Today's cybersecurity headlines are brought to you by ThreatPerspective


Biz & IT Ars Technica

Thousands of Linux systems infected by stealthy malware since 2021

The ability to remain installed and undetected makes Perfctl hard to fight. Thousands of machines running Linux have been infected by a malware strain that’s notable for its stealth, the number of misconfigurati

Published: 2024-10-03T23:42:05



Biz & IT Ars Technica

Attackers exploit critical Zimbra vulnerability using cc’d email addresses

When successful, attacks install a backdoor. Getting it to work reliably is another matter. Attackers are actively exploiting a critical vulnerability in mail servers sold by Zimbra in an attempt to remotely exe

Published: 2024-10-02T21:50:28



Biz & IT Ars Technica

Systems used by courts and governments across the US riddled with vulnerabilities

With hundreds of courts and agencies affected, chances are one near you is, too. Public records systems that courts and governments rely on to manage voter registrations and legal filings have been riddled with

Published: 2024-09-30T20:30:26



Biz & IT Ars Technica

Microsoft details security/privacy overhaul for Windows Recall ahead of relaunch

Recall nearly launched as a scraper that stored all its data in plaintext. Microsoft is having another whack at its controversial Recall feature for Copilot+ Windows PCs, after the original version crashed and b

Published: 2024-09-27T17:00:39



Biz & IT Ars Technica

Hacker plants false memories in ChatGPT to steal user data in perpetuity

Emails, documents, and other untrusted content can plant malicious memories. When security researcher Johann Rehberger recently reported a vulnerability in ChatGPT that allowed attackers to store false informati

Published: 2024-09-24T20:56:26



The Register - Software

OpenStack Dalmatian debuts with a new dashboard, better security and GPU-wrangling

If you think VMware has gone to the dogs, maybe check it out? OpenStack Dalmatian, the 30th edition of the open source cloud stack, has bounded out of the kennel.

Published: 2024-10-03T02:30:15



The Register - Software

'Patch yesterday': Zimbra mail servers under siege through RCE vuln

Attacks began the day after public disclosure "Patch yesterday" is the advice from infosec researchers as the latest critical vulnerability affecting Zimbra mail servers is now being mass-exploited.

Published: 2024-10-02T10:50:45



The Register - Software

Watch your mirrors: Tesla Cybertrucks have 'Full' 'Self Driving' now

As eggheads reckon Musk-mobiles need human interventions every 13 miles Owners of Tesla's Cybertruck are reporting that a software update enabling the self-styled Full Self Driving (FSD) has become an option for their giant rolling wedges of stainles

Published: 2024-09-30T23:45:12



The Register - Software

Rackspace internal monitoring web servers hit by zero-day

Intruders accessed machines via tool bundled with ScienceLogic, 'limited' info taken, customers told not to worry Exclusive Rackspace has told customers intruders exploited a zero-day bug in a third-party application it was using, and abused that vu

Published: 2024-09-30T23:08:37



The Register - Software

Windows 11 Patch Tuesday preview is a glitchy disaster

Blue is the color of some screens after optional KB5043145 update Updated Microsoft's Patch Tuesday preview, KB5043145, arrived last week and is already causing some headaches thanks to serious stability issues.

Published: 2024-09-30T13:07:58



The Register - Software

Extracting vendor promises won't fix cybersecurity. Extracting teeth might

One branch of tech has learned to work together to solve the near-impossible. Now it's our turn Opinion To say cybersecurity is mostly very good is like saying Boeing's Starliner parts mostly work true, but you're still going to be sleeping in the

Published: 2024-09-30T08:56:08



The Verge - Securities

Google is testing verified checkmarks in search

A screenshot taken of the message that appears when you hover over a blue check mark on Google Search. It reads, “This icon is being shown because Google’s signals suggest that this business is the business that it says it is.” The new search experiment seems to be an extension of Google’s Brand Indicators for Message Identification (BIMI) feature, which is used to display checkmarks in Gmail’s web and mobile apps next to senders who have adopted the verification pl...

Published: 2024-10-04T04:31:09



The Verge - Securities

The feds still can t get into Eric Adams phone

A screenshot of the federal indictment against New York City mayor Eric Adams. When Adams turned in his personal cellphone the following day, charging documents say, he said he had changed the password a day prior after learning about the investigation and couldn’t remember it. Adams told investigators he changed th...

Published: 2024-10-02T16:06:42



The Verge - Securities

FCC is offering $200 million to protect schools and libraries from hackers

A cartoon illustration shows a shadowy figure carrying off a red directory folder, which has a surprised-looking face on its side. The Federal Communications Commission is making up to $200 million available to help schools and libraries make their computer systems more secure. The Schools and Libraries Cybersecurity Pilot Program will be used to evaluate whether to f...

Published: 2024-10-02T13:42:05



The Verge - Securities

Arc browser adds security bulletins and bug bounties

Grayscale Arc logo on pink and blue background. Arc creator The Browser Company has officially started a bug bounty program to keep its growing Chromium-based browser’s security in check. The company is also launching a new security bulletin to maintain “transparent and proactive communi...

Published: 2024-09-27T17:37:11



The Verge - Securities

The DOJ indicts Iranians for alleged Trump campaign hack-and-leak scheme

Graphic photo illustration of Donald Trump. The US Department of Justice has charged three Iranian nationals linked with a cyberattack against Donald Trump’s presidential campaign, according to an indictment on Friday. The three hackers, all of whom have ties to Iran’s Islamic Revolu...

Published: 2024-09-27T16:51:38



The Verge - Securities

Google says a closed ad ecosystem isn t anticompetitive it's just safer

Photo collage of a page full of ads for different products. Google took a page out of a familiar playbook in court this week, defending itself from claims of anticompetitive conduct by raising security concerns. While the government argues it locked up the ad tech market to make more money, Google’s...

Published: 2024-09-26T09:04:58



The Verge - Securities

Boston Dynamics partners with Assa Abloy to let the dogs in

blue robot dog entering a door with an access panel on the wall and a QR code. Assa Abloy, the major Swedish conglomerate that owns a whole lot of lock and security companies like Kwikset, Level lock, and the non-US version of Yale, is partnering with Boston Dynamics to build a new digital door access system that enab...

Published: 2024-09-23T16:31:14



The Verge - Securities

Telegram will now hand over your phone number and IP if you re a criminal suspect

A picture of Telegram’s paper airplane logo surrounded by yellow triangular shapes Telegram will now turn over a user’s phone number and IP address if it receives a request from authorities, according to its just-updated privacy policy: If Telegram receives a valid order from the relevant judicial authorities that confirm...

Published: 2024-09-23T14:59:03



The Verge - Securities

Microsoft's largest ever security transformation detailed in new report

Vector collage of the Microsoft logo among arrows and lines going up and down. Microsoft made security its No. 1 priority for every employee earlier this year, following years of security issues and a scathing report from the US Cyber Safety Review Board. Nearly six months after Microsoft CEO Satya Nadella told the en...

Published: 2024-09-23T11:00:00



The Verge - Securities

Researcher reveals catastrophic security flaw in the Arc browser

Grayscale Arc logo on pink and black background A security researcher revealed a “catastrophic” vulnerability in the Arc browser that would have allowed attackers to insert arbitrary code into other users’ browser sessions with little more than an easily findable user ID. The vulnerabili...

