Today's cybersecurity headlines are brought to you by ThreatPerspective


Biz & IT Ars Technica

Law enforcement operation takes down 22,000 malicious IP addresses worldwide

Operation Synergia II took aim at phishing, ransomware, and information stealing. An international coalition of police agencies has taken a major whack at criminals accused of running a host of online scams, inc

Published: 2024-11-07T23:12:23



The Register - Software

Critical 9.8-rated VMware vCenter RCE bug exploited after patch fumble

If you didn't fix this a month ago, your to-do list probably needs a reshuffle Two VMware vCenter server bugs, including a critical heap-overflow vulnerability that leads to remote code execution (RCE), have been exploited in attacks after Broadcom s

Published: 2024-11-18T22:29:09



The Register - Software

Microsoft Exchange update fixes security flaws, breaks other stuff

Flawed patch stops on-premises, hybrid server transport rules in their tracks for some Microsoft is pausing the rollout of an Exchange security update after it became clear that the patch could break transport rules for some customers.

Published: 2024-11-15T12:29:15



The Register - Software

Five Eyes infosec agencies list 2023's most exploited software flaws

Slack patching remains a problem which is worrying as crooks increasingly target zero-day vulns The cyber security agencies of the UK, US, Canada, Australia, and New Zealand have issued a list of the 15 most exploited vulnerabilities in 2023, and w

Published: 2024-11-14T08:31:06



The Verge - Securities

Microsoft announces its own Black Hat-like hacking event with big rewards for AI security

Illustration of a closed combination lock turning into pixels, implying a data breach or a lack of security. Microsoft is creating an in-person hacking event, Zero Day Quest, which it says will be the largest of its kind. The event will build upon Microsoft’s existing bug bounty program and incentivize research into high-impact security flaws that...

Published: 2024-11-19T08:30:00



The Verge - Securities

Microsoft's new Windows Resiliency Initiative aims to avoid another CrowdStrike incident

 Alongside the resiliency improvements, Windows 11 is also getting administrator protection soon. It’s a new feature that lets users have the security of a standard user but with the ability to make system changes and even install apps when ne...

Published: 2024-11-19T08:30:00



The Verge - Securities

These are the passwords you definitely shouldn t be using

 There are those who choose “iloveyou” and those who opt for “fuckyou.” Others have distinct interests, like “pokemon,” “naruto,” “samsung,” and “minecraft.” Many more are just names, like “michelle” or “ashley,” but at least some people make ...

Published: 2024-11-13T11:43:03



The Verge - Securities

National Guard Discord leaker sentenced to 15 years in prison

A photo of the American flag with graphic warning symbols. After pleading guilty in March to six counts of willful retention and transmission of national defense information under the Espionage Act, former Air National Guard member Jack Teixeira was sentenced today to 15 years in prison for posting...

Published: 2024-11-12T18:48:56



The Verge - Securities

Amazon confirms employee data breach, but says it's limited to contact info

A laptop surrounded by green and pink message boxes that say “warning.” Amazon says a data breach exposed the email addresses, phone numbers, and building locations linked to its employees, as reported earlier by 404 Media. In a statement to The Verge, Amazon spokesperson Adam Montgomery said the company was “n...

Published: 2024-11-11T15:22:05



The Verge - Securities

A new iOS 18 security feature makes it harder for police to unlock iPhones

Photo collage of a phone with a combination lock and keyhole over the screen. There is an apparently new iOS 18 security feature that reboots iPhones that haven’t been unlocked in a few days, frustrating police by making it harder to break into suspects’ iPhones, according to 404 Media. 404 Media, which first report...

Published: 2024-11-09T11:49:47



The Verge - Securities

The FBI says Russian emails are sending fake bomb threats to polling stations

The FBI symbol atop a red, black and white background made of seven pointed stars. The Federal Bureau of Investigation has issued a warning that fake bomb threats are being emailed to US polling locations in multiple states that “appear to originate from Russian email domains.” “None of the threats have been determined to...

Published: 2024-11-05T15:14:02



The Verge - Securities

Hacker suspected in massive Ticketmaster, AT&T breaches arrested in Canada

Authorities in Canada have arrested a man suspected of stealing information from around 165 companies using Snowflake’s cloud storage services, as reported earlier by Bloomberg and 404 Media. In a statement to The Verge, Canada Department o...

Published: 2024-11-05T09:15:28



BleepingComputer

Fintech giant Finastra investigates data breach after SFTP hack

Finastra has confirmed it warned customers of a cybersecurity incident after a threat actor began selling allegedly stolen data on a hacking forum. [...]

Published: 2024-11-20T15:56:59



BleepingComputer

US charges five linked to Scattered Spider cybercrime gang

The U.S. Justice Department has charged five suspects believed to be part of the financially motivated Scattered Spider cybercrime gang with conspiracy to commit wire fraud. [...]

Published: 2024-11-20T14:22:58



BleepingComputer

Apple fixes two zero-days used in attacks on Intel-based Macs

Apple released emergency security updates to fix two zero-day vulnerabilities that were exploited in attacks on Intel-based Mac systems. [...]

Published: 2024-11-19T16:52:18



BleepingComputer

CISA tags Progress Kemp LoadMaster flaw as exploited in attacks

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added three new flaws in its Known Exploited Vulnerabilities (KEV) catalog, including a critical OS command injection impacting Progress Kemp LoadMaster. [...]

Published: 2024-11-19T16:18:14



BleepingComputer

Ford investigates alleged breach following customer data leak

Ford is investigating allegations that it suffered a data breach after a threat actor claimed to leak 44,000 customer records on a hacking forum. [...]

Published: 2024-11-19T15:09:14



BleepingComputer

Oracle warns of Agile PLM file disclosure flaw exploited in attacks

Oracle has fixed an unauthenticated file disclosure flaw in Oracle Agile Product Lifecycle Management (PLM) tracked as CVE-2024-21287, which was actively exploited as a zero-day to download files. [...]

Published: 2024-11-19T14:56:05



Technology

Smart patch buzzes, twists and presses the skin to deliver a sense of touch

The haptic patch has a number of potential applications Scientists have devised a clever new method of allowing people to feel sensations that are transmitted to their skin. Beyond its applications in fields such as gaming and telepresence, the technology could also be used to guide the blind.Continue Rea...

Published: 2024-11-11T20:51:33



Threat Intelligence

Empowering Gemini for Malware Analysis with Code Interpreter and Google Threat Intelligence

One of Google Cloud's major missions is to arm security professionals with modern tools to help them defend against the latest threats. Part of that mission involves moving closer to a more autonomous, adaptive approach in threat intelligence automa

Published: 2024-11-19T14:00:00



Threat Intelligence

Emerging Threats: Cybersecurity Forecast 2025Emerging Threats: Cybersecurity Forecast 2025Content Marketing Manager, Mandiant

Every November, we start sharing forward-looking insights on threats and other cybersecurity topics to help organizations and defenders prepare for the year ahead. The Cybersecurity Forecast 2025 report, available today, plays a big role in helping

Published: 2024-11-13T14:00:00



ProPublica

Biden Asked Microsoft to “Raise the Bar on Cybersecurity.” He May Have Helped Create an Illegal Monopoly.

by Renee Dudley, with research by Doris Burke ProPublic

Published: 2024-11-15T06:00:00



Krebs on Security

Fintech Giant Finastra Investigating Data Breach

The financial technology firm Finastra is investigating the alleged large-scale theft of information from its internal file transfer platform, KrebsOnSecurity has learned. Finastra, which provides software and services to 45 of the world’s top ...

Published: 2024-11-20T01:12:15



Krebs on Security

An Interview With the Target & Home Depot Hacker

In December 2023, KrebsOnSecurity revealed the real-life identity of Rescator, the nickname used by a Russian cybercriminal who sold more than 100 million payment cards stolen from Target and Home Depot between 2013 and 2014. Moscow resident Mikhail ...

Published: 2024-11-15T04:45:32



Krebs on Security

Microsoft Patch Tuesday, November 2024 Edition

Microsoft today released updates to plug at least 89 security holes in its Windows operating systems and other software. November’s patch batch includes fixes for two zero-day vulnerabilities that are already being exploited by attackers, as we...

Published: 2024-11-12T21:59:46



Krebs on Security

FBI: Spike in Hacked Police Emails, Fake Subpoenas

The Federal Bureau of Investigation (FBI) is urging police departments and governments worldwide to beef up security around their email systems, citing a recent increase in cybercriminal services that use hacked police email accounts to send unauthor...

Published: 2024-11-09T19:20:26



Krebs on Security

Canadian Man Arrested in Snowflake Data Extortions

A 26-year-old man in Ontario, Canada has been arrested for allegedly stealing data from and extorting more than 160 companies that used the cloud data service Snowflake. On October 30, Canadian authorities arrested Alexander Moucka, a.k.a. Connor Riley Moucka of Kitchener, Ontario, on a provisional arrest warrant from the United States. Bloomberg first reported Moucka's alleged ties to the Snowflake hacks on Monday. At the end of 2023, malicious hackers learned that many large companies had uploaded huge volumes of sensitive customer data to Snowflake accounts that were protected with little more than a username and password (no multi-factor authentication required). After scouring darknet markets for stolen Snowflake account credentials, the hackers began raiding the data storage repositories used by some of the world’s largest corporations. A 25-year-old man in Ontario, Canada has been arrested for allegedly stealing data from and extorting more than 160 companies that used the cloud data service Snowflake. Image: https://www.pomerium.com/blog/the-real-lessons-from-the-snowflake-breach ...

Published: 2024-11-05T17:10:04



The Register - Security

Mega US healthcare payments network restores system 9 months after ransomware attack

Change Healthcare's $2 billion recovery is still a work in progress Still reeling from its February ransomware attack, Change Healthcare confirms its clearinghouse services are back up and running, almost exactly nine months since the digital disruption began.

Published: 2024-11-20T18:01:08



The Register - Security

Google's AI bug hunters sniff out two dozen-plus code gremlins that humans missed

OSS-Fuzz is making a strong argument for LLMs in security research Google's OSS-Fuzz project, which uses large language models (LLMs) to help find bugs in code repositories, has now helped identify 26 vulnerabilities, including a critical flaw in the widely used OpenSSL library.

Published: 2024-11-20T17:01:27



The Register - Security

D-Link tells users to trash old VPN routers over bug too dangerous to identify

Vendor offers 20% discount on new model, but not patches Owners of older models of D-Link VPN routers are being told to retire and replace their devices following the disclosure of a serious remote code execution (RCE) vulnerability.

Published: 2024-11-20T14:32:06



The Register - Security

Data is the new uranium incredibly powerful and amazingly dangerous

CISOs are quietly wishing they had less data, because the cost of management sometimes exceeds its value Column I recently got to play a 'fly on the wall' at a roundtable of chief information security officers. Beyond the expected griping and moaning about funding shortfalls and always-too-gullible users, I began to hear a new note: data has become a problem.

Published: 2024-11-20T07:15:09



The Register - Security

Healthcare org Equinox notifies 21K patients and staff of data theft

Ransomware scum LockBit claims it did the dirty deed Equinox, a New York State health and human services organization, has begun notifying over 21 thousand clients and staff that cyber criminals stole their health, financial, and personal information in a "data security incident" nearly seven months ago.

Published: 2024-11-20T00:30:07



The Register - Security

China-linked group abuses Fortinet 0-day with post-exploit VPN-credential stealer

No word on when or if the issue will be fixed Chinese government-linked snoops are exploiting a zero-day bug in Fortinet's Windows VPN client to steal credentials and other information, according to memory forensics outfit Volexity.

Published: 2024-11-19T23:02:13



The Register - Security

Russian suspected Phobos ransomware admin extradited to US over $16M extortion

This malware is FREE for EVERY crook ($300 decryption keys sold separately) A Russian citizen has been extradited from South Korea to the United States to face charges related to his alleged role in the Phobos ransomware operation.

Published: 2024-11-19T21:55:07



The Register - Security

America's drinking water systems have a hard-to-swallow cybersecurity problem

More than 100M rely on gear rife with vulnerabilities, says EPA OIG Nearly a third of US residents are served by drinking water systems with cybersecurity shortcomings, the Environmental Protection Agency's Office of Inspector General found in a recent study and the agency lacks its own system to track potential attacks.

Published: 2024-11-19T19:59:05



The Register - Security

Palo Alto Networks tackles firewall-busting zero-days with critical patches

Amazing that these two bugs got into a production appliance, say researchers Palo Alto Networks (PAN) finally released a CVE identifier and patch for the zero-day exploit that caused such a fuss last week.

Published: 2024-11-19T15:29:12



The Register - Security

Navigating third-party risks

Strategies for mitigating external access vulnerabilities and safeguarding sensitive data Webinar As organizations increasingly rely on third-party contractors, vendors, and service providers, the security risks associated with third-party access can become a top priority.

Published: 2024-11-19T14:33:09



The Register - Security

Crook breaks into AI biz, points $250K wire payment at their own account

Fastidious attacker then tidied up email trail behind them A Maryland AI company has confirmed to the Securities and Exchange Commission (SEC) that it lost $250,000 to a misdirected wire payment.

Published: 2024-11-19T12:31:13



The Register - Security

Join in the festive cybersecurity fun

Get hands-on cybersecurity training this seasonal challenge Sponsored Post Are you ready to pit your wits against the cyber exercises featured in the Holiday Hack Challenge 2024: Snow-maggedon?

Published: 2024-11-19T09:10:55



The Register - Security

iOS 18 added secret and smart security feature that reboots iThings after three days

Security researcher's reverse engineering effort reveals undocumented reboot timer that will make life harder for attackers Apple's latest mobile operating system, iOS 18, appears to have added an undocumented security feature that reboots devices if they re not used for 72 hours.

Published: 2024-11-19T08:31:15



The Register - Security

Ford 'actively investigating' after employee data allegedly parked on leak site

Plus: Maxar Space Systems confirms employee info stolen in digital intrusion Updated Ford Motor Company says it is looking into allegations of a data breach after attackers claimed to have stolen an internal database containing 44,000 customer records and dumped the info on a cyber crime souk for anyone to "enjoy."

Published: 2024-11-18T23:58:08



The Register - Security

Critical 9.8-rated VMware vCenter RCE bug exploited after patch fumble

If you didn't fix this a month ago, your to-do list probably needs a reshuffle Two VMware vCenter server bugs, including a critical heap-overflow vulnerability that leads to remote code execution (RCE), have been exploited in attacks after Broadcom's first attempt to fix the flaws fell short.

Published: 2024-11-18T22:29:09



The Register - Security

T-Mobile US 'monitoring' China's 'industry-wide attack' amid fresh security breach fears

Un-carrier said to be among those hit by Salt Typhoon, including AT&T, Verizon T-Mobile US said it is "monitoring" an "industry-wide" cyber-espionage campaign against American networks amid fears Chinese government-backed spies compromised the un-carrier among with various other telecommunications providers.

Published: 2024-11-18T20:43:22



The Register - Security

Sweden's 'Doomsday Prep for Dummies' guide hits mailboxes today

First in six years is nearly three times the size of the older, pre-NATO version Residents of Sweden are to receive a handy new guide this week that details how to prepare for various types of crisis situations or wartime should geopolitical events threaten the country.

Published: 2024-11-18T16:03:15



The Register - Security

Deepen your knowledge of Linux security

Event The security landscape is constantly shifting. If you're running Linux, staying ahead may rely on understanding the challenges - and opportunities - unique to Linux environments.

Published: 2024-11-18T14:42:10



The Register - Security

Teen serial swatter-for-hire busted, pleads guilty, could face 20 years

PLUS: Cost of Halliburton hack disclosed; Time to dump old D-Link NAS; More UN cybercrime convention concerns; and more Infosec in brief A teenager has pleaded guilty to calling in more than 375 fake threats to law enforcement, and now faces years in prison.

Published: 2024-11-18T00:31:07



The Register - Security

Will passkeys ever replace passwords? Can they?

Here's why they really should Systems Approach I have been playing around with passkeys, or as they are formally known, discoverable credentials.

Published: 2024-11-17T18:30:07



The Register - Security

Rust haters, unite! Fil-C aims to Make C Great Again

It's memory-safe, with a few caveats Developers looking to continue working in the C and C++ programming languages amid the global push to promote memory-safe programming now have another option that doesn't involve learning Rust.

Published: 2024-11-16T10:12:14



The Register - Security

Swiss cheesed off as postal service used to spread malware

QR codes arrive via an age-old delivery system Switzerland's National Cyber Security Centre (NCSC) has issued an alert about malware being spread via the country's postal service.

Published: 2024-11-16T07:07:05



The Register - Security

Bloke behind Helix Bitcoin launderette jailed for three years, hands over $400M

Digital money laundering pays, until it doesn't An Ohio man, who operated the Grams dark-web search engine and the Helix cryptocurrency money-laundering service associated with it, has been sentenced to three years in prison.

Published: 2024-11-16T00:58:06



The Register - Security

Letting chatbots run robots ends as badly as you'd expect

LLM-controlled droids easily jailbroken to perform mayhem, researchers warn Science fiction author Isaac Asimov proposed three laws of robotics, and you'd never know it from the behavior of today's robots or those making them.

Published: 2024-11-16T00:03:24



The Register - Security

Mystery Palo Alto Networks hijack-my-firewall zero-day now officially under exploit

Yank access to management interface, stat A critical zero-day vulnerability in Palo Alto Networks' firewall management interface that can allow an unauthenticated attacker to remotely execute code is now officially under active exploitation.

Published: 2024-11-15T21:07:03



The Register - Security

Keyboard robbers steal 171K customers' data from AnnieMac mortgage house

Names and social security numbers of folks looking for the biggest loan of their lives exposed A major US mortgage lender has told customers looking to make the biggest financial transaction of their lives that an intruder broke into its systems and saw data belonging to 171,000 of them.

Published: 2024-11-15T19:22:09



The Register - Security

Bitfinex burglar bags 5 years behind bars for Bitcoin heist

A nervous wait for rapper wife who also faces a stint in the clink The US is sending the main figure behind the 2016 intrusion at crypto exchange Bitfinex to prison for five years after he stole close to 120,000 Bitcoin.

Published: 2024-11-15T14:09:07



The Register - Security

Microsoft Power Pages misconfigurations exposing sensitive data

NHS supplier that leaked employee info fell victim to fiddly access controls that can leave databases dangling online Private businesses and public-sector organizations are unwittingly exposing millions of people's sensitive information to the public internet because they misconfigure Microsoft's Power Pages website creation program.

Published: 2024-11-15T06:32:13



The Register - Security

Fortinet patches VPN app flaw that could give rogue users, malware a privilege boost

Plus a bonus hard-coded local API key A now-patched, high-severity bug in Fortinet's FortiClient VPN application potentially allows a low-privilege rogue user or malware on a vulnerable Windows system to gain higher privileges from another user, execute code and possibly take over the box, and delete log files.

Published: 2024-11-14T22:22:13



The Register - Security

Cybercriminal devoid of boundaries gets 10-year prison sentence

Serial extortionist of medical facilities stooped to cavernous lows in search of small payouts A rampant cybercrook and repeat attacker of medical facilities in the US is being sentenced to a decade in prison, around seven years after the first of his many crimes.

Published: 2024-11-14T20:27:09



The Register - Security

Kids' shoemaker Start-Rite trips over security again, spilling customer card info

Full details exposed, putting shoppers at serious risk of fraud Updated Children's shoemaker Start-Rite is dealing with a nasty "security incident" involving customer payment card details, its second significant lapse during the past eight years.

Published: 2024-11-14T11:57:46



The Register - Security

NatWest blocks bevy of apps in clampdown on unmonitorable comms

From guidance to firm action... no more WhatsApp, Meta's Messenger, Signal, Telegram and more The full list of messaging apps officially blocked by Brit banking and insurance giant NatWest Group is more extensive than WhatsApp, Meta's Messenger, and Skype as first reported.

Published: 2024-11-14T10:53:32



The Register - Security

Asda security chief replaced, retailer sheds jobs during Walmart tech divorce

British grocer's workers called back to office as clock ticks for contractors The head of tech security at Asda, the UK's third-largest food retailer, has left amid an ongoing tech divorce from US grocery giant Walmart.

Published: 2024-11-14T09:30:12



The Register - Security

Five Eyes infosec agencies list 2023's most exploited software flaws

Slack patching remains a problem which is worrying as crooks increasingly target zero-day vulns The cyber security agencies of the UK, US, Canada, Australia, and New Zealand have issued a list of the 15 most exploited vulnerabilities in 2023, and warned that attacks on zero-day exploits have become more common.

Published: 2024-11-14T08:31:06



The Register - Security

Reminder: China-backed crews compromised 'multiple' US telcos in 'significant cyber espionage campaign'

Feds don't name Salt Typhoon, but describe Beijing band's alleged deeds Updated The US government has confirmed there was "a broad and significant cyber espionage campaign" conducted by China-linked snoops against "multiple" American telecommunications providers' networks.

Published: 2024-11-14T01:54:11



The Register - Security

ShrinkLocker ransomware scrambled your files? Free decryption tool to the rescue

Plus: CISA's ScubaGear dives deep to fix M365 misconfigs Bitdefender has released a free decryption tool that can unlock data encrypted by the ShrinkLocker ransomware.

