Today's Core Dump is brought to you by ThreatPerspective

Biz & IT Ars Technica

Archive.org, a repository of the history of the Internet, has a data breach

31 million records containing email addresses and password hashes exposed. Archive.org, one of the only entities to attempt to preserve the entire history of the World Wide Web and much of the broader Internet, was recently compromised in a hack that revealed data on roughly 31 million users. A little after 2...

Published: 2024-10-10T00:12:56



Biz & IT Ars Technica

Thousands of Linux systems infected by stealthy malware since 2021

The ability to remain installed and undetected makes Perfctl hard to fight. Thousands of machines running Linux have been infected by a malware strain that’s notable for its stealth, the number of misconfigurati

Published: 2024-10-03T23:42:05



Biz & IT Ars Technica

Attackers exploit critical Zimbra vulnerability using cc’d email addresses

When successful, attacks install a backdoor. Getting it to work reliably is another matter. Attackers are actively exploiting a critical vulnerability in mail servers sold by Zimbra in an attempt to remotely exe

Published: 2024-10-02T21:50:28



The Register - Software

One-year countdown to 'biggest Ctrl-Alt-Delete in history' as Windows 10 approaches end of support

Microsoft's hardware compatibility gamble still hasn't paid off Windows 10 is now just a year from its end of support date, and it is clear that Microsoft's hardware compatibility gamble has yet to pay off.

Published: 2024-10-14T17:27:12



The Register - Software

Anthropic's Claude vulnerable to 'emotional manipulation'

AI model safety only goes so far Anthropic's Claude 3.5 Sonnet, despite its reputation as one of the better behaved generative AI models, can still be convinced to emit racist hate speech and malware.

Published: 2024-10-12T10:30:07



The Register - Software

OpenAI says Chinese gang tried to phish its staff

Claims its models aren't making threat actors more sophisticated - but is helping debug their code OpenAI has alleged the company disrupted a spear-phishing campaign that saw a China-based group target its employees through both their personal and co

Published: 2024-10-10T04:05:39



The Verge - Securities

Password manager makers want to let you securely transfer passkeys

Illustration of a key being pixelated. The FIDO Alliance, the organization that’s helping shepherd passkey adoption, announced a draft of new specifications that would let users securely move their passkeys across different password managers. Passkeys are great it’s nice to be...

Published: 2024-10-15T14:13:22



The Verge - Securities

Arlo is launching its first wired floodlight camera

A lifestyle image of the Arlo Wired Floodlight Camera. Arlo is releasing a new floodlight security camera that connects directly to your home’s Wi-Fi and power source. That allows the Arlo Wired Floodlight Camera to monitor and illuminate outdoor spaces 24/7 without interruption, unlike battery...

Published: 2024-10-15T08:00:00



The Verge - Securities

The Internet Archive is back as a read-only service after cyberattacks

The Internet Archive’s Wayback Machine logo. The Internet Archive is back online in a read-only state after a cyberattack brought down the digital library and Wayback Machine last week. A data breach and DDoS attack kicked the site offline on October 9th, with a user authentication da...

Published: 2024-10-14T04:55:32



The Verge - Securities

Hackers took over robovacs to chase pets and yell slurs

A picture of the Deebot X2 Omni. Someone gained access to Ecovacs Deebot X2 Omni robotic vacuums across several US cities earlier this year and used them to chase pets and yell racist slurs at their owners, reported ABC News in Australia this week. The outlet spoke with m...

Published: 2024-10-12T13:23:49



The Verge - Securities

The Internet Archive is still down but will return in days, not weeks

Illustration of a computer screen with a blue exclamation point on it and an error box. The Internet Archive will come back within “days” following a cyberattack that brought down the organization’s vast digital library and the Wayback Machine, according to an update from founder Brewster Kahle. It’s been struggling due to a d...

Published: 2024-10-11T16:10:27



The Verge - Securities

The Internet Archive is under attack, with a breach revealing info for 31 million accounts

An image showing a laptop with “Error” notifications on the screen When visiting the Internet Archive (www.archive.org) on Wednesday afternoon, The Verge was greeted with a pop-up claiming the site had been hacked. Just after 9PM ET, Internet Archive founder Brewster Kahle confirmed the breach and said the...

Published: 2024-10-09T17:26:08



The Verge - Securities

How to use Apple's new Passwords app on iOS and macOS

Pop-up on moving passkey to group. Finally, there’s password sharing here, too. To share a password with someone else via AirDrop, select any password stored in the app, then click the share button (the square with an arrow). To share with a group of people: Click the + butto...

Published: 2024-10-09T10:30:00



The Verge - Securities

Kaspersky no longer on Google Play Store anywhere following US ban

Artwork showing a visually glitchy version of the Russian flag. Citing US restrictions, Google removed Kaspersky Lab’s antivirus software from the Play Store and terminated its developer account in the days leading up to the September 29th deadline of the restrictions, according to a Kaspersky blog post...

Published: 2024-10-08T10:17:33



The Verge - Securities

Data breach leaks SSNs of over 230,000 Comcast customers

Illustration of a computer screen with a blue exclamation point on it and an error box. A data breach has exposed the names, addresses, social security numbers, and birthdates of more than 237,700 Comcast customers. The breach stems from a security incident at Financial Business and Consumer Solutions (FBCS), a debt collection...

Published: 2024-10-07T12:02:34



The Verge - Securities

A new Android feature locks your screen if your phone is stolen

The Android logo on a black backdrop, surrounded by red shapes that resemble the Android mascot. Google is rolling out a new set of features aimed at making it less easy for thieves to access your data. That’s according to Mishaal Rahman, who posted on Reddit that the features are showing up in a new update after seeing that his Xiaomi...

Published: 2024-10-05T12:04:10



BleepingComputer

EDRSilencer red team tool used in attacks to bypass security

A tool for red-team operations called EDRSilencer has been observed in malicious incidents attempting to identify security tools and mute their alerts to management consoles. [...]

Published: 2024-10-15T14:47:40



BleepingComputer

Over 200 malicious apps on Google Play downloaded millions of times

Google Play, the official store for Android, distributed over a period of one year more than 200 malicious applications, which cumulatively counted nearly eight million downloads. [...]

Published: 2024-10-15T10:26:27



BleepingComputer

Cisco investigates breach after stolen data for sale on hacking forum

Cisco has confirmed to BleepingComputer that it is investigating recent claims that it suffered a breach after a threat actor began selling allegedly stolen data on a hacking forum. [...]

Published: 2024-10-14T22:25:02



BleepingComputer

New FASTCash malware Linux variant helps steal money from ATMs

North Korean hackers are using a new Linux variant of the FASTCash malware to infect the payment switch systems of financial institutions and perform unauthorized cash withdrawals. [...]

Published: 2024-10-14T18:15:49



BleepingComputer

TrickMo malware steals Android PINs using fake lock screen

Forty new variants of the TrickMo Android banking trojan have been identified in the wild, linked to 16 droppers and 22 distinct command and control (C2) infrastructures, with new features designed to steal Android PINs. [...]

Published: 2024-10-14T13:34:35



BleepingComputer

Pokemon dev Game Freak confirms breach after stolen data leaks online

Japanese video game developer Game Freak has confirmed it suffered a cyberattack in August after source code and game designs for unpublished games were leaked online. [...]

Published: 2024-10-14T11:43:14



BleepingComputer

Iranian hackers now exploit Windows flaw to elevate privileges

The Iranian state-sponsored hacking group APT34, aka OilRig, has recently escalated its activities with new campaigns targeting government and critical infrastructure entities in the United Arab Emirates and the Gulf region. [...]

Published: 2024-10-13T10:17:27



Technology

Facial recognition data breach: Meta glasses extract info in real time

This shows how the I-Xray software works, from capturing the image to aggregating the data In what might be described as a real-life Black Mirror episode, a Harvard student uses facial recognition with $379 Meta Ray-Ban 2 smart sunglasses - to dig up personal data on every face he sees in real time.Continue ReadingCategory: TechnologyTags:...

Published: 2024-10-02T22:10:52



Threat Intelligence

How Low Can You Go? An Analysis of 2023 Time-to-Exploit Trends

Number of vendors exploited by year Written by: Casey Charrier, Robert Weiner We note that the total number of vulnerabilities affecting a vendor does not directly relate to how secure or insecure a vendor's security posture is, nor does it s...

Published: 2024-10-15T14:00:00



Krebs on Security

Lamborghini Carjackers Lured by $243M Cyberheist

The parents of a 19-year-old Connecticut honors student accused of taking part in a $243 million cryptocurrency heist in August were carjacked a week later — while out house-hunting in a brand new Lamborghini. Prosecutors say the couple was bea...

Published: 2024-10-09T17:36:27



Krebs on Security

Patch Tuesday, October 2024 Edition

Microsoft today released security updates to fix at least 117 security holes in Windows computers and other software, including two vulnerabilities that are already seeing active attacks. Also, Adobe plugged 52 security holes across a range of produc...