Published: 2024-09-20T12:12:39



BleepingComputer

UK nuclear site Sellafield fined $440,000 for cybersecurity shortfalls

Nuclear waste processing facility Sellafield has been fined 332,500 ($440k) by the Office for Nuclear Regulation (ONR) for failing to adhere to cybersecurity standards and putting sensitive nuclear information at risk over four years, from 2019 to

Published: 2024-10-04T08:57:35



BleepingComputer

Recently patched CUPS flaw can be used to amplify DDoS attacks

A recently disclosed vulnerability in the Common Unix Printing System (CUPS) open-source printing system can be exploited by threat actors to launch distributed denial-of-service (DDoS) attacks with a 600x amplification factor. [...]

Published: 2024-10-03T18:33:38



BleepingComputer

Dutch Police: ‘State actor’ likely behind recent data breach

The national Dutch police (Politie) says that a state actor was likely behind the data breach it detected last week. [...]

Published: 2024-10-03T14:56:35



BleepingComputer

Microsoft and DOJ disrupt Russian FSB hackers' attack infrastructure

Microsoft and the Justice Department have seized over 100 domains used by the Russian ColdRiver hacking group to target United States government employees and nonprofit organizations from Russia and worldwide in spear-phishing attacks. [...]

Published: 2024-10-03T13:58:09



BleepingComputer

Over 4,000 Adobe Commerce, Magento shops hacked in CosmicSting attacks

Approximately 5% of all Adobe Commerce and Magento online stores, or 4,275 in absolute numbers, have been hacked in "CosmicSting" attacks. [...]

Published: 2024-10-03T13:19:37



BleepingComputer

Linux malware “perfctl” behind years-long cryptomining campaign

A Linux malware named "perfctl" has been targeting Linux servers and workstations for at least three years, remaining largely undetected through high levels of evasion and the use of rootkits. [...]

Published: 2024-10-03T10:33:51



BleepingComputer

FIN7 hackers launch deepfake nude “generator” sites to spread malware

The notorious APT hacking group known as FIN7 launched a network of fake AI-powered deepnude generator sites to infect visitors with information-stealing malware. [...]

Published: 2024-10-02T16:01:53



BleepingComputer

Critical Ivanti RCE flaw with public exploit now used in attacks

CISA warned today that a critical Ivanti vulnerability that can let threat actors gain remote code execution on vulnerable Endpoint Manager (EPM) appliances is now actively exploited in attacks. [...]

Published: 2024-10-02T14:55:38



Technology

Facial recognition data breach: Meta glasses extract info in real time

This shows how the I-Xray software works, from capturing the image to aggregating the data In what might be described as a real-life Black Mirror episode, a Harvard student uses facial recognition with $379 Meta Ray-Ban 2 smart sunglasses - to dig up personal data on every face he sees in real time.Continue ReadingCategory: TechnologyTags:...

Published: 2024-10-02T22:10:52



Krebs on Security

A Single Cloud Compromise Can Feed an Army of AI Sex Bots

Organizations that get relieved of credentials to their cloud environments can quickly find themselves part of a disturbing new trend: Cybercriminals using stolen cloud credentials to operate and resell sexualized AI-powered chat services. Researcher...

Published: 2024-10-03T13:05:52



Krebs on Security

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

The United States today unveiled sanctions and indictments against the alleged proprietor of Joker’s Stash, a now-defunct cybercrime store that peddled tens of millions of payment cards stolen in some of the largest data breaches of the past de...

Published: 2024-09-26T14:54:07



Krebs on Security

This Windows PowerShell Phish Has Scary Potential

Many GitHub users this week received a novel phishing email warning of critical security holes in their code. Those who clicked the link for details were asked to distinguish themselves from bots by pressing a combination of keyboard keys that causes...

Published: 2024-09-19T19:39:09



The Register - Security

Apple fixes bug that let VoiceOver shout your passwords

Not a great look when the iGiant just launched its first password manager Apple just fixed a duo of security bugs in iOS 18.0.1 and iPadOS 18.0.1, one of which might cause users' saved passwords to be read aloud. It's hardly an ideal situation for the visually impaired.

Published: 2024-10-04T11:54:16



The Register - Security

Visit CyberThreat 2024 to hone your cybersecurity skills

Get together with the European cybersecurity community at a two-day conference in London this December Sponsored Post This year's CyberThreat returns to London to provide a place for cybersecurity professionals to share experiences, new tools and techniques to help organisations stay ahead of the latest cyber threats.

Published: 2024-10-04T08:02:06



The Register - Security

Harvard duo hacks Meta Ray-Bans to dox strangers on sight in seconds

'You can build this in a few days even as a very na ve developer' A pair of inventive Harvard undergraduates have created what they believe could be one of the most intrusive devices ever built a wake-up call, they tell The Register, for the world to take privacy seriously in the AI era.

Published: 2024-10-04T06:32:05



The Register - Security

Big names among thousands infected by payment-card-stealing CosmicSting crooks

Gangs hit 5% of all Adobe Commerce, Magento-powered stores, Sansec says Ray-Ban, National Geographic, Whirlpool, and Segway are among thousands of brands whose web stores were reportedly compromised by criminals exploiting the CosmicSting flaw in hope of stealing shoppers' payment card info as they order stuff online.

Published: 2024-10-04T03:42:08



The Register - Security

Average North American CISO pay now $565K, mainly thanks to one weird trick

Best way to boost your package is to leave, or pretend to A survey of nearly 700 CISOs in the US and Canada has found their pay has risen over the past year to an average of $565,000 and a median of $403,000, with the top 10 percent of execs pulling in over $1 million.

Published: 2024-10-03T14:01:08



The Register - Security

Two British-Nigerian men sentenced over multimillion-dollar business email scam

Fraudsters targeted local government, colleges, and construction firms in Texas and North Carolina Two British-Nigerian men were sentenced for serious business email compromise schemes in the US this week, netting them millions of dollars from local government entities, construction companies, and colleges.

Published: 2024-10-03T12:30:18



The Register - Security

Ransomware crew infects 100+ orgs monthly with new MedusaLocker variant

Crooks 'like a sysadmin, with a malicious slant' Exclusive An extortionist armed with a new variant of MedusaLocker ransomware has infected more than 100 organizations a month since at least 2022, according to Cisco Talos, which recently discovered a "substantial" Windows credential data dump that sheds light on the criminal and their victims.

Published: 2024-10-03T10:00:09



The Register - Security

Brits hate how big tech handles their data, but can't be bothered to do much about it

Managing the endless stream of cookie banners leaves little energy for anything else Fewer than one in five Brits report being happy with the way their personal data is handled by big tech companies, yet the furthest many will go is to reject optional cookies on the web.

Published: 2024-10-03T09:15:13



The Register - Security

700K+ DrayTek routers are sitting ducks on the internet, open to remote hijacking

With 14 serious security flaws found, what a gift for spies and crooks Fourteen newly found bugs in DrayTek Vigor routers including one critical remote-code-execution flaw that received a perfect 10 out of 10 CVSS severity rating could be abused by crooks looking to seize control of the equipment to then steal sensitive data, deploy ransomware, and launch denial-of-service attacks.

Published: 2024-10-02T21:33:09



The Register - Security

Two simple give-me-control security bugs found in Optigo network switches used in critical manufacturing

Poor use of PHP include() strikes again Two trivial but critical security holes have been found in Optigo's Spectra Aggregation Switch, and so far no patch is available.