Published: 2024-11-14T00:14:06



The Register - Security

Data broker amasses 100M+ records on people then someone snatches, sells it

We call this lead degeneration What's claimed to be more than 183 million records of people's contact details and employment info has been stolen or otherwise obtained from a data broker and put up for sale by a miscreant.

Published: 2024-11-13T21:44:10



The Register - Security

Ransomware fiends boast they've stolen 1.4TB from US pharmacy network

American Associated Pharmacies yet to officially confirm infection American Associated Pharmacies (AAP) is the latest US healthcare organization to have had its data stolen and encrypted by cyber-crooks, it is feared.

Published: 2024-11-13T19:10:13



The Register - Security

Microsoft slips Task Manager and processor count fixes into Patch Tuesday

Sore about cores no more Microsoft has resolved two issues vexing Windows 11 24H2 and Windows Server 2025 users among the many security updates that emerged on Patch Tuesday.

Published: 2024-11-13T17:35:12



The Register - Security

Admins can give thanks this November for dollops of Microsoft patches

Don't be a turkey get these fixed Patch Tuesday Patch Tuesday has swung around again, and Microsoft has released fixes for 89 CVE-listed security flaws in its products including two under active attack and reissued three more.

Published: 2024-11-13T01:29:13



The Register - Security

China's Volt Typhoon crew and its botnet surge back with a vengeance

Ohm, for flux sake China's Volt Typhoon crew and its botnet are back, compromising old Cisco routers once again to break into critical infrastructure networks and kick off cyberattacks, according to security researchers.

Published: 2024-11-13T00:58:10



The Register - Security

Air National Guardsman gets 15 years after splashing classified docs on Discord

22-year-old talked of 'culling the weak minded' hmm! A former Air National Guard member who stole classified American military secrets, and showed them to his gaming buddies on Discord, has been sentenced to 15 years in prison.

Published: 2024-11-13T00:01:21



The Register - Security

Here's what we know about the suspected Snowflake data extortionists

A Canadian and an American living in Turkey 'walk into' cloud storage environments Two men allegedly compromised what's believed to be multiple organizations' Snowflake-hosted cloud environments, stole sensitive data within, and extorted at least $2.5 million from at least three victims.

Published: 2024-11-12T21:10:15



The Register - Security

'Cybersecurity issue' at Food Lion parent blamed for US grocery mayhem

Stores still open, but customers report delayed deliveries, invoicing issues, and more at Stop & Shop and others Retail giant Ahold Delhaize, which owns Food Lion and Stop & Shop, among others, is confirming outages at several of its US grocery stores are being caused by an ongoing "cybersecurity issue."

Published: 2024-11-12T19:30:07



The Register - Security

HTTP your way into Citrix's Virtual Apps and Desktops with fresh exploit code

'Once again, we've lost a little more faith in the internet,' researcher says Researchers are publicizing a proof of concept (PoC) exploit for what they're calling an unauthenticated remote code execution (RCE) vulnerability in Citrix's Virtual Apps and Desktops.

Published: 2024-11-12T16:11:12



The Register - Security

Managing third-party risks in complex IT environments

Key steps to protect your organization's data from unauthorized external access Webinar With increasing reliance on contractors, partners, and vendors, managing third-party access to systems and data is a complex security challenge.

Published: 2024-11-12T15:08:09



The Register - Security

Amazon confirms employee data exposed in leak linked to MOVEit vulnerability

Over 5 million records from 25 organizations posted to black hat forum Amazon employees' data is part of a stolen trove posted to a cybercrime forum linked to last year's MOVEit vulnerability.

Published: 2024-11-12T13:29:06



The Register - Security

FBI issues warning as crooks ramp up emergency data request scams

Just because it's .gov doesn't mean that email is trustworthy Cybercrooks abusing emergency data requests in the US isn't new, but the FBI says it's becoming a more pronounced issue as the year draws to a close.

Published: 2024-11-11T16:23:12



The Register - Security

Dark web crypto laundering kingpin sentenced to 12.5 years in prison

Prosecutors hand Russo-Swede a half-billion bill The operator of the longest-running money laundering machine in dark web history, Bitcoin Fog, has been sentenced to 12 years and six months in US prison.

Published: 2024-11-11T12:38:12



The Register - Security

Alleged Snowflake attacker gets busted by Canadians politely, we assume

Also: Crypto hacks will continue; CoD hacker gets thousands banned, and more Infosec in brief One of the suspected masterminds behind the widespread Snowflake breach has been arrested in Canada but the saga isn't over, eh.

Published: 2024-11-11T03:28:13



Security Latest

Inside the Booming ‘AI Pimping’ Industry

AI-generated influencers based on stolen images of real-life adult content creators are flooding social media.

Published: 2024-11-20T11:00:00



Security Latest

Anyone Can Buy Data Tracking US Soldiers and Spies to Nuclear Vaults and Brothels in Germany

More than 3 billion phone coordinates collected by a US data broker expose the detailed movements of US military and intelligence workers in Germany and the Pentagon is powerless to stop it.

Published: 2024-11-20T04:00:00



Security Latest

Immigration Police Can Already Sidestep US Sanctuary City Laws Using Data-Sharing Fusion Centers

Built to combat terrorism, fusion centers give US Immigration and Customs Enforcement a way to gain access to data that’s meant to be protected under city laws limiting local police cooperation with ICE.

Published: 2024-11-19T10:00:00



Security Latest

Bitfinex Hacker Gets 5 Years for $10 Billion Bitcoin Heist

Plus: An “AI granny” is wasting scammers’ time, a lawsuit goes after spyware-maker NSO Group’s executives, and North Korea linked hackers take a crack at macOS malware.

Published: 2024-11-16T11:30:00



Security Latest

More Spyware, Fewer Rules: What Trump’s Return Means for US Cybersecurity

Experts expect Donald Trump’s next administration to relax cybersecurity rules on businesses, abandon concerns around human rights, and take an aggressive stance against the cyber armies of US adversaries.

Published: 2024-11-14T10:30:00



Security Latest

Teen Behind Hundreds of Swatting Attacks Pleads Guilty to Federal Charges

Alan Filion, believed to have operated under the handle “Torswats,” admitted to making more than 375 fake threats against schools, places of worship, and government buildings around the United States.

Published: 2024-11-14T01:37:28



Security Latest

These Guys Hacked AirPods to Give Their Grandmas Hearing Aids

Three technologists in India used a homemade Faraday cage and a microwave oven to get around Apple’s location blocks.

Published: 2024-11-13T19:07:15



Security Latest

ICE Started Ramping Up Its Surveillance Arsenal Immediately After Donald Trump Won

US Immigration and Customs Enforcement put out a fresh call for contracts for surveillance technologies before an anticipated surge in the number of people it monitors ahead of deportation hearings.

Published: 2024-11-13T12:00:00



Security Latest

The WIRED Guide to Protecting Yourself From Government Surveillance

Donald Trump has vowed to deport millions and jail his enemies. To carry out that agenda, his administration will exploit America’s digital surveillance machine. Here are some steps you can take to evade it.

Published: 2024-11-12T11:30:00



Security Latest

The Real Problem With Banning Masks at Protests

Privacy advocates worry banning masks at protests will encourage harassment, while cops’ high-tech tools render the rules unnecessary.

Published: 2024-11-12T11:00:00



Security Latest

The AI Machine Gun of the Future Is Already Here

The Pentagon is pursuing every available option to keep US troops safe from the rising tide of adversary drones, including a robotic twist on its standard-issue small arms.

Published: 2024-11-11T10:30:00



Security Latest

Auto-Rebooting iPhones Are Causing Chaos for Cops

Plus: Hot Topic confirms a customer data breach, Germany arrests a US citizen for allegedly passing military secrets to Chinese intelligence, and more.

Published: 2024-11-09T11:30:00



Security Latest

764 Terror Network Member Richard Densmore Sentenced to 30 Years in Prison

The 47-year-old Michigan man, who pleaded guilty to sexually exploiting a child, was highly active in the online criminal network called 764, which the FBI now considers a “tier one” terrorism threat.

Published: 2024-11-07T20:46:05



Security Latest

Russia Is Going All Out on Election Day Interference

Along with other foreign influence operations including from Iran Kremlin-backed campaigns to stoke division and fear have gone into overdrive.

Published: 2024-11-05T21:04:35



Security Latest

Man Arrested for Snowflake Hacking Spree Faces US Extradition

Alexander “Connor” Moucka was arrested this week by Canadian authorities for allegedly carrying out a series of hacks that targeted Snowflake’s cloud customers. His next stop may be a US jail.

Published: 2024-11-05T18:36:22



Security Latest

Flaw in Right-Wing ‘Election Integrity’ App Exposes Voter-Suppression Plan and User Data

A bug that WIRED discovered in True the Vote’s VoteAlert app revealed user information and an election worker who wrote about carrying out an illegal voter-suppression scheme.

Published: 2024-11-05T16:56:22



The Hacker News

Ghost Tap: Hackers Exploiting NFCGate to Steal Funds via Mobile Payments

Threat actors are increasingly banking on a new technique that leverages near-field communication (NFC) to cash out victim's funds at scale. The technique, codenamed Ghost Tap by ThreatFabric, enables cybercriminals to cash-out money from stolen credit cards linked to mobile payment services such as Google Pay or Apple Pay and relaying NFC traffic. "Criminals can now misuse Google Pay and Apple

Published: 2024-11-20T18:39:00



The Hacker News

NHIs Are the Future of Cybersecurity: Meet NHIDR

The frequency and sophistication of modern cyberattacks are surging, making it increasingly challenging for organizations to protect sensitive data and critical infrastructure. When attackers compromise a non-human identity (NHI), they can swiftly exploit it to move laterally across systems, identifying vulnerabilities and compromising additional NHIs in minutes. While organizations often take

Published: 2024-11-20T17:00:00



The Hacker News

Decades-Old Security Vulnerabilities Found in Ubuntu's Needrestart Package

Multiple decade-old security vulnerabilities have been disclosed in the needrestart package installed by default in Ubuntu Server (since version 21.04) that could allow a local attacker to gain root privileges without requiring user interaction. The Qualys Threat Research Unit (TRU), which identified and reported the flaws early last month, said they are trivial to exploit, necessitating that

Published: 2024-11-20T14:46:00



The Hacker News

Microsoft Launches Windows Resiliency Initiative to Boost Security and System Integrity

Microsoft has announced a new Windows Resiliency Initiative as a way to improve security and reliability, as well as ensure that system integrity is not compromised. The idea, the tech giant said, is to avoid incidents like that of CrowdStrike's earlier this July, enable more apps and users to be run without admin privileges, add controls surrounding the use of unsafe apps and drivers, and offer

Published: 2024-11-20T12:30:00



The Hacker News

China-Backed Hackers Leverage SIGTRAN, GSM Protocols to Infiltrate Telecom Networks

A new China-linked cyber espionage group has been attributed as behind a series of targeted cyber attacks targeting telecommunications entities in South Asia and Africa since at least 2020 with the goal of enabling intelligence collection. Cybersecurity company CrowdStrike is tracking the adversary under the name Liminal Panda, describing it as possessing deep knowledge about telecommunications

Published: 2024-11-20T12:28:00



The Hacker News

Apple Releases Urgent Updates to Patch Actively Exploited Zero-Day Vulnerabilities

Apple has released security updates for iOS, iPadOS, macOS, visionOS, and its Safari web browser to address two zero-day flaws that have come under active exploitation in the wild. The flaws are listed below - CVE-2024-44308 - A vulnerability in JavaScriptCore that could lead to arbitrary code execution when processing malicious web content CVE-2024-44309 - A cookie management vulnerability in

Published: 2024-11-20T10:07:00



The Hacker News

Oracle Warns of Agile PLM Vulnerability Currently Under Active Exploitation

Oracle is warning that a high-severity security flaw impacting the Agile Product Lifecycle Management (PLM) Framework has been exploited in the wild. The vulnerability, tracked as CVE-2024-21287 (CVSS score: 7.5), could be exploited sans authentication to leak sensitive information. "This vulnerability is remotely exploitable without authentication, i.e., it may be exploited over a network

Published: 2024-11-20T09:54:00



The Hacker News

Ngioweb Botnet Fuels NSOCKS Residential Proxy Network Exploiting IoT Devices

The malware known as Ngioweb has been used to fuel a notorious residential proxy service called NSOCKS, as well as by other services such as VN5Socks and Shopsocks5, new findings from Lumen Technologies reveal. "At least 80% of NSOCKS bots in our telemetry originate from the Ngioweb botnet, mainly utilizing small office/home office (SOHO) routers and IoT devices," the Black Lotus Labs team at

Published: 2024-11-19T19:31:00



The Hacker News

Hackers Hijack Unsecured Jupyter Notebooks to Stream Illegal Sports Broadcasts

Malicious actors are exploiting misconfigured JupyterLab and Jupyter Notebooks to conduct stream ripping and enable sports piracy using live streaming capture tools. The attacks involve the hijack of unauthenticated Jupyter Notebooks to establish initial access, and perform a series of actions designed to facilitate illegal live streaming of sports events, Aqua said in a report shared with The

Published: 2024-11-19T19:30:00



The Hacker News

Privileged Accounts, Hidden Threats: Why Privileged Access Security Must Be a Top Priority

Privileged accounts are well-known gateways for potential security threats. However, many organizations focus solely on managing privileged access rather than securing the accounts and users entrusted with it. This emphasis is perhaps due to the persistent challenges of Privileged Access Management (PAM) deployments. Yet, as the threat landscape evolves, so must organizational priorities. To

Published: 2024-11-19T17:00:00



The Hacker News

New 'Helldown' Ransomware Variant Expands Attacks to VMware and Linux Systems

Cybersecurity researchers have shed light on a Linux variant of a relatively new ransomware strain called Helldown, suggesting that the threat actors are broadening their attack focus. "Helldown deploys Windows ransomware derived from the LockBit 3.0 code," Sekoia said in a report shared with The Hacker News. "Given the recent development of ransomware targeting ESX, it appears that the group

Published: 2024-11-19T15:10:00



The Hacker News

Chinese Hackers Exploit T-Mobile and Other U.S. Telecoms in Broader Espionage Campaign

U.S. telecoms giant T-Mobile has confirmed that it was also among the companies that were targeted by Chinese threat actors to gain access to valuable information. The adversaries, tracked as Salt Typhoon, breached the company as part of a "monthslong campaign" designed to harvest cellphone communications of "high-value intelligence targets." It's not clear what information was taken, if any,

Published: 2024-11-19T12:32:00



The Hacker News

Warning: VMware vCenter and Kemp LoadMaster Flaws Under Active Exploitation

Now-patched security flaws impacting Progress Kemp LoadMaster and VMware vCenter Server have come under active exploitation in the wild, it has emerged. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added CVE-2024-1212 (CVSS score: 10.0), a maximum-severity security vulnerability in Progress Kemp LoadMaster to its Known Exploited Vulnerabilities (KEV) catalog. It was

Published: 2024-11-19T12:01:00



The Hacker News

New Stealthy BabbleLoader Malware Spotted Delivering WhiteSnake and Meduza Stealers

Cybersecurity researchers have shed light on a new stealthy malware loader called BabbleLoader that has been observed in the wild delivering information stealer families such as WhiteSnake and Meduza. BabbleLoader is an "extremely evasive loader, packed with defensive mechanisms, that is designed to bypass antivirus and sandbox environments to deliver stealers into memory," Intezer security

Published: 2024-11-18T22:18:00



The Hacker News

The Problem of Permissions and Non-Human Identities - Why Remediating Credentials Takes Longer Than You Think

According to research from GitGuardian and CyberArk, 79% of IT decision-makers reported having experienced a secrets leak, up from 75% in the previous year's report. At the same time, the number of leaked credentials has never been higher, with over 12.7 million hardcoded credentials in public GitHub repositories alone. One of the more troubling aspects of this report is that over 90% of valid

Published: 2024-11-18T19:30:00



The Hacker News

THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 11 - Nov 17)

What do hijacked websites, fake job offers, and sneaky ransomware have in common? They’re proof that cybercriminals are finding smarter, sneakier ways to exploit both systems and people. This week makes one thing clear: no system, no person, no organization is truly off-limits. Attackers are getting smarter, faster, and more creative using everything from human trust to hidden flaws in

Published: 2024-11-18T17:06:00



The Hacker News

Gmail's New Shielded Email Feature Lets Users Create Aliases for Email Privacy

Google appears to be readying a new feature called Shielded Email that allows users to create email aliases when signing up for online services and better combat spam. The feature was first reported by Android Authority last week following a teardown of the latest version of Google Play Services for Android. The idea is to create unique, single-use email addresses that forward the messages to

Published: 2024-11-18T16:45:00



The Hacker News

Beyond Compliance: The Advantage of Year-Round Network Pen Testing

IT leaders know the drill regulators and cyber insurers demand regular network penetration testing to keep the bad guys out. But here’s the thing: hackers don’t wait around for compliance schedules. Most companies approach network penetration testing on a set schedule, with the most common frequency being twice a year (29%), followed by three to four times per year (23%) and once per year (20%),

Published: 2024-11-18T16:45:00



The Hacker News

Fake Discount Sites Exploit Black Friday to Hijack Shopper Information

A new phishing campaign is targeting e-commerce shoppers in Europe and the United States with bogus pages that mimic legitimate brands with the goal of stealing their personal information ahead of the Black Friday shopping season. "The campaign leveraged the heightened online shopping activity in November, the peak season for Black Friday discounts. The threat actor used fake discounted products

Published: 2024-11-18T16:26:00



The Hacker News

NSO Group Exploited WhatsApp to Install Pegasus Spyware Even After Meta's Lawsuit

Legal documents released as part of an ongoing legal tussle between Meta's WhatsApp and NSO Group have revealed that the Israeli spyware vendor used multiple exploits targeting the messaging app to deliver Pegasus, including one even after it was sued by Meta for doing so. They also show that NSO Group repeatedly found ways to install the invasive surveillance tool on the target's devices as

Published: 2024-11-18T11:22:00



The Hacker News

Urgent: Critical WordPress Plugin Vulnerability Exposes Over 4 Million Sites

A critical authentication bypass vulnerability has been disclosed in the Really Simple Security (formerly Really Simple SSL) plugin for WordPress that, if successfully exploited, could grant an attacker to remotely gain full administrative access to a susceptible site. The vulnerability, tracked as CVE-2024-10924 (CVSS score: 9.8), impacts both free and premium versions of the plugin. The

Published: 2024-11-18T10:22:00



The Hacker News

PAN-OS Firewall Vulnerability Under Active Exploitation IoCs and Patch Released

Palo Alto Networks has released new indicators of compromise (IoCs) a day after the network security vendor confirmed that a zero-day vulnerability impacting its PAN-OS firewall management interface has been actively exploited in the wild. To that end, the company said it observed malicious activity originating from below IP addresses and targeting PAN-OS management web interface IP addresses

Published: 2024-11-16T13:51:00



The Hacker News

Warning: DEEPDATA Malware Exploiting Unpatched Fortinet Flaw to Steal VPN Credentials

A threat actor known as BrazenBamboo has exploited an unresolved security flaw in Fortinet's FortiClient for Windows to extract VPN credentials as part of a modular framework called DEEPDATA. Volexity, which disclosed the findings Friday, said it identified the zero-day exploitation of the credential disclosure vulnerability in July 2024, describing BrazenBamboo as the developer behind DEEPDATA,

Published: 2024-11-16T11:55:00



The Hacker News

Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations

Cybersecurity researchers have shed light on a new remote access trojan and information stealer used by Iranian state-sponsored actors to conduct reconnaissance of compromised endpoints and execute malicious commands. Cybersecurity company Check Point has codenamed the malware WezRat, stating it has been detected in the wild since at least September 1, 2023, based on artifacts uploaded to the

Published: 2024-11-15T23:27:00



The Hacker News

Researchers Warn of Privilege Escalation Risks in Google's Vertex AI ML Platform

Cybersecurity researchers have disclosed two security flaws in Google's Vertex machine learning (ML) platform that, if successfully exploited, could allow malicious actors to escalate privileges and exfiltrate models from the cloud. "By exploiting custom job permissions, we were able to escalate our privileges and gain unauthorized access to all data services in the project," Palo Alto Networks

Published: 2024-11-15T18:05:00



The Hacker News

Live Webinar: Dive Deep into Crypto Agility and Certificate Management

In the fast-paced digital world, trust is everything but what happens when that trust is disrupted? Certificate revocations, though rare, can send shockwaves through your operations, impacting security, customer confidence, and business continuity. Are you prepared to act swiftly when the unexpected happens? Join DigiCert’s exclusive webinar, "When Shift Happens: Are You Ready for Rapid

Published: 2024-11-15T17:18:00



The Hacker News

Vietnamese Hacker Group Deploys New PXA Stealer Targeting Europe and Asia

A Vietnamese-speaking threat actor has been linked to an information-stealing campaign targeting government and education entities in Europe and Asia with a new Python-based malware called PXA Stealer. The malware "targets victims' sensitive information, including credentials for various online accounts, VPN and FTP clients, financial information, browser cookies, and data from gaming software,"

Published: 2024-11-15T16:42:00



The Hacker News

How AI Is Transforming IAM and Identity Security

In recent years, artificial intelligence (AI) has begun revolutionizing Identity Access Management (IAM), reshaping how cybersecurity is approached in this crucial field. Leveraging AI in IAM is about tapping into its analytical capabilities to monitor access patterns and identify anomalies that could signal a potential security breach. The focus has expanded beyond merely managing human

Published: 2024-11-15T16:00:00



The Hacker News

High-Severity Flaw in PostgreSQL Allows Hackers to Exploit Environment Variables

Cybersecurity researchers have disclosed a high-severity security flaw in the PostgreSQL open-source database system that could allow unprivileged users to alter environment variables, and potentially lead to code execution or information disclosure. The vulnerability, tracked as CVE-2024-10979, carries a CVSS score of 8.8. Environment variables are user-defined values that can allow a program

Published: 2024-11-15T12:10:00



The Hacker News

Bitfinex Hacker Sentenced to 5 Years, Guilty of Laundering $10.5 Billion in Bitcoin

Ilya Lichtenstein, who pleaded guilty to the 2016 hack of cryptocurrency stock exchange Bitfinex, has been sentenced to five years in prison, the U.S. Department of Justice (DoJ) announced Thursday. Lichtenstein was charged for his involvement in a money laundering scheme that led to the theft of nearly 120,000 bitcoins (valued at over $10.5 billion at current prices) from the crypto exchange.

