia, two major dark web markets for illegal goods, drugs, and cybercrime services. The Dutch police have announced the success of a new joint law enforcement operation that led to the shutdown of the dual dark web marketplace Bohemia/Cannabia. These are two of the largest and longest-running dark web platforms for the […]
Published: 2024-10-14T11:00:26
US-based financial services company Fidelity Investments warns 77,000 individuals of a data breach that exposed their personal information. U.S.-based financial services company Fidelity Investments is notifying 77,099 individuals that their personal information was compromised in an August cyberattack. The data breach occurred on August 17, 2024 and was discovered two days later, on August 19, 2024. […]
Published: 2024-10-14T07:12:47
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Over 300,000! GorillaBot: The New King of DDoS Attacks Hidden cryptocurrency mining and theft campaign affected over […]
Published: 2024-10-13T13:23:43
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. A cyber attack hit Iranian government sites and nuclear facilities Ransomware operators exploited Veeam Backup & Replication flaw […]
Published: 2024-10-13T13:03:10
U.S. and U.K. cyber agencies warn that Russia-linked group APT29 is targeting vulnerable Zimbra and JetBrains TeamCity servers on a large scale. Russia-linked cyber espionage group APT29 (aka SVR group, BlueBravo, Cozy Bear, Nobelium, Midnight Blizzard, and The Dukes) target vulnerable Zimbra and JetBrains TeamCity servers as part of a mass scale campaign, U.S. and U.K. cyber agencies warned. The Federal Bureau […]
Published: 2024-10-13T04:38:19
Iranian Cyberspies Exploiting Recent Windows Kernel Vuln
Splunk Enterprise Update Patches Remote Code Execution Vulns
Log4j Still Being Exploited Nearly 3 Years Later
New CounterSEVeillance And TDXDown Attacks Target AMD And Intel TEEs
Ward Christensen, BBS Inventor And Architect Of Our Online Age, Dies At 78
Pentagon Shares New Cybersecurity Rules For Gov't Contractors
Lynx Ransomware Analyses Reveal Similarities To INC Ransom
Thousands Of Fortinet Instances Vulnerable To Actively Exploited Flaw
Hacked Robot Vacuums Across The U.S. Started Yelling Slurs
OpenAI Says Iranian Hackers Used ChatGPT To Plan ICS Attacks
Recent Veeam Vulnerability Exploited In Ransomware Attacks
Fidelity Investments Data Breach Impacts 77,000 Customers
ShadowLogic Attack Targets AI Model Graphs To Create Codeless Backdoors
Meet The Team Paid To Break Into Top Secret Bases
FBI Created A Cryptocurrency So It Could Watch It Being Abused
US Charges 3 Companies, 15 People With Cryptocurrency Fraud
Firefox 131 Update Patches Exploited Zero-Day Vulnerability
Doctor Web Refutes Hackers' Claim Of User Data Theft
Siemens Device PIN Susceptible To Remote Brute Force In Older Model
Internet Archive Leaks User Info And Succumbs To DDoS
CISA Adds Fresh Ivanti Vuln, Critical Fortinet Bug To Hall Of Shame
The Disappearance Of An Internet Domain
GoldenJackal Threat Group Targets Air-Gapped Government Systems
Casio Hit By Cyberattack
Microsoft Confirms Exploited Zero-Day In Windows Management Console
Cybercriminals Are Increasingly Helping Russia and China Target the US and Allies, Microsoft SaysIndustry Moves for the week of October 14, 2024 - SecurityWeek
Election Day is Close, the Threat of Cyber Disruption is Real
GitHub Patches Critical Vulnerability in Enterprise Server
Volkswagen Says IT Infrastructure Not Affected After Ransomware Gang Claims Data Theft
CISO Conversations: Julien Soriano (Box) and Chris Peake (Smartsheet)
Splunk Enterprise Update Patches Remote Code Execution Vulnerabilities
Organizations Slow to Protect Doors Against Hackers: Researcher
Critical Vulnerability Patched in 101 Releases of WordPress Plugin Jetpack
Open Source Package Entry Points May Lead to Supply Chain Attacks
New CounterSEVeillance and TDXDown Attacks Target AMD and Intel TEEs
CISA and FBI Warn of Iranian-Backed Cyber Activity to Undermine U.S. Democratic Institutions
CISA Kicks Off 21st Anniversary of Cybersecurity Awareness Month
CISA Releases Anonymous Threat Response Guidance and Toolkit for K-12 Schools
Joint ODNI, FBI, and CISA Statement
CISA Releases Plan to Align Operational Cybersecurity Priorities for Federal Agencies
FBI and CISA Release Joint PSA, Just So You Know: False Claims of Hacked Voter Information Likely Intended to Sow Distrust of U.S. Elections
