Today's Core Dump is brought to you by ThreatPerspective

Biz & IT Ars Technica

Thousands of hacked TP-Link routers used in yearslong account takeover attacks

The botnet is being skillfully used to launch "highly evasive" password-spraying attacks. Hackers working on behalf of the Chinese government are using a botnet of thousands of routers, cameras, and other Intern

Published: 2024-11-02T00:13:20



Biz & IT Ars Technica

Kremlin-backed hackers have new Windows and Android malware to foist on Ukrainian foes

"Civil Defense" pushes hybrid espionage/influence campaign targeting recruits. Google researchers said they uncovered a Kremlin-backed operation targeting recruits for the Ukrainian military with information-ste

Published: 2024-10-28T17:58:54



The Register - Software

Thanks Linus. Torvalds patch improves Linux performance by 2.6%

21 lines that show the big man still has what it takes A relatively tiny code change by penguin premier Linus Torvalds is making a measurable improvement to Linux's multithreaded performance.

Published: 2024-11-06T17:32:07



The Register - Software

Google claims Big Sleep 'first' AI to spot freshly committed security bug that fuzzing missed

You snooze, you lose, er, win Google claims one of its AI models is the first of its kind to spot a memory safety vulnerability in the wild specifically an exploitable stack buffer underflow in SQLite which was then fixed before the buggy code's

Published: 2024-11-05T06:38:13



The Register - Software

Windows Themes zero-day bug exposes users to NTLM credential theft

Plus a free micropatch until Redmond fixes the flaw There's a Windows Themes spoofing zero-day bug on the loose that allows attackers to steal people's NTLM credentials.

Published: 2024-10-30T21:30:06



The Register - Software

Cast a hex on ChatGPT to trick the AI into writing exploit code

'It was like watching a robot going rogue' says researcher OpenAI's language model GPT-4o can be tricked into writing exploit code by encoding the malicious instructions in hexadecimal, which allows an attacker to jump the model's built-in security g

Published: 2024-10-29T22:30:07



The Register - Software

Satya Nadella asked for 50% cut in his incentive payout over security failures

Microsoft agreed, then upped his payout 63% Comment Filings with the Securities and Exchange Commission show that, at SatNad's request, the Microsoft board agreed to halve his incentive package, but then more than made up for that with the rest of h

Published: 2024-10-28T13:29:05



The Verge - Securities

The FBI says Russian emails are sending fake bomb threats to polling stations

The FBI symbol atop a red, black and white background made of seven pointed stars. The Federal Bureau of Investigation has issued a warning that fake bomb threats are being emailed to US polling locations in multiple states that “appear to originate from Russian email domains.” “None of the threats have been determined to...

Published: 2024-11-05T15:14:02



The Verge - Securities

Hacker suspected in massive Ticketmaster, AT&T breaches arrested in Canada

Authorities in Canada have arrested a man suspected of stealing information from around 165 companies using Snowflake’s cloud storage services, as reported earlier by Bloomberg and 404 Media. In a statement to The Verge, Canada Department o...

Published: 2024-11-05T09:15:28



The Verge - Securities

Valorant is winning the war against PC gaming cheaters

 Riot has also developed methods to detect this new form of hardware-level DMA cheating thanks to Peterson. His invention essentially blocks reads to internal memory by suspicious devices. I recently ran into an issue with this DMA protection...

Published: 2024-11-04T10:00:00



The Verge - Securities

An Okta login bug bypassed checking passwords on some long usernames

Illustration of a password above an open combination lock, implying a data breach. On Friday evening, Okta posted an odd update to its list of security advisories. The latest entry reveals that under specific circumstances, someone could’ve logged in by entering anything for a password, but only if the account’s username ...

Published: 2024-11-01T22:00:13



The Verge - Securities

UnitedHealth data breach leaked info on over 100 million people

An image showing a laptop with “Error” notifications on the screen Insurance company UnitedHealth Group is confirming a ransomware attack earlier this year affected the private data of over 100 million people. The number was published in the US Department of Health and Human Services Office of Civil Rights...

Published: 2024-10-25T11:19:33



The Verge - Securities

Apple Intelligence bug bounty invites researchers to test its privacy claims

Vector illustration of the Apple logo. Apple is inviting investigations into the Private Cloud Compute (PCC) system that powers more computationally intensive Apple Intelligence requests. The company is also expanding its bug bounty program to offer payouts of up to $1,000,000 f...

Published: 2024-10-24T18:20:24



The Verge - Securities

WhatsApp is making a massive change to the way it saves your contacts

 In an email to The Verge, press representative for WhatsApp Jessica Maskell wrote that the new contacts feature will be followed by a new username system where phone numbers won’t be required. Other end-to-end encrypted messaging apps like Si...