Published: 2024-11-15T11:00:00



The Hacker News

CISA Flags Two Actively Exploited Palo Alto Flaws; New RCE Attack Confirmed

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday warned that two more flaws impacting the Palo Alto Networks Expedition software have come under active exploitation in the wild. To that end, it has added the vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to apply the necessary updates

Published: 2024-11-15T10:34:00



The Hacker News

Experts Uncover 70,000 Hijacked Domains in Widespread 'Sitting Ducks' Attack Scheme

Multiple threat actors have been found taking advantage of an attack technique called Sitting Ducks to hijack legitimate domains for using them in phishing attacks and investment fraud schemes for years. The findings come from Infoblox, which said it identified nearly 800,000 vulnerable registered domains over the past three months, of which approximately 9% (70,000) have been subsequently

Published: 2024-11-14T23:06:00



The Hacker News

Google Warns of Rising Cloaking Scams, AI-Driven Fraud, and Crypto Schemes

Google has revealed that bad actors are leveraging techniques like landing page cloaking to conduct scams by impersonating legitimate sites. "Cloaking is specifically designed to prevent moderation systems and teams from reviewing policy-violating content which enables them to deploy the scam directly to users," Laurie Richardson, VP and Head of Trust and Safety at Google, said. "The landing

Published: 2024-11-14T19:30:00



The Hacker News

5 BCDR Oversights That Leave You Exposed to Ransomware

Ransomware isn’t just a buzzword; it’s one of the most dreaded challenges businesses face in this increasingly digitized world. Ransomware attacks are not only increasing in frequency but also in sophistication, with new ransomware groups constantly emerging. Their attack methods are evolving rapidly, becoming more dangerous and damaging than ever. Almost all respondents (99.8%) in a recent

Published: 2024-11-14T17:40:00



The Hacker News

TikTok Pixel Privacy Nightmare: A New Case Study

Advertising on TikTok is the obvious choice for any company trying to reach a young market, and especially so if it happens to be a travel company, with 44% of American Gen Zs saying they use the platform to plan their vacations. But one online travel marketplace targeting young holidaymakers with ads on the popular video-sharing platform broke GDPR rules when a third-party partner misconfigured

Published: 2024-11-14T16:00:00



The Hacker News

New RustyAttr Malware Targets macOS Through Extended Attribute Abuse

Threat actors have been found leveraging a new technique that abuses extended attributes for macOS files to smuggle a new malware called RustyAttr. The Singaporean cybersecurity company has attributed the novel activity with moderate confidence to the infamous North Korea-linked Lazarus Group, citing infrastructure and tactical overlaps observed in connection with prior campaigns, including

Published: 2024-11-14T15:21:00



The Hacker News

Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails

A newly patched security flaw impacting Windows NT LAN Manager (NTLM) was exploited as a zero-day by a suspected Russia-linked actor as part of cyber attacks targeting Ukraine. The vulnerability in question, CVE-2024-43451 (CVSS score: 6.5), refers to an NTLM hash disclosure spoofing vulnerability that could be exploited to steal a user's NTLMv2 hash. It was patched by Microsoft earlier this

Published: 2024-11-14T11:13:00



The Hacker News

Hamas-Affiliated WIRTE Employs SameCoin Wiper in Disruptive Attacks Against Israel

A threat actor affiliated with Hamas has expanded its malicious cyber operations beyond espionage to carry out disruptive attacks that exclusively target Israeli entities. The activity, linked to a group called WIRTE, has also targeted the Palestinian Authority, Jordan, Iraq, Saudi Arabia, and Egypt, Check Point said in an analysis. "The [Israel-Hamas] conflict has not disrupted the WIRTE's

Published: 2024-11-13T21:39:00



The Hacker News

Free Decryptor Released for BitLocker-Based ShrinkLocker Ransomware Victims

Romanian cybersecurity company Bitdefender has released a free decryptor to help victims recover data encrypted using the ShrinkLocker ransomware. The decryptor is the result of a comprehensive analysis of ShrinkLocker's inner workings, allowing the researchers to discover a "specific window of opportunity for data recovery immediately after the removal of protectors from BitLocker-encrypted

Published: 2024-11-13T19:08:00



The Hacker News

Comprehensive Guide to Building a Strong Browser Security Program

The rise of SaaS and cloud-based work environments has fundamentally altered the cyber risk landscape. With more than 90% of organizational network traffic flowing through browsers and web applications, companies are facing new and serious cybersecurity threats. These include phishing attacks, data leakage, and malicious extensions. As a result, the browser also becomes a vulnerability that

Published: 2024-11-13T16:30:00



The Hacker News

OvrC Platform Vulnerabilities Expose IoT Devices to Remote Attacks and Code Execution

A security analysis of the OvrC cloud platform has uncovered 10 vulnerabilities that could be chained to allow potential attackers to execute code remotely on connected devices. "Attackers successfully exploiting these vulnerabilities can access, control, and disrupt devices supported by OvrC; some of those include smart electrical power supplies, cameras, routers, home automation systems, and

Published: 2024-11-13T14:58:00



The Hacker News

Iranian Hackers Use "Dream Job" Lures to Deploy SnailResin Malware in Aerospace Attacks

The Iranian threat actor known as TA455 has been observed taking a leaf out of a North Korean hacking group's playbook to orchestrate its own version of the Dream Job campaign targeting the aerospace industry by offering fake jobs since at least September 2023. "The campaign distributed the SnailResin malware, which activates the SlugResin backdoor," Israeli cybersecurity company ClearSky said

Published: 2024-11-13T12:44:00



The Hacker News

Microsoft Fixes 90 New Flaws, Including Actively Exploited NTLM and Task Scheduler Bugs

Microsoft on Tuesday revealed that two security flaws impacting Windows NT LAN Manager (NTLM) and Task Scheduler have come under active exploitation in the wild. The security vulnerabilities are among the 90 security bugs the tech giant addressed as part of its Patch Tuesday update for November 2024. Of the 90 flaws, four are rated Critical, 85 are rated Important, and one is rated Moderate in

Published: 2024-11-13T12:44:00



The Hacker News

New Flaws in Citrix Virtual Apps Enable RCE Attacks via MSMQ Misconfiguration

Cybersecurity researchers have disclosed new security flaws impacting Citrix Virtual Apps and Desktop that could be exploited to achieve unauthenticated remote code execution (RCE) The issue, per findings from watchTowr, is rooted in the Session Recording component that allows system administrators to capture user activity, and record keyboard and mouse input, along with a video stream of the

Published: 2024-11-12T19:31:00



The Hacker News

New Phishing Tool GoIssue Targets GitHub Developers in Bulk Email Campaigns

Cybersecurity researchers are calling attention to a new sophisticated tool called GoIssue that can be used to send phishing messages at scale targeting GitHub users. The program, first marketed by a threat actor named cyberdluffy (aka Cyber D' Luffy) on the Runion forum earlier this August, is advertised as a tool that allows criminal actors to extract email addresses from public GitHub

Published: 2024-11-12T19:30:00



The Hacker News

North Korean Hackers Target macOS Using Flutter-Embedded Malware

Threat actors with ties to the Democratic People's Republic of Korea (DPRK aka North Korea) have been found embedding malware within Flutter applications, marking the first time this tactic has been adopted by the adversary to infect Apple macOS devices. Jamf Threat Labs, which made the discovery based on artifacts uploaded to the VirusTotal platform earlier this month, said the Flutter-built

Published: 2024-11-12T18:30:00



The Hacker News

5 Ways Behavioral Analytics is Revolutionizing Incident Response

Behavioral analytics, long associated with threat detection (i.e. UEBA or UBA), is experiencing a renaissance. Once primarily used to identify suspicious activity, it’s now being reimagined as a powerful post-detection technology that enhances incident response processes. By leveraging behavioral insights during alert triage and investigation, SOCs can transform their workflows to become more

Published: 2024-11-12T16:30:00



The Hacker News

New Ymir Ransomware Exploits Memory for Stealthy Attacks; Targets Corporate Networks

Cybersecurity researchers have flagged a new ransomware family called Ymir that was deployed in an attack two days after systems were compromised by a stealer malware called RustyStealer. "Ymir ransomware introduces a unique combination of technical features and tactics that enhance its effectiveness," Russian cybersecurity vendor Kaspersky said. "Threat actors leveraged an unconventional blend

Published: 2024-11-12T11:30:00



The Hacker News

THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 04 - Nov 10)

Imagine this: the very tools you trust to protect you online your two-factor authentication, your car’s tech system, even your security software turned into silent allies for hackers. Sounds like a scene from a thriller, right? Yet, in 2024, this isn’t fiction; it’s the new cyber reality. Today’s attackers have become so sophisticated that they’re using our trusted tools as secret pathways,

Published: 2024-11-11T17:27:00



The Hacker News

New GootLoader Campaign Targets Users Searching for Bengal Cat Laws in Australia

In an unusually specific campaign, users searching about the legality of Bengal Cats in Australia are being targeted with the GootLoader malware. "In this case, we found the GootLoader actors using search results for information about a particular cat and a particular geography being used to deliver the payload: 'Are Bengal Cats legal in Australia?,'" Sophos researchers Trang Tang, Hikaru Koike,

Published: 2024-11-11T17:25:00



Security Affairs

Ford data breach involved a third-party supplier

Ford investigates a data breach linked to a third-party supplier and pointed out that its systems and customer data were not compromised. Ford investigation investigated a data breach after a threat actors claimed the theft of customer information on the BreachForums cybercrime. On November 17, threat actors IntelBroker and EnergyWeaponUser published a post on BreachForums […]

Published: 2024-11-20T21:22:09



Security Affairs

Hacker obtained documents tied to lawsuit over Matt Gaetz’s sexual misconduct allegations

A hacker allegedly accessed a file containing testimony from a woman claiming she had sex with Matt Gaetz when she was 17, sparking controversy. The New York Times reported that a hacker, who goes online with the name name Altam Beezley, gained access to files containing confidential testimony from a woman who claims she had […]

Published: 2024-11-20T15:33:01



Security Affairs

Apple addressed two actively exploited zero-day vulnerabilities

Apple released security updates for iOS, iPadOS, macOS, visionOS, and Safari browser to address two actively exploited zero-day flaws. Apple released security updates for two zero-day vulnerabilities, tracked as CVE-2024-44309 and CVE-2024-44308, in iOS, iPadOS, macOS, visionOS, and Safari web browser, which are actively exploited in the wild. The vulnerability CVE-2024-44309 is a cookie management issue […]

Published: 2024-11-20T10:39:57



Security Affairs

Unsecured JupyterLab and Jupyter Notebooks servers abused for illegal streaming of Sports events

Threat actors exploit misconfigured JupyterLab and Jupyter Notebooks servers to rip sports streams and illegally redistribute them. Researchers from security firm Aqua observed threat actors exploiting misconfigured JupyterLab and Jupyter Notebook servers to hijack environments, deploy streaming tools, and duplicate live sports broadcasts on illegal platforms. “threat actors using misconfigured servers to hijack environments for […]

Published: 2024-11-20T07:32:57



Security Affairs

Russian Phobos ransomware operator faces cybercrime charges

Russian Phobos ransomware operator Evgenii Ptitsyn, accused of managing attacks, was extradited from South Korea to the US to face cybercrime charges. Russian Phobos ransomware operator Evgenii Ptitsyn, suspected of playing a key role in the ransomware operations, was extradited from South Korea to the US to face cybercrime charges. According to the DoJ, the […]

Published: 2024-11-19T22:36:29



Security Affairs

China-linked actor’s malware DeepData exploits FortiClient VPN zero-day

Chinese threat actors use custom post-exploitation toolkit ‘DeepData’ to exploit FortiClient VPN zero-day and steal credentials. Volexity researchers discovered a vulnerability in Fortinet’s Windows VPN client that China-linked threat actor BrazenBamboo abused in their DEEPDATA malware. BrazenBamboo is known to be the author of other malware families, including LIGHTSPY, DEEPDATA, and DEEPPOST. DEEPDATA is a […]

Published: 2024-11-19T15:05:27



Security Affairs

U.S. CISA adds Progress Kemp LoadMaster, Palo Alto Networks PAN-OS and Expedition bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Progress Kemp LoadMaster, Palo Alto Networks PAN-OS and Expedition bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: Below are the descriptions of the above vulnerabilities: CVE-2024-1212 is a Progress Kemp LoadMaster […]

Published: 2024-11-19T08:34:02



Security Affairs

Great Plains Regional Medical Center ransomware attack impacted 133,000 individuals

A ransomware attack on Great Plains Regional Medical Center compromised personal data of 133,000 individuals, exposing sensitive information. On September 8, 2024, Great Plains Regional Medical Center (Oklahoma) suffered a ransomware attack. The organization launched an investigation into the incident with the help of a cybersecurity firm. The healthcare center discovered that a threat actor […]

Published: 2024-11-19T07:34:57



Security Affairs

Recently disclosed VMware vCenter Server bugs are actively exploited in attacks

Threat actors are actively exploiting two VMware vCenter Server vulnerabilities tracked as CVE-2024-38812 and CVE-2024-38813, Broadcom warns. Broadcom warns that the two VMware vCenter Server vulnerabilities CVE-2024-38812 and CVE-2024-38813 are actively exploited in the wild. “Updated advisory to note that VMware by Broadcom confirmed that exploitation has occurred in the wild for CVE-2024-38812 and CVE-2024-38813.” […]

Published: 2024-11-18T20:42:17



Security Affairs

Foreign adversary hacked email communications of the Library of Congress says

The Library of Congress discloses the compromise of some of its IT systems, an alleged foreign threat actor hacked their emails. The Library of Congress informed lawmakers about a security breach, an alleged foreign adversary compromised some of their IT systems and gained access to email communications between congressional offices and some library staff, including […]

Published: 2024-11-18T14:51:18



News Packet Storm

CISA Director Jen Easterly To Step Down Jan. 20

Equinox Notifies 21,000 Patients And Staff Of Data Theft

D-Link Tells Users To Trash Old VPN Routers Due To Bug

Helldown Ransomware Evolves To Target VMware Systems Via Linux

Apple Confirms Zero Day Attacks Hitting macOS Systems

Oracle Patches Exploited Agile PLM Zero-Day

Bitcoin Bursts Past $94,000 For The First Time

Palo Alto Sounds Alarm Over PAN-OS Zero Day Attacks

Crooks Snag $250k Wire Payment From AI Biz

US Senate To Hold Panel Hearing On Suspected Chinese Hacking Incidents

Thousands Of IoT Devices Turned Into Residential Proxies

Discontinued GeoVision Products Targeted In Botnet Attacks

Ransomware Attack On Oklahoma Medical Center Impacts 133,000

NSO Operates Its Spyware, Legal Documents Reveal

300 Drinking Systems In US Exposed To Disruptive, Damaging Hacker Attacks

Swiss Cheesed Off As Postal Service Used To Spread Malware

Will Passkeys Ever Replace Passwords? Can They?

Webscout Is Worth Checking Out

Microsoft Power Pages Misconfigurations Exposing Sensitive Data

Palo Alto Networks Confirms New Firewall Zero-Day Exploitation

Fortinet Patches VPN Flaw That Provided Privilege Escalation

Known Brand, Gov Domains Hijacked Via Sitting Ducks Attacks

Man Gets 5 Years For Laundering Crypto From Bitfinex Hack

Five Eyes Infosec Agencies List 2024's Most Exploited Software Flaws

CISA, FBI Confirm China Hacked Telecoms To Spy

SecurityWeek

Risk Intelligence Startup RIIG Raises $3 MillionIndustry Moves for the week of November 18, 2024 - SecurityWeek

Twine Snags $12M for AI-Powered ‘Digital Employees’ Tech

Surf Security Adds Deepfake Detection Tool to Enterprise Browser

D-Link Warns of RCE Vulnerability in Legacy Routers

CISA Warns of Progress Kemp LoadMaster Vulnerability Exploitation

GitHub Launches Fund to Improve Open Source Project Security

Cyera Raises $300 Million at $3 Billion Valuation

Oracle Patches Exploited Agile PLM Zero-Day

Ford Blames Third-Party Supplier for Data Breach

Apple Confirms Zero-Day Attacks Hitting macOS Systems

CISA News

CISA Releases Venue Guide for Security Considerations

CISA Launches New Learning Platform to Enhance Training and Education U.S. Veterans and Other Stakeholders

Joint Statement from FBI and CISA on the People's Republic of China (PRC) Targeting of Commercial Telecommunications Infrastructure

CISA Kicks Off Critical Infrastructure Security and Resilience Month 2024

Statement from CISA Director Easterly on the Security of the 2024 Elections

Joint ODNI, FBI, and CISA Statement

Joint Statement from CISA and EAC in Support of State and Local Election Officials

Joint ODNI, FBI, and CISA Statement on Russian Election Influence Efforts

CISA Releases Its First Ever International Strategic Plan

CISA Launches #PROTECT2024 Election Threat Updates Webpage

CISA Blog

USDA Stops Credential Phishing with FIDO Authentication

CISA’s Vulnerability Management goes “Big” on Interns and the Results are Staggering!

CISA’s ScubaGear Tool Improves Security for Organizations Using M365 and Surpasses 30,000 Downloads

Engaging with Security Researchers: Embracing a “See Something, Say Something” Culture

A Message to Election Officials from CISA Director Jen Easterly

Region 8 Invites You to Secure Our World

CISA Director Jen Easterly Remarks at the Election Center 39th Annual National Conference in Detroit

Learn with Region 8’s Webinar Program

Shaping the legacy of partnership between government and private sector globally: JCDC

SAFECOM and NCSWIC Develop Global Positioning System (GPS) for Public Safety Location Services: Use Cases and Best Practices

All CISA Advisories

USDA Releases Success Story Detailing the Implementation of Phishing-Resistant Multi-Factor Authentication

Apple Releases Security Updates for Multiple Products

2024 CWE Top 25 Most Dangerous Software Weaknesses

CISA and Partners Release Update to BianLian Ransomware Cybersecurity Advisory

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA Releases One Industrial Control Systems Advisory

Mitsubishi Electric MELSEC iQ-F Series

CISA Adds Three Known Exploited Vulnerabilities to Catalog

Siemens OZW672 and OZW772 Web Server

Siemens TeleControl Server

Siemens Engineering Platforms

Baxter Life2000 Ventilation System

2N Access Commander

Rockwell Automation Verve Reporting (Update A)

Siemens SIPORT

CISA Adds Two Known Exploited Vulnerabilities to Catalog

Siemens Mendix Runtime

Hitachi Energy MSM

Siemens SIMATIC CP

Siemens RUGGEDCOM CROSSBOW

Siemens SINEC INS

CISA Releases Nineteen Industrial Control Systems Advisories

Rockwell Automation Arena Input Analyzer

Rockwell Automation FactoryTalk Updater (Update A)

Siemens Spectrum Power 7

Siemens Solid Edge

Siemens SINEC NMS

Siemens SCALANCE M-800 Family

Palo Alto Networks Emphasizes Hardening Guidance

Microsoft Releases November 2024 Security Updates

Exploit-DB.com RSS Feed

[webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)

[webapps] reNgine 2.2.0 - Command Injection (Authenticated)

[webapps] openSIS 9.1 - SQLi (Authenticated)

[webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)

[webapps] NoteMark < 0.13.0 - Stored XSS

[webapps] Gitea 1.22.0 - Stored XSS

[webapps] Invesalius3 - Remote Code Execution

[dos] Windows TCP/IP - RCE Checker and Denial of Service

[webapps] Aurba 501 - Authenticated RCE

[webapps] HughesNet HT2000W Satellite Modem - Password Reset

[webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Device Config Disclosure

[webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass

[webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config

[webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass

[webapps] Helpdeskz v2.0.2 - Stored XSS

[webapps] Calibre-web 0.6.21 - Stored XSS

[webapps] Devika v1 - Path Traversal via 'snapshot_path'

[local] Genexus Protection Server 9.7.2.10 - 'protsrvservice' Unquoted Service Path

[local] SolarWinds Kiwi Syslog Server 9.6.7.1 - Unquoted Service Path

[local] Oracle Database 12c Release 1 - Unquoted Service Path

[webapps] Ivanti vADC 9.9 - Authentication Bypass

[local] Bonjour Service 'mDNSResponder.exe' - Unquoted Service Path Privilege Escalation

[webapps] Xhibiter NFT Marketplace 1.10.2 - SQL Injection

[webapps] Azon Dominator Affiliate Marketing Script - SQL Injection

[webapps] Microweber 2.0.15 - Stored XSS

[webapps] Customer Support System 1.0 - Stored XSS

[webapps] Automad 2.0.0-alpha.4 - Stored Cross-Site Scripting (XSS)

[webapps] SolarWinds Platform 2024.1 SR1 - Race Condition

[webapps] Flatboard 3.2 - Stored Cross-Site Scripting (XSS) (Authenticated)

[webapps] Poultry Farm Management System v1.0 - Remote Code Execution (RCE)

[webapps] Boelter Blue System Management 1.3 - SQL Injection

[webapps] WP-UserOnline 2.88.0 - Stored Cross Site Scripting (XSS) (Authenticated)

[webapps] PHP < 8.3.8 - Remote Code Execution (Unauthenticated) (Windows)

[webapps] AEGON LIFE v1.0 Life Insurance Management System - SQL injection vulnerability.