Published: 2024-10-02T20:39:50



The Register - Security

NIST's security flaw database still backlogged with 17K+ unprocessed bugs. Not great

Logjam 'hurting infosec processes world over' one expert tells us as US body blows its own Sept deadline NIST has made some progress clearing its backlog of security vulnerability reports to process though it's not quite on target as hoped.

Published: 2024-10-02T12:31:05



The Register - Security

'Patch yesterday': Zimbra mail servers under siege through RCE vuln

Attacks began the day after public disclosure "Patch yesterday" is the advice from infosec researchers as the latest critical vulnerability affecting Zimbra mail servers is now being mass-exploited.

Published: 2024-10-02T10:50:45



The Register - Security

The fix for BGP's weaknesses has big, scary, issues of its own, boffins find

Bother, given the White House has bet big on RPKI just like we all rely on immature internet infrastructure that usually works The Resource Public Key Infrastructure (RPKI) protocol has "software vulnerabilities, inconsistent specifications, and operational challenges" according to a pre-press paper from a trio of German researchers.

Published: 2024-10-02T06:31:07



The Register - Security

Euro cops arrest 4 including suspected LockBit dev chilling on holiday

And what looks like proof stolen data was never deleted even after ransom paid Building on the success of what's known around here as LockBit Leak Week in February, the authorities say they've arrested a further four individuals with ties to the now-scuppered LockBit ransomware empire.

Published: 2024-10-01T17:35:00



The Register - Security

Evil Corp's deep ties with Russia and NATO member attacks exposed

Ransomware criminals believed to have taken orders from intel services The relationship between infamous cybercrime outfit Evil Corp and the Russian state is thought to be extraordinarily close, so close that intelligence officials allegedly ordered the criminals to carry out cyberattacks on NATO members.

Published: 2024-10-01T15:35:16



The Register - Security

NCA unmasks man it suspects is both 'Evil Corp kingpin' and LockBit affiliate

Aleksandr Ryzhenkov alleged to have extorted around $100M from victims, built 60 LockBit attacks The latest installment of the National Crime Agency's (NCA) series of ransomware revelations from February's LockBit Leak Week emerges today as the agency identifies a man it not only believes is a member of the long-running Evil Corp crime group but also a LockBit affiliate.

Published: 2024-10-01T14:08:10



The Register - Security

Australian e-tailer digiDirect customers' info allegedly stolen and dumped online

Full names, contact details, and company info all the fixings for a phishing holiday Data allegedly belonging to more than 304,000 customers of Australian camera and tech e-tailer digiDirect has been leaked to an online cyber crime forum.

Published: 2024-10-01T00:26:06



The Register - Security

Rackspace internal monitoring web servers hit by zero-day

Intruders accessed machines via tool bundled with ScienceLogic, 'limited' info taken, customers told not to worry Exclusive Rackspace has told customers intruders exploited a zero-day bug in a third-party application it was using, and abused that vulnerability to break into its internal performance monitoring environment.

Published: 2024-09-30T23:08:37



The Register - Security

Ransomware forces hospital to turn away ambulances

Only level-one trauma unit in 400 miles crippled Ransomware scumbags have caused a vital hospital to turn away ambulances after infecting its computer systems with malware.

Published: 2024-09-30T22:16:18



The Register - Security

T-Mobile US to cough up $31.5M after that long string of security SNAFUs

At least seven intrusions in five years? Yeah, those promises of improvement more than 'long overdue' T-Mobile US has agreed to fork out $31.5 million to improve its cybersecurity and pay a fine after a string of network intrusions affected millions of customers between 2021 and 2023.

Published: 2024-09-30T21:59:17



The Register - Security

If you're holding important data, Iran is probably trying spearphish it

It's election year for more than 50 countries and the Islamic Republic threatens a bunch of them US and UK national security agencies are jointly warning about Iranian spearphishing campaigns, which remain an ongoing threat to various industries and governments.

Published: 2024-09-30T13:35:14



The Register - Security

Remote ID verification tech is often biased, bungling, and no good on its own

Only 2 out of 5 tested products were equitable across demographics A study by the US General Services Administration (GSA) has revealed that five remote identity verification (RiDV) technologies are unreliable, inconsistent, and marred by bias across different demographic groups.

Published: 2024-09-30T12:40:11



The Register - Security

Cloud threats have execs the most freaked out because they're not prepared

Ransomware? More like 'we don't care' for everyone but CISOs Efficiency and scalability are key benefits of enterprise cloud computing, but they come at a cost. Security threats specific to cloud environments are the leading cause of concern among top executives and they're also the ones organizations are least prepared to address.

Published: 2024-09-30T11:30:17



The Register - Security

AI code helpers just can't stop inventing package names

LLMs are helpful, but don't use them for anything important AI models just can't seem to stop making things up. As two recent studies point out, that proclivity underscores prior warnings not to rely on AI advice for anything that really matters.

Published: 2024-09-30T03:59:07



The Register - Security

Forget the Kia Boyz: Crooks could hijack your car with just a smartphone

Plus: UK man charged with compromising firms for stock secrets; ransomware actor foils self; and more Infosec In Brief Put away that screwdriver and USB charging cable the latest way to steal a Kia just requires a cellphone and the victim's license plate number.

Published: 2024-09-30T03:02:09



The Register - Security

Binance claims it helped to bust Chinese crypto scam app in India

Plus: SpaceX plans Vietnam investment; Yahoo! Japan content moderation secrets; LG offloads Chinese display factory; and more ASIA IN BRIEF It's not often The Register writes about a cryptocurrency outfit being on the right side of a scam or crime, but last week crypto exchange Binance claimed it helped Indian authorities to investigate a scam gaming app.

Published: 2024-09-30T01:28:05



The Register - Security

Red team hacker on how she 'breaks into buildings and pretends to be the bad guy'

Alethe Denis exposes tricks that made you fall for that return-to-office survey Interview A hacker walked into a "very big city" building on a Wednesday morning with no keys to any doors or elevators, determined to steal sensitive data by breaking into both the physical space and the corporate Wi-Fi network.

Published: 2024-09-29T16:39:06



The Register - Security

Feds charge 3 Iranians with 'hack-and-leak' of Trump 2024 campaign

Snoops allegedly camped out in inboxes well into September The US Department of Justice has charged three Iranians for their involvement in a "wide-ranging hacking campaign" during which they allegedly stole massive amounts of materials from Donald Trump's 2024 presidential campaign and then leaked the information to media organizations.

Published: 2024-09-27T21:45:04



The Register - Security

Recall the Recall recall? Microsoft thinks it can make that Windows feature palatable

AI screengrab service to be opt-in, features encryption, biometrics, enclaves, more Microsoft has revised the Recall feature for its Copilot+ PCs and insists that the self-surveillance system is secure.

Published: 2024-09-27T20:18:09



The Register - Security

Ransomware gang using stolen Microsoft Entra ID creds to bust into the cloud

Defenders beware: Data theft, extortion, and backdoors on Storm-0501's agenda Microsoft's latest threat intelligence blog issues a warning to all organizations about Storm-0501's recent shift in tactics, targeting, and backdooring hybrid cloud environments.

Published: 2024-09-27T13:35:11



The Register - Security

Patch now: Critical Nvidia bug allows container escape, complete host takeover

33% of cloud environments using the toolkit impacted, we're told A critical bug in Nvidia's widely used Container Toolkit could allow a rogue user or software to escape their containers and ultimately take complete control of the underlying host.