Published: 2024-10-08T22:21:19



Krebs on Security

A Single Cloud Compromise Can Feed an Army of AI Sex Bots

Organizations that get relieved of credentials to their cloud environments can quickly find themselves part of a disturbing new trend: Cybercriminals using stolen cloud credentials to operate and resell sexualized AI-powered chat services. Researcher...

Published: 2024-10-03T13:05:52



The Register - Security

Microsoft says more ransomware stopped before reaching encryption

Volume of attacks still surging though, according to Digital Defense Report Microsoft says ransomware attacks are up 2.75 times compared to last year, but claims defenses are actually working better than ever.

Published: 2024-10-15T16:45:11



The Register - Security

AI amplifies systemic risk to financial sector, says India's Reserve Bank boss

Who also worries misinformation on social media could threaten liquidity The governor of India's Reserve Bank, Shri Shaktikanta Das, yesterday warned that AI and the platforms that provide it could worsen systemic risk to the nation's financial system.

Published: 2024-10-15T03:42:10



The Register - Security

China again claims Volt Typhoon cyber-attack crew was invented by the US to discredit it

Enough with the racist-sounding 'dragons' and 'pandas', Beijing complains then points the finger at koalas Chinese authorities have published another set of allegations that assert the Volt Typhoon cyber-crew is an invention of the US and its allies, and not a crew run by Beijing.

Published: 2024-10-15T01:15:08



The Register - Security

US healthcare org admits up to 400,000 people's personal info was snatched

It waited till just before Columbus Day weekend to make mandated filing, but don't worry, we saw it A Houston-based services provider to healthcare organizations says a crook may have grabbed up to 400,000 people's information after the miscreant accessed the systems of one of its customers.

Published: 2024-10-14T22:03:07



The Register - Security

Leveraging AI/ML for next-gen SOC environments

Technologies that help SOCs detect, analyze, and respond to emerging threats faster and more accurately Sponsored Post This article discusses some of the challenges traditional SOCs face and how integrating artificial intelligence/machine learning (AI/ML) modules could help solve the challenges faced by security professionals and organizations.

Published: 2024-10-14T14:43:05



The Register - Security

Trump campaign arms up with 'unhackable' phones after Iranian intrusion

Florida man gets his hands on 'the best ever' With less than a month to go before American voters head to the polls to choose their next president, the Trump campaign has been investing in secure tech to make sure it doesn't get compromised again.

Published: 2024-10-14T14:28:05



The Register - Security

Thousands of Fortinet instances vulnerable to actively exploited flaw

No excuses for not patching this nine-month-old issue More than 86,000 Fortinet instances remain vulnerable to the critical flaw that attackers started exploiting last week, according to Shadowserver's data.

Published: 2024-10-14T12:30:10



The Register - Security

How to head off data breaches with CIAM

Let Okta lift the lid on customer identity in this series of webinars Sponsored Post Recent reports suggest that stolen identity and privileged access credentials now account for 61 percent of all data breaches.

Published: 2024-10-14T09:00:10



The Register - Security

Crypto-apocalypse soon? Chinese researchers find a potential quantum attack on classical encryption

With an off-the-shelf D-Wave machine, but only against very short keys Chinese researchers claim they have found a way to use D-Wave's quantum annealing systems to develop a promising attack on classical encryption.

Published: 2024-10-14T06:30:09



The Register - Security

Schools bombarded by nation-state attacks, ransomware gangs, and everyone in between

Reading, writing, and cyber mayhem, amirite? If we were to draw an infosec Venn diagram, with one circle representing "sensitive info that attackers would want to steal" and the other "limited resources plus difficult-to-secure IT environments," education would sit in the overlap.

Published: 2024-10-13T13:00:05



The Register - Security

US and UK govts warn: Russia scanning for your unpatched vulnerabilities

Also, phishing's easier over the phone, and your F5 cookies might be unencrypted, and more in brief If you need an excuse to improve your patching habits, a joint advisory from the US and UK governments about a massive, ongoing Russian campaign exploiting known vulnerabilities should do the trick.

Published: 2024-10-12T03:05:11



The Register - Security

INC ransomware rebrands to Lynx same code, new name, still up to no good

Researchers point to evidence that scumbags visited the strategy boutique Researchers at Palo Alto's Unit 42 believe the INC ransomware crew is no more and recently rebranded itself as Lynx over a three-month period.

Published: 2024-10-11T23:00:14



The Register - Security

US lawmakers seek answers on alleged Salt Typhoon breach of telecom giants

Cyberspies abusing a backdoor? Groundbreaking Lawmakers are demanding answers about earlier news reports that China's Salt Typhoon cyberspies breached US telecommunications companies Verizon, AT&T, and Lumen Technologies, and hacked their wiretapping systems. They also urge federal regulators to hold these companies accountable for their infosec practices - or lack thereof.

Published: 2024-10-11T21:30:13



The Register - Security

RAC duo busted for stealing and selling crash victims' data

Roadside assistance biz praised for deploying security monitoring software and reporting workers to cops Two former workers at roadside assistance provider RAC were this week given suspended sentences after illegally copying and selling tens of thousands of lines of personal data on people involved in accidents.

Published: 2024-10-11T11:45:16



The Register - Security

Keir Starmer hands ex-Darktrace boss investment minister gig

What's harder? Convincing people to invest in a beleaguered security business or a tiny island everybody hates? Keir Starmer's decision to appoint Poppy Gustafsson as the UK's new investment minister is being resoundingly praised despite the former Darktrace boss spending years failing to fully rebuild investor confidence in the embattled company.

Published: 2024-10-11T11:13:42



The Register - Security

FBI created a cryptocurrency so it could watch it being abused

It worked alleged pump and dump schemers arrested in UK, US and Portugal this week The FBI created its own cryptocurrency so it could watch suspected fraudsters use it an idea that worked so well it produced arrests in three countries.

Published: 2024-10-11T05:28:09



The Register - Security

Healthcare attacks spread beyond US just ask India's Star Health

Acknowledges bulk customer data leak weeks after Telegram channels dangled it online Updated Leading Indian health insurance provider Star Health has admitted to being the victim of a cyber attack after criminals claimed they had posted records of 30-milion-plus clients online.

Published: 2024-10-11T02:57:43



The Register - Security

Crooks stole personal info of 77k Fidelity Investments customers

But hey, no worries, the firm claims no evidence of data misuse Fidelity Investments has notified 77,099 people that their personal information was stolen in an August data breach.

Published: 2024-10-10T21:30:06



The Register - Security

Secure your AI initiatives

Unlock the power of generative AI with AWS Webinar Generative AI (GenAI) has quickly transitioned from an emerging concept to a core driver of innovation across lots of different industries.

Published: 2024-10-10T14:16:16



The Register - Security

Fore-get about privacy, golf tech biz leaves 32M data records on the fairway

Researcher spots 110 TB of sensitive info sitting in unprotected database Nearly 32 million records belonging to users of tech from Trackman were left exposed to the internet, sitting in a non-password protected database, for an undetermined amount of time, according to researcher Jeremiah Fowler.

Published: 2024-10-10T14:14:10



The Register - Security

CISA adds fresh Ivanti vuln, critical Fortinet bug to hall of shame

Usual three-week window to address significant risks to federal agencies applies The US Cybersecurity and Infrastructure Security Agency (CISA) says vulnerabilities in Fortinet and Ivanti products are now being exploited, earning them places in its Known Exploited Vulnerabilities (KEV) catalog.

Published: 2024-10-10T13:34:14



The Register - Security

Mozilla patches critical Firefox vuln that attackers are already exploiting

Firefixed: It's maintenance time for low-complexity, high-impact security flaw It's patch time for Firefox fans as Mozilla issues a security advisory for a critical code execution vulnerability in the browser.

Published: 2024-10-10T11:30:10



The Register - Security

How to enable secure use of AI

Let the SANS AI Toolkit promote secure and responsible use of AI tools in the workplace Sponsored Post It's Cybersecurity Awareness Month again this October - a timely reminder for public and private sector organisations to work together and raise awareness about the importance of cybersecurity.

Published: 2024-10-10T07:46:57



The Register - Security

How should CISOs respond to the rise of GenAI?

Apply comprehensive security with access control, secure coding, infrastructure protection and AI governance Partner Content As generative AI (GenAI) becomes increasingly integrated into the corporate world, it is transforming everyday operations across various industries.

Published: 2024-10-10T07:24:43



The Register - Security

Dutch cops reveal takedown of 'world's largest dark web market'

Two arrested after allegedly trying to make off with their ill-gotten gains The alleged administrators of the infamous Bohemia and Cannabia dark web marketplaces have been arrested after apparently shuttering the sites and trying to flee with their earnings.