[webapps] AEGON LIFE v1.0 Life Insurance Management System - Unauthenticated Remote Code Execution (RCE)

[webapps] XMB 1.9.12.06 - Stored XSS

[webapps] Carbon Forum 5.9.0 - Stored XSS

[webapps] AEGON LIFE v1.0 Life Insurance Management System - Stored cross-site scripting (XSS)

[webapps] appRain CMF 4.0.5 - Remote Code Execution (RCE) (Authenticated)

[webapps] CMSimple 5.15 - Remote Code Execution (RCE) (Authenticated)

[webapps] WBCE CMS v1.6.2 - Remote Code Execution (RCE)

[webapps] Monstra CMS 3.0.4 - Remote Code Execution (RCE)

[webapps] Dotclear 2.29 - Remote Code Execution (RCE)

[webapps] Serendipity 2.5.0 - Remote Code Execution (RCE)

[webapps] Sitefinity 15.0 - Cross-Site Scripting (XSS)

[webapps] FreePBX 16 - Remote Code Execution (RCE) (Authenticated)

[webapps] Akaunting 3.1.8 - Server-Side Template Injection (SSTI)

[webapps] Check Point Security Gateway - Information Disclosure (Unauthenticated)

[webapps] Aquatronica Control System 5.1.6 - Information Disclosure

[webapps] changedetection < 0.45.20 - Remote Code Execution (RCE)

Full Disclosure

SEC Consult SA-20241112-0 :: Multiple vulnerabilities in Siemens Energy Omnivise T3000 (CVE-2024-38876, CVE-2024-38877, CVE-2024-38878, CVE-2024-38879)

Security issue in the TX Text Control .NET Server for ASP.NET.

SEC Consult SA-20241107-0 :: Multiple Vulnerabilities in HASOMED Elefant and Elefant Software Updater

Unsafe eval() in TestRail CLI

4 vulnerabilities in ibmsecurity

32 vulnerabilities in IBM Security Verify Access

xlibre Xnest security advisory & bugfix releases

APPLE-SA-10-29-2024-1 Safari 18.1

SEC Consult SA-20241030-0 :: Query Filter Injection in Ping Identity PingIDM (formerly known as ForgeRock Identity Management) (CVE-2024-23600)

SEC Consult SA-20241023-0 :: Authenticated Remote Code Execution in Multiple Xerox printers (CVE-2024-6333)

APPLE-SA-10-28-2024-8 visionOS 2.1

APPLE-SA-10-28-2024-7 tvOS 18.1

APPLE-SA-10-28-2024-6 watchOS 11.1

APPLE-SA-10-28-2024-5 macOS Ventura 13.7.1

APPLE-SA-10-28-2024-4 macOS Sonoma 14.7.1

Open Source Security

CVE-2024-52067: Apache NiFi: Potential Insertion of Sensitive Parameter Values in Debug Log

[kubernetes] CVE-2024-10220: Arbitrary command execution through gitRepo volume

Local Privilege Escalations in needrestart

Fwd: wget-1.25.0 released [fixes CVE-2024-10524]

CVE-2024-31141: Apache Kafka Clients: Privilege escalation to filesystem read-access via automatic ConfigProvider

CVE-2024-52318: Apache Tomcat: Incorrect JSP tag recycling leads to XSS

CVE-2024-52317: Apache Tomcat: Request/response mix-up with HTTP/2

CVE-2024-52316: Apache Tomcat: Authentication bypass when using Jakarta Authentication API

Re: shell wildcard expansion (un)safety

Re: PostgreSQL: 4 CVEs fixed in 17.1, 16.5, 15.9, 14.14, 13.17, 12.21

PostgreSQL: 4 CVEs fixed in 17.1, 16.5, 15.9, 14.14, 13.17, 12.21

CVE-2024-41151: Apache HertzBeat: RCE by notice template injection vulnerability

CVE-2024-45791: Apache HertzBeat: Exposure sensitive token via http GET method with query string

CVE-2024-45505: Apache HertzBeat (incubating): Exists Native Deser RCE and file writing vulnerabilities

CVE-2024-47208: Apache OFBiz: URLs allowing remote use of Groovy expressions, leading to RCE

Ethical Hacking News

The Dark Side of Cryptocurrency: The Rise and Fall of Bitcoin Fog's Money Laundering Empire


Roman Sterlingov, 36, a dual Russian-Swedish national, has been sentenced to 12 years and six months in prison for his role in facilitating money laundering activities between 2011 and 2021 through his cryptocurrency mixing service, Bitcoin Fog.

Published: Sat Nov 9 00:58:56 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Palo Alto Advises Securing PAN-OS Interface Amid Potential Remote Code Execution Vulnerability Concerns



Palo Alto Networks has issued an alert warning customers of a potential remote code execution (RCE) vulnerability in its PAN-OS management interface. This vulnerability, tracked as CVE-2024-5910 with a CVSS score of 9.3, poses significant risks to network security and requires immediate attention from users. Organizations are advised to take proactive steps to secure their networks by following best practices outlined by Palo Alto Networks and staying informed about the latest developments in cybersecurity threats.

Published: Sat Nov 9 02:06:30 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Election Integrity Under Fire: The Dark Side of Far-Right Militias and Cyber threats

Election Integrity Under Fire: The Dark Side of Far-Right Militias and Cyber threats

In recent weeks, a disturbing trend has emerged from the far-right militia movement in the United States. Documents have revealed a history of voter intimidation plans, which pose a significant threat to the integrity of American elections. This article explores the dark side of far-right militias and cyber threats, shedding light on their tactics, impact, and the urgent need for a comprehensive national strategy to safeguard US elections.

Published: Sat Nov 9 06:26:59 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

A New Frontier in Smartphone Security: Apple's Inactivity Reboot Feature Sparks Concerns Over Law Enforcement Access


A new iOS 18 security feature has been introduced, making it significantly more difficult for law enforcement to access data on iPhones that have not been unlocked in a certain period of time. The feature, which has been dubbed "inactivity reboot," causes iPhones to restart and enter a secure state after a four-day period of inactivity, thereby limiting the ability of forensic experts to extract data from these devices.

Published: Sat Nov 9 11:45:48 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Cops Face New Hurdle as Apple Tightens iPhone Security with iOS 18.1 Update

Apple has introduced an update to its iOS operating system that includes a new security feature designed to prevent unauthorized access to iPhones and other devices. The update, which was rolled out recently, introduces an "inactivity reboot" mechanism that restarts a device after approximately four days being in a locked state. This change has significant implications for law enforcement agencies, who rely on iPhones as a critical tool for conducting investigations and gathering evidence.

Published: Sat Nov 9 11:58:58 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Fractured Legacy of Halo: An Examination of the Series' Current State

Can Halo overcome its current struggles and reclaim its place as one of gaming's top franchises? Only time will tell.

Published: Sat Nov 9 13:11:53 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Evolution of Ransomware Tactics: Unpacking the Frag Ransomware Attack

Ransomware groups continue to evolve and adapt their tactics, with the latest Frag ransomware attack highlighting the use of LOLBins as a key component of its strategy. As security teams must stay one step ahead of these threats, the importance of vigilance and proactive defense cannot be overstated.

Published: Sat Nov 9 13:42:22 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Malicious PyPI Package Steals AWS Credentials from Over 37,000 Developers



A malicious Python package has been found on the Python Package Index (PyPI), which has stolen over 37,000 times. The 'fabrice' package exploits typosquatting tactics to obtain AWS credentials using a legitimate SDK for Amazon Web Services. By understanding this threat and taking preventative measures, developers can protect themselves against future attacks.


Published: Sat Nov 9 14:51:04 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Rise of Fake Emergency Data Requests: A Growing Concern for Cybersecurity


The FBI has issued an alert warning of a significant spike in hacked police emails and fake subpoenas, highlighting the need for increased security measures to protect email systems. Fake emergency data requests have become a pressing concern for cybersecurity experts, law enforcement agencies, and technology companies worldwide.

Published: Sat Nov 9 15:05:56 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Mazda Connect Flaws Exposed: A Vulnerability Nightmare for Vehicle Owners

Security experts at Security Affairs have exposed critical vulnerabilities in Mazda's infotainment system, dubbed "Mazda Connect". The findings have left vehicle owners wondering about their safety and the potential consequences of such a vulnerability being exploited. Read more to learn about the critical vulnerabilities identified by Pierluigi Paganini.

Published: Sat Nov 9 17:30:46 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Global Cybersecurity Alert: Salt Typhoon Hack Impacts Telco Providers and Raises Concerns for Employee Phone Use


The U.S. agency has issued an alert warning employees to limit their phone use due to a sophisticated cyber attack on major telco providers known as the Salt Typhoon hack. The hackers gained access to sensitive data, including customer information and proprietary business records, posing significant risks to national security.

Published: Sun Nov 10 05:01:54 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Global Cybersecurity Landscape Evolves with Increasing Sophistication: A Review of Recent Threats and Vulnerabilities

Recent threats and vulnerabilities have highlighted the ongoing threat posed by cybercrime, including APT groups, phishing campaigns, and supply chain attacks.

Published: Sun Nov 10 07:29:57 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Security Breaches and Vulnerabilities: A Global Landscape of Threats

Security breaches and vulnerabilities are a persistent threat in today's digital landscape. From Mazda Connect flaws to ransomware attacks on critical infrastructure, this article highlights the importance of prioritizing security when handling sensitive user information and staying up-to-date with software patches.

Published: Sun Nov 10 07:56:23 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Hackers Take Advantage of Ticketmaster Data Breach: A Growing Concern for Concertgoers

Hackers are taking advantage of Ticketmaster's data breach by stealing tickets from users' accounts, leaving fans feeling vulnerable and anxious about their tickets. The company has implemented some security measures to address the issue, but more needs to be done to protect users' sensitive information.

Published: Sun Nov 10 13:15:15 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Hackers Leverage ZIP File Concatenation to Evade Detection in Phishing Attacks


Hackers are using a new technique to evade detection in phishing attacks by concatenating ZIP files. This approach exploits the different ways that various ZIP parsers handle concatenated ZIP files, making it challenging for security solutions to detect these types of attacks. By understanding this technique and taking steps to defend against it, individuals and organizations can reduce their risk of falling victim to these sophisticated attacks.

Published: Sun Nov 10 18:30:56 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

A Mastermind Behind a Massive Snowflake Breach is Busted by Canadians


A mastermind behind a massive Snowflake breach has been arrested in Canada, bringing an end to his reign of cyber terror. Alexander "Connor" Moucka is believed to be connected to the compromise of at least 165 Snowflake customers, including prominent names such as AT&T and Ticketmaster. The arrest serves as a significant development in the case, highlighting the importance of implementing robust security measures to prevent similar breaches in the future.

Published: Sun Nov 10 21:57:03 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Cybercriminals Leverage Microsoft Excel Exploit to Spread Fileless Remcos RAT Malware via Phishing Campaign


A new phishing campaign exploits a known remote code execution flaw in Microsoft Office to spread fileless variants of the notorious Remcos RAT malware. The attack leverages purchase order-themed lures to trick recipients into opening malicious Excel attachments, highlighting the ongoing evolution of sophisticated cybersecurity threats.

Published: Mon Nov 11 01:14:30 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

A Global Convergence of Cyber Threats: Pro-Russia Actors Intensify Attacks on South Korea Amidst North Korean Troop Deployment


South Korea is facing an intensification of distributed denial-of-service (DDoS) attacks from pro-Russian hacktivist groups, targeting public and private websites. This surge in cyberattacks comes following the decision to monitor North Korean troops in Ukraine, which has raised concerns about potential escalation of conflicts involving multiple nations. The South Korean government plans to enhance cyber threat preparedness through monitoring and ongoing collaboration among relevant agencies.

Published: Mon Nov 11 02:52:41 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Dawn of Autonomous Gun Systems: A Revolutionary Counter-Drone Defense


The US Army has unveiled the Bullfrog, an AI-powered turret capable of precise engagement of airborne targets with minimal ammunition expenditure. This cutting-edge technology marks a significant milestone in the evolution of modern warfare, sparking debates about its potential implications on future military operations.

Published: Mon Nov 11 05:13:52 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Severe Security Flaws in Popular Machine Learning Toolkits Expose Organizations to Server Hijacks and Privilege Escalation


A recent analysis by JFrog has uncovered nearly two dozen security vulnerabilities in popular machine learning (ML) toolkits, exposing organizations to server hijacks and privilege escalation attacks. The most significant vulnerability, CVE-2024-7340, was discovered in the Weave ML toolkit, while others were identified in the Deep Lake AI-oriented database, Vanna.AI library, and Mage AI framework. The severity of these vulnerabilities cannot be overstated, as they can lead to a severe breach of sensitive data and operations.

Published: Mon Nov 11 05:32:38 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

HPE Urges Swift Patching of Critical Aruba Access Point Vulnerabilities to Prevent Remote Code Execution


Hewlett Packard Enterprise (HPE) has released critical security patches to address multiple vulnerabilities impacting Aruba Networking Access Point products, including two critical bugs that could result in unauthenticated command execution. The patches aim to prevent remote code execution by mitigating these high-severity vulnerabilities.

Published: Mon Nov 11 05:54:10 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Dark Web's Crypto Laundry Kingpin Falls: A Case Study of Bitcoin Fog's Demise

A Russian-Swedish national has been sentenced to 12 years and six months in US prison for operating one of the longest-running money laundering machines on the dark web. Bitcoin Fog's demise marks a significant blow to those who facilitate criminal activity on the dark web, but experts note that other services will likely fill the gap.

Published: Mon Nov 11 07:16:21 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

New Wave of Cyber Threats: A Comprehensive Analysis of Emerging Malware and Exploits


A new wave of sophisticated cyber threats has emerged, with AndroxGh0st malware integrating with the Mozi botnet, ToxicPanda targeting banks in Europe and Latin America, VEILDrive exploiting Microsoft services, and CRON#TRAP spreading across Windows systems. These exploits underscore the need for increased vigilance and proactive measures to protect against emerging threats.

Published: Mon Nov 11 07:33:18 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Impact of Automated Security Validation on Cybersecurity Leaders: A Success Story

DTCC's implementation of Automated Security Validation has shown significant benefits for the organization, including improved productivity, reduced risk, and enhanced employee retention. This success story highlights the importance of embracing automation in cybersecurity and explores the key considerations for securing a budget for secure validation.

Published: Mon Nov 11 07:49:14 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Halliburton's Ransomware Nightmare: A $35 Million Price Tag for a Cybersecurity Breach

Halliburton has revealed that an August ransomware attack led to $35 million in losses after the breach caused the company to shut down IT systems and disconnect customers. The RansomHub ransomware gang was responsible for the attack, which stole data from Halliburton's network.

Published: Mon Nov 11 09:31:44 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

A New Wave of Fileless Malware Threatens Global Security: The Rise of Remcos RAT

A new variant of the commercial RAT tool known as Remcos has been discovered in a phishing campaign, posing significant risks due to its stealthy and fileless nature. As threat actors continue to evolve their tactics, it is essential for organizations to stay vigilant and implement robust cybersecurity measures.

Published: Mon Nov 11 09:49:55 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Halliburton's $35 Million Ransomware Loss Exposes the Industry's Reliance on Cybersecurity


Halliburton has revealed that a ransomware attack in August 2024 resulted in a $35 million loss, exposing the industry's reliance on cybersecurity. The attack, attributed to the RansomHub ransomware gang, forced the company to shut down its IT infrastructure and disconnect customers' systems. The incident highlights the importance of robust cybersecurity measures and incident response planning for organizations operating in high-risk industries.

Published: Mon Nov 11 11:04:54 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Rise of Emergency Data Requests: A Growing Concern for Cybersecurity


The FBI has issued a warning about the growing trend of crooks stealing data using government emails, specifically through emergency data requests (EDRs). This phenomenon has been on the rise since August 2023, with a significant increase in fraudulent requests being sent to US businesses and law enforcement agencies. As cybercriminals become more sophisticated in their tactics, it is essential for organizations to stay vigilant and proactive in mitigating risks. The FBI recommends developing a close relationship with local field offices, reviewing incident response plans, and adopting critical thinking when receiving EDRs.

Published: Mon Nov 11 11:13:53 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Rise of Sophisticated Malware Campaigns: GootLoader's Latest Targeting of Innocent Users



A new malware campaign known as GootLoader has been identified by Sophos researchers, targeting innocent users who search for specific information on search engines. The campaign uses SEO poisoning tactics to deliver a loader for other malware families, including GootKit, an information stealer and remote access trojan (RAT). This latest development highlights the ongoing evolution of cyber threats and the need for users to be vigilant when searching online.



Published: Mon Nov 11 12:52:55 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

AAmazon Data Breach: A Cautionary Tale of Vendor Vulnerabilities

Amazon confirms employee data breach after vendor hack, highlighting the ongoing struggle between robust security protocols and vulnerabilities in third-party systems.

Published: Mon Nov 11 14:12:44 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

A Mysterious Data Breach Exposes Amazon Employee Contact Information: A Cautionary Tale of Cybersecurity Vulnerabilities

A major tech company has confirmed that a data breach occurred, exposing the personal contact information of its employees. The breach, which appears to be related to a security vulnerability discovered last year, raises concerns about the company's ability to prevent data breaches and highlights the ongoing threat of cyberattacks.

Published: Mon Nov 11 15:19:01 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Revolutionizing Human Perception: The Breakthrough Haptic Patch Technology


Revolutionizing Human Perception: The Breakthrough Haptic Patch Technology

Scientists at Northwestern University have developed a revolutionary new patch that can transmit sensations to the skin, allowing people to feel tactile information even when they are blindfolded. This technology has far-reaching implications for virtual reality, gaming, and assistive devices for individuals with vision impairments. Learn more about this groundbreaking innovation and its potential impact on our daily lives.

Published: Mon Nov 11 15:33:05 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

New Ymir Ransomware Family Partners with RustyStealer to Spread Malicious Operations


The emergence of Ymir ransomware marks a significant development in the collaboration between malware families used by cybercrime groups. Partnering with RustyStealer, Ymir has evolved into an even more potent threat due to its advanced evasion techniques and use of information stealers as access brokers. With this partnership, users must ensure their security measures are updated to counter the evolving landscape of ransomware attacks.

Published: Mon Nov 11 17:03:04 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Hot Topic Data Breach Exposes 57 Million Customers' Personal Information


A massive data breach has exposed 57 million Hot Topic customers' personal information. The incident is believed to have occurred in October 2024 and includes sensitive data such as email addresses, phone numbers, physical addresses, and partial credit card details. Follow our article to learn more about the breach, its possible causes, and how you can protect yourself.


Published: Mon Nov 11 17:09:49 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

A Global Threat Landscape: Cybercrime on the Rise

Amazon's recent data breach highlights the growing threat of zero-day exploits and the need for organizations to prioritize cybersecurity measures. The incident, which exposed over 2.8 million records containing employee data, underscores the increasing sophistication and frequency of cybercrimes.

Published: Mon Nov 11 17:36:11 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

New Ymir Ransomware Exploits Memory for Stealthy Attacks; Targets Corporate Networks



The Ymir ransomware variant has emerged as a significant development in contemporary cyber threats, leveraging memory management functions to evade detection and increase its stealth capabilities. With the rise of new variants like AndroxGh0st Malware Integrates Mozi Botnet to Target IoT and Cloud Services and VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware, organizations must prioritize robust cybersecurity defenses against emerging threats. Staying informed about these evolving risks is crucial for maintaining the security of corporate networks.