Published: 2024-09-26T21:42:46



The Register - Security

HPE patches three critical security holes in Aruba PAPI

More 9.8 bugs? Ay, papi! Aruba access points running AOS-8 and AOS-10 need to be patched urgently after HPE emitted fixes for three critical flaws in its networking subsidiary's networking access points.

Published: 2024-09-26T19:30:14



The Register - Security

That doomsday critical Linux bug: It's CUPS. May lead to remote hijacking of devices

No patches yet, can be mitigated, requires user interaction Final update After days of anticipation, what was billed as one or more critical unauthenticated remote-code execution vulnerabilities in all Linux systems was today finally revealed.

Published: 2024-09-26T17:34:01



The Register - Security

Victims lose $70K to one single wallet-draining app on Google's Play Store

Attackers got 10K people to download 'trusted' web3 brand cheat before Mountain View intervened The latest in a long line of cryptocurrency wallet-draining attacks has stolen $70,000 from people who downloaded a dodgy app in a single campaign researchers describe as a world-first.

Published: 2024-09-26T14:08:09



The Register - Security

Public Wi-Fi operator investigating cyberattack at UK's busiest train stations

See it, say it not sorted just yet as network access remains offline Updated A cybersecurity incident is being probed at Network Rail, the UK non-departmental public body responsible for repairing and developing train infrastructure, after unsavory messaging was displayed to those connecting to major stations' free Wi-Fi portals.

Published: 2024-09-26T10:29:53



The Register - Security

UK government's bank data sharing plan slammed as 'financial snoopers' charter'

Access to account info needed to tackle benefit fraud, latest bill claims Privacy campaigners are criticizing UK proposals to force banks to share data from the accounts of government benefit claimants, saying the ploy amounts to "a financial snoopers' charter targeted to automate suspicion."

Published: 2024-09-26T08:31:06



The Register - Security

WordPress.org denies service to WP Engine, potentially putting sites at risk

That escalated quickly Updated WordPress on Wednesday escalated its conflict with WP Engine, a hosting provider, by blocking the latter's servers from accessing WordPress.org resources and therefore from potentially vital software updates.

Published: 2024-09-26T01:45:09



The Register - Security

China's Salt Typhoon cyber spies are deep inside US ISPs

Expecting a longer storm season this year? Updated Another Beijing-linked cyberspy crew, this one dubbed Salt Typhoon, has reportedly been spotted on networks belonging to US internet service providers in stealthy data-stealing missions and potential preparation for future cyberattacks.

Published: 2024-09-25T21:46:09



The Register - Security

RansomHub genius tries to put the squeeze on Delaware Libraries

Extorting underfunded public services for $1M isn't a good look Despite being top of the ransomware tree at the moment, RansomHub specifically, one of its affiliates clearly isn't that bright as they are reportedly trying to extort Delaware Libraries for around $1 million.

Published: 2024-09-25T17:30:14



The Register - Security

China claims Taiwan, not civilians, behind web vandalism

Taipei laughs it off and so does Beijing, which says political slurs hit sites nobody reads anyway Taiwan has dismissed Chinese allegations that its military sponsored a recent wave of anti-Beijing cyber attacks.

Published: 2024-09-25T01:25:34



The Register - Security

CrowdStrike apologizes to Congress for 'perfect storm' that caused global IT outage

Argues worse could happen if it loses kernel access CrowdStrike is "deeply sorry" for the "perfect storm of issues" that saw its faulty software update crash millions of Windows machines, leading to the grounding of thousands of planes, passengers stranded at airports, the cancellation of surgeries, and disruption to emergency services hotlines among many more inconveniences.

Published: 2024-09-25T01:23:43



The Register - Security

Who's watching you the closest online? Google, duh

Four Chocolate Factory trackers cracked the Top 25 in all regions Google, once again, is the "undisputed leader" when it comes to monitoring people's behavior on the internet, according to Kaspersky's annual web tracking report.

Published: 2024-09-24T19:45:12



The Register - Security

Russia's digital warfare on Ukraine shows no signs of slowing: Malware hits surge

Severe incidents may be down, but Putin had to throw one in for good measure Russia's use of malware to support its military efforts in Ukraine is showing no signs of waning while its tactics continually evolve to bypass protections.

Published: 2024-09-24T18:30:11



The Register - Security

10 nasty software bugs put thousands of fuel storage tanks at risk of cyberattacks

Thousands of devices remain vulnerable, US most exposed to the threat Tens of thousands of fuel storage tanks in critical infrastructure facilities remain vulnerable to zero-day attacks due to buggy Automatic Tank Gauge systems from multiple vendors, say infosec researchers.

Published: 2024-09-24T15:30:11



The Register - Security

How to spot a North Korean agent before they get comfy inside payroll

Mandiant publishes cheat sheet for weeding out fraudulent IT staff Against a backdrop of rising exposure to North Korean agents seeking (mainly) US IT roles, organizations now have a cheat sheet to help spot potential operatives.

Published: 2024-09-24T12:01:07



The Register - Security

A data leak and a data breach

How to protect personal data Partner Content For people who haven't personally experienced them, terms like data leak or data breach may seem unfamiliar and foreign - much like visiting a new destination abroad.

Published: 2024-09-24T09:22:10



The Register - Security

Some US Kaspersky customers find their security software replaced by 'UltraAV'

Back story to replacement for banned security app isn't enormously reassuring Some US-based users of Kaspersky antivirus products have found their software replaced by product from by a low-profile entity named "UltraAV" a change they didn't ask for, and which has delivered them untested and largely unknown software from a source with a limited track record.

Published: 2024-09-24T01:01:12



The Register - Security

Telegram will now hand over IP addresses, phone numbers of suspects to cops

Maybe a spell in a French cell changed Durov's mind In a volte-face, Telegram CEO Pavel Durov announced that the made-in-Russia messaging platform will become a lot less cozy for criminals.

Published: 2024-09-23T22:10:14



The Register - Security

'Cybersecurity issue' takes MoneyGram offline for three days and counting

Still no R word, but smells like ransomware from here A "cybersecurity issue" has shut down MoneyGram's systems and payment services since Friday, and the fintech leader has yet to update customers as to when it expects to have its global money transfer services back up and running.

Published: 2024-09-23T21:32:50



The Register - Security

Necro malware continues to haunt side-loaders of dodgy Android mods

11M devices exposed to trojan, Kaspersky says Updated The Necro trojan is once again making a move against Android users, with up to eleven million individuals thought to be exposed to infected apps.

Published: 2024-09-23T21:30:10



Security Latest

This Video Game Controller Has Become the US Military’s Weapon of Choice

After decades of relying on buttons, switches, and toggles, the Pentagon has embraced simple, ergonomic video-game-style controllers already familiar to millions of potential recruits.

Published: 2024-10-04T11:30:00



Security Latest

License Plate Readers Are Creating a US-Wide Database of More Than Just Cars

From Trump campaign signs to Planned Parenthood bumper stickers, license plate readers around the US are creating searchable databases that reveal Americans’ political leanings and more.

Published: 2024-10-03T10:30:00



Security Latest

ICE Signs $2 Million Contract With Spyware Maker Paragon Solutions

US Immigration and Customs Enforcement’s one-year contract with Paragon’s US subsidiary comes amid the Biden administration’s years-long crackdown on commercial spyware vendors.

Published: 2024-10-01T18:15:53



Security Latest

Notorious Evil Corp Hackers Targeted NATO Allies for Russian Intelligence

UK law enforcement and international partners have released new details about the cybercriminal gang Evil Corp, including its use of the Lockbit ransomware platform and ties to Russian intelligence.