Published: 2024-10-10T06:30:14



The Register - Security

Internet Archive user info stolen in cyberattack, succumbs to DDoS

31M folks' usernames, email addresses, salted-encrypted passwords now out there The Internet Archive had a bad day on the infosec front, after being DDoSed and having had its user account data stolen in a security breach.

Published: 2024-10-10T01:33:05



The Register - Security

Moscow-adjacent GoldenJackal gang strikes air-gapped systems with custom malware

USB sticks help, but it's unclear how tools that suck malware from them are delivered A cyberespionage APT crew named GoldenJackal hacked air-gapped PCs belonging to government and diplomatic entities at least twice using two sets of custom malware, according to researchers from antivirus vendor ESET.

Published: 2024-10-09T23:31:08



The Register - Security

Smart TVs are spying on everyone

Regulators know this is a nightmare and have done little to stop it. Privacy advocacy group wants that to change Smart TVs are watching their viewers and harvesting their data to benefit brokers using the same ad technology that denies privacy on the internet.

Published: 2024-10-09T22:15:08



The Register - Security

Marriott settles for a piddly $52M after series of breaches affecting millions

Intruders stayed for free on the network between 2014 and 2020 Marriott has agreed to pay a $52 million penalty and develop a comprehensive infosec program following a series of major data breaches between 2014 and 2020 that affected more than 344 million people worldwide.

Published: 2024-10-09T21:08:19



The Register - Security

National Public Data files for bankruptcy, admits 'hundreds of millions' potentially affected

One-man-band faces a mountain of lawsuits but has few assets The Florida business behind data brokerage National Public Data has filed for bankruptcy, admitting "hundreds of millions" of people were potentially affected in one of the largest information leaks of the year.

Published: 2024-10-09T19:30:15



The Register - Security

Microsoft cleans up hot mess of Patch Tuesday preview

Go forth and install your important security fixes Microsoft says that the problems with the Windows 11 Patch Tuesday preview have now been resolved.

Published: 2024-10-09T15:14:13



The Register - Security

Ransomware gang Trinity joins pile of scumbags targeting healthcare

As if hospitals and clinics didn't have enough to worry about At least one US healthcare provider has been infected by Trinity, an emerging cybercrime gang with eponymous ransomware that uses double extortion and other "sophisticated" tactics that make it a "significant threat," according to the feds.

Published: 2024-10-09T13:45:08



The Register - Security

Microsoft issues 117 patches some for flaws already under attack

Plus: SAP re-patches a failed patch for critical-rated flaw Patch Tuesday It's the second Tuesday of the month, which means Patch Tuesday, bringing with it fixes for numerous flaws, bugs and vulnerabilities in major software. And this one is a doozy.

Published: 2024-10-08T23:30:11



The Register - Security

Qualcomm urges device makers to push patches after 'targeted' exploitation

Given Amnesty's involvement, it's a safe bet spyware is in play Qualcomm has issued 20 patches for its chipsets' firmware, including one Digital Signal Processor (DSP) software flaw that has been exploited in the wild.

Published: 2024-10-08T21:30:09



The Register - Security

Using iPhone Mirroring at work? You might have just overshared to your boss

What does IT glimpse but a dating app on your wee little screen If you're using iPhone Mirroring at work: It's time to stop, lest you give your employer's IT department the capability to snoop through the list of apps you have on your phone dating apps, those tracking medical conditions or sexual history, or any other NSFW apps that you might want to keep to yourself.

Published: 2024-10-08T18:30:14



The Register - Security

Happy birthday, Putin you've been pwned

Pro-Ukraine hackers claim credit for Russian state broadcasting shutdown Ukrainian hackers shut down Russian state news agency VGTRK's online broadcasting and streaming services on Monday president Vladimir Putin's 72nd birthday as Kremlin officials vowed to bring those responsible for the "unprecedented" cyber attack to justice.

Published: 2024-10-08T06:30:10



The Register - Security

Google brings better bricking to Androids, to curtail crims

Improved security features teased in May now appearing around the world Google has apparently started a global rollout of three features in Android designed to make life a lot harder for thieves to profit from purloined phones.

Published: 2024-10-08T02:59:13



The Register - Security

Feds reach for sliver of crypto-cash nicked by North Korea's notorious Lazarus Group

A couple million will do for a start but Kim's crews are suspected of stealing much more The US government is attempting to claw back more than $2.67 million stolen by North Korea's Lazarus Group, filing two lawsuits to force the forfeiture of millions in Tether and Bitcoin.

Published: 2024-10-08T00:27:08



The Register - Security

American Water rinsed in cyber attack, turns off app

It's still safe to drink, top provider tells us Updated American Water, which supplies over 14 million people in the US and numerous military bases, has stopped issuing bills and has taken its MyWater app offline while it investigates a cyber attack on its systems.

Published: 2024-10-07T21:30:12



The Register - Security

Cops love facial recognition, and withholding info on its use from the courts

Withholding exculpatory evidence from suspects isn't a great look when the tech is already questionable Police around the United States are routinely using facial recognition technology to help identify suspects, but those departments rarely disclose they've done so - even to suspects and their lawyers.

Published: 2024-10-07T19:45:13



The Register - Security

Chinese cyberspies reportedly breached Verizon, AT&T, Lumen

Salt Typhoon may have accessed court-ordered wiretaps and US internet traffic Verizon, AT&T, and Lumen Technologies were among the US broadband providers whose networks were reportedly hacked by Chinese cyberspies, possibly compromising the wiretapping systems used for court-ordered surveillance.

Published: 2024-10-07T17:17:54



The Register - Security

Embattled users worn down by privacy options? Let them eat code

Struggle ye not with cookies, lest ye become a cookie monster Opinion The people are defeated. Worn out, deflated, and apathetic about the barrage of banners and pop-ups about cookies and permissions.

Published: 2024-10-07T08:30:14



The Register - Security

Ryanair faces GDPR turbulence over customer ID checks

Irish data watchdog opens probe after 'numerous complaints' Ireland's Data Protection Commission (DPC) has launched an inquiry into Ryanair's Customer Verification Process for travelers booking flights through third-party websites or online travel agents (OTA).

Published: 2024-10-05T09:31:10



The Register - Security

UK's Sellafield nuke waste processing plant fined 333K for infosec blunders

Radioactive hazards and cyber failings ... what could possibly go wrong? The outfit that runs Britain's Sellafield nuclear waste processing and decommissioning site has been fined 332,500 ($440,000) by the nation's Office for Nuclear Regulation (ONR) for its shoddy cybersecurity practices between 2019 and 2023.

Published: 2024-10-05T06:07:06



The Register - Security

About a quarter million Comcast subscribers had their data stolen from debt collector

Cable giant says ransomware involved, FBCS keeps schtum Comcast says data on 237,703 of its customers was in fact stolen in a cyberattack on a debt collector it was using, contrary to previous assurances it was given that it was unaffected by that intrusion.

Published: 2024-10-04T20:13:14



The Register - Security

Visit CyberThreat 2024 to hone your cybersecurity skills

Get together with the European cybersecurity community at a two-day conference in London this December Sponsored Post This year's CyberThreat returns to London to provide a place for cybersecurity professionals to share experiences, new tools and techniques to help organisations stay ahead of the latest cyber threats.

Published: 2024-10-04T08:02:06



The Register - Security

Harvard duo hacks Meta Ray-Bans to dox strangers on sight in seconds

'You can build this in a few days even as a very na ve developer' A pair of inventive Harvard undergraduates have created what they believe could be one of the most intrusive devices ever built a wake-up call, they tell The Register, for the world to take privacy seriously in the AI era.

Published: 2024-10-04T06:32:05



The Register - Security

Big brands among thousands infected by payment-card-stealing CosmicSting crooks

Gangs hit 5% of all Adobe Commerce, Magento-powered stores, Sansec says Updated Ray-Ban, National Geographic, Whirlpool, and Segway are among thousands of brands whose web stores were reportedly compromised by criminals exploiting the CosmicSting flaw in hope of stealing shoppers' payment card info as they order stuff online.

Published: 2024-10-04T03:42:08



The Register - Security

Average North American CISO pay now $565K, mainly thanks to one weird trick

Best way to boost your package is to leave, or pretend to A survey of nearly 700 CISOs in the US and Canada has found their pay has risen over the past year to an average of $565,000 and a median of $403,000, with the top 10 percent of execs pulling in over $1 million.

Published: 2024-10-03T14:01:08



The Register - Security

Two British-Nigerian men sentenced over multimillion-dollar business email scam

Fraudsters targeted local government, colleges, and construction firms in Texas and North Carolina Two British-Nigerian men were sentenced for serious business email compromise schemes in the US this week, netting them millions of dollars from local government entities, construction companies, and colleges.