Published: Tue Nov 12 02:04:47 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Age of Inescapable Surveillance: How to Protect Yourself from a Trump-Driven America

As Donald Trump takes the reins of power in America, the prospect of government overreach and technological snooping becomes an ever-present concern. Learn how to protect yourself from this tidal wave of surveillance with these expert-recommended strategies for safeguarding your digital privacy.

Published: Tue Nov 12 05:45:15 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Masked Protester: A Looming Threat to Free Speech

The mask ban at protests has sparked heated debates among civil rights advocates, law enforcement officials, and lawmakers, with some arguing that such measures are necessary to hold protesters accountable, while others contend that they will only serve to chill free speech and open protesters up to harassment by political opponents.

Published: Tue Nov 12 06:08:09 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Behavioral Analytics: The New Frontier in Incident ResponseThe Hacker News


Behavioral Analytics is Back: How It's Revolutionizing Incident Response and SOC Investigation
The use of behavioral analytics in cybersecurity has seen a resurgence in recent years, as organizations look for ways to improve their incident response processes. Once primarily used for threat detection, it is now being reimagined as a powerful post-detection technology that enhances the accuracy, efficiency, and impact of Security Operations Center (SOC) investigations. This article will explore five key ways behavioral analytics is revolutionizing incident response, helping security teams respond with greater speed and precision.


Published: Tue Nov 12 06:31:56 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

New Security Feature Raises Concerns: Apple's "Inactivity Reboot" Feature Automatically Reboots Locked Devices

Apple's "inactivity reboot" feature raises concerns over security and law enforcement in forensic analysis settings where iPhones await examination. The feature aims to enhance data security by erasing sensitive information from memory, but its potential impact on current tools used for forensic analysis is a pressing issue that requires immediate attention.

Published: Tue Nov 12 07:05:59 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

A New Stealthy Threat Emerges: The Ymir Ransomware


A new stealthy threat has emerged in the form of the Ymir ransomware, a malware family that has been making waves in the cybercrime world. This article provides an in-depth look at the Ymir ransomware, its detection-evasion features, and the evolving nature of cybercrime threats.

Published: Tue Nov 12 07:26:56 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

A Dark Chapter in the History of Cybersecurity: The MOVEit Vulnerability and its Devastating Consequences

A major data breach has occurred at Amazon, exposing employee information from various organizations, including Amazon itself. The breach is linked to the MOVEit vulnerability, a critical bug discovered in 2023. The level of detail provided by the breach raises concerns about potential security threats and highlights the importance of keeping software up-to-date and patching vulnerabilities in a timely manner.

Published: Tue Nov 12 09:09:53 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Erosion of Personal Privacy: How Technology is Compromising Our Most Fundamental Rights


The use of technology has led to a significant erosion of personal privacy, with smartphones, cryptocurrencies, and digital payment systems posing a threat to individuals' right to anonymity. As law enforcement agencies become increasingly sophisticated in their ability to track and analyze data, experts are urging individuals to take steps to protect themselves, including using alternative forms of payment or specialized tools like Faraday bags.

Published: Tue Nov 12 09:24:38 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

New Citrix Vulnerability Exposed: Misconfigured MSMQ Allows RCE via BinaryFormatter


A recent discovery has exposed a critical vulnerability in Citrix Virtual Apps and Desktops that could be exploited to achieve unauthenticated remote code execution (RCE) through misconfigured MSMQ instances. The issue highlights the importance of ensuring sensitive services are properly secured and not exposed unnecessarily. Organizations must take immediate action to address this vulnerability and secure their systems against potential attacks.

Published: Tue Nov 12 09:32:34 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

New Phishing Tool GoIssue Targets GitHub Developers in Bulk Email Campaigns: A Threat to Cybersecurity

A new phishing tool called GoIssue has emerged, targeting GitHub developers in bulk email campaigns. The threat actor behind the tool claims it offers precision and power for reaching specific audiences or expanding outreach. As a result, there is an increased risk of successful breaches, data theft, and compromised projects among thousands of developers.

Published: Tue Nov 12 09:40:01 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

North Korean Hackers Utilize Flutter-Embedded Malware to Infiltrate Apple macOS Devices


North Korean hackers have successfully embedded malware within Flutter applications, marking a new tactic in their efforts to infiltrate Apple macOS devices. The malicious code was identified by Jamf Threat Labs, which noted that the threat actors are using social engineering techniques to achieve their objectives. This discovery highlights the evolving threat landscape of cybersecurity and underscores the importance of staying vigilant and adopting proactive measures to protect against emerging threats.

Published: Tue Nov 12 10:00:49 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

FBI, CISA, and NSA Unveil Most Exploited Vulnerabilities of 2023: A Wake-Up Call for Organizations Worldwide


FBI, CISA, and NSA Unveil Most Exploited Vulnerabilities of 2023: A Wake-Up Call for Organizations Worldwide

A joint advisory from the FBI, CISA, and NSA has highlighted the most exploited vulnerabilities of 2023, serving as a stark reminder to organizations worldwide to prioritize patch management and bolster their defenses against increasingly sophisticated cyber threats. Learn more about the top 15 vulnerabilities and what organizations can do to stay ahead of emerging threats.

Published: Tue Nov 12 12:12:34 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Revival of the KV-Botnet: A Rebuilding Effort by Chinese State-Sponsored Hacking Group Volt Typhoon Following FBI Disruption

Chinese state-sponsored hacking group Volt Typhoon has successfully rebuilt its KV-Botnet malware botnet following a disruption by law enforcement, posing a significant threat to global cybersecurity. The rebuilding effort indicates that the Chinese hackers remain determined in their pursuit of infiltrating critical networks and maliciously exploiting vulnerable devices.

Published: Tue Nov 12 12:21:06 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

North Korean Hackers' Sophisticated Attack on macOS Security: A New Frontier in Malware Development


North Korean hackers have been using Flutter-based apps to bypass the security features of Apple's macOS operating system. The attacks were discovered through analysis of six malicious applications built with Google's Flutter framework. This revelation marks a new frontier in malware development, as it showcases the level of sophistication and creativity employed by nation-state actors.

Published: Tue Nov 12 12:32:07 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Citrix Virtual Apps and Desktops Vulnerability: A Serious Security Threat to Enterprise Networks


Citrix's Virtual Apps and Desktops solution has been hit with a new security vulnerability that allows attackers to gain unauthorized access to sensitive data and escalate privileges on the system. The vulnerability, identified as CVE-2024-8068, is considered serious and organizations should take immediate action to patch their systems.

Published: Tue Nov 12 12:44:58 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Managing Third-Party Risks in Complex IT Environments: A Crucial Step Towards Ensuring Organizational Security


A recent webinar by SailPoint aims to provide actionable insights into securing an organization's data and systems against third-party access threats. By adopting best practices for managing third-party risks, IT managers and security professionals can reduce the likelihood of data breaches and minimize financial losses.

Published: Tue Nov 12 12:51:36 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Cyber Threats on the Rise: A Global Landscape of Attacks and Breaches

As the threat landscape continues to evolve, organizations must take proactive steps to protect themselves against emerging threats. With an estimated $6 trillion in global costs expected by 2023, it is clear that cybercrime poses a significant challenge for governments and individuals alike.

Published: Tue Nov 12 13:19:06 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

November 2024 Patch Tuesday Security Update Roundup: Four Zero-Days Fixed


November 2024 Patch Tuesday has addressed a total of 91 security vulnerabilities, including four critical zero-day exploits. The update aims to fix multiple flaws in various Windows components and services, including the SMBv3 client and server, Windows Task Scheduler, and Windows Telephony Service. Learn more about the patches included in this month's update.



Published: Tue Nov 12 15:10:04 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Ahold Delhaize's US Grocery Chain Embroiled in Widespread Cybersecurity Crisis Amid Ongoing Outages


Ahold Delhaize, a multinational retail company that operates grocery stores under various brand names across the United States, has been experiencing a prolonged cybersecurity crisis. The situation has resulted in outages at numerous locations, with varying degrees of impact on services and operations. With nearly 2,000 stores affected and an estimated 1,000 belonging to Food Lion alone, this incident underscores the ongoing vulnerability of retail operations in the digital age.

Published: Tue Nov 12 15:29:11 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Ahold Delhaize Cyber Incident: A Complex Web of Consequences for the Multinational Retail Giant

Ahold Delhaize, a multinational retail giant, has faced a significant cyber incident affecting several of its US brands, including Giant Food, Hannaford, pharmacies, and e-commerce services. The company has acknowledged the impact of the incident but assures customers that all brand stores remain open and serving customers. Ahold Delhaize is taking proactive measures to assess and mitigate the problem and protect its customers from potential cyber threats.

Published: Tue Nov 12 15:50:36 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Micrsoft's November 2024 Patch Tuesday: A Multifaceted Threat Landscape

Microsoft has released its November 2024 Patch Tuesday with fixes for at least 89 security vulnerabilities in Windows operating systems and other software. The update includes patches for two zero-day vulnerabilities already being exploited by attackers, highlighting the ongoing importance of staying up-to-date with security patches.

Published: Tue Nov 12 17:13:46 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Shadowy Snowflake Hackers: A Web of Deceit and Data Exploitation

Two Canadian and American hackers have been indicted on 20 counts of conspiracy, computer fraud and abuse, wire fraud, and aggravated identity theft in connection with a high-profile cyber attack on multiple organizations' Snowflake-hosted cloud environments. The alleged hackers exploited vulnerabilities to steal sensitive data and extort ransoms from their victims, with at least three paying $2.5 million to have their data returned.

Published: Tue Nov 12 17:21:44 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

National Guard Discord Leaker Receives Lenient Sentence Despite Compromising National Security

Jack Teixeira, a former Air National Guard member, has been sentenced to 15 years in prison for leaking classified military information on Discord. The case highlights the dangers of unchecked access to sensitive information and the need for vigilance in protecting national security.

Published: Tue Nov 12 18:37:28 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

A National Security Breach of Epic Proportions: The Case of Jack Teixeira, a 22-Year-Old Air National Guardsman

A former Air National Guardsman has been sentenced to 15 years in prison for leaking classified American military secrets on Discord, highlighting the importance of adhering to protocols regarding sensitive information and the need for vigilance in safeguarding national security.

Published: Tue Nov 12 18:49:26 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Micrsoft's Patch Tuesday: A Gauntlet of Vulnerabilities for Windows Users

Microsoft has released 89 patches for various security vulnerabilities, including two currently under active attack, as part of its latest Patch Tuesday. Users are advised to address these issues promptly to prevent potential security breaches.

Published: Tue Nov 12 20:05:20 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Volt Typhoon's Resurgence: A New Wave of Chinese Cyber Espionage Threatens Global Critical Infrastructure


China's Volt Typhoon crew has resurfaced with a vengeance, compromising critical infrastructure networks and launching devastating cyberattacks. A new wave of Chinese cyber espionage threatens global critical infrastructure, highlighting the need for organizations to prioritize cybersecurity and stay vigilant in the face of evolving threats.

Published: Tue Nov 12 20:16:47 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

MICROSOFT PATCH TUESDAY SECURITY UPDATES: TWO ACTIVELY EXPLOITED ZERO-DAYS FIXED IN NOVEMBER 2024

Microsoft Patch Tuesday security updates for November 2024 fix two actively exploited zero-days in Android devices and Linux clients. These vulnerabilities allow attackers to gain unauthorized access to sensitive information, including user IP addresses.

Published: Tue Nov 12 20:36:33 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

MICROSOFT UNVEILS 90 NEW SECURITY PATCHES, INCLUDING ACTIVELY EXPLOITED NTLM AND TASK SCHEDULER VULNERABILITIES


Microsoft has released 90 new security patches, including actively exploited vulnerabilities in NTLM and Task Scheduler. The update addresses a range of critical vulnerabilities, including remote code execution flaws and elevation of privilege vulnerabilities. Organizations are advised to prioritize patching these vulnerabilities as soon as possible to prevent potential exploitation.

Published: Wed Nov 13 02:08:42 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Iranian Hackers Employ "Dream Job" Lures to Wreak Havoc on Aerospace Industry with SnailResin Malware

TA455, a Iranian threat actor believed to be affiliated with the Islamic Revolutionary Guard Corps (IRGC), has been linked to a series of targeted attacks on aerospace industry professionals using fake job opportunities and the SnailResin malware. This campaign marks a significant escalation in the group's activities and highlights the need for organizations in the industry to enhance their security measures.

Published: Wed Nov 13 03:24:09 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The OvrC Platform Vulnerabilities Expose IoT Devices to Remote Attacks and Code Execution



A recent security analysis has uncovered 10 vulnerabilities in the OvrC platform, exposing IoT devices to remote attacks and code execution. The discovery highlights the need for greater vigilance and cooperation among manufacturers, cloud service providers, and regulatory agencies to secure these vulnerable platforms.



Published: Wed Nov 13 06:07:50 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Looming Surveillance State: ICE's Mass Deportation Plan Takes Shape

ICE is expanding its surveillance apparatus to monitor millions of non-detained individuals awaiting deportation hearings, sparking concerns about civil liberties, data collection, and individual freedoms. The agency's plan, outlined in a recent notice, seeks contractors to deploy technology and personnel to monitor these individuals under the new Release and Reporting Management (RRM) program.

Published: Wed Nov 13 07:32:56 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

A Comprehensive Roadmap for Building a Strong Browser Security Program


In an era where cybersecurity threats are becoming increasingly sophisticated and prevalent, it is imperative for organizations to adopt proactive measures to safeguard their digital assets. A comprehensive browser security program is essential to address the growing threat landscape and mitigate emerging risks. This article provides a detailed roadmap for CISOs and security teams to establish effective browser security programs.

Published: Wed Nov 13 07:41:09 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

New ShrinkLocker Ransomware Decryptor: A Breakthrough in Restoring BitLocker Passwords

New ShrinkLocker ransomware decryptor: A breakthrough in restoring BitLocker passwords has been made possible by researchers at Bitdefender, giving victims a new hope of recovering their data from the malware.

Published: Wed Nov 13 08:52:51 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Cybersecurity Forecast 2025: Navigating the Evolving Threat Landscape with Caution


Google Cloud's Cybersecurity Forecast 2025 Report Reveals Emerging Threats to Expect in the Coming Year
The report highlights key trends and threats that organizations can anticipate facing in the year ahead, including the increasing use of AI for sophisticated attacks and the growing threat of ransomware and multifaceted extortion.


Published: Wed Nov 13 09:00:10 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

NordPass Black Friday Deal: A Comprehensive Guide to Cybersecurity Savings


In a major move, NordPass is offering an unbeatable Black Friday deal that promises to revolutionize cybersecurity for millions of users worldwide. With discounts up to 44% off the regular price, individuals can secure a Premium subscription to NordPass or bundle it with NordVPN at an unprecedented low cost. Don't miss out on this incredible opportunity to elevate your digital security!

Published: Wed Nov 13 10:20:29 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Hamas-Affiliated Group Expands Malicious Activities to Disrupt Israeli Entities


A Hamas-affiliated group known as WIRTE has expanded its malicious activities beyond espionage to carry out disruptive attacks against Israeli entities, targeting other countries in the region. The threat actor's use of sophisticated malware tools, including the SameCoin wiper, highlights the need for increased vigilance and cooperation between countries to counter these types of threats.

Published: Wed Nov 13 10:33:40 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

ShrinkLocker Ransomware: A New Threat to Data Protection


In a recent development that has sent shockwaves through the cybersecurity community, Romanian cybersecurity company Bitdefender has released a free decryptor for victims of the ShrinkLocker ransomware. This malicious software was designed to be simple yet effective, using Microsoft's native BitLocker utility to encrypt files as part of extortion attacks targeting Mexico, Indonesia, and Jordan.

Published: Wed Nov 13 10:43:16 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Zoom Addresses High-Severity Vulnerabilities in Video Conferencing Platform


Zoom addressed two high-severity issues in its platform that could allow remote attackers to escalate privileges or leak sensitive information, including a buffer overflow issue and an improper input validation issue.



Published: Wed Nov 13 11:10:53 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Most Insecure Passwords: A Glimpse into Humanity's Laziness


A recent study by a prominent password manager has shed light on some of the most commonly used – and therefore least secure – passwords in use worldwide, revealing a concerning trend that highlights humanity's propensity for laziness when it comes to protecting personal information. In this article, we will delve into the findings of this study and explore the implications of these results.


Published: Wed Nov 13 12:33:23 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Snowflake Saboteurs: A Complex Web of Cybercrime and Deceit


Two Snowflake hackers have been indicted by US authorities for extorting $2.5 million from three victims through a complex web of cybercrime and deceit. The indictment, which was unsealed last month, reveals the sophisticated tactics employed by Connor Riley Moucka and John Erin Binns to breach over 165 organizations using Snowflake cloud storage services. The case highlights the complexities of modern cybercrime and the importance of collaboration between law enforcement agencies worldwide.

Published: Wed Nov 13 14:12:46 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Critical Vulnerability in End-of-Life D-Link NAS Devices Exposed: A Growing Security Threat

End-of-life D-Link NAS devices are being targeted by attackers due to a newly discovered critical vulnerability. Users of affected devices must take immediate action to secure their systems and protect against exploitation.

Published: Wed Nov 13 14:27:48 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Embargo Ransomware Operation: A New Player in the US Healthcare Cybercrime Scene

Embargo ransomware operation has claimed responsibility for a high-profile breach at American Associated Pharmacies (AAP), allegedly stealing sensitive data from the US pharmacy network. The group's demands, which include payment of $1.3 million for decryption and an additional $1.3 million to keep leaked documents off the web, have sparked concerns about the potential scale and scope of the breach.

Published: Wed Nov 13 15:07:42 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Micrsoft's Task Manager Fix: A Glimpse into the World of Automated Testing and Quality Improvements

Microsoft has recently addressed two long-standing issues plaguing Windows 11 24H2 and Windows Server 2025, including a fix for the Task Manager issue that was introduced in the October 2024 non-security preview update. The fixes were included in KB5046617 and are part of Microsoft's ongoing efforts to improve its quality control processes.

Published: Wed Nov 13 15:18:17 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Hacking Apple's Location-Based Hearing Aid Restrictions: A New Frontier in Digital Security

Three Indian researchers have successfully hacked around Apple's location-based restrictions on its hearing aid features in AirPods Pro 2 earbuds, allowing them to bypass geolocation checks and enable the feature in countries where it is not yet available. The breakthrough comes at a time when Apple's hearing aid features are gaining popularity globally.

Published: Wed Nov 13 15:27:38 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Resurgence of China's Volatile Threat Actor: Unpacking the Volt Typhoon Botnet


The VoltyTyphoon botnet has re-emerged, employing the same core infrastructure and techniques that first came to light in May 2023. The group's activities pose a significant threat to U.S. critical infrastructure networks, highlighting the need for continued vigilance and proactive measures to counter these threats.

Published: Wed Nov 13 15:50:10 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

US Government Officials' Communications Compromised in Recent Telecom Hack: A Growing Concern for Cybersecurity

The US government has confirmed that Chinese hackers have compromised the private communications of a limited number of government officials in recent telecom hack. The breach highlights the growing concern over cybersecurity threats emanating from China and underscores the need for robust measures to protect sensitive information.

Published: Wed Nov 13 17:19:35 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Great B2B Data Breach: Unraveling the Mystery Behind DemandScience's 122 Million Records


The world of business-to-business (B2B) data aggregation has been rocked by a massive breach of 122 million records linked to DemandScience. What led to this incident, and what steps will be taken to rectify the situation? Read on to find out more about the impact of this breach and how it affects individuals and organizations.

Published: Wed Nov 13 17:34:35 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Error Messages on Bleeping Computer: Understanding SQL Server Issues

Summary: A recent visit to Bleeping Computer revealed a concerning trend regarding the Driver Server Level Error, which is attributed to issues with the SQL server used by the host. Users are advised to contact their host immediately to address this problem and prevent further complications.

Published: Wed Nov 13 17:40:18 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

A Broad and Significant Cyber Espionage Campaign: China-Backed Groups Infiltrate US Telcos


The US government has confirmed a significant cyber espionage campaign was conducted by Chinese-backed groups against multiple American telecommunications providers' networks, compromising private communications and stealing customer call records data. This marks an escalation in cyber attacks targeting US telcos and underscores the ongoing threat from China-backed groups that can compromise critical infrastructure with relative ease.

Published: Wed Nov 13 22:12:02 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Bitdefender's ShrinkLocker Ransomware Decryptor: A Breakthrough in Cybersecurity

Bitdefender has released a free decryption tool designed to unlock data encrypted by the notorious ShrinkLocker ransomware, providing victims with a chance to recover their files and regain control over their digital assets.

Published: Wed Nov 13 22:28:01 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Data Broker's Data Breach: 100M+ Records Stolen and Put Up for Sale



A recent data breach has exposed over 100 million records of people's contact details and employment information, which have been stolen or obtained from a data broker and put up for sale by a miscreant. The data includes corporate email addresses, physical addresses, phone numbers, names of employers, job titles, and links to LinkedIn and other social media profiles.