Published: 2024-10-22T11:13:41



The Verge - Securities

Meta brings back face scanning to combat scams and account hacking

A persons face surrounded by face scanning and security icons. Facebook and Instagram are testing new facial recognition tools that could help users quickly restore compromised accounts and combat fake celebrity-endorsed scams. Meta announced its plan to roll out experimental features that can scan a u...

Published: 2024-10-22T08:19:05



BleepingComputer

Hackers increasingly use Winos4.0 post-exploitation kit in attacks

Hackers are increasingly targeting Windows users with the malicious Winos4.0 framework, distributed via seemingly benign game-related apps. [...]

Published: 2024-11-06T16:25:23



BleepingComputer

Cisco bug lets hackers run commands as root on UWRB access points

Cisco has fixed a maximum severity vulnerability that allows attackers to run commands with root privileges on vulnerable Ultra-Reliable Wireless Backhaul (URWB) access points that provide connectivity for industrial wireless automation. [...]

Published: 2024-11-06T14:34:13



BleepingComputer

New SteelFox malware hijacks Windows PCs using vulnerable driver

A new malicious package called 'SteelFox' mines for cryptocurrency and steals credit card data by using the "bring your own vulnerable driver" technique to get SYSTEM privileges on Windows machines. [...]

Published: 2024-11-06T12:53:57



BleepingComputer

Washington courts' systems offline following weekend cyberattack

Court systems across Washington state have been down since Sunday when officials said "unauthorized activity" was detected on their networks. [...]

Published: 2024-11-06T12:28:10



BleepingComputer

Germany drafts law to protect researchers who find security flaws

The Federal Ministry of Justice in Germany has drafted a law to provide legal protection to security researchers who discover and responsibly report security vulnerabilities to vendors. [...]

Published: 2024-11-06T10:17:30



BleepingComputer

Google Cloud to make MFA mandatory by the end of 2025

Google has announced that multi-factor authentication (MFA) will be mandatory on all Cloud accounts by the end of 2025 to enhance security. [...]

Published: 2024-11-05T15:07:18



BleepingComputer

Interpol disrupts cybercrime activity on 22,000 IP addresses, arrests 41

Interpol announced it arrested 41 individuals and taken down 1,037 servers and infrastructure running on 22,000 IP addresses facilitating cybercrime in an international law enforcement action titled Operation Synergia II. [...]

Published: 2024-11-05T13:55:16



BleepingComputer

Google fixes two Android zero-days used in targeted attacks

Google fixed two actively exploited Android zero-day flaws as part of its November security updates, addressing a total of 51 vulnerabilities. [...]

Published: 2024-11-05T09:30:58



Threat Intelligence

Hybrid Russian Espionage and Influence Campaign Aims to Compromise Ukrainian Military Recruits and Deliver Anti-Mobilization Narratives

Error message displayed if the user doesn’t grant REQUEST_INSTALL_PACKAGES permission In September 2024, Google Threat Intelligence Group (consisting of Google’s Threat Analysis Group (TAG) and Mandiant) discovered UNC5812, a suspected Russian hybrid espionage and influence operation, delivering Windows and Android malware using a Tel...

Published: 2024-10-28T13:00:00



Threat Intelligence

Investigating FortiManager Zero-Day Exploitation (CVE-2024-47575)

fortinet-zero-day-fig8 Written by: Foti Castelan, Max Thauer, JP Glab, Gabby Roncone, Tufail Ahmed, Jared Wilson Summary In October 2024, Mandiant collaborated with Fortinet to investigate the mass exploitation of FortiManager appliances across 50+ potentially compromised...

Published: 2024-10-23T20:00:00



ProPublica

Exploiting Meta’s Weaknesses, Deceptive Political Ads Thrived on Facebook and Instagram in Run-Up to Election

by Craig Silverman, ProPublica, and Priyanjana Bengani, Tow Center for Digital Journalism

Published: 2024-10-31T05:00:00



Krebs on Security

Canadian Man Arrested in Snowflake Data Extortions

A 26-year-old man in Ontario, Canada has been arrested for allegedly stealing data from and extorting more than 160 companies that used the cloud data service Snowflake. Image: https://www.pomerium.com/blog/the-real-lessons-from-the-snowflake-breach ...

Published: 2024-11-05T17:10:04



Krebs on Security

Booking.com Phishers May Leave You With Reservations

A number of cybercriminal innovations are making it easier for scammers to cash in on your upcoming travel plans. This story examines a recent spear-phishing campaign that ensued when a California hotel had its booking.com credentials stolen. We̵...

Published: 2024-11-01T21:12:38



Krebs on Security

Change Healthcare Breach Hits 100M Americans

Change Healthcare says it has notified approximately 100 million Americans that their personal, financial and healthcare records may have been stolen in a February 2024 ransomware attack that caused the largest ever known data breach of protected hea...

Published: 2024-10-30T13:34:08








© Segmentation Fault . All rights reserved.

Privacy | Terms of Use | Contact Us