Published: 2024-10-03T12:30:18



Security Latest

This AI Tool Helped Convict People of Murder. Then Someone Took a Closer Look

Global Intelligence claims its Cybercheck technology can help cops find key evidence to nail a case. But a WIRED investigation reveals the smoking gun often appears far less solid.

Published: 2024-10-15T11:00:00



Security Latest

Millions of People Are Using Abusive AI ‘Nudify’ Bots on Telegram

Bots that “remove clothes” from images have run rampant on the messaging app, allowing people to create nonconsensual deepfake images even as lawmakers and tech companies try to crack down.

Published: 2024-10-15T10:30:00



Security Latest

The War on Passwords Is One Step Closer to Being Over

“Passkeys,” the secure authentication mechanism built to replace passwords, are getting more portable and easier for organizations to implement thanks to new initiatives the FIDO Alliance announced on Monday.

Published: 2024-10-14T14:00:00



Security Latest

How to Stop Your Data From Being Used to Train AI

Some companies let you opt out of allowing your content to be used for generative AI. Here’s how to take back (at least a little) control from ChatGPT, Google’s Gemini, and more.

Published: 2024-10-12T13:30:00



Security Latest

The FBI Made a Crypto Coin Just to Catch Fraudsters

Plus: New details emerge in the National Public Data breach, Discord gets blocked in Russia and Turkey over alleged illegal activity on the platform, and more.

Published: 2024-10-12T10:30:00



Security Latest

Pig Butchering Scams Are Going High Tech

Scammers in Southeast Asia are increasingly turning to AI, deepfakes, and dangerous malware in a way that makes their pig butchering operations even more convincing.

Published: 2024-10-12T10:00:00



Security Latest

A Mysterious Hacking Group Has 2 New Tools to Steal Data From Air-Gapped Machines

It's hard enough creating one air-gap-jumping tool. Researchers say the group GoldenJackal did it twice in five years.

Published: 2024-10-12T09:30:00



Security Latest

Internet Archive Breach Exposes 31 Million Users

The hack exposed the data of 31 million users as the embattled Wayback Machine maker scrambles to stay online and contain the fallout of digital and legal attacks.

Published: 2024-10-10T02:00:19



Security Latest

69,000 Bitcoins Are Headed for the US Treasury While the Agent Who Seized Them Is in Jail

The $4.4 billion in crypto is set to be the largest pile of criminal proceeds ever sold off by the US. The former IRS agent who seized the record-breaking sum, meanwhile, languishes in a Nigerian jail cell.

Published: 2024-10-09T16:02:20



Security Latest

What Google's U-Turn on Third-Party Cookies Means for Chrome Privacy

Earlier this year, Google ditched its plans to abolish support for third-party cookies in its Chrome browser. While privacy advocates called foul, the implications for users is not so clear cut.

Published: 2024-10-08T15:39:49



Security Latest

Stealthy Malware Has Infected Thousands of Linux Systems for Years

Perfctl malware is hard to detect, persists after reboots, and can perform a breadth of malicious activities.

Published: 2024-10-05T13:30:00



Security Latest

The FBI Still Hasn’t Cracked NYC Mayor Eric Adams’ Phone

Plus: Harvard students pack Meta’s smart glasses with privacy-invading face-recognition tech, Microsoft and the DOJ seize Russian hackers’ domains, and more.

Published: 2024-10-05T10:30:00



Security Latest

This Video Game Controller Has Become the US Military’s Weapon of Choice

After decades of relying on buttons, switches, and toggles, the Pentagon has embraced simple, ergonomic video-game-style controllers already familiar to millions of potential recruits.

Published: 2024-10-04T11:30:00



Security Latest

License Plate Readers Are Creating a US-Wide Database of More Than Just Cars

From Trump campaign signs to Planned Parenthood bumper stickers, license plate readers around the US are creating searchable databases that reveal Americans’ political leanings and more.

Published: 2024-10-03T10:30:00



Security Latest

ICE Signs $2 Million Contract With Spyware Maker Paragon Solutions

US Immigration and Customs Enforcement’s one-year contract with Paragon’s US subsidiary comes amid the Biden administration’s years-long crackdown on commercial spyware vendors.

Published: 2024-10-01T18:15:53



Security Latest

Notorious Evil Corp Hackers Targeted NATO Allies for Russian Intelligence

UK law enforcement and international partners have released new details about the cybercriminal gang Evil Corp, including its use of the Lockbit ransomware platform and ties to Russian intelligence.

Published: 2024-10-01T16:59:21



Security Latest

The Pig Butchering Invasion Has Begun

Scamming operations that once originated in Southeast Asia are now proliferating around the world, likely raking in billions of dollars in the process.

Published: 2024-09-30T10:00:00



The Hacker News

TrickMo Banking Trojan Can Now Capture Android PINs and Unlock Patterns

New variants of an Android banking trojan called TrickMo have been found to harbor previously undocumented features to steal a device's unlock pattern or PIN. "This new addition enables the threat actor to operate on the device even while it is locked," Zimperium security researcher Aazim Yaswant said in an analysis published last week. First spotted in the wild in 2019, TrickMo is so named for

Published: 2024-10-15T21:17:00



The Hacker News

New Malware Campaign Uses PureCrypter Loader to Deliver DarkVision RAT

Cybersecurity researchers have disclosed a new malware campaign that leverages a malware loader named PureCrypter to deliver a commodity remote access trojan (RAT) called DarkVision RAT. The activity, observed by Zscaler ThreatLabz in July 2024, involves a multi-stage process to deliver the RAT payload. "DarkVision RAT communicates with its command-and-control (C2) server using a custom network

Published: 2024-10-15T20:50:00



The Hacker News

New Linux Variant of FASTCash Malware Targets Payment Switches in ATM Heists

North Korean threat actors have been observed using a Linux variant of a known malware family called FASTCash to steal funds as part of a financially-motivated campaign. The malware is "installed on payment switches within compromised networks that handle card transactions for the means of facilitating the unauthorized withdrawal of cash from ATMs," a security researcher who goes by HaxRob said.

Published: 2024-10-15T20:13:00



The Hacker News

The Rise of Zero-Day Vulnerabilities: Why Traditional Security Solutions Fall Short

In recent years, the number and sophistication of zero-day vulnerabilities have surged, posing a critical threat to organizations of all sizes. A zero-day vulnerability is a security flaw in software that is unknown to the vendor and remains unpatched at the time of discovery. Attackers exploit these flaws before any defensive measures can be implemented, making zero-days a potent weapon for

Published: 2024-10-15T16:30:00



The Hacker News

China Accuses U.S. of Fabricating Volt Typhoon to Hide Its Own Hacking Campaigns

China's National Computer Virus Emergency Response Center (CVERC) has doubled down on claims that the threat actor known as Volt Typhoon is a fabrication of the U.S. and its allies. The agency, in collaboration with the National Engineering Laboratory for Computer Virus Prevention Technology, went on to accuse the U.S. federal government, intelligence agencies, and Five Eyes countries of

Published: 2024-10-15T13:33:00



The Hacker News

Researchers Uncover Hijack Loader Malware Using Stolen Code-Signing Certificates

Cybersecurity researchers have disclosed a new malware campaign that delivers Hijack Loader artifacts that are signed with legitimate code-signing certificates. French cybersecurity company HarfangLab, which detected the activity at the start of the month, said the attack chains aim to deploy an information stealer known as Lumma. Hijack Loader, also known as DOILoader, IDAT Loader, and

Published: 2024-10-15T12:13:00



The Hacker News

WordPress Plugin Jetpack Patches Major Vulnerability Affecting 27 Million Sites

The maintainers of the Jetpack WordPress plugin have released a security update to remediate a critical vulnerability that could allow logged-in users to access forms submitted by others on a site. Jetpack, owned by WordPress maker Automattic, is an all-in-one plugin that offers a comprehensive suite of tools to improve site safety, performance, and traffic growth. It's used on 27 million

Published: 2024-10-15T10:26:00



The Hacker News

Nation-State Attackers Exploiting Ivanti CSA Flaws for Network Infiltration

A suspected nation-state adversary has been observed weaponizing three security flaws in Ivanti Cloud Service Appliance (CSA) a zero-day to perform a series of malicious actions. That's according to findings from Fortinet FortiGuard Labs, which said the vulnerabilities were abused to gain unauthenticated access to the CSA, enumerate users configured in the appliance, and attempt to access the

Published: 2024-10-14T17:05:00



The Hacker News

5 Steps to Boost Detection and Response in a Multi-Layered Cloud

The link between detection and response (DR) practices and cloud security has historically been weak. As global organizations increasingly adopt cloud environments, security strategies have largely focused on "shift-left" practices securing code, ensuring proper cloud posture, and fixing misconfigurations. However, this approach has led to an over-reliance on a multitude of DR tools spanning

Published: 2024-10-14T16:39:00



The Hacker News

Supply Chain Attacks Can Exploit Entry Points in Python, npm, and Open-Source Ecosystems