The breach raises questions about the security measures in place to protect sensitive information and the potential consequences for individuals whose personal data has been compromised. This article provides a detailed analysis of the incident, highlighting the importance of data protection and the need for organizations to prioritize transparency, accountability, and robust security measures to prevent similar breaches in the future.



Published: Wed Nov 13 22:45:46 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Swatter in the Shadows: Unmasking the Teen Behind Hundreds of Swatting Attacks


A 18-year-old teenager from Lancaster, California has pleaded guilty to federal charges for making hundreds of fake threats against schools, places of worship, and government buildings across the United States, as part of a nationwide spree of swatting attacks that left police scrambling to respond to numerous false reports of violence.

Published: Wed Nov 13 22:54:37 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

ShrinkLocker Ransomware: A Novel Approach to Encrypting Windows Systems


The ShrinkLocker ransomware has been identified as a novel approach to encrypting Windows systems using BitLocker configurations. Developed by Bitdefender researchers, a decryptor for this strain of malware provides potential relief for victims of these attacks. Understanding the threat posed by ShrinkLocker is crucial in helping organizations protect themselves against future outbreaks.

Published: Wed Nov 13 23:17:39 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

New Zero-Day Exploited to Deploy RAT Malware via NTLM Flaw



New Zero-Day Exploited to Deploy RAT Malware via NTLM Flaw
A newly discovered security flaw in Windows NT LAN Manager (NTLM) was exploited as a zero-day by suspected Russian actors as part of cyber attacks targeting Ukraine. A detailed analysis reveals how this vulnerability was used to deploy the open-source Spark RAT malware and highlights the evolving threat landscape in the cybersecurity world.



Published: Thu Nov 14 01:45:30 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The 15 Most Exploited Flaws: A Wake-Up Call for Organizations to Prioritize Patching and Security


The 15 most exploited flaws have been revealed by Five Eyes nations, highlighting a concerning trend of increased attacks on zero-day exploits. To stay ahead of cyber threats, organizations must prioritize patching and security measures.

Published: Thu Nov 14 03:17:39 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Replacement of Asda's Security Chief Amidst Walmart Tech Divorce: A Tale of IT Transformation and Restructuring

Asda's CISO departure amidst Walmart tech divorce highlights the challenges and complexities of IT transformation programs in retail. Will Asda succeed in its efforts to separate its IT systems from those of its parent company, or will it face continued struggles in this area?

Published: Thu Nov 14 04:34:00 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Looming Shadows of Cybersecurity: A Post-Biden Administration Era


A new era of cybersecurity under Donald Trump promises to reshape the nation's approach to digital threats, with far-reaching implications for industries ranging from finance to healthcare. As the Trump administration prepares to roll back some of Biden's most ambitious initiatives, policymakers must navigate a complex web of competing priorities and interests in order to safeguard national security and protect American citizens from the ever-evolving threat landscape.

Published: Thu Nov 14 04:46:52 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

New Attack Vector: RustyAttr Malware Exploits macOS Weaknesses Through Extended Attribute Abuse


A new malware campaign dubbed RustyAttr has been discovered targeting macOS systems through extended attribute abuse. With its sophisticated techniques and decoy mechanisms, this threat vector poses significant challenges to security professionals. Understanding the implications of this attack and implementing necessary measures to protect against it is vital for maintaining effective cybersecurity defenses.

Published: Thu Nov 14 04:58:16 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Cybersecurity Breach Hits Children's Shoemaker Start-Rite: A Repeated Offense Against Customer Trust

Start-Rite, a children's shoemaker, has been embroiled in yet another cybersecurity breach, exposing customer payment card details. This marks the company's second significant lapse in eight years, raising questions about the effectiveness of its security measures and the need for heightened vigilance among customers to protect themselves from potential fraud.

Published: Thu Nov 14 06:37:24 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

NatWest's Bold Move: Blocking Bevy of Messaging Apps to Enhance Cybersecurity

NatWest, a prominent British banking and insurance giant, has taken a proactive step towards bolstering its cybersecurity by formally banning a wide array of messaging apps on company-issued devices. The move comes as a surprise to many, given the growing concern over the use of such communication channels for discussing sensitive business matters.

Published: Thu Nov 14 06:58:23 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Five BCDR Oversights That Leave Your Business Vulnerable to Ransomware Attacks

Don't let these five BCDR oversights leave your business vulnerable to devastating ransomware attacks. Learn how to develop a comprehensive disaster recovery plan and stay one step ahead of evolving threats in this expert guide.

Published: Thu Nov 14 07:07:39 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

TikTok Pixel Privacy Nightmare: A Case Study of Data Breach Lurking Behind a Misconfigured Third-Party Partner


A recent case study reveals how a well-intentioned but misconfigured third-party partner led to a GDPR breach on an online travel marketplace, showcasing the importance of adhering to data protection regulations and implementing proactive security measures. The incident highlights the risks associated with misconfigured tracking pixels and the need for companies to stay vigilant in protecting user data.

Published: Thu Nov 14 07:15:55 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Google Warns of Rising Cloaking Scams, AI-Driven Fraud, and Crypto Schemes

Google has issued a stern warning to its users regarding the growing threat of cloaking scams, AI-driven fraud, and cryptocurrency schemes. The tech giant has revealed that bad actors are leveraging advanced techniques such as landing page cloaking to impersonate legitimate sites and conduct scams by creating a sense of urgency among users.

Published: Thu Nov 14 09:53:26 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

A Dark Web Extortionist Brought to Justice: A Glimpse into the Sinister World of Cybercrime

A 45-year-old man has been sentenced to ten years in prison for hacking at least 19 organizations in the United States, stealing personal data of over 132,000 people, and making multiple extortion attempts.

Published: Thu Nov 14 11:23:16 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Hackers Leverage macOS Extended File Attributes to Evade Detection: A New Twist on Malware Delivery


Hackers have found a novel way to evade detection by exploiting macOS extended file attributes, hiding malicious code within custom file metadata. Researchers attribute this technique to the Lazarus Group, a well-known North Korean threat actor. This new approach is particularly effective against detection, making it essential for users to stay vigilant and keep their systems up-to-date with the latest security patches.

Published: Thu Nov 14 11:36:51 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

New 'Sitting Ducks' Attack Scheme Leaves Thousands of Legitimate Domains Exposed to Malicious Actors

Experts at Infoblox have revealed that nearly 800,000 vulnerable registered domains have been identified over the past three months, with approximately 9% (70,000) of these domains being hijacked by malicious actors using the "Sitting Ducks" attack scheme. This alarming finding highlights the vulnerability of legitimate domains to exploitation by cybercriminals and the importance of continuous monitoring to detect and prevent such attacks.

Published: Thu Nov 14 14:14:20 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Shadowy World of Chinese Cyber Espionage: A Threat to National Security


A recent breach by China-linked threat actors has compromised multiple telecos and spied on a limited number of U.S. government officials, raising significant concerns about national security. The FBI and CISA are investigating the breach, which is believed to be linked to the Salt Typhoon group. This incident highlights the ongoing threat of Chinese cyber espionage and underscores the need for proactive measures to protect against these types of attacks.

Published: Thu Nov 14 14:33:55 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

New Glove Stealer Malware Bypasses Chrome's Cookie Encryption


Glove Stealer, a new information-stealing malware, has been discovered by security researchers for its ability to bypass Google Chrome's Application-Bound encryption and steal sensitive browser cookies. This threat highlights the ongoing evolution of cybersecurity risks and underscores the importance of staying vigilant against emerging threats.


Published: Thu Nov 14 15:43:11 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Cybercrook Behind Bars: A 10-Year Sentence for a Serial Hacker's Crimes

A notorious cybercrook has been sentenced to 10 years in prison for his numerous crimes against medical facilities and individuals. The sentence marks an important milestone in the fight against cybercrime, highlighting the ongoing struggle against cyber threats.

Published: Thu Nov 14 15:57:04 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

CISA Warns of Additional Palo Alto Networks Vulnerabilities Exploited in Wild Attacks



CISA Warns of Additional Palo Alto Networks Vulnerabilities Exploited in Wild Attacks

Recently, the United States Cybersecurity and Infrastructure Security Agency (CISA) released a statement informing the public about two additional critical security vulnerabilities found in Palo Alto Networks' Expedition migration tool. This alarming news comes as part of CISA's ongoing efforts to educate the nation on the current cybersecurity landscape.

The first vulnerability allows attackers to inject arbitrary commands into unpatched systems running the Expedition migration tool, while the second vulnerability enables attackers to access sensitive information such as usernames, cleartext passwords, device configurations, and even API keys of PAN-OS firewalls.

In light of this new information, it is crucial for organizations to take immediate action to patch their systems and protect themselves from these vulnerabilities.



Published: Thu Nov 14 17:27:23 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Fortinet VPN Flaw: A Privilege Escalation Vulnerability with Devastating Consequences


A critical vulnerability has been discovered in Fortinet's FortiClient VPN application, which could potentially allow a low-privilege rogue user or malware to gain higher privileges from another user, execute code and possibly take over the box. The bug, tracked as CVE-2024-47574, earned a 7.8 out of 10 CVSS severity rating.

Published: Thu Nov 14 17:37:47 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Hacking the Unpatched: The Looming Threat of CVE-2024-10914 on D-Link NAS Devices

Hackers are now exploiting a critical vulnerability in legacy D-Link NAS devices that was recently disclosed. The CVE-2024-10914 flaw allows remote OS command injection, making it a potential threat to millions of devices worldwide.

Published: Thu Nov 14 19:04:36 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Resurgence of a Notorious Hacker: An Exclusive Interview with Mikhail "Mike" Shefel, aka Rescator


The Resurgence of a Notorious Hacker: An Exclusive Interview with Mikhail "Mike" Shefel, aka Rescator
In an exclusive interview, KrebsOnSecurity reveals the truth behind the identity of the notorious hacker known as Rescator, who was responsible for stealing payment card data from Target and Home Depot in 2013. Meet Mikhail "Mike" Shefel, a Russian cybercriminal with a troubled past and a penchant for evading detection.


Published: Thu Nov 14 23:25:30 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

CISA Warns of Active Exploitation of Two Vulnerabilities in Palo Alto Networks Expedition Firewalls


CISA has issued a warning about the active exploitation of two vulnerabilities in Palo Alto Networks Expedition firewalls. The vulnerabilities have been added to CISA's Known Exploited Vulnerabilities (KEV) catalog, which requires Federal Civilian Executive Branch (FCEB) agencies to apply the necessary updates by December 5, 2024. Following an initial alert about a third vulnerability, this latest warning underscores the ongoing importance of staying up-to-date with security patches and the need for proactive risk mitigation strategies in network security.

Published: Fri Nov 15 00:38:11 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Millions of Sensitive Data Exposed: The Unintended Consequences of Misconfigured Microsoft Power Pages

Millions of sensitive data have been exposed to the public internet due to misconfigurations in Microsoft's Power Pages platform, a website creation service used by numerous organizations. This reveals significant security vulnerabilities and raises concerns about personal identifiable information.

Published: Fri Nov 15 01:50:07 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

A High-Severity Flaw in PostgreSQL Allows Hackers to Exploit Environment Variables


A high-severity flaw in PostgreSQL allows hackers to exploit environment variables, potentially leading to code execution or information disclosure. This vulnerability has been addressed in recent updates to the software, but organizations must take steps to mitigate its impact and prevent exploitation by hackers.

Published: Fri Nov 15 02:01:27 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Justice Has Been Served: Ilya Lichtenstein Sentenced to 5 Years for Role in Notorious Bitfinex Hack


In a significant development, Ilya Lichtenstein has been sentenced to 5 years in prison for his role in the notorious Bitfinex hack. The conviction marks a major milestone in the ongoing saga, which saw nearly $10.5 billion in bitcoin stolen from the platform. Read more about this case and its implications on financial crime prevention.

Published: Fri Nov 15 02:36:28 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

CISA Warns of Active Exploitation of Two Critical Palo Alto Networks Flaws


CISA has issued an alert warning of the active exploitation of two critical vulnerabilities in Palo Alto Networks Expedition software, CVE-2024-9463 and CVE-2024-9465. These vulnerabilities have been added to CISA's Known Exploited Vulnerabilities (KEV) catalog and require Federal Civilian Executive Branch agencies to apply the necessary updates by December 5, 2024. Users of Palo Alto Networks software should take immediate action to ensure that their systems are protected against these newly discovered threats.

Published: Fri Nov 15 02:53:07 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

U.S. CISA Adds Palo Alto Networks Expedition Bugs to its Known Exploited Vulnerabilities Catalog: A Comprehensive Analysis of the Exploited Vulnerabilities and Their Implications

U.S. CISA adds four vulnerabilities in Palo Alto Networks Expedition to its Known Exploited Vulnerabilities catalog, highlighting the critical importance of patching vulnerability management for organizations utilizing PAN-OS firewalls.

Published: Fri Nov 15 04:21:12 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Evolution of Identity Access Management: How Artificial Intelligence is Revolutionizing Cybersecurity

Artificial intelligence is transforming Identity Access Management, enabling enhanced monitoring, smarter anomaly detection, and adaptive access governance. Learn how AI is revolutionizing cybersecurity in our in-depth article on The Evolution of Identity Access Management: How Artificial Intelligence is Revolutionizing Cybersecurity.

Published: Fri Nov 15 05:50:56 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Micrsoft's Exchange Server Security Update Stopped in Its Tracks: A Cautionary Tale of Testing Practices

Microsoft's latest security update for its Exchange server has hit a snag, with the company pausing its rollout due to unexpected issues related to transport rules and data loss protection. The pause is a cautionary tale about the importance of thorough testing practices when deploying major updates.

Published: Fri Nov 15 07:18:59 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Microsoft's "White House Offer": A Business Strategy Wrapped in Security Rhetoric

Microsoft's "White House Offer" was a calculated business strategy that used security rhetoric to drive revenue growth and increase its dominance in cybersecurity. A ProPublica investigation found that the company effectively locked federal customers into its products, undermining future competitions and increasing its market share.

Published: Fri Nov 15 07:37:33 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Google's Vertex AI ML Platform Exposed to Privilege Escalation Risks: A Wake-Up Call for Cloud Security

Google's Vertex AI ML platform has been compromised by two significant security flaws, allowing malicious actors to escalate privileges and exfiltrate sensitive data from the cloud. This incident highlights the importance of robust cloud security measures and strict control over model deployments, emphasizing the need for organizations to stay vigilant and proactive in addressing potential vulnerabilities.

Published: Fri Nov 15 07:48:18 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Mastering Certificate Management: Embracing Crypto Agility and Best Practices to Mitigate Revocation Disruptions

Mastering Certificate Management: Embracing Crypto Agility and Best Practices to Mitigate Revocation Disruptions

Learn how DigiCert's exclusive webinar can equip your organization with the knowledge to handle revocations like a pro, ensuring seamless continuity in operations and mitigating the risks associated with certificate management.

Published: Fri Nov 15 07:57:13 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

A New Stealer Malware Emerges: Threat Actors from Vietnam Target Europe and Asia with PXA Stealer

A new piece of malware has emerged, targeting government and education entities in Europe and Asia with the PXA Stealer tool. This Python-based information-stealing malware targets sensitive information, including credentials for various online accounts, VPN and FTP clients, financial information, browser cookies, and data from gaming software.

Published: Fri Nov 15 08:05:02 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Five Eyes Alliance Reveals the Top 15 Most Exploited Software Flaws of 2023



The Five Eyes nations have released their list of the top 15 most exploited software flaws of 2023, highlighting the importance of patching routine initial exploitation of zero-day vulnerabilities. The list includes several well-known companies, such as Citrix and Microsoft, that were targeted by attackers due to unpatched vulnerabilities.

In order to stay safe in today's digital world, it is essential for individuals and organizations alike to take proactive measures to protect themselves against cyber threats. This includes regularly updating software and systems with the latest security patches, using secure-by-design products, and being vigilant with vulnerability management.

By staying informed about the most exploited vulnerabilities and taking steps to patch them promptly, individuals and organizations can significantly reduce their risk of being compromised by malicious actors. The Five Eyes nations' list serves as a reminder that cybersecurity is an ongoing effort that requires constant attention and vigilance.



Published: Fri Nov 15 09:47:24 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

MICROSOFT PULLS EXCHANGE SECURITY UPDATES OVER MAJOR MAIL DELIVERY ISSUES

Microsoft pulls November 2024 Exchange security updates over major mail delivery issues, with some admins reporting that email delivery has stopped altogether on servers using custom mail flow rules. The company is continuing the investigation into this issue and working on a permanent fix.

Published: Fri Nov 15 09:56:50 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Palo Alto Networks Warns of Critical RCE Zero-Day Exploitation in Attacks


Palo Alto Networks Warns of Critical RCE Zero-Day Exploitation in Attacks
A critical zero-day vulnerability has been discovered in the Next-Generation Firewalls management interface, with threat activity currently exploiting it. To protect your network, take immediate action and secure your devices using the suggested mitigations.



Published: Fri Nov 15 10:08:19 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Simplifying Endpoint Security: A Unified Approach to Mitigate Complexities

Discover how unified endpoint management can transform your organization's security posture and reduce operational complexities. Register now for the upcoming webinar on November 20th to learn more about consolidating security tools into a single platform.

Published: Fri Nov 15 10:18:58 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Bitcoin Heist: A Five-Year Sentence for Ilya Lichtenstein


The Bitcoin heist mastermind Ilya Lichtenstein has been sentenced to five years in prison for his role in stealing close to 120,000 Bitcoin worth around $69 million. This high-profile case serves as a stark reminder of the risks associated with cryptocurrency transactions and highlights the need for improved cybersecurity measures among financial institutions.

Published: Fri Nov 15 10:53:51 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

National Security Concerns: The Pegasus Spyware Scandal and the Rise of Cyber Espionage


The NSO Group's Pegasus spyware has been at the center of several high-profile scandals in recent years, highlighting the risks of cyber espionage and the exploitation of vulnerable technologies. As the company continues to face scrutiny over its role in deploying the software, critics argue that its involvement is far more sinister than claimed by the company itself.

Published: Fri Nov 15 18:34:34 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Botnet Exploits GeoVision Zero-Day Vulnerability to Install Mirai Malware, Wreaking Havoc on IoT Devices

A critical zero-day vulnerability has been exploited by a botnet to install the notorious Mirai malware on 17,000 GeoVision devices, compromising their functionality and potentially leading to widespread disruption.

Published: Fri Nov 15 18:53:00 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Unyielding Consequences of Cryptocurrency Crime: A 5-Year Sentence for a Bitfinex Hacker

Bitfinex hacker Ilya Lichtenstein has been sentenced to five years in prison for stealing 119,754 Bitcoins in a 2016 hack on the Bitfinex cryptocurrency exchange. The sentence marks a significant development in the ongoing efforts to combat cryptocurrency-related crimes and highlights the importance of robust cybersecurity measures.

Published: Fri Nov 15 19:05:41 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Cryptocurrency Caper: A Tale of Money Laundering, Dark Web Deceit, and the Unraveling of a Cybercrime Empire

A 41-year-old Ohio man has been sentenced to three years in prison for his involvement in a complex cryptocurrency money-laundering scheme, which laundered an estimated $311 million in Bitcoin. The case highlights the challenges posed by cryptocurrency and dark web markets, and the importance of cooperation between government agencies, financial institutions, and other stakeholders in disrupting and dismantling such operations.

Published: Fri Nov 15 19:17:07 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Dark Side of AI-Driven Robots: A Growing Concern for Robot Safety



A recent study has raised concerns about the vulnerability of AI-driven robots to jailbreaking, a process where malicious actors can trick a model into performing actions that are detrimental to its intended purpose. The researchers warn that this could have significant implications for robot safety, particularly in proprietary systems that may not have robust safety mechanisms in place. As the use of AI-driven robots becomes more widespread, it is essential that we address these concerns and develop effective measures to prevent their compromise.

Published: Fri Nov 15 19:30:23 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Palo Alto Networks Firewalls Hit with Critical 0-Day Vulnerability, Exploitation Underway


Palo Alto Networks firewalls have been hit with a critical 0-day vulnerability that allows an unauthenticated attacker to remotely execute code. The company has issued urgent advice on how to secure networks and has announced plans to release patches and threat prevention signatures to help mitigate this threat.

Published: Fri Nov 15 19:58:12 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

A Dark Shadow Looms: 171,000 AnnieMac Customers Exposed to Data Breach

171,000 AnnieMac customers exposed to data breach, with sensitive customer data including names and social security numbers compromised.

Published: Fri Nov 15 20:07:45 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Rise of WezRat: Unveiling the Iranian Malware Threat


A new type of malware known as WezRat has been detected by cybersecurity company Check Point. Developed by Iranian state-sponsored actors, the malware is designed to conduct reconnaissance and execute malicious commands on compromised endpoints. With its sophisticated features and evasion techniques, WezRat poses a significant threat to organizations worldwide. Read more about this emerging threat in our latest article.

Published: Fri Nov 15 20:17:42 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Glove Stealer: A Sophisticated Malware Exploiting Chrome's App-Bound Encryption to Steal Cookies

Glove Stealer, a sophisticated .NET-based information stealer, has been discovered by researchers at Gen Digital. This malware targets browser extensions and locally installed software to steal sensitive data from infected systems. The malware could harvest a vast trove of data, including cookies, autofill, cryptocurrency wallets, 2FA authenticators, password managers, and email client information.

Published: Fri Nov 15 20:40:09 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Bitfinex Hack: A Cautionary Tale of Cryptocurrency Theft and Betrayal


The Bitfinex hack: A recent reminder of the dangers lurking within the world of cryptocurrency, Ilya Lichtenstein's case serves as a cautionary tale for those tempted by its allure. With his 5-year prison sentence, he sets an example that should be remembered by all those in this space.

Published: Fri Nov 15 21:07:11 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Malware via Swiss Postal Service: A Novel Vector for Cybercrime

Switzerland's National Cyber Security Centre (NCSC) has issued an alert about a novel vector of cybercrime, where malware is being spread through the country's postal service. Recipients have been tricked into downloading a malicious app that contains a variant of the Coper trojan. This attack highlights the evolving nature of threats and the need for vigilance among individuals and organizations.

Published: Sat Nov 16 03:32:10 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

PAN-OS Firewall Vulnerability Under Active Exploitation: A Growing Concern for Cybersecurity Professionals


Palo Alto Networks has confirmed that a new zero-day vulnerability in its PAN-OS firewall management interface is under active exploitation. This critical vulnerability allows for unauthenticated remote command execution on compromised devices, posing significant security risks to networks and systems. Experts recommend taking immediate action to secure firewall management interfaces and applying patches as soon as available.

Published: Sat Nov 16 03:48:03 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Uncovering the DeepDATA Malware: A Threat to Fortinet Users and the Unpatched Vulnerability

DeepDATA malware exploits unpatched vulnerability in Fortinet's VPN client on Windows, posing a significant threat to users who rely on unpatched software. Volexity reported the flaw to Fortinet in July 2024 but the company has yet to address the issue. The lack of transparency from Fortinet raises concerns among cybersecurity experts.

Published: Sat Nov 16 03:56:02 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Imperative of Crypto Agility: Navigating the Turbulent Landscape of Certificate Management

The Imperative of Crypto Agility: Navigating the Turbulent Landscape of Certificate Management

Published: Sat Nov 16 04:02:41 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

A New Alternative to Rust: Fil-C, a Memory-Safe Flavor of C

Fil-C, a memory-safe variant of C, offers a compelling alternative to Rust by providing a 100% compatible solution for improved memory management without requiring significant changes to existing codebases.

Published: Sat Nov 16 05:13:18 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Rise of High-Stakes Cybercrime: A Global Landscape of Intrigue and Exploitation



A new landscape of high-stakes cybercrime has emerged, with sophisticated hackers and cybercriminals using increasingly sophisticated methods to infiltrate secure systems and steal sensitive information. The Bitfinex hacker, who made off with approximately 120,000 bitcoin valued at around $71 million in August 2016, remains at large despite a five-year prison sentence for his accomplice. Meanwhile, AI-powered scams are being turned on their head by a new "AI granny" developed by British telecoms firm Virgin Media and its mobile operator O2, while a lawsuit has been filed against NSO Group's founders and executives over alleged hacking crimes. As cryptocurrency continues to grow in popularity, it is essential that individuals and organizations take proactive steps to protect themselves from these types of threats.

Published: Sat Nov 16 06:33:46 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

National Security Surveillance Firm NSO Group Found to Have Exceeded Control Over Customer-Operated Spyware


In a shocking revelation, court filings have revealed that NSO Group had minimal control over customers' use of its spyware, contradicting prior claims by the Israeli firm. A recent lawsuit between Meta-owned WhatsApp and NSO Group has shed light on the complex relationship between these two entities, revealing new insights into the nature of modern espionage.

Published: Sat Nov 16 06:55:53 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Malicious GitHub Commits: A Smear Campaign Against Researchers and Open-Source Projects

Malicious GitHub commits have been used to frame researcher Mike Bell, while also infecting other open-source projects like Exo Labs and yt-dlp. Researchers must remain vigilant in their cybersecurity efforts to protect against such threats.

Published: Sat Nov 16 10:33:43 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

T-Mobile Telecoms Breach: A Growing Concern for Personal Data Security

T-Mobile confirms that it was hacked in a recent wave of telecom breaches conducted by Chinese threat actors known as Salt Typhoon, resulting in the theft of sensitive customer information. The breach is the ninth T-Mobile suffered since 2019 and highlights the need for robust security measures to be put in place.

Published: Sat Nov 16 12:44:45 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Palo Alto Networks Confirms Active Exploitation of Recently Disclosed Zero-Day Vulnerability

Palo Alto Networks has confirmed that its PAN-OS firewall management interface has been actively exploited in the wild by threat actors who are using a zero-day vulnerability. To mitigate this risk, customers should restrict access to their management interface to specific internal IPs only.

Published: Sat Nov 16 13:08:03 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Sophisticated Botnet Attack: Unveiling the GeoVision Zero-Day Exploit


A sophisticated cyber attack has been carried out on a global scale, utilizing zero-day exploits to compromise high-value devices, including those no longer supported by their manufacturers. The attack, attributed to a botnet, has demonstrated its ability to target multiple geographic regions and organizations across various sectors. This article delves into the intricacies of the attack, exploring its potential motivations, methods, and impact on the global security landscape.

Published: Sun Nov 17 08:22:44 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Cyber Wars: A Decade-Long Struggle for Digital Supremacy

A new decade of cyber warfare has begun, with nation-states, organized crime groups, and individual hackers continually adapting their tactics to evade detection and achieve their objectives. Researchers have discovered a zero-click Facebook account takeover, while a new SPIKEDWINE APT group is targeting officials in Europe.

Published: Sun Nov 17 10:36:56 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

A Comprehensive Analysis of Emerging Cyber Threats: Insights from the Frontlines

A growing number of IoT devices are being compromised by malicious actors, highlighting the need for increased security measures in this sector. Meanwhile, Apple has introduced a new feature designed to prevent exploitation of idle devices, while vulnerabilities continue to plague various platforms.

Published: Sun Nov 17 10:57:12 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

SVGs in Phishing: The Evolving Threat Landscape


SVGs have become a new tactic used by threat actors to evade detection when it comes to phishing emails. These Scalable Vector Graphics attachments are being used to create the illusion of legitimate emails from trusted sources, often with devastating consequences for users and organizations. Learn more about this emerging threat and how you can protect yourself in our latest article.

Published: Sun Nov 17 12:06:28 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

A Critical Vulnerability in WordPress's Really Simple Security Plugin Exposes Millions of Websites to Hackers


A critical security flaw in a widely used WordPress plugin has left millions of websites vulnerable to hackers. The Really Simple Security (RSS) plugin, which provides important security features like SSL configuration and two-factor authentication, has been found to have a critical vulnerability that can be exploited en masse by remote attackers. With the potential for large-scale website takeover campaigns, it is essential for website administrators to take immediate action to secure their sites.



Published: Sun Nov 17 12:15:45 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Future of Passwords: Will Passkeys Replace Them?


The future of passwords is a topic of much debate among security experts. With the rise of passkeys as a potential alternative, will traditional passwords become obsolete? Read on to find out how passkeys are changing the game in cybersecurity.

Published: Sun Nov 17 13:30:33 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

A Call to Arms: The Rise of Swatting and the Threats it Poses to Public Safety

A teenage cybercriminal has been caught for making hundreds of false emergency calls to law enforcement agencies across the US, putting lives at risk and causing widespread disruption. The case highlights the dangers of swatting, a tactic used by cybercriminals to extort money and cause harm to individuals.

Published: Sun Nov 17 19:05:24 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

A Critical Authentication Bypass Vulnerability Exposes Over 4 Million WordPress Sites

A critical authentication bypass vulnerability has been disclosed in the Really Simple Security plugin for WordPress, exposing over 4 million sites to a potential security breach. The vulnerability allows unauthenticated attackers to login as arbitrary users, including administrators, when two-factor authentication is enabled.

Published: Sun Nov 17 23:16:36 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Dark Side of WhatsApp: How NSO Group Used Zero-Day Flaws and Exploits to Install Pegasus Spyware, Despite WhatsApp's Best Efforts to Counter the Threat


NSO Group Exploited WhatsApp to Install Pegasus Spyware Even After Meta's Lawsuit Reveals New Details on Israeli Spyware Vendor's Tactics


Published: Mon Nov 18 01:40:46 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

A Critical Vulnerability Exposes 4 Million WordPress Sites to Remote Attack


Critical Really Simple Security plugin flaw impacts 4M+ WordPress sites, allowing attackers to remotely gain full admin access. This is one of the most critical WordPress vulnerabilities ever discovered, with a CVSS score of 9.8. The vulnerability affects Really Simple Security, formerly known as Really Simple SSL, installed on over 4 million websites, and allows an attacker to bypass authentication and gain access to arbitrary accounts on sites running the plugin. Security updates were released on November 12 for Pro users and November 14 for free users. WordPress.org coordinated force updates for most users, but admins should verify they are on the latest version.



Published: Mon Nov 18 03:13:24 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

GDPR Enforcement: A Global Perspective - Strengthening Data Security in an Era of Increased Scrutiny


Increased GDPR Enforcement Highlights the Need for Data Security: A Global Perspective
As governments around the world intensify their scrutiny on data protection, companies are facing increasing pressure to comply with stringent data privacy laws. The recent case involving Uber serves as a powerful reminder of the severe consequences for non-compliance, and highlights the need for stronger data security measures.


Published: Mon Nov 18 04:36:57 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Evolving Landscape of Cybersecurity Threats: A Comprehensive Analysis



The cybersecurity threat landscape is constantly evolving, with new vulnerabilities and exploits emerging on a daily basis. In this article, we will delve into the recent developments in the world of cybersecurity, highlighting the most pressing threats, tools, and practices that organizations must adopt to stay ahead of the game. From the exploitation of unpatched Fortinet's FortiClient for Windows to the "Sitting Ducks" attack scheme, we'll explore it all and provide valuable guidance on how to stay ahead of emerging threats.

Published: Mon Nov 18 06:22:58 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

A New Frontier in Email Security: Google's Shielded Email Feature and the Battle Against Spam

Google has introduced its latest innovation – Shielded Email – allowing users to create unique, single-use email addresses that forward messages to their primary account, thus eliminating the need for divulging one's real email address. This feature is part of a broader trend by tech companies to enhance online security and privacy measures.

Published: Mon Nov 18 06:30:51 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Necessity of Year-Round Network Pen Testing: A Case for Automated Solutions


The importance of year-round network pen testing cannot be overstated, as hackers do not wait for compliance schedules to strike. In this article, we will delve into the world of automated network penetration testing and explore its benefits, challenges, and advantages over traditional methods.

Published: Mon Nov 18 06:41:28 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Fake Discount Sites Exploit Black Friday to Hijack Shopper Information: A Threat Actor's Cunning Scheme

Black Friday has become a haven for scammers and cybercriminals looking to hijack shopper information. Fake discount sites are using various tactics to deceive visitors into providing sensitive information, posing a significant threat to consumer safety. Learn more about this scheme and how to protect yourself from falling victim to these malicious attacks.

Published: Mon Nov 18 06:52:18 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Malicious Exploitation of Microsoft 365 Admin Portal's Personal Message Field: A Vulnerability to Sextortion Scams


Microsoft 365 Admin Portal has been found vulnerable to abuse by scammers, who use its Personal Message feature to send extortion-themed emails to unsuspecting users. These scams can bypass email security filters due to a limit of 1,000 characters in personal messages, which can be circumvented using browser developer tools. As Microsoft takes steps to prevent such incidents, it is essential for users to remain cautious and report any suspicious activity.

Published: Mon Nov 18 09:46:08 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Staying Ahead of the Threats: The Importance of Linux Security in a Rapidly Evolving Landscape


Join Red Hat for the State of Linux Security Symposium 2024 on December 10th at 10am PT/1pm ET. Gain a deeper understanding of Linux security and take proactive steps in securing your infrastructure.

Published: Mon Nov 18 09:54:24 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Permissioning in the Modern Era: A Shared Responsibility Model for Developers and Security Teams

The use of permissions can become an overwhelming task, especially in complex systems like Amazon Web Services or GitHub. The lack of clear documentation and communication between developers and security teams can lead to security breaches and exposed secrets. In this article, we'll explore the challenges of permissioning in modern software development and propose a shared responsibility model for developers and security teams to ensure seamless collaboration.

Published: Mon Nov 18 10:04:19 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Breach of Trust: A Glimpse into the World of Cyber Espionage and the Library of Congress


A recent breach has exposed sensitive information held by the respected institution of The Library of Congress. An alleged foreign adversary gained access to email communications between congressional offices and some library staff, highlighting the importance of cybersecurity and the need for proactive measures to protect institutions from cyber threats.

Published: Mon Nov 18 10:27:03 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

SSweden Unveils Comprehensive Crisis and War-Survival Guide Amid Escalating Global Tensions


Sweden has released an updated guide to help its citizens prepare for various types of crisis situations or wartime, including armed conflicts, terrorism, cyberattacks, and extreme weather events. With NATO membership and increasing global tensions, this comprehensive guide is a crucial step towards securing the country's independence and democracy.

Published: Mon Nov 18 11:45:10 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

A Critical Wake-Up Call: VMware vCenter Server RCE Bug Exploited in Attacks

VMware vCenter Server RCE bug exploitation highlights the need for timely patching and robust security controls as threat actors increasingly target critical vulnerabilities in enterprise environments.

Published: Mon Nov 18 13:14:57 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

New Stealthy Malware Loader Spotted: BabbleLoader Delivers WhiteSnake and Meduza Stealers


A new stealthy malware loader called BabbleLoader has been spotted delivering WhiteSnake and Meduza stealers, making it a significant threat to cybersecurity professionals and organizations. According to Intezer researchers, the loader is designed to bypass antivirus and sandbox environments with ease, using a range of evasion techniques to evade detection.

Published: Mon Nov 18 13:28:43 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Exposé Revealed: A Glimpse into the Shadows of Corporate Espionage - Maxar's Employee Data Breach

Maxar Space Systems, a leading US space tech giant, has disclosed a significant employee data breach, exposing personal information of its employees. The breach highlights the need for vigilance and proactive measures in securing one's digital footprint and serves as a poignant reminder of the ever-present dangers lurking within the realm of cyber threats.

Published: Mon Nov 18 16:23:37 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Palo Alto Networks Patches Critical Firewall Zero-Days: A Warning to Enterprise Networks


Palo Alto Networks has issued critical security updates to address two actively exploited zero-day vulnerabilities in its PAN-OS management web interface. The patches aim to mitigate the risk of remote attackers exploiting these flaws to gain unauthorized access to firewall systems.

Published: Mon Nov 18 16:35:14 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Phobos Ransomware Gang Administrator Faces Serious Cybercrime Charges in US Indictment


US charges Phobos ransomware admin after South Korea extradition: A major blow to the global cybercrime community, a US indictment alleges that Evgenii Ptitsyn, a Russian national and suspected administrator of the Phobos ransomware operation, was extradited from South Korea and is facing serious cybercrime charges in the United States. The Phobos ransomware gang has been linked to breaches of over 1,000 public and private entities worldwide, resulting in significant financial losses for victims and cementing its position as a major player in the global cybersecurity threat landscape.

Published: Mon Nov 18 16:42:39 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Critical VMware vCenter RCE Bug Exploited After Broadcom's Patch Fumble

Critical VMware vCenter RCE Bug Exploited After Broadcom's Patch Fumble: A Stark Reminder of the Risks Associated with Third-Party Software

Published: Mon Nov 18 17:03:16 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

T-Mobile US Caught Up in Industry-Wide Cyber Espionage Campaign

US telcos including T-Mobile US are under attack by a sophisticated Chinese hacking group known as Salt Typhoon, with potential implications for national security and data protection. As the situation unfolds, it's clear that cybersecurity threats must be taken very seriously.

Published: Mon Nov 18 17:22:15 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Exploitation of VMware vCenter Server Vulnerabilities: A Growing Concern for Cybersecurity



Recently disclosed VMware vCenter Server bugs are actively exploited in attacks, prompting a call to action for organizations to prioritize their cybersecurity efforts. The vulnerabilities, CVE-2024-38812 and CVE-2024-38813, have been actively exploited by threat actors, emphasizing the need for immediate attention from organizations that rely on vCenter Server.



Published: Mon Nov 18 17:47:45 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Chinese Hackers' Exploitation of Fortinet VPN Zero-Day: A Threat to Corporate Networks

Chinese hackers have exploited a zero-day vulnerability in Fortinet's FortiClient Windows VPN client to steal sensitive credentials, leaving many organizations on high alert. This vulnerability was first discovered by Volexity researchers earlier this summer but remains unfixed despite being reported to Fortinet. The implications of this vulnerability are significant, and it is essential for users and organizations to take proactive steps to protect against this threat.

Published: Mon Nov 18 18:59:02 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Ford Motor Company Hit by Alleged Data Breach, Employee Records Stolen and Dumped on Cyber Crime Forum



Ford Motor Company has reportedly been hit by a data breach, with attackers claiming to have stolen an internal database containing 44,000 customer records. The incident is believed to have occurred in the past month, with the attackers allegedly using the IntelBroker moniker, another well-known BreachForums participant. Maxar Space Systems has also been affected, with attackers claiming to have stolen personal data from employees. These incidents highlight the growing threat of cybercrime and emphasize the importance of robust cybersecurity measures.



Published: Mon Nov 18 19:21:49 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Shifting Landscape of Cybersecurity: As Vulnerabilities Emerge, CISA Sounds the Alarm

Cybersecurity leaders must stay informed about actively exploited vulnerabilities in prominent platforms such as Progress Kemp LoadMaster and VMware vCenter Server. CISA has issued warnings regarding these threats, emphasizing the importance of remediation by December 9, 2024. Organizations must prioritize proactive risk management strategies to mitigate potential breaches.

Published: Tue Nov 19 01:24:08 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Palo Alto Networks Firewall Vulnerability Under Active Exploitation: A Critical Alert for Cybersecurity Professionals


In a critical alert, Palo Alto Networks has disclosed a zero-day vulnerability in its PAN-OS firewall management interface that is currently being actively exploited. This vulnerability allows an attacker with network access to gain administrator privileges on the firewall, thereby gaining control over its configuration and operation.

Published: Tue Nov 19 01:39:59 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Apple's Secret iOS 18 Reboot Feature: A Game-Changer for Cybersecurity

Apple's latest mobile operating system, iOS 18, has a secret security feature that reboots devices after three days of inactivity. This feature has significant implications for anyone trying to access data on Apple's hardware, and raises questions about how such a sophisticated security measure was implemented without official announcement from the company.

Published: Tue Nov 19 03:03:21 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Widespread Cyber Espionage Campaign Targeting U.S. Telecoms: A Threat to National Security?



A sophisticated cyber espionage campaign targeting major U.S. telecom companies has been linked to Chinese threat actors known as Salt Typhoon or Earth Estries. The attack, which has been ongoing for several months, aims to harvest cellphone communications of high-value intelligence targets. As the investigation into the extent of the compromise continues, it is crucial to understand the tactics, techniques, and procedures employed by these threat actors to prevent future attacks.



Published: Tue Nov 19 03:20:49 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Active Exploitation of Critical Vulnerabilities: A Warning for Enterprise Security

Recent updates from CISA highlight critical vulnerabilities in VMware vCenter Server and Progress Kemp LoadMaster that have come under active exploitation. Organizations must prioritize patching and monitoring systems to protect against these threats.

Published: Tue Nov 19 03:38:17 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The U.S. CISA Adds Progress Kemp LoadMaster, Palo Alto Networks PAN-OS, and Expedition Bugs to Its Known Exploited Vulnerabilities Catalog



The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, which includes CVE-2024-1212, CVE-2024-0012, and CVE-2024-9474. These vulnerabilities pertain to the Progress Kemp LoadMaster, Palo Alto Networks PAN-OS, and Expedition software respectively, and pose significant security risks to organizations handling sensitive data or operating critical infrastructure. Organizations are advised to review the catalog and address these vulnerabilities by December 5, 2024.

Published: Tue Nov 19 04:02:22 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

A Comprehensive Analysis of the Great Plains Regional Medical Center Ransomware Attack: A Cautionary Tale for Healthcare Organizations

Great Plains Regional Medical Center ransomware attack impacted 133,000 individuals, exposing sensitive information. A recent data breach has highlighted the need for healthcare organizations to prioritize their cybersecurity posture to protect patient data.

Published: Tue Nov 19 04:22:52 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

SANS Institute Launches 2024 Holiday Hack Challenge: A Festive Cybersecurity Extravaganza

The SANS Institute launches its highly anticipated 2024 Holiday Hack Challenge, offering a unique format and inclusive design to test participants' skills in a series of progressive gamified cyber challenges.

Published: Tue Nov 19 05:46:46 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Insidious Role of Fusion Centers in Undermining Sanctuary City Protections: A National Security Threat in Disguise

ICE Can Already Sidestep Sanctuary City Laws Through Data-Sharing Fusion Centers

Published: Tue Nov 19 05:59:50 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

New 'Helldown' Ransomware Variant Expands Attacks to VMware and Linux Systems: A Growing Concern for Cybersecurity


New 'Helldown' Ransomware Variant Expands Attacks to VMware and Linux Systems: A Growing Concern for Cybersecurity

A new ransomware variant, Helldown, has been expanding its attacks to include VMware and Linux systems. This development comes as part of an evolving trend of ransomware groups diversifying their capabilities. The threat landscape continues to evolve at an unprecedented pace, with new ransomware groups emerging and diversifying their capabilities. Stay informed about the latest developments in the field and adapt your strategies accordingly to protect against such threats.



Published: Tue Nov 19 06:35:05 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

MICROSOFT UNVEILS ZERO DAY QUEST: A MAJOR INVESTMENT IN ARTIFICIAL INTELLIGENCE SECURITY RESEARCH

Microsoft has launched Zero Day Quest, a major new initiative aimed at improving AI security through collaboration with top security researchers and providing substantial rewards for discoveries. With an additional $4 million in potential awards, the event is expected to have far-reaching benefits for both Microsoft and its customers.

Published: Tue Nov 19 08:13:37 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Microsoft Unveils New Windows Resiliency Initiative to Mitigate Future Security Incidents

Microsoft has unveiled a new Windows Resiliency Initiative aimed at improving the operating system's security and reliability in response to a recent high-profile incident involving CrowdStrike. The initiative includes several key features, including Quick Machine Recovery, enhanced deployment practices from security vendors, and improved resiliency measures within Windows itself.

Published: Tue Nov 19 08:33:37 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Microsoft Unveils Zero Day Quest: A $4 Million Hacking Event to Fortify Cloud and AI Security


Microsoft has launched its latest initiative, Zero Day Quest, a $4 million hacking event designed to fortify the security of Microsoft's cloud and AI products and platforms. With the backing of Microsoft's Secure Future Initiative, this ambitious program brings together security researchers and experts from around the world to tackle emerging threats.

Published: Tue Nov 19 08:55:15 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Navigating Third-Party Risks: A Critical Security Imperative for Modern Organizations

Navigating Third-Party Risks: A Critical Security Imperative for Modern Organizations

As organizations increasingly rely on third-party contractors, vendors, and service providers to deliver critical services and support, the security risks associated with these external relationships have become a top priority. Learn how to identify vulnerable access points, implement effective access controls, and establish a culture of compliance and security in this special webinar hosted by SailPoint.

Published: Tue Nov 19 09:03:49 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

A BEC Scheme of Unparalleled Cunning: A $250,000 Heist that Highlighted the Perils of Wire Transfers


A Business Email Compromise (BEC) scheme targeted iLearningEngines, an e-learning automation platform provider for educational institutions, resulting in a $250,000 loss. This incident highlights the perils of wire transfers and underscores the importance of robust cybersecurity measures, vigilant employee awareness, and effective incident response protocols.

Published: Tue Nov 19 09:17:14 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Nsioweb Botnet Fuels NSOCKS Residential Proxy Network Exploiting IoT Devices: A Growing Threat to Cybersecurity



The Nsioweb botnet has been found to fuel a notorious residential proxy service called NSOCKS, which is being used to exploit vulnerable IoT devices and compromise user privacy. With its arsenal of vulnerabilities and zero-days, the malware poses a significant threat to cybersecurity, highlighting the need for increased vigilance and proactive measures to protect against cyber threats.

Published: Tue Nov 19 09:26:48 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Uncovering the Dark Web: A Threat Landscape Reborn



A new wave of threats has emerged, targeting unsuspecting organizations worldwide with a range of vulnerabilities including two actively exploited Palo Alto flaws, a malicious campaign using Jupyter Notebooks to stream pirated sports broadcasts, and a range of other security vulnerabilities. As the threat landscape continues to evolve at an ever-present pace, it is essential for organizations to stay vigilant and proactive in addressing these risks.



Published: Tue Nov 19 09:34:09 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Evolution of Threats Requires a New Approach to Privileged Access Security


The Evolving Threat Landscape: Why Privileged Access Security Must Be a Top Priority
As cyber threats continue to evolve and become increasingly sophisticated, organizations must recognize the critical importance of securing privileged access to their systems and data. A new report highlights the limitations of traditional Privileged Access Management (PAM) solutions and emphasizes the need for a comprehensive security-first approach to protecting sensitive assets.



Published: Tue Nov 19 09:42:11 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Helldown Ransomware Operation: A Growing Concern for Corporate Networks


The Helldown ransomware operation has been making headlines for its exploits against corporate networks through vulnerabilities in Zyxel firewalls, allowing attackers to steal data and encrypt devices. With 31 victims listed on its recently-renewed extortion portal as of November 7, 2024, this group is growing concern for corporate networks, highlighting the need for vigilance and proactive measures to prevent attacks.

Published: Tue Nov 19 11:42:45 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Disrupting the Shadows: The Crackdown on Ngioweb's Residential Proxy Botnet


A major breakthrough in the fight against cybercrime has been achieved with the disruption of Ngioweb's residential proxy botnet. Lumen's Black Lotus Labs successfully tracked the botnet's operations, identifying key components and disrupting its ability to operate. The incident highlights the need for improved security measures in proxy services and serves as a stark reminder of the importance of cybersecurity awareness.



Published: Tue Nov 19 12:02:24 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Empowering Gemini: A Paradigm Shift in Malware Analysis with Code Interpreter and Google Threat Intelligence

Google's latest advancements in Gemini, a cutting-edge malware analysis tool, now empowers autonomous interpretation of obfuscated elements and contextualization of external references. By integrating Code Interpreter and GTI function calling, Gemini significantly enhances its capabilities to address complex samples, marking a paradigm shift in threat intelligence automation.

Published: Tue Nov 19 12:13:34 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Hacked Testimony from Accusers of Matt Gaetz: A Shocking Revelation



In a shocking revelation, an unknown hacker has obtained a copy of testimony from a woman who was 17 years old when she allegedly had sex with Matt Gaetz in 2017. The hacked documents include corroborating evidence and potentially damaging testimony against Gaetz, raising questions about the validity of his nomination as Attorney General. As the situation unfolds, experts warn that the leaked information could have far-reaching consequences for Gaetz's career and reputation.

Published: Tue Nov 19 12:24:24 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Amazon Shaves 62% Off Blink Outdoor 4 Home Security Cameras Bundle on Black Friday


Amazon has launched its Black Friday sales with significant discounts across various categories, including a substantial price cut on Blink Outdoor 4 Home Security Cameras. For just $99, users can get a three-camera bundle for an astonishing 62% off the regular retail price of $260, making this an excellent opportunity to upgrade or enhance home security systems.

Published: Tue Nov 19 12:32:47 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Palo Alto Networks Patches Critical Firewall-Busting Zero-Day Vulnerabilities

Palio Alto Networks has patched two critical firewall-busting zero-days that have been used in conjunction with each other to gain superuser access, highlighting the need for customers to take urgent action to protect their networks.

Published: Tue Nov 19 12:44:10 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Exploitation of America's Digital Surveillance Machine: A Threat to Sanctuary City Laws and Civil Liberties


The Trump administration's plans to crack down on immigration are likely to exacerbate the exploitation of fusion centers by ICE, leading to a further erosion of sanctuary city laws and civil liberties. As the country grapples with the implications of this revelation, it is essential that lawmakers take action to address the problem and protect the rights of all Americans.

Published: Tue Nov 19 12:53:31 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Exposing the Shadows: Unraveling the DeepData Malware Campaign



A recent discovery has shed light on a sophisticated cybercrime campaign involving China-linked threat actors. The DeepData malware, a custom post-exploitation toolkit, exploits a zero-day vulnerability in FortiClient VPN software to steal sensitive information from infected systems. This incident highlights the need for vigilance and awareness among individuals and organizations in the face of emerging threats.



Published: Tue Nov 19 13:21:35 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Awareness Ignited: Ford Investigates Alleged Data Breach After 44,000 Customer Records Leaked on Hacking Forum


Ford Motor Company is under investigation after 44,000 customer records were leaked on a hacking forum. The leaked dataset contains sensitive information about Ford customers, and the company is taking steps to mitigate the risks associated with this potential data exposure.


Published: Tue Nov 19 14:54:36 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Oracle Warns of Exploited Agile PLM File Disclosure Flaw: A Critical Security Alert for Business and Enterprise Customers


Oracle has issued a critical security alert warning its business customers about an actively exploited file disclosure flaw in its Agile Product Lifecycle Management (PLM) software. The vulnerability, tracked as CVE-2024-21287, was discovered by CrowdStrike researchers Joel Snape and Lutz Wolf, and it has been found to be actively exploited in attacks. Oracle urges its customers to install the latest version of the software as soon as possible. The discovery highlights the growing threat landscape in enterprise software vulnerabilities and underscores the importance of regular software updates and proactive cybersecurity measures.

Published: Tue Nov 19 15:06:46 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Microsoft Unveils Hotpatch Technology for Windows 11 24H2 and Windows 365

Microsoft has announced that hotpatching technology is now available in preview on Windows 11 24H2 and Windows 365 devices. This new feature allows security updates to be downloaded and installed without requiring a reboot, resulting in improved system performance and enhanced security.

Published: Tue Nov 19 15:13:16 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

A Third of America's Drinking Water Systems Lacking Basic Cybersecurity Measures

A third of America's drinking water systems are failing to meet basic cybersecurity standards, leaving millions of people vulnerable to cyber threats. The Environmental Protection Agency has acknowledged the issues and promised to take action, but more needs to be done to protect the nation's critical infrastructure.

Published: Tue Nov 19 15:44:00 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Zero-Day Vulnerabilities Exposed: Apple Takes Swift Action to Protect Intel-Based Mac Users


Apple has fixed two zero-day vulnerabilities in its operating systems, CVE-2024-44308 and CVE-2024-44309, which were exploited in attacks on Intel-based Mac systems. The company has released emergency security updates for macOS Sequoia 15.1.1, iOS 17.7.2, and iPadOS 17.7.2, addressing the vulnerabilities in both its operating systems and other Apple products.

Published: Tue Nov 19 17:29:20 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

CISA Issues Warning: Progress Kemp LoadMaster Flaw Exploited in Wild Attacks

Progress Kemp LoadMaster flaw exploited in wild attacks, according to a recent warning issued by the US Cybersecurity & Infrastructure Security Agency (CISA). The critical OS command injection vulnerability allows an unauthenticated, remote attacker to access the system through the LoadMaster management interface, enabling arbitrary system command execution.

Published: Tue Nov 19 17:49:20 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

A Critical Zero-Day Exploit in Fortinet's Windows VPN Client: Implications for Global Security

A critical zero-day vulnerability has been discovered in Fortinet's Windows VPN client, allowing a China-linked group called BrazenBamboo to steal sensitive information. The bug remains unresolved, leaving users vulnerable to attacks until a patch is issued by Fortinet.

Published: Tue Nov 19 18:09:38 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Ransomware Ringleader Evgenii Ptitsyn Extradited to US, Facing Over a Century Behind Bars for Extortion Scheme

Russian citizen Evgenii Ptitsyn has been extradited from South Korea to the United States on charges related to his alleged role in the Phobos ransomware operation. He faces over a century behind bars if convicted, including 13 crimes such as wire fraud conspiracy and computer extortion.

Published: Tue Nov 19 18:27:28 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Rise of Cybercrime: A Global Threat to National Security and Economic Stability

Phobos Ransomware admin faces cybercrime charges as global threats to cybersecurity continue to mount, with state-sponsored attacks on telecom firms like T-Mobile demonstrating the growing need for international cooperation and robust cybersecurity measures.

Published: Tue Nov 19 18:45:55 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Finastra Data Breach: The Alleged Theft of Sensitive Financial Information by a Sophisticated Cybercriminal

Finastra, a leading fintech company, is investigating a large-scale data breach allegedly carried out by a sophisticated cybercriminal known as abyss0. The breach involves sensitive financial information stolen from Finastra's internal file transfer platform, and the company has implemented alternative solutions to mitigate any impact on its customers. As this story continues to develop, it will be essential to evaluate the scope and severity of the incident and its potential long-term consequences.

Published: Tue Nov 19 20:01:30 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Data Breach at Equinox: A Case Study in Cybersecurity Failures


Equinox, a New York State health and human services organization, has been hit with a high-profile data breach. The incident, which occurred nearly seven months ago on April 29, has left the organization with no choice but to notify over 21 thousand clients and staff of the theft of their sensitive information. To read more about this incident and its implications for healthcare organizations, please see our in-depth article on Equinox's data breach.

Published: Tue Nov 19 20:10:16 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Unregulated Data Brokers Pose a Clear Threat to National Security: The Unseen Surveillance State



A new form of espionage has emerged, one that utilizes unregulated commercial data brokers to gather sensitive information about US servicemembers. A recent investigation has revealed that US defense officials have been aware of this threat since at least 2016 but have failed to take adequate action to address it. The industry poses a clear threat to national security and more needs to be done to protect the personal data of brave members of the armed forces who serve in harms' way around the world.

Published: Tue Nov 19 22:41:09 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

A Double Blow to Apple's Security: Two Actively Exploited Zero-Day Flaws Patches



Apple has released security updates for iOS, iPadOS, macOS, visionOS, and Safari to address two actively exploited zero-day flaws. The vulnerabilities were identified as CVE-2024-44308 and CVE-2024-44309 and have been attributed to highly-targeted government-backed or mercenary spyware attacks. Users are advised to update their devices to the latest version to minimize potential threats.



Published: Tue Nov 19 23:54:41 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Oracle Warns of High-Severity PLM Vulnerability Under Active Exploitation

Oracle has warned that a high-severity security flaw in its Agile Product Lifecycle Management (PLM) Framework has been exploited in the wild, allowing attackers to leak sensitive information. The vulnerability, tracked as CVE-2024-21287 with a CVSS score of 7.5, is considered remotely exploitable and can be attacked over a network without requiring authentication credentials.

Published: Wed Nov 20 00:05:29 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Data: The Double-Edged Sword of Organizational Growth


The world of big data has become increasingly complicated, with organizations struggling to manage their digital assets. The shift in perspective from "data is the new oil" to recognizing the challenges associated with concentrated data poses significant implications for organizational security posture.

Published: Wed Nov 20 02:16:06 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

China-Linked Cyber Espionage: Liminal Panda Threats Telecom Networks Across South Asia and Africa

China-linked cyber espionage group Liminal Panda targets telecom networks across South Asia and Africa, compromising networks through exploited protocols and weak passwords. Experts warn of increasing vulnerabilities in telecommunications infrastructure due to the growing threat from state-sponsored actors.

Published: Wed Nov 20 02:25:47 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Exploitation of Unsecured JupyterLab and Jupyter Notebooks Servers: A Threat to Cybersecurity and Data Integrity



Uncovering the Exploitation of Unsecured JupyterLab and Jupyter Notebooks Servers for Illegal Streaming of Sports Events: A Threat to Cybersecurity and Data Integrity

The recent discovery by security firm Aqua highlights a previously unknown vulnerability in unsecured JupyterLab and Jupyter Notebook servers, which have been exploited by threat actors to hijack environments, deploy streaming tools, and illegally redistribute live sports broadcasts. This article delves into the details of this newly revealed threat, exploring its implications for cybersecurity, data integrity, and the potential risks faced by organizations utilizing these platforms.



Published: Wed Nov 20 02:46:23 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Decades-Old Security Vulnerabilities Exposed: Needrestart Package Left Unpatched for Years


A recently discovered security vulnerability in the needrestart package on Ubuntu Server poses a significant risk to system integrity and security. The five flaws found in the needrestart package are trivial to exploit and could allow a local attacker to gain root privileges without requiring user interaction. Update now to ensure your systems remain secure.


Published: Wed Nov 20 03:59:26 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Dark Underbelly of Social Media: How AI-Generated Influencers Are Disrupting the Lives of Human Creators

AI-generated influencers are flooding social media platforms like Instagram, stealing videos from real models and adult content creators, and monetizing their bodies with links to dating sites and AI apps. The phenomenon, known as "AI pimping," raises serious questions about the future of social media and the impact on human creators.

Published: Wed Nov 20 05:39:33 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Navigating the Complex Landscape of Non-Human Identity Detection and Response (NHIDR) for Enhanced Cybersecurity


Non-human identities have become a significant vulnerability in modern cybersecurity, with attackers exploiting them to move laterally across systems and compromise sensitive data. To address this growing threat, Entro has developed Non-Human Identity Detection and Response (NHIDR), a cutting-edge technology that empowers organizations to proactively detect and respond to NHIDR breaches.

Published: Wed Nov 20 05:46:38 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Alice in Wonderland: The Double Exploitation of Zero-Day Vulnerabilities by Apple


Apple has released security updates to address two actively exploited zero-day vulnerabilities in its operating systems and browser software. These vulnerabilities, identified by researchers from Google's Threat Analysis Group, have been used to exploit users' devices for malicious purposes. By updating their software to the latest versions, users can protect themselves against these threats.

Published: Wed Nov 20 06:07:09 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Ford Investigates Alleged Customer Data Leak Following Breach on Hacking Forum

Ford Motor Company is investigating allegations of a data breach after a threat actor claimed to leak 44,000 customer records on a hacking forum. The leaked data contained sensitive information about Ford customers, including their names, physical locations, purchase details, dealer information, and record timestamps. While the exposure is not considered extremely severe, it still poses risks to individuals whose personal information was compromised.

Published: Wed Nov 20 07:49:54 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Ghost Tap Malware: A New Vector for Cybercriminals to Cash Out Stolen Funds via Mobile Payments


Cybercriminals are exploiting NFC technology to cash out stolen funds via mobile payments using a new malware campaign dubbed "Ghost Tap." This attack vector leverages legitimate research tools to relay NFC traffic, allowing cybercriminals to bypass anti-fraud mechanisms and make large-scale fraudulent transactions. Experts warn that this campaign poses significant challenges for financial institutions and retailers alike, highlighting the need for robust security measures to prevent such attacks.

Published: Wed Nov 20 08:06:10 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Microsoft Unveils Comprehensive Windows Resiliency Initiative to Enhance Security and System Integrity

Microsoft has launched a comprehensive Windows Resiliency Initiative aimed at bolstering the security and reliability of its Windows operating system. The initiative includes new features such as Quick Machine Recovery, hardware-backed security baselines, and support for passkeys in Windows Hello.

Published: Wed Nov 20 08:23:43 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

D-Link Issues Urgent Warning: Replace Vulnerable Routers or Risk Being "Pwnage," Experts Say

D-Link has issued a warning to its customers, advising them to replace their vulnerable VPN routers due to a serious remote code execution (RCE) vulnerability. The company is urging its customers to upgrade to new devices or retire and replace their old routers altogether in order to avoid being targeted by malicious actors.

Published: Wed Nov 20 09:44:45 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Hacker Breaches Confidential Documents Tied to Matt Gaetz's Sexual Misconduct Allegations


Matt Gaetz's reputation is under scrutiny once again as a hacker allegedly obtained confidential documents tied to sexual misconduct allegations against him. The breach highlights the importance of maintaining robust security measures to protect sensitive information from unauthorized access.



Published: Wed Nov 20 11:04:47 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Resilience of Change Healthcare: A Nine-Month Odyssey to Restore Clearinghouse Services

Change Healthcare, a leading healthcare clearinghouse services provider, has successfully restored its clearinghouse services after an unprecedented nine-month ordeal following a devastating ransomware attack. The organization's remarkable recovery story is a testament to the resilience of healthcare providers and highlights the critical importance of robust cybersecurity measures in protecting sensitive data.

Published: Wed Nov 20 13:12:27 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Google's AI-Powered Bug Hunting Project Identifies 26 Vulnerabilities in Code Repositories

Google's AI-powered bug hunting project, OSS-Fuzz, has identified 26 vulnerabilities in code repositories, including a critical flaw in OpenSSL. The use of large language models (LLMs) has proven to be highly effective in identifying bugs that humans would have otherwise missed.

Published: Wed Nov 20 13:22:22 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

US Charges Five Suspects Linked to Scattered Spider Cybercrime Gang: A Sophisticated Threat Actor Group Exploiting Vulnerabilities in Corporate Networks


US Charges Five Suspects Linked to Scattered Spider Cybercrime Gang
The US Justice Department has charged five suspects with conspiracy to commit wire fraud, wire fraud conspiracy, and aggravated identity theft in connection with their alleged involvement in the financially motivated Scattered Spider cybercrime gang. The group is known for its sophisticated social engineering attacks, phishing/smishing attacks, and SIM swap tactics, which have targeted dozens of individuals and companies worldwide.

Published: Wed Nov 20 14:54:05 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Finastra's Fiasco: A Cautionary Tale of SFTP Security

A recent data breach on Finastra's SFTP system has raised concerns about customer data security, highlighting the need for robust cybersecurity measures in today's digital landscape. As the investigation continues, experts will be watching closely to see how Finastra responds and takes steps to prevent similar breaches in the future.

Published: Wed Nov 20 16:30:23 2024 by llama3.2 3B Q4_K_M










     


© Ethical Hacking News . All rights reserved.

Privacy | Terms of Use | Contact Us