CISA Releases Election Security Focused Checklists for Both Cybersecurity and Physical Security
CISA Launches New Portal to Improve Cyber Reporting
Election Security Partners Host 7th Annual Tabletop the Vote Exercise for 2024
Joint ODNI, FBI, and CISA Statement on Iranian Election Influence Efforts
A Message to Election Officials from CISA Director Jen Easterly
Region 8 Invites You to Secure Our World
CISA Director Jen Easterly Remarks at the Election Center 39th Annual National Conference in Detroit
Learn with Region 8’s Webinar Program
Shaping the legacy of partnership between government and private sector globally: JCDC
SAFECOM and NCSWIC Develop Global Positioning System (GPS) for Public Safety Location Services: Use Cases and Best Practices
Region 10 Team Provides Vital Election Security Training for Idaho
SAFECOM Membership Spotlight ft. Red Grasso, North Carolina Department of Information Technology
SAFECOM Releases New Resource for Cloud Adoption
With Open Source Artificial Intelligence, Don’t Forget the Lessons of Open Source Software
CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Releases Two Industrial Control Systems Advisories
Siemens Siveillance Video Camera
Guidance: Framing Software Component Transparency: Establishing a Common Software Bill of Materials (SBOM)
Schneider Electric Data Center Expert
Rockwell Automation ControlLogix
Best Practices to Configure BIG-IP LTM Systems to Encrypt HTTP Persistence Cookies
Siemens Teamcenter Visualization and JT2Go
Siemens SINEC Security Monitor
Siemens PSS SINCAL
Siemens Sentron Powercenter 1000
Rockwell Automation DataMosaix Private Cloud
Rockwell Automation Logix Controllers
Delta Electronics CNCSoft-G2
Siemens SIMATIC S7-1500 and S7-1200 CPUs
Siemens SENTRON PAC3200 Devices
Siemens JT2Go
Siemens SIMATIC S7-1500 CPUs
Siemens Tecnomatix Plant Simulation
Rockwell Automation DataMosaix Private Cloud
Rockwell Automation PowerFlex 6000T
CISA Releases Twenty-One Industrial Control Systems Advisories
Siemens Simcenter Nastran
Siemens Questa and ModelSim
Siemens HiMed Cockpit
Siemens RUGGEDCOM APE1808
Schneider Electric Zelio Soft 2
Rockwell Automation Verve Asset Manager
CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA and FBI Release Fact Sheet on Protecting Against Iranian Targeting of Accounts Associated with National Political Organizations
[webapps] reNgine 2.2.0 - Command Injection (Authenticated)
[webapps] openSIS 9.1 - SQLi (Authenticated)
[webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
[webapps] NoteMark < 0.13.0 - Stored XSS
[webapps] Gitea 1.22.0 - Stored XSS
[webapps] Invesalius3 - Remote Code Execution
[dos] Windows TCP/IP - RCE Checker and Denial of Service
[webapps] Aurba 501 - Authenticated RCE
[webapps] HughesNet HT2000W Satellite Modem - Password Reset
[webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Device Config Disclosure
[webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
[webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
[webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
[webapps] Helpdeskz v2.0.2 - Stored XSS
[webapps] Calibre-web 0.6.21 - Stored XSS
[webapps] Devika v1 - Path Traversal via 'snapshot_path'
[local] Genexus Protection Server 9.7.2.10 - 'protsrvservice' Unquoted Service Path
[local] SolarWinds Kiwi Syslog Server 9.6.7.1 - Unquoted Service Path
[local] Oracle Database 12c Release 1 - Unquoted Service Path
[webapps] Ivanti vADC 9.9 - Authentication Bypass
[local] Bonjour Service 'mDNSResponder.exe' - Unquoted Service Path Privilege Escalation
[webapps] Xhibiter NFT Marketplace 1.10.2 - SQL Injection
[webapps] Azon Dominator Affiliate Marketing Script - SQL Injection
[webapps] Microweber 2.0.15 - Stored XSS
[webapps] Customer Support System 1.0 - Stored XSS
[webapps] Automad 2.0.0-alpha.4 - Stored Cross-Site Scripting (XSS)
[webapps] SolarWinds Platform 2024.1 SR1 - Race Condition
[webapps] Flatboard 3.2 - Stored Cross-Site Scripting (XSS) (Authenticated)
[webapps] Poultry Farm Management System v1.0 - Remote Code Execution (RCE)
[webapps] Boelter Blue System Management 1.3 - SQL Injection
[webapps] WP-UserOnline 2.88.0 - Stored Cross Site Scripting (XSS) (Authenticated)
[webapps] PHP < 8.3.8 - Remote Code Execution (Unauthenticated) (Windows)
[webapps] AEGON LIFE v1.0 Life Insurance Management System - SQL injection vulnerability.