Published: 2024-10-01T16:59:21



Security Latest

The Pig Butchering Invasion Has Begun

Scamming operations that once originated in Southeast Asia are now proliferating around the world, likely raking in billions of dollars in the process.

Published: 2024-09-30T10:00:00



Security Latest

The US Could Finally Ban Inane Forced Password Changes

Plus: The US Justice Department indicts three Iranians over Trump campaign hack, EU regulators fine Meta $100 million for a password security lapse, and the Tor Project enters a new phase.

Published: 2024-09-28T10:30:00



Security Latest

Tesla’s Cybertruck Goes, Inevitably, to War

A handful of Tesla’s electric pickup trucks are armed and ready for battle in the hands of Chechen forces fighting in Ukraine as part of Russia’s ongoing invasion. Can the EV take the heat?

Published: 2024-09-27T10:00:00



Security Latest

Amid Air Strikes and Rockets, an SMS From the Enemy

As Israel intensifies its attacks on Lebanon, eerie messages have been arriving on the phones of civilians on both sides of the border, with authorities in each country accusing the other of psychological warfare.

Published: 2024-09-26T12:24:17



Security Latest

Millions of Vehicles Could Be Hacked and Tracked Thanks to a Simple Website Bug

Researchers found a flaw in a Kia web portal that let them track millions of cars, unlock doors, and start engines at will the latest in a plague of web bugs that’s affected a dozen carmakers.

Published: 2024-09-26T11:00:00



Security Latest

Russia-Backed Media Outlets Are Under Fire in the US but Still Trusted Worldwide

The US government says outlets like RT work closely with Russian intelligence, and platforms have removed or banned their content. But they’re still influential all around the world.

Published: 2024-09-24T11:30:00



Security Latest

Iranian Hackers Tried to Give Hacked Trump Campaign Emails to Dems

Plus: The FBI dismantles the largest-ever China-backed botnet, the DOJ charges two men with a $243 million crypto theft, Apple’s MacOS Sequoia breaks cybersecurity tools, and more.

Published: 2024-09-21T10:30:00



Security Latest

First Israel’s Exploding Pagers Maimed and Killed. Now Comes the Paranoia

The explosion of thousands of rigged pagers and walkie-talkies will likely make Hezbollah operatives fear any means of electronic communication. It’s having the same effect on the Lebanese population.

Published: 2024-09-19T14:16:21



Security Latest

Your Phone Won’t Be the Next Exploding Pager

Thousands of beepers and two-way radios exploded in attacks against Hezbollah, but mainstream consumer devices like smartphones aren’t likely to be weaponized the same way.

Published: 2024-09-19T13:57:47



The Hacker News

How to Get Going with CTEM When You Don't Know Where to Start

Continuous Threat Exposure Management (CTEM) is a strategic framework that helps organizations continuously assess and manage cyber risk. It breaks down the complex task of managing security threats into five distinct stages: Scoping, Discovery, Prioritization, Validation, and Mobilization. Each of these stages plays a crucial role in identifying, addressing, and mitigating vulnerabilities -

Published: 2024-10-04T15:23:00



The Hacker News

Cloudflare Thwarts Largest-Ever 3.8 Tbps DDoS Attack Targeting Global Sectors

Cloudflare has disclosed that it mitigated a record-breaking distributed denial-of-service (DDoS) attack that peaked at 3.8 terabits per second (Tbps) and lasted 65 seconds. The web infrastructure and security company said it fended off "over one hundred hyper-volumetric L3/4 DDoS attacks throughout the month, with many exceeding 2 billion packets per second (Bpps) and 3 terabits per second (

Published: 2024-10-04T15:20:00



The Hacker News

WordPress LiteSpeed Cache Plugin Security Flaw Exposes Sites to XSS Attacks

A new high-severity security flaw has been disclosed in the LiteSpeed Cache plugin for WordPress that could enable malicious actors to execute arbitrary JavaScript code under certain conditions. The flaw, tracked as CVE-2024-47374 (CVSS score: 7.2), has been described as a stored cross-site scripting (XSS) vulnerability impacting all versions of the plugin up to and including 6.5.0.2. It was

Published: 2024-10-04T14:41:00



The Hacker News

Google Adds New Pixel Security Features to Block 2G Exploits and Baseband Attacks

Google has revealed the various security guardrails that have been incorporated into its latest Pixel devices to counter the rising threat posed by baseband security attacks. The cellular baseband (i.e., modem) refers to a processor on the device that's responsible for handling all connectivity, such as LTE, 4G, and 5G, with a mobile phone cell tower or base station over a radio interface. "This

Published: 2024-10-03T22:30:00



The Hacker News

The Secret Weakness Execs Are Overlooking: Non-Human Identities

For years, securing a company’s systems was synonymous with securing its “perimeter.” There was what was safe “inside” and the unsafe outside world. We built sturdy firewalls and deployed sophisticated detection systems, confident that keeping the barbarians outside the walls kept our data and systems safe. The problem is that we no longer operate within the confines of physical on-prem

Published: 2024-10-03T20:36:00



The Hacker News

New Perfctl Malware Targets Linux Servers for Cryptocurrency Mining and Proxyjacking

Misconfigured and vulnerable Linux servers are the target of an ongoing campaign that delivers a stealthy malware dubbed perfctl with the primary aim of running a cryptocurrency miner and proxyjacking software. "Perfctl is particularly elusive and persistent, employing several sophisticated techniques," Aqua security researchers Assaf Morag and Idan Revivo said in a report shared with The Hacker

Published: 2024-10-03T19:45:00



The Hacker News

North Korean Hackers Using New VeilShell Backdoor in Stealthy Cyber Attacks

Threat actors with ties to North Korea have been observed delivering a previously undocumented backdoor and remote access trojan (RAT) called VeilShell as part of a campaign targeting Cambodia and likely other Southeast Asian countries. The activity, dubbed SHROUDED#SLEEP by Securonix, is believed to be the handiwork of APT37, which is also known as InkySquid, Reaper, RedEyes, Ricochet Chollima,

Published: 2024-10-03T18:30:00



The Hacker News

INTERPOL Arrests 8 in Major Phishing and Romance Fraud Crackdown in West Africa

INTERPOL has announced the arrest of eight individuals in C te d'Ivoire and Nigeria as part of a crackdown on phishing scams and romance cyber fraud. Dubbed Operation Contender 2.0, the initiative is designed to tackle cyber-enabled crimes in West Africa, the agency said. One such threat involved a large-scale phishing scam targeting Swiss citizens that resulted in financial losses to the tune

Published: 2024-10-03T14:40:00



The Hacker News

LockBit Ransomware and Evil Corp Members Arrested and Sanctioned in Joint Global Effort

A new wave of international law enforcement actions has led to four arrests and the takedown of nine servers linked to the LockBit (aka Bitwise Spider) ransomware operation, marking the latest salvo against what was once a prolific financially motivated group. This includes the arrest of a suspected LockBit developer in France while on holiday outside of Russia, two individuals in the U.K. who

Published: 2024-10-03T12:45:00



The Hacker News

Ivanti Endpoint Manager Flaw Actively Targeted, CISA Warns Agencies to Patch

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a security flaw impacting Endpoint Manager (EPM) that the company patched in May to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability, tracked as CVE-2024-29824, carries a CVSS score of 9.6 out of a maximum of 10.0, indicating critical severity. "An

Published: 2024-10-03T11:36:00



The Hacker News

Fake Trading Apps Target Victims Globally via Apple App Store and Google Play

A large-scale fraud campaign leveraged fake trading apps published on the Apple App Store and Google Play Store, as well as phishing sites, to defraud victims, per findings from Group-IB. The campaign is part of a consumer investment fraud scheme that's also widely known as pig butchering, in which prospective victims are lured into making investments in cryptocurrency or other financial

Published: 2024-10-02T22:24:00



The Hacker News

China-Linked CeranaKeeper Targeting Southeast Asia with Data Exfiltration

A previously undocumented threat actor called CeranaKeeper has been linked to a string of data exfiltration attacks targeting Southeast Asia. Slovak cybersecurity firm ESET, which observed campaigns targeting governmental institutions in Thailand starting in 2023, attributed the activity cluster as aligned to China, leveraging tools previously identified as used by the Mustang Panda actor. "The

Published: 2024-10-02T20:51:00



The Hacker News

Fake Job Applications Deliver Dangerous More_eggs Malware to HR Professionals

A spear-phishing email campaign has been observed targeting recruiters with a JavaScript backdoor called More_eggs, indicating persistent efforts to single out the sector under the guise of fake job applications. "A sophisticated spear-phishing lure tricked a recruitment officer into downloading and executing a malicious file disguised as a resume, leading to a more_eggs backdoor infection,"

Published: 2024-10-02T20:38:00



The Hacker News

Alert: Over 700,000 DrayTek Routers Exposed to Hacking via 14 New Vulnerabilities

A little over a dozen new security vulnerabilities have been discovered in residential and enterprise routers manufactured by DrayTek that could be exploited to take over susceptible devices. "These vulnerabilities could enable attackers to take control of a router by injecting malicious code, allowing them to persist on the device and use it as a gateway into enterprise networks," Forescout

Published: 2024-10-02T18:30:00



The Hacker News

Alert: Adobe Commerce and Magento Stores Under Attack from CosmicSting Exploit

Cybersecurity researchers have disclosed that 5% of all Adobe Commerce and Magento stores have been hacked by malicious actors by exploiting a security vulnerability dubbed CosmicSting. Tracked as CVE-2024-34102 (CVSS score: 9.8), the critical flaw relates to an improper restriction of XML external entity reference (XXE) vulnerability that could result in remote code execution. The shortcoming,

Published: 2024-10-02T17:43:00



The Hacker News

5 Must-Have Tools for Effective Dynamic Malware Analysis

Dynamic malware analysis is a key part of any threat investigation. It involves executing a sample of a malicious program in the isolated environment of a malware sandbox to monitor its behavior and gather actionable indicators. Effective analysis must be fast, in-depth, and precise. These five tools will help you achieve it with ease. 1. Interactivity Having the ability to interact with the

Published: 2024-10-02T16:30:00



The Hacker News

Andariel Hacking Group Shifts Focus to Financial Attacks on U.S. Organizations

Three different organizations in the U.S. were targeted in August 2024 by a North Korean state-sponsored threat actor called Andariel as part of a likely financially motivated attack. "While the attackers didn't succeed in deploying ransomware on the networks of any of the organizations affected, it is likely that the attacks were financially motivated," Symantec, part of Broadcom, said in a

Published: 2024-10-02T15:30:00



The Hacker News

Researchers Warn of Ongoing Attacks Exploiting Critical Zimbra Postjournal Flaw

Cybersecurity researchers are warning about active exploitation attempts targeting a newly disclosed security flaw in Synacor's Zimbra Collaboration. Enterprise security firm Proofpoint said it began observing the activity starting September 28, 2024. The attacks seek to exploit CVE-2024-45519, a severe security flaw in Zimbra's postjournal service that could enable unauthenticated attackers to

Published: 2024-10-02T11:26:00



The Hacker News

PyPI Repository Found Hosting Fake Crypto Wallet Recovery Tools That Steal User Data

A new set of malicious packages has been unearthed in the Python Package Index (PyPI) repository that masqueraded as cryptocurrency wallet recovery and management services, only to siphon sensitive data and facilitate the theft of valuable digital assets. "The attack targeted users of Atomic, Trust Wallet, Metamask, Ronin, TronLink, Exodus, and other prominent wallets in the crypto ecosystem,"

Published: 2024-10-02T11:01:00



The Hacker News

AI-Powered Rhadamanthys Stealer Targets Crypto Wallets with Image Recognition

The threat actors behind the Rhadamanthys information stealer have added new advanced features to the malware, including using artificial intelligence (AI) for optical character recognition (OCR) as part of what's called "Seed Phrase Image Recognition." "This allows Rhadamanthys to extract cryptocurrency wallet seed phrases from images, making it a highly potent threat for anyone dealing in

Published: 2024-10-01T22:04:00



The Hacker News

5 Actionable Steps to Prevent GenAI Data Leaks Without Fully Blocking AI Usage

Since its emergence, Generative AI has revolutionized enterprise productivity. GenAI tools enable faster and more effective software development, financial analysis, business planning, and customer engagement. However, this business agility comes with significant risks, particularly the potential for sensitive data leakage. As organizations attempt to balance productivity gains with security

Published: 2024-10-01T16:00:00



The Hacker News

Free Sniper Dz Phishing Tools Fuel 140,000+ Cyber Attacks Targeting User Credentials

More than 140,000 phishing websites have been found linked to a phishing-as-a-service (PhaaS) platform named Sniper Dz over the past year, indicating that it's being used by a large number of cybercriminals to conduct credential theft. "For prospective phishers, Sniper Dz offers an online admin panel with a catalog of phishing pages," Palo Alto Networks Unit 42 researchers Shehroze Farooqi,

Published: 2024-10-01T12:02:00



The Hacker News

New Cryptojacking Attack Targets Docker API to Create Malicious Swarm Botnet

Cybersecurity researchers have uncovered a new cryptojacking campaign targeting the Docker Engine API with the goal of co-opting the instances to join a malicious Docker Swarm controlled by the threat actor. This enabled the attackers to "use Docker Swarm's orchestration features for command-and-control (C2) purposes," Datadog researchers Matt Muir and Andy Giron said in an analysis. The attacks

Published: 2024-10-01T10:42:00



The Hacker News

U.K. Hacker Charged in $3.75 Million Insider Trading Scheme Using Hacked Executive Emails

The U.S. Department of Justice (DoJ) has charged a 39-year-old U.K. national for perpetrating a hack-to-trade fraud scheme that netted him nearly $3.75 million in illegal profits. Robert Westbrook of London was arrested last week and is expected to be extradited to the U.S. to face charges related to securities fraud, wire fraud, and five counts of computer fraud. According to the court

Published: 2024-10-01T07:32:00



The Hacker News

THN Cybersecurity Recap: Last Week's Top Threats and Trends (September 23-29)

Hold onto your hats, folks, because the cybersecurity world is anything but quiet! Last week, we dodged a bullet when we discovered vulnerabilities in CUPS that could've opened the door to remote attacks. Google's switch to Rust is paying off big time, slashing memory-related vulnerabilities in Android. But it wasn't all good news Kaspersky's forced exit from the US market left users with more

Published: 2024-09-30T18:39:00



The Hacker News

Critical Flaws in Tank Gauge Systems Expose Gas Stations to Remote Attacks

Critical security vulnerabilities have been disclosed in six different Automatic Tank Gauge (ATG) systems from five manufacturers that could expose them to remote attacks. "These vulnerabilities pose significant real-world risks, as they could be exploited by malicious actors to cause widespread damage, including physical damage, environmental hazards, and economic losses," Bitsight researcher

Published: 2024-09-30T17:25:00



The Hacker News

Session Hijacking 2.0 The Latest Way That Attackers are Bypassing MFA

Attackers are increasingly turning to session hijacking to get around widespread MFA adoption. The data supports this, as: 147,000 token replay attacks were detected by Microsoft in 2023, a 111% increase year-over-year (Microsoft).  Attacks on session cookies now happen in the same order of magnitude as password-based attacks (Google). But session hijacking isn’t a new technique so

Published: 2024-09-30T16:50:00



The Hacker News

A Hacker's Era: Why Microsoft 365 Protection Reigns Supreme

Imagine a sophisticated cyberattack cripples your organization’s most critical productivity and collaboration tool the platform you rely on for daily operations. In the blink of an eye, hackers encrypt your emails, files, and crucial business data stored in Microsoft 365, holding it hostage using ransomware. Productivity grinds to a halt and your IT team races to assess the damage as the clock

Published: 2024-09-30T16:00:00



The Hacker News

Meta Fined 91 Million for Storing Millions of Facebook and Instagram Passwords in Plaintext

The Irish Data Protection Commission (DPC) has fined Meta 91 million ($101.56 million) as part of a probe into a security lapse in March 2019, when the company disclosed that it had mistakenly stored users' passwords in plaintext in its systems. The investigation, launched by the DPC the next month, found that the social media giant violated four different articles under the European Union's

Published: 2024-09-30T11:42:00



The Hacker News

Crypto Scam App Disguised as WalletConnect Steals $70K in Five-Month Campaign

Cybersecurity researchers have discovered a malicious Android app on the Google Play Store that enabled the threat actors behind it to steal approximately $70,000 in cryptocurrency from victims over a period of nearly five months. The dodgy app, identified by Check Point, masqueraded as the legitimate WalletConnect open-source protocol to trick unsuspecting users into downloading it. "Fake

Published: 2024-09-28T15:24:00



The Hacker News

U.S. Charges Three Iranian Nationals for Election Interference and Cybercrimes

U.S. federal prosecutors on Friday unsealed criminal charges against three Iranian nationals who are allegedly employed with the Islamic Revolutionary Guard Corps (IRGC) for their targeting of current and former officials to steal sensitive data. The Department of Justice (DoJ) accused Masoud Jalili, 36, Seyyed Ali Aghamiri, 34, and Yasar (Yaser) Balaghi, 37, of participating in a conspiracy

Published: 2024-09-28T11:33:00



The Hacker News

Progress Software Releases Patches for 6 Flaws in WhatsUp Gold Patch Now

Progress Software has released another round of updates to address six security flaws in WhatsUp Gold, including two critical vulnerabilities. The issues, the company said, have been resolved in version 24.0.1 released on September 20, 2024. The company has yet to release any details about what the flaws are other than listing their CVE identifiers - CVE-2024-46905 (CVSS score: 8.8) 

Published: 2024-09-27T21:14:00



The Hacker News

Critical Linux CUPS Printing System Flaws Could Allow Remote Command Execution

A new set of security vulnerabilities has been disclosed in the OpenPrinting Common Unix Printing System (CUPS) on Linux systems that could permit remote command execution under certain conditions. "A remote unauthenticated attacker can silently replace existing printers' (or install new ones) IPP urls with a malicious one, resulting in arbitrary command execution (on the computer) when a print

Published: 2024-09-27T18:03:00



The Hacker News

How to Plan and Prepare for Penetration Testing

As security technology and threat awareness among organizations improves so do the adversaries who are adopting and relying on new techniques to maximize speed and impact while evading detection. Ransomware and malware continue to be the method of choice by big game hunting (BGH) cyber criminals, and the increased use of hands-on or “interactive intrusion” techniques is especially alarming.

Published: 2024-09-27T16:56:00



The Hacker News

Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks

The threat actor known as Storm-0501 has targeted government, manufacturing, transportation, and law enforcement sectors in the U.S. to stage ransomware attacks. The multi-stage attack campaign is designed to compromise hybrid cloud environments and perform lateral movement from on-premises to cloud environment, ultimately resulting in data exfiltration, credential theft, tampering, persistent

Published: 2024-09-27T16:41:00



The Hacker News

Cybersecurity Certifications: The Gateway to Career Advancement

In today's fast-evolving digital landscape, cybersecurity has become a cornerstone of organizational resilience. As cyber threats grow increasingly sophisticated, the demand for skilled cybersecurity professionals has never been higher. Whether you're a seasoned cyber professional or just starting your journey, signing up for the GIAC Newsletter ensures you're always informed and equipped for

Published: 2024-09-27T14:34:00



The Hacker News

New HTML Smuggling Campaign Delivers DCRat Malware to Russian-Speaking Users

Russian-speaking users have been targeted as part of a new campaign distributing a commodity trojan called DCRat (aka DarkCrystal RAT) by means of a technique known as HTML smuggling. The development marks the first time the malware has been deployed using this method, a departure from previously observed delivery vectors such as compromised or fake websites, or phishing emails bearing PDF

Published: 2024-09-27T14:30:00



The Hacker News

U.S. Sanctions Two Crypto Exchanges for Facilitating Cybercrime and Money Laundering

The U.S. government on Thursday sanctioned two cryptocurrency exchanges and unsealed an indictment against a Russian national for his alleged involvement in the operation of several money laundering services that were offered to cybercriminals. The virtual currency exchanges, Cryptex and PM2BTC, have been alleged to facilitate the laundering of cryptocurrencies possibly obtained through

Published: 2024-09-27T13:17:00



The Hacker News

Critical NVIDIA Container Toolkit Vulnerability Could Grant Full Host Access to Attackers

A critical security flaw has been disclosed in the NVIDIA Container Toolkit that, if successfully exploited, could allow threat actors to break out of the confines of a container and gain full access to the underlying host. The vulnerability, tracked as CVE-2024-0132, carries a CVSS score of 9.0 out of a maximum of 10.0. It has been addressed in NVIDIA Container Toolkit version v1.16.2 and

Published: 2024-09-27T11:24:00



The Hacker News

Hackers Could Have Remotely Controlled Kia Cars Using Only License Plates

Cybersecurity researchers have disclosed a set of now patched vulnerabilities in Kia vehicles that, if successfully exploited, could have allowed remote control over key functions simply by using only a license plate. "These attacks could be executed remotely on any hardware-equipped vehicle in about 30 seconds, regardless of whether it had an active Kia Connect subscription," security

Published: 2024-09-26T21:32:00



The Hacker News

N. Korean Hackers Deploy New KLogEXE and FPSpy Malware in Targeted Attacks

Threat actors with ties to North Korea have been observed leveraging two new malware strains dubbed KLogEXE and FPSpy. The activity has been attributed to an adversary tracked as Kimsuky, which is also known as APT43, ARCHIPELAGO, Black Banshee, Emerald Sleet (formerly Thallium), Sparkling Pisces, Springtail, and Velvet Chollima. "These samples enhance Sparkling Pisces' already extensive arsenal

Published: 2024-09-26T17:58:00



The Hacker News

Overloaded with SIEM Alerts? Discover Effective Strategies in This Expert-Led Webinar

Imagine trying to find a needle in a haystack, but the haystack is on fire, and there are a million other needles you also need to find. That's what dealing with security alerts can feel like. SIEM was supposed to make this easier, but somewhere along the way, it became part of the problem. Too many alerts, too much noise, and not enough time to actually stop threats. It's time for a change.

Published: 2024-09-26T17:58:00



The Hacker News

EPSS vs. CVSS: What’s the Best Approach to Vulnerability Prioritization?

Many businesses rely on the Common Vulnerability Scoring System (CVSS) to assess the severity of vulnerabilities for prioritization. While these scores provide some insight into the potential impact of a vulnerability, they don’t factor in real-world threat data, such as the likelihood of exploitation. With new vulnerabilities discovered daily, teams don’t have the time - or the budget - to

Published: 2024-09-26T16:30:00



The Hacker News

Watering Hole Attack on Kurdish Sites Distributing Malicious APKs and Spyware

As many as 25 websites linked to the Kurdish minority have been compromised as part of a watering hole attack designed to harvest sensitive information for over a year and a half. French cybersecurity firm Sekoia, which disclosed details of the campaign dubbed SilentSelfie, described the intrusion set as long-running, with first signs of infection detected as far back as December 2022. The

Published: 2024-09-26T16:13:00



The Hacker News

Cloudflare Warns of India-Linked Hackers Targeting South and East Asian Entities

An advanced threat actor with an India nexus has been observed using multiple cloud service providers to facilitate credential harvesting, malware delivery, and command-and-control (C2). Web infrastructure and security company Cloudflare is tracking the activity under the name SloppyLemming, which is also called Outrider Tiger and Fishing Elephant. "Between late 2022 to present, SloppyLemming

Published: 2024-09-26T11:48:00



The Hacker News

Chinese Hackers Infiltrate U.S. Internet Providers in Cyber Espionage Campaign

Nation-state threat actors backed by Beijing broke into a "handful" of U.S. internet service providers (ISPs) as part of a cyber espionage campaign orchestrated to glean sensitive information, The Wall Street Journal reported Wednesday. The activity has been attributed to a threat actor that Microsoft tracks as Salt Typhoon, which is also known as FamousSparrow and GhostEmperor. "Investigators

Published: 2024-09-26T10:19:00



The Hacker News

Google's Shift to Rust Programming Cuts Android Memory Vulnerabilities by 68%

Google has revealed that its transition to memory-safe languages such as Rust as part of its secure-by-design approach has led to the percentage of memory-safe vulnerabilities discovered in Android dropping from 76% to 24% over a period of six years. The tech giant said focusing on Safe Coding for new features not only reduces the overall security risk of a codebase, but also makes the switch

Published: 2024-09-25T22:30:00



The Hacker News

Mozilla Faces Privacy Complaint for Enabling Tracking in Firefox Without User Consent

Vienna-based privacy non-profit noyb (short for None Of Your Business) has filed a complaint with the Austrian data protection authority (DPA) against Firefox maker Mozilla for enabling a new feature called Privacy-Preserving Attribution (PPA) without explicitly seeking users' consent. "Contrary to its reassuring name, this technology allows Firefox to track user behavior on websites," noyb said

Published: 2024-09-25T19:42:00



The Hacker News

Cybersecurity Researchers Warn of New Rust-Based Splinter Post-Exploitation Tool

Cybersecurity researchers have flagged the discovery of a new post-exploitation red team tool called Splinter in the wild. Palo Alto Networks Unit 42 shared its findings after it discovered the program on several customers' systems. "It has a standard set of features commonly found in penetration testing tools and its developer created it using the Rust programming language," Unit 42's Dominik

Published: 2024-09-25T18:08:00



The Hacker News

ChatGPT macOS Flaw Could've Enabled Long-Term Spyware via Memory Function

A now-patched security vulnerability in OpenAI's ChatGPT app for macOS could have made it possible for attackers to plant long-term persistent spyware into the artificial intelligence (AI) tool's memory. The technique, dubbed SpAIware, could be abused to facilitate "continuous data exfiltration of any information the user typed or responses received by ChatGPT, including any future chat sessions

Published: 2024-09-25T17:17:00



Security Affairs

New Perfctl Malware targets Linux servers in cryptomining campaign

perfctl malware targets misconfigured Linux servers to deploy cryptocurrency miners and proxyjacking software in an ongoing campaign. Aqua Nautilus researchers shed light on a Linux malware, dubbed perfctl malware, that over the past 3-4 years targeted misconfigured Linux servers. The malicious code was used to drop cryptocurrency miners and proxyjacking software. Perfctl is an elusive […]

Published: 2024-10-04T12:49:39



Security Affairs

Microsoft and DOJ seized the attack infrastructure used by Russia-linked Callisto Group

Microsoft and the U.S. DoJ seized over 100 domains used by the Russia-linked Callisto Group for launching attacks on U.S. government and nonprofits. The Justice Department revealed the unsealing of a warrant to seize 41 domains used by Russia-linked Callisto Group (formerly SEABORGIUM, also known as COLDRIVER) for computer fraud in the United States. US […]

Published: 2024-10-04T07:04:14



Security Affairs

Dutch police breached by a state actor

The Dutch government blames a “state actor” for hacking a police system, exposing the contact details of all police officers, according to the justice minister. The Dutch police blame a state actor for the recent data breach that exposed officers’ contact details, the justice minister told lawmakers. The incident took place on September 26, 2024, […]

Published: 2024-10-03T21:27:34



Security Affairs

Thousands of Adobe Commerce e-stores hacked by exploiting the CosmicSting bug

Over 4,000 unpatched Adobe Commerce and Magento stores have been compromised by exploiting critical vulnerability CVE-2024-34102. Sansec researchers reported that multiple threat actors have exploited a critical Adobe Commerce vulnerability, tracked as CVE-2024-34102 (aka CosmicSting, CVSS score of 9.8), to compromise more than 4,000 e-stores over the past three months. The flaw is an Improper Restriction […]

Published: 2024-10-03T14:36:12



Security Affairs

Cloudflare mitigated new record-breaking DDoS attack of 3.8 Tbps

Cloudflare recently mitigated a new record-breaking DDoS attack, peaking at 3.8 Tbps and 2.14 billion packets per second (Pps). Cloudflare reported that starting from early September, it has mitigated over 100 hyper-volumetric L3/4 DDoS attacks, with many exceeding 2 billion Pps and 3 Tbps. The largest DDoS attack peaked at 3.8 Tbps, that is the […]

Published: 2024-10-03T13:01:17



Security Affairs

Telegram revealed it shared U.S. user data with law enforcement

Telegram fulfilled over a dozen U.S. law enforcement data requests this year, potentially revealing the IP addresses or phone numbers of 100+ users. Independent website 404 Media first revealed that in 2024 Telegram has fulfilled more than a dozen law enforcement data requests from the U.S. authorities. The social media platform “potentially revealed” that it […]

Published: 2024-10-03T05:11:07



Security Affairs

U.S. CISA adds Ivanti Endpoint Manager (EPM) flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti Endpoint Manager (EPM) vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the Ivanti Virtual Traffic Manager authentication bypass vulnerability CVE-2024-29824 (CVSS score of 9.6) to its Known Exploited Vulnerabilities (KEV) catalog. In May, Ivanti rolled out security patches to […]

Published: 2024-10-02T19:29:45



Security Affairs

14 New DrayTek routers’ flaws impacts over 700,000 devices in 168 countries

Multiple flaws