Cybersecurity researchers have found that entry points could be abused across multiple programming ecosystems like PyPI, npm, Ruby Gems, NuGet, Dart Pub, and Rust Crates to stage software supply chain attacks. "Attackers can leverage these entry points to execute malicious code when specific commands are run, posing a widespread risk in the open-source landscape," Checkmarx researchers Yehuda

Published: 2024-10-14T16:38:00



The Hacker News

THN Cybersecurity Recap: Top Threats, Tools and Trends (Oct 7 - Oct 13)

Hey there, it's your weekly dose of "what the heck is going on in cybersecurity land" and trust me, you NEED to be in the loop this time. We've got everything from zero-day exploits and AI gone rogue to the FBI playing crypto kingpin it's full of stuff they don't want you to know. So let's jump in before we get FOMO. Threat of the Week GoldenJackal Hacks Air-Gapped Systems: Meet

Published: 2024-10-14T16:13:00



The Hacker News

Critical Veeam Vulnerability Exploited to Spread Akira and Fog Ransomware

Threat actors are actively attempting to exploit a now-patched security flaw in Veeam Backup & Replication to deploy Akira and Fog ransomware. Cybersecurity vendor Sophos said it has been tracking a series of attacks in the past month leveraging compromised VPN credentials and CVE-2024-40711 to create a local account and deploy the ransomware. CVE-2024-40711, rated 9.8 out of 10.0 on the

Published: 2024-10-14T14:25:00



The Hacker News

OilRig Exploits Windows Kernel Flaw in Espionage Campaign Targeting UAE and Gulf

The Iranian threat actor known as OilRig has been observed exploiting a now-patched privilege escalation flaw impacting the Windows Kernel as part of a cyber espionage campaign targeting the U.A.E. and the broader Gulf region. "The group utilizes sophisticated tactics that include deploying a backdoor that leverages Microsoft Exchange servers for credentials theft, and exploiting vulnerabilities

Published: 2024-10-13T15:10:00



The Hacker News

FBI Creates Fake Cryptocurrency to Expose Widespread Crypto Market Manipulation

The U.S. Department of Justice (DoJ) has announced arrests and charges against several individuals and entities in connection with allegedly manipulating digital asset markets as part of a widespread fraud operation. The law enforcement action codenamed Operation Token Mirrors is the result of the U.S. Federal Bureau of Investigation (FBI) taking the "unprecedented step" of creating its own

Published: 2024-10-12T10:36:00



The Hacker News

GitHub, Telegram Bots, and ASCII QR Codes Abused in New Wave of Phishing Attacks

A new tax-themed malware campaign targeting insurance and finance sectors has been observed leveraging GitHub links in phishing email messages as a way to bypass security measures and deliver Remcos RAT, indicating that the method is gaining traction among threat actors. "In this campaign, legitimate repositories such as the open-source tax filing software, UsTaxes, HMRC, and InlandRevenue were

Published: 2024-10-11T22:43:00



The Hacker News

How Hybrid Password Attacks Work and How to Defend Against Them

Threat actors constantly change tactics to bypass cybersecurity measures, developing innovative methods to steal user credentials. Hybrid password attacks merge multiple cracking techniques to amplify their effectiveness. These combined approaches exploit the strengths of various methods, accelerating the password-cracking process.  In this post, we’ll explore hybrid attacks what they are

Published: 2024-10-11T16:30:00



The Hacker News

CISA Warns of Threat Actors Exploiting F5 BIG-IP Cookies for Network Reconnaissance

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning that it has observed threat actors leveraging unencrypted persistent cookies managed by the F5 BIG-IP Local Traffic Manager (LTM) module to conduct reconnaissance of target networks. It said the module is being used to enumerate other non-internet-facing devices on the network. The agency, however, did not disclose who

Published: 2024-10-11T14:04:00



The Hacker News

New Critical GitLab Vulnerability Could Allow Arbitrary CI/CD Pipeline Execution

GitLab has released security updates for Community Edition (CE) and Enterprise Edition (EE) to address eight security flaws, including a critical bug that could allow running Continuous Integration and Continuous Delivery (CI/CD) pipelines on arbitrary branches. Tracked as CVE-2024-9164, the vulnerability carries a CVSS score of 9.6 out of 10. "An issue was discovered in GitLab EE

Published: 2024-10-11T11:59:00



The Hacker News

Bohemia and Cannabia Dark Web Markets Taken Down After Joint Police Operation

The Dutch police have announced the takedown of Bohemia and Cannabia, which has been described as the world's largest and longest-running dark web market for illegal goods, drugs, and cybercrime services. The takedown is the result of a collaborative investigation with Ireland, the United Kingdom, and the United States that began towards the end of 2022, the Politie said. The marketplace

Published: 2024-10-11T11:31:00



The Hacker News

OpenAI Blocks 20 Global Malicious Campaigns Using AI for Cybercrime and Disinformation

OpenAI on Wednesday said it has disrupted more than 20 operations and deceptive networks across the world that attempted to use its platform for malicious purposes since the start of the year. This activity encompassed debugging malware, writing articles for websites, generating biographies for social media accounts, and creating AI-generated profile pictures for fake accounts on X. "Threat

Published: 2024-10-10T18:57:00



The Hacker News

Experts Warn of Critical Unpatched Vulnerability in Linear eMerge E3 Systems

Cybersecurity researchers are warning about an unpatched vulnerability in Nice Linear eMerge E3 access controller systems that could allow for the execution of arbitrary operating system (OS) commands. The flaw, assigned the CVE identifier CVE-2024-9441, carries a CVSS score of 9.8 out of a maximum of 10.0, according to VulnCheck. "A vulnerability in the Nortek Linear eMerge E3 allows remote

Published: 2024-10-10T17:40:00



The Hacker News

6 Simple Steps to Eliminate SOC Analyst Burnout

The current SOC model relies on a scarce resource: human analysts. These professionals are expensive, in high demand, and increasingly difficult to retain. Their work is not only highly technical and high-risk, but also soul-crushingly repetitive, dealing with a constant flood of alerts and incidents. As a result, SOC analysts often leave in search of better pay, the opportunity to move beyond

Published: 2024-10-10T16:30:00



The Hacker News

Cybercriminals Use Unicode to Hide Mongolian Skimmer in E-Commerce Platforms

Cybersecurity researchers have shed light on a new digital skimmer campaign that leverages Unicode obfuscation techniques to conceal a skimmer dubbed Mongolian Skimmer. "At first glance, the thing that stood out was the script's obfuscation, which seemed a bit bizarre because of all the accented characters," Jscrambler researchers said in an analysis. "The heavy use of Unicode characters, many

Published: 2024-10-10T12:48:00



The Hacker News

CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Security Patches

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting Fortinet products to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2024-23113 (CVSS score: 9.8), relates to a case of remote code execution that affects FortiOS, FortiPAM, FortiProxy, and FortiWeb. "A

Published: 2024-10-10T11:14:00



The Hacker News

Firefox Zero-Day Under Attack: Update Your Browser Immediately

Mozilla has revealed that a critical security flaw impacting Firefox and Firefox Extended Support Release (ESR) has come under active exploitation in the wild. The vulnerability, tracked as CVE-2024-9680 (CVSS score: 9.8), has been described as a use-after-free bug in the Animation timeline component. "An attacker was able to achieve code execution in the content process by exploiting a

Published: 2024-10-10T09:54:00



The Hacker News

Google Joins Forces with GASA and DNS RF to Tackle Online Scams at Scale

Google on Wednesday announced a new partnership with the Global Anti-Scam Alliance (GASA) and DNS Research Federation (DNS RF) to combat online scams. The initiative, which has been codenamed the Global Signal Exchange (GSE), is designed to create real-time insights into scams, fraud, and other forms of cybercrime pooling together threat signals from different data sources in order to create

Published: 2024-10-09T22:30:00



The Hacker News

Researchers Uncover Major Security Vulnerabilities in Industrial MMS Protocol Libraries

Details have emerged about multiple security vulnerabilities in two implementations of the Manufacturing Message Specification (MMS) protocol that, if successfully exploited, could have severe impacts in industrial environments. "The vulnerabilities could allow an attacker to crash an industrial device or in some cases, enable remote code execution," Claroty researchers Mashav Sapir and Vera

Published: 2024-10-09T21:03:00



The Hacker News

N. Korean Hackers Use Fake Interviews to Infect Developers with Cross-Platform Malware

Threat actors with ties to North Korea have been observed targeting job seekers in the tech industry to deliver updated versions of known malware families tracked as BeaverTail and InvisibleFerret. The activity cluster, tracked as CL-STA-0240, is part of a campaign dubbed Contagious Interview that Palo Alto Networks Unit 42 first disclosed in November 2023. "The threat actor behind CL-STA-0240

Published: 2024-10-09T19:03:00



The Hacker News

Social Media Accounts: The Weak Link in Organizational SaaS Security

Social media accounts help shape a brand’s identity and reputation. These public forums engage directly with customers as they are a hub to connect, share content and answer questions. However, despite the high profile role these accounts have, many organizations overlook social media account security. Many lack the safeguards to prevent unauthorized access a situation no organization wants as

Published: 2024-10-09T16:30:00



The Hacker News

Microsoft Issues Security Update Fixing 118 Flaws, Two Actively Exploited in the Wild

Microsoft has released security updates to fix a total of 118 vulnerabilities across its software portfolio, two of which have come under active exploitation in the wild. Of the 118 flaws, three are rated Critical, 113 are rated Important, and two are rated Moderate in severity. The Patch Tuesday update doesn't include the 25 additional flaws that the tech giant addressed in its Chromium-based

Published: 2024-10-09T12:23:00



The Hacker News

Microsoft Detects Growing Use of File Hosting Services in Business Email Compromise Attacks

Microsoft is warning of cyber attack campaigns that abuse legitimate file hosting services such as SharePoint, OneDrive, and Dropbox that are widely used in enterprise environments as a defense evasion tactic. The end goal of the campaigns are broad and varied, allowing threat actors to compromise identities and devices and conduct business email compromise (BEC) attacks, which ultimately result

Published: 2024-10-09T09:52:00



The Hacker News

Zero-Day Alert: Three Critical Ivanti CSA Vulnerabilities Actively Exploited

Ivanti has warned that three new security vulnerabilities impacting its Cloud Service Appliance (CSA) have come under active exploitation in the wild. The zero-day flaws are being weaponized in conjunction with another flaw in CSA that the company patched last month, the Utah-based software services provider said. Successful exploitation of these vulnerabilities could allow an authenticated

Published: 2024-10-08T22:08:00



The Hacker News

Gamers Tricked Into Downloading Lua-Based Malware via Fake Cheating Script Engines

Users searching for game cheats are being tricked into downloading a Lua-based malware that is capable of establishing persistence on infected systems and delivering additional payloads. "These attacks capitalize on the popularity of Lua gaming engine supplements within the student gamer community," Morphisec researcher Shmuel Uzan said in a new report published today, adding "this malware

Published: 2024-10-08T21:56:00



The Hacker News

Cyberattack Group 'Awaken Likho' Targets Russian Government with Advanced Tools

Russian government agencies and industrial entities are the target of an ongoing activity cluster dubbed Awaken Likho. "The attackers now prefer using the agent for the legitimate MeshCentral platform instead of the UltraVNC module, which they had previously used to gain remote access to systems," Kaspersky said, detailing a new campaign that began in June 2024 and continued at least until

Published: 2024-10-08T16:47:00



The Hacker News

GoldenJackal Target Embassies and Air-Gapped Systems Using Malware Toolsets

A little-known threat actor tracked as GoldenJackal has been linked to a series of cyber attacks targeting embassies and governmental organizations with an aim to infiltrate air-gapped systems using two disparate bespoke toolsets. Victims included a South Asian embassy in Belarus and a European Union (E.U.) government organization, Slovak cybersecurity company ESET said. "The ultimate goal of

Published: 2024-10-08T16:28:00



The Hacker News

New Case Study: The Evil Twin Checkout Page

Is your store at risk? Discover how an innovative web security solution saved one global online retailer and its unsuspecting customers from an “evil twin” disaster. Read the full real-life case study here. The Invisible Threat in Online Shopping When is a checkout page, not a checkout page? When it's an “evil twin”! Malicious redirects can send unsuspecting shoppers to these perfect-looking

Published: 2024-10-08T16:28:00



The Hacker News

The Value of AI-Powered Identity

Introduction Artificial intelligence (AI) deepfakes and misinformation may cause worry in the world of technology and investment, but this powerful, foundational technology has the potential to benefit organizations of all kinds when harnessed appropriately. In the world of cybersecurity, one of the most important areas of application of AI is augmenting and enhancing identity management

Published: 2024-10-08T15:40:00



The Hacker News

Pro-Ukrainian Hackers Strike Russian State TV on Putin's Birthday

Ukraine has claimed responsibility for a cyber attack that targeted Russia state media company VGTRK and disrupted its operations, according to reports from Bloomberg and Reuters. The incident took place on the night of October 7, VGTRK confirmed, describing it as an "unprecedented hacker attack." However, it said "no significant damage" was caused and that everything was working normally

Published: 2024-10-08T11:19:00



The Hacker News

Qualcomm Urges OEMs to Patch Critical DSP and WLAN Flaws Amid Active Exploits

Qualcomm has rolled out security updates to address nearly two dozen flaws spanning proprietary and open-source components, including one that has come under active exploitation in the wild. The high-severity vulnerability, tracked as CVE-2024-43047 (CVSS score: 7.8), has been described as a user-after-free bug in the Digital Signal Processor (DSP) Service that could lead to "memory corruption

Published: 2024-10-08T09:37:00



The Hacker News

New Gorilla Botnet Launches Over 300,000 DDoS Attacks Across 100 Countries

Cybersecurity researchers have discovered a new botnet malware family called Gorilla (aka GorillaBot) that draws its inspiration from the leaked Mirai botnet source code. Cybersecurity firm NSFOCUS, which identified the activity last month, said the botnet "issued over 300,000 attack commands, with a shocking attack density" between September 4 and September 27, 2024. No less than 20,000

Published: 2024-10-07T19:22:00



The Hacker News

Vulnerable APIs and Bot Attacks Costing Businesses Up to $186 Billion Annually

Organizations are losing between $94 - $186 billion annually to vulnerable or insecure APIs (Application Programming Interfaces) and automated abuse by bots. That’s according to The Economic Impact of API and Bot Attacks report from Imperva, a Thales company. The report highlights that these security threats account for up to 11.8% of global cyber events and losses, emphasizing the escalating

Published: 2024-10-07T16:55:00



The Hacker News

Modernization of Authentication: Webinar on MFA, Passwords, and the Shift to Passwordless

The interest in passwordless authentication has increased due to the rise of hybrid work environments and widespread digitization. This has led to a greater need for reliable data security and user-friendly interfaces. Without these measures, organizations are at risk of experiencing data breaches, leaks, and significant financial losses.  While traditional password-based systems offer

Published: 2024-10-07T15:35:00



The Hacker News

Critical Apache Avro SDK Flaw Allows Remote Code Execution in Java Applications

A critical security flaw has been disclosed in the Apache Avro Java Software Development Kit (SDK) that, if successfully exploited, could allow the execution of arbitrary code on susceptible instances. The flaw, tracked as CVE-2024-47561 (CVSS score: 9.3), impacts all versions of the software prior to 1.11.4. "Schema parsing in the Java SDK of Apache Avro 1.11.3 and previous versions allows bad

Published: 2024-10-07T15:00:00



The Hacker News

THN Cybersecurity Recap: Top Threats and Trends (Sep 30 - Oct 6)

Ever heard of a "pig butchering" scam? Or a DDoS attack so big it could melt your brain? This week's cybersecurity recap has it all government showdowns, sneaky malware, and even a dash of app store shenanigans. Get the scoop before it's too late! Threat of the Week Double Trouble: Evil Corp & LockBit Fall: A consortium of international law enforcement agencies took steps to arrest four

Published: 2024-10-07T14:46:00



The Hacker News

Google Blocks Unsafe Android App Sideloading in India for Improved Fraud Protection

Google has announced that it's piloting a new security initiative that automatically blocks sideloading of potentially unsafe Android apps in India, after similar tests in Singapore, Thailand, and Brazil. The enhanced fraud protection feature aims to keep users safe when they attempt to install malicious apps from sources other than the Google Play Store, such as web browsers, messaging apps,

Published: 2024-10-07T14:45:00



The Hacker News

E.U. Court Limits Meta's Use of Personal Facebook Data for Targeted Ads

Europe's top court has ruled that Meta Platforms must restrict the use of personal data harvested from Facebook for serving targeted ads even when users consent to their information being used for advertising purposes, a move that could have serious consequences for ad-driven companies operating in the region. "An online social network such as Facebook cannot use all of the personal data

Published: 2024-10-07T12:02:00



The Hacker News

Apple Releases Critical iOS and iPadOS Updates to Fix VoiceOver Password Vulnerability

Apple has released iOS and iPadOS updates to address two security issues, one of which could have allowed a user's passwords to be read out aloud by its VoiceOver assistive technology. The vulnerability, tracked as CVE-2024-44204, has been described as a logic problem in the new Passwords app impacting a slew of iPhones and iPads. Security researcher Bistrit Daha has been credited with

Published: 2024-10-05T10:20:00



The Hacker News

U.S. and Microsoft Seize 107 Russian Domains in Major Cyber Fraud Crackdown

Microsoft and the U.S. Department of Justice (DoJ) on Thursday announced the seizure of 107 internet domains used by state-sponsored threat actors with ties to Russia to facilitate computer fraud and abuse in the country. "The Russian government ran this scheme to steal Americans' sensitive information, using seemingly legitimate email accounts to trick victims into revealing account credentials

Published: 2024-10-04T18:36:00



The Hacker News

How to Get Going with CTEM When You Don't Know Where to Start

Continuous Threat Exposure Management (CTEM) is a strategic framework that helps organizations continuously assess and manage cyber risk. It breaks down the complex task of managing security threats into five distinct stages: Scoping, Discovery, Prioritization, Validation, and Mobilization. Each of these stages plays a crucial role in identifying, addressing, and mitigating vulnerabilities -

Published: 2024-10-04T15:23:00



The Hacker News

Cloudflare Thwarts Largest-Ever 3.8 Tbps DDoS Attack Targeting Global Sectors

Cloudflare has disclosed that it mitigated a record-breaking distributed denial-of-service (DDoS) attack that peaked at 3.8 terabits per second (Tbps) and lasted 65 seconds. The web infrastructure and security company said it fended off "over one hundred hyper-volumetric L3/4 DDoS attacks throughout last month, with many exceeding 2 billion packets per second (Bpps) and 3 terabits per second (

Published: 2024-10-04T15:20:00



Security Affairs

A new Linux variant of FASTCash malware targets financial systems

North Korea-linked actors deploy a new Linux variant of FASTCash malware to target financial systems, researcher HaxRob revealed. The cybersecurity researcher HaxRob analyzed a new variant of the FASTCash “payment switch” malware which targets Linux systems. The variant discovered by the researcher was previously unknown and targets Ubuntu 22.04 LTS distributions. In November 2018, Symantec […]

Published: 2024-10-15T17:57:50



Security Affairs

WordPress Jetpack plugin critical flaw impacts 27 million sites

WordPress Jetpack plugin issued an update to fix a critical flaw allowing logged-in users to view form submissions by others on the same site. The maintainers of the WordPress Jetpack plugin have addressed a critical vulnerability that could allow logged-in users to access forms submitted by other users on the same site. Jetpack is a […]

Published: 2024-10-15T09:43:04



Security Affairs

Pokemon dev Game Freak discloses data breach

Pokemon dev Game Freak confirmed that an August cyberattack led to source code leaks and designs for unpublished games online. Game Freak Inc. is a popular Japanese video game developer, founded on April 26, 1989, by Satoshi Tajiri, Ken Sugimori, and Junichi Masuda. It is primarily known as the main developer of the Pok mon video game series. The […]

Published: 2024-10-15T05:23:53



Security Affairs

U.S. CISA adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: Last week, Ivanti warned of three new security vulnerabilities (CVE-2024-9379, CVE-2024-9380, and CVE-2024-9381) in its Cloud Service Appliance (CSA) […]

Published: 2024-10-14T20:46:58



Security Affairs

Nation-state actor exploited three Ivanti CSA zero-days

An alleged nation-state actor exploited three zero-day vulnerabilities in Ivanti Cloud Service Appliance (CSA) in recent attacks. Fortinet FortiGuard Labs researchers warn that a suspected nation-state actor has been exploiting three Ivanti Cloud Service Appliance (CSA) zero-day issues to carry out malicious activities. The three vulnerabilities exploited by the threat actor are: “an advanced adversary […]

Published: 2024-10-14T16:58:51



Security Affairs

Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’

Dutch police dismantled Bohemia/Cannabia, two major dark web markets for illegal goods, drugs, and cybercrime services. The Dutch police have announced the success of a new joint law enforcement operation that led to the shutdown of the dual dark web marketplace Bohemia/Cannabia. These are two of the largest and longest-running dark web platforms for the […]

Published: 2024-10-14T11:00:26



Security Affairs

Fidelity Investments suffered a second data breach this year

US-based financial services company Fidelity Investments warns 77,000 individuals of a data breach that exposed their personal information. U.S.-based financial services company Fidelity Investments is notifying 77,099 individuals that their personal information was compromised in an August cyberattack. The data breach occurred on August 17, 2024 and was discovered two days later, on August 19, 2024. […]

Published: 2024-10-14T07:12:47



Security Affairs

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 15

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Over 300,000! GorillaBot: The New King of DDoS Attacks Hidden cryptocurrency mining and theft campaign affected over […]

Published: 2024-10-13T13:23:43



Security Affairs

Security Affairs newsletter Round 493 by Pierluigi Paganini INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. A cyber attack hit Iranian government sites and nuclear facilities Ransomware operators exploited Veeam Backup & Replication flaw […]

Published: 2024-10-13T13:03:10



Security Affairs

Russia-linked group APT29 is targeting Zimbra and JetBrains TeamCity servers on a large scale

U.S. and U.K. cyber agencies warn that Russia-linked group APT29 is targeting vulnerable Zimbra and JetBrains TeamCity servers on a large scale. Russia-linked cyber espionage group APT29 (aka SVR group, BlueBravo, Cozy Bear, Nobelium, Midnight Blizzard, and The Dukes) target vulnerable Zimbra and JetBrains TeamCity servers as part of a mass scale campaign, U.S. and U.K. cyber agencies warned. The Federal Bureau […]

Published: 2024-10-13T04:38:19



News Packet Storm

Iranian Cyberspies Exploiting Recent Windows Kernel Vuln

Splunk Enterprise Update Patches Remote Code Execution Vulns

Log4j Still Being Exploited Nearly 3 Years Later

New CounterSEVeillance And TDXDown Attacks Target AMD And Intel TEEs

Ward Christensen, BBS Inventor And Architect Of Our Online Age, Dies At 78

Pentagon Shares New Cybersecurity Rules For Gov't Contractors

Lynx Ransomware Analyses Reveal Similarities To INC Ransom

Thousands Of Fortinet Instances Vulnerable To Actively Exploited Flaw

Hacked Robot Vacuums Across The U.S. Started Yelling Slurs

OpenAI Says Iranian Hackers Used ChatGPT To Plan ICS Attacks

Recent Veeam Vulnerability Exploited In Ransomware Attacks

Fidelity Investments Data Breach Impacts 77,000 Customers

ShadowLogic Attack Targets AI Model Graphs To Create Codeless Backdoors

Meet The Team Paid To Break Into Top Secret Bases

FBI Created A Cryptocurrency So It Could Watch It Being Abused

US Charges 3 Companies, 15 People With Cryptocurrency Fraud

Firefox 131 Update Patches Exploited Zero-Day Vulnerability

Doctor Web Refutes Hackers' Claim Of User Data Theft

Siemens Device PIN Susceptible To Remote Brute Force In Older Model

Internet Archive Leaks User Info And Succumbs To DDoS

CISA Adds Fresh Ivanti Vuln, Critical Fortinet Bug To Hall Of Shame

The Disappearance Of An Internet Domain

GoldenJackal Threat Group Targets Air-Gapped Government Systems

Casio Hit By Cyberattack

Microsoft Confirms Exploited Zero-Day In Windows Management Console

SecurityWeek

Cybercriminals Are Increasingly Helping Russia and China Target the US and Allies, Microsoft SaysIndustry Moves for the week of October 14, 2024 - SecurityWeek

Election Day is Close, the Threat of Cyber Disruption is Real

GitHub Patches Critical Vulnerability in Enterprise Server

Volkswagen Says IT Infrastructure Not Affected After Ransomware Gang Claims Data Theft

CISO Conversations: Julien Soriano (Box) and Chris Peake (Smartsheet)

Splunk Enterprise Update Patches Remote Code Execution Vulnerabilities

Organizations Slow to Protect Doors Against Hackers: Researcher

Critical Vulnerability Patched in 101 Releases of WordPress Plugin Jetpack

Open Source Package Entry Points May Lead to Supply Chain Attacks

New CounterSEVeillance and TDXDown Attacks Target AMD and Intel TEEs

CISA News

CISA and FBI Warn of Iranian-Backed Cyber Activity to Undermine U.S. Democratic Institutions

CISA Kicks Off 21st Anniversary of Cybersecurity Awareness Month

CISA Releases Anonymous Threat Response Guidance and Toolkit for K-12 Schools

Joint ODNI, FBI, and CISA Statement

CISA Releases Plan to Align Operational Cybersecurity Priorities for Federal Agencies

FBI and CISA Release Joint PSA, Just So You Know: False Claims of Hacked Voter Information Likely Intended to Sow Distrust of U.S. Elections

CISA Releases Election Security Focused Checklists for Both Cybersecurity and Physical Security

CISA Launches New Portal to Improve Cyber Reporting

Election Security Partners Host 7th Annual Tabletop the Vote Exercise for 2024

Joint ODNI, FBI, and CISA Statement on Iranian Election Influence Efforts

CISA Blog

A Message to Election Officials from CISA Director Jen Easterly

Region 8 Invites You to Secure Our World

CISA Director Jen Easterly Remarks at the Election Center 39th Annual National Conference in Detroit

Learn with Region 8’s Webinar Program

Shaping the legacy of partnership between government and private sector globally: JCDC

SAFECOM and NCSWIC Develop Global Positioning System (GPS) for Public Safety Location Services: Use Cases and Best Practices

Region 10 Team Provides Vital Election Security Training for Idaho

SAFECOM Membership Spotlight ft. Red Grasso, North Carolina Department of Information Technology

SAFECOM Releases New Resource for Cloud Adoption

With Open Source Artificial Intelligence, Don’t Forget the Lessons of Open Source Software

All CISA Advisories

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA Releases Two Industrial Control Systems Advisories

Siemens Siveillance Video Camera

Guidance: Framing Software Component Transparency: Establishing a Common Software Bill of Materials (SBOM)

Schneider Electric Data Center Expert

Rockwell Automation ControlLogix

Best Practices to Configure BIG-IP LTM Systems to Encrypt HTTP Persistence Cookies

Siemens Teamcenter Visualization and JT2Go

Siemens SINEC Security Monitor

Siemens PSS SINCAL

Siemens Sentron Powercenter 1000

Rockwell Automation DataMosaix Private Cloud

Rockwell Automation Logix Controllers

Delta Electronics CNCSoft-G2

Siemens SIMATIC S7-1500 and S7-1200 CPUs

Siemens SENTRON PAC3200 Devices

Siemens JT2Go

Siemens SIMATIC S7-1500 CPUs

Siemens Tecnomatix Plant Simulation

Rockwell Automation DataMosaix Private Cloud

Rockwell Automation PowerFlex 6000T

CISA Releases Twenty-One Industrial Control Systems Advisories

Siemens Simcenter Nastran

Siemens Questa and ModelSim

Siemens HiMed Cockpit

Siemens RUGGEDCOM APE1808

Schneider Electric Zelio Soft 2

Rockwell Automation Verve Asset Manager

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA and FBI Release Fact Sheet on Protecting Against Iranian Targeting of Accounts Associated with National Political Organizations

Exploit-DB.com RSS Feed

[webapps] reNgine 2.2.0 - Command Injection (Authenticated)

[webapps] openSIS 9.1 - SQLi (Authenticated)

[webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)

[webapps] NoteMark < 0.13.0 - Stored XSS

[webapps] Gitea 1.22.0 - Stored XSS

[webapps] Invesalius3 - Remote Code Execution

[dos] Windows TCP/IP - RCE Checker and Denial of Service

[webapps] Aurba 501 - Authenticated RCE

[webapps] HughesNet HT2000W Satellite Modem - Password Reset

[webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Device Config Disclosure

[webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass

[webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config

[webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass

[webapps] Helpdeskz v2.0.2 - Stored XSS

[webapps] Calibre-web 0.6.21 - Stored XSS

[webapps] Devika v1 - Path Traversal via 'snapshot_path'

[local] Genexus Protection Server 9.7.2.10 - 'protsrvservice' Unquoted Service Path

[local] SolarWinds Kiwi Syslog Server 9.6.7.1 - Unquoted Service Path

[local] Oracle Database 12c Release 1 - Unquoted Service Path

[webapps] Ivanti vADC 9.9 - Authentication Bypass

[local] Bonjour Service 'mDNSResponder.exe' - Unquoted Service Path Privilege Escalation

[webapps] Xhibiter NFT Marketplace 1.10.2 - SQL Injection

[webapps] Azon Dominator Affiliate Marketing Script - SQL Injection

[webapps] Microweber 2.0.15 - Stored XSS

[webapps] Customer Support System 1.0 - Stored XSS

[webapps] Automad 2.0.0-alpha.4 - Stored Cross-Site Scripting (XSS)

[webapps] SolarWinds Platform 2024.1 SR1 - Race Condition

[webapps] Flatboard 3.2 - Stored Cross-Site Scripting (XSS) (Authenticated)

[webapps] Poultry Farm Management System v1.0 - Remote Code Execution (RCE)

[webapps] Boelter Blue System Management 1.3 - SQL Injection

[webapps] WP-UserOnline 2.88.0 - Stored Cross Site Scripting (XSS) (Authenticated)

[webapps] PHP < 8.3.8 - Remote Code Execution (Unauthenticated) (Windows)

[webapps] AEGON LIFE v1.0 Life Insurance Management System - SQL injection vulnerability.

[webapps] AEGON LIFE v1.0 Life Insurance Management System - Unauthenticated Remote Code Execution (RCE)

[webapps] XMB 1.9.12.06 - Stored XSS

[webapps] Carbon Forum 5.9.0 - Stored XSS

[webapps] AEGON LIFE v1.0 Life Insurance Management System - Stored cross-site scripting (XSS)

[webapps] appRain CMF 4.0.5 - Remote Code Execution (RCE) (Authenticated)

[webapps] CMSimple 5.15 - Remote Code Execution (RCE) (Authenticated)

[webapps] WBCE CMS v1.6.2 - Remote Code Execution (RCE)

[webapps] Monstra CMS 3.0.4 - Remote Code Execution (RCE)

[webapps] Dotclear 2.29 - Remote Code Execution (RCE)

[webapps] Serendipity 2.5.0 - Remote Code Execution (RCE)

[webapps] Sitefinity 15.0 - Cross-Site Scripting (XSS)

[webapps] FreePBX 16 - Remote Code Execution (RCE) (Authenticated)

[webapps] Akaunting 3.1.8 - Server-Side Template Injection (SSTI)

[webapps] Check Point Security Gateway - Information Disclosure (Unauthenticated)

[webapps] Aquatronica Control System 5.1.6 - Information Disclosure

[webapps] changedetection < 0.45.20 - Remote Code Execution (RCE)

[webapps] ElkArte Forum 1.1.9 - Remote Code Execution (RCE) (Authenticated)

Full Disclosure

SEC Consult SA-20241009-0 :: Local Privilege Escalation via MSI installer in Palo Alto Networks GlobalProtect (CVE-2024-9473)

APPLE-SA-10-03-2024-1 iOS 18.0.1 and iPadOS 18.0.1

Some SIM / USIM card security (and ecosystem) info

SEC Consult SA-20240930-0 :: Local Privilege Escalation via MSI Installer in Nitro PDF Pro (CVE-2024-35288)

Backdoor.Win32.Benju.a / Unauthenticated Remote Command Execution

Backdoor.Win32.Prorat.jz / Remote Stack Buffer Overflow (SEH)

Backdoor.Win32.Amatu.a / Remote Arbitrary File Write (RCE)

Backdoor.Win32.Agent.pw / Remote Stack Buffer Overflow (SEH)

Backdoor.Win32.Boiling / Remote Command Execution

Defense in depth -- the Microsoft way (part 88): a SINGLE command line shows about 20, 000 instances of CWE-73

SEC Consult SA-20240925-0 :: Uninstall Password Bypass in BlackBerry CylanceOPTICS Windows Installer Package (CVE-2024-35214)

Apple iOS 17.2.1 - Screen Time Passcode Retrieval (Mitigation Bypass)

CyberDanube Security Research 20240919-0 | Multiple Vulnerabilities in Netman204

Submit Exploit CVE-2024-42831

Stored XSS in "Edit Profile" - htmlyv2.9.9

Open Source Security

Re: CVE-2024-47191: Local root exploit in the PAM module pam_oath.so

Re: CVE-2024-47191: Local root exploit in the PAM module pam_oath.so

CVE-2024-45693: Apache CloudStack: Request origin validation bypass makes account takeover possible

CVE-2024-45462: Apache CloudStack: Incomplete session invalidation on web interface logout

CVE-2024-45461: Apache CloudStack Quota plugin: Access checks not enforced in Quota

CVE-2024-45219: Apache CloudStack: Uploaded and registered templates and volumes can be used to abuse KVM-based infrastructure

Re: CVE-2024-47191: Local root exploit in the PAM module pam_oath.so

CVE-2023-50780: Apache ActiveMQ Artemis: Authenticated users could perform RCE via Jolokia MBeans

[kubernetes] CVE-2024-9486 and CVE-2024-9594: VM images built with Kubernetes Image Builder use default credentials

CVE-2024-46911: Apache Roller: Weakness in CSRF protection allows privilege escalation

libarchive 3.7.5 released with security fixes

CVE-2024-28168: Apache XML Graphics FOP: XML External Entity (XXE) Processing

Re: CVE-2024-47191: Local root exploit in the PAM module pam_oath.so

CVE-2024-45720: Apache Subversion: Command line argument injection on Windows platforms

Re: CVE-2024-47191: Local root exploit in the PAM module pam_oath.so






© Segmentation Fault . All rights reserved.

Privacy | Terms of Use | Contact Us