[webapps] AEGON LIFE v1.0 Life Insurance Management System - Unauthenticated Remote Code Execution (RCE)
[webapps] XMB 1.9.12.06 - Stored XSS
[webapps] Carbon Forum 5.9.0 - Stored XSS
[webapps] AEGON LIFE v1.0 Life Insurance Management System - Stored cross-site scripting (XSS)
[webapps] appRain CMF 4.0.5 - Remote Code Execution (RCE) (Authenticated)
[webapps] CMSimple 5.15 - Remote Code Execution (RCE) (Authenticated)
[webapps] WBCE CMS v1.6.2 - Remote Code Execution (RCE)
[webapps] Monstra CMS 3.0.4 - Remote Code Execution (RCE)
[webapps] Dotclear 2.29 - Remote Code Execution (RCE)
[webapps] Serendipity 2.5.0 - Remote Code Execution (RCE)
[webapps] Sitefinity 15.0 - Cross-Site Scripting (XSS)
[webapps] FreePBX 16 - Remote Code Execution (RCE) (Authenticated)
[webapps] Akaunting 3.1.8 - Server-Side Template Injection (SSTI)
[webapps] Check Point Security Gateway - Information Disclosure (Unauthenticated)
[webapps] Aquatronica Control System 5.1.6 - Information Disclosure
[webapps] changedetection < 0.45.20 - Remote Code Execution (RCE)
[webapps] ElkArte Forum 1.1.9 - Remote Code Execution (RCE) (Authenticated)
SEC Consult SA-20241009-0 :: Local Privilege Escalation via MSI installer in Palo Alto Networks GlobalProtect (CVE-2024-9473)
APPLE-SA-10-03-2024-1 iOS 18.0.1 and iPadOS 18.0.1
Some SIM / USIM card security (and ecosystem) info
SEC Consult SA-20240930-0 :: Local Privilege Escalation via MSI Installer in Nitro PDF Pro (CVE-2024-35288)
Backdoor.Win32.Benju.a / Unauthenticated Remote Command Execution
Backdoor.Win32.Prorat.jz / Remote Stack Buffer Overflow (SEH)
Backdoor.Win32.Amatu.a / Remote Arbitrary File Write (RCE)
Backdoor.Win32.Agent.pw / Remote Stack Buffer Overflow (SEH)
Backdoor.Win32.Boiling / Remote Command Execution
Defense in depth -- the Microsoft way (part 88): a SINGLE command line shows about 20, 000 instances of CWE-73
SEC Consult SA-20240925-0 :: Uninstall Password Bypass in BlackBerry CylanceOPTICS Windows Installer Package (CVE-2024-35214)
Apple iOS 17.2.1 - Screen Time Passcode Retrieval (Mitigation Bypass)
CyberDanube Security Research 20240919-0 | Multiple Vulnerabilities in Netman204
Submit Exploit CVE-2024-42831
Stored XSS in "Edit Profile" - htmlyv2.9.9
Re: CVE-2024-47191: Local root exploit in the PAM module pam_oath.so
Re: CVE-2024-47191: Local root exploit in the PAM module pam_oath.so
CVE-2024-45693: Apache CloudStack: Request origin validation bypass makes account takeover possible
CVE-2024-45462: Apache CloudStack: Incomplete session invalidation on web interface logout
CVE-2024-45461: Apache CloudStack Quota plugin: Access checks not enforced in Quota
CVE-2024-45219: Apache CloudStack: Uploaded and registered templates and volumes can be used to abuse KVM-based infrastructure
Re: CVE-2024-47191: Local root exploit in the PAM module pam_oath.so
CVE-2023-50780: Apache ActiveMQ Artemis: Authenticated users could perform RCE via Jolokia MBeans
[kubernetes] CVE-2024-9486 and CVE-2024-9594: VM images built with Kubernetes Image Builder use default credentials
CVE-2024-46911: Apache Roller: Weakness in CSRF protection allows privilege escalation
libarchive 3.7.5 released with security fixes
CVE-2024-28168: Apache XML Graphics FOP: XML External Entity (XXE) Processing
Re: CVE-2024-47191: Local root exploit in the PAM module pam_oath.so
CVE-2024-45720: Apache Subversion: Command line argument injection on Windows platforms
Re: CVE-2024-47191: Local root exploit in the PAM module pam_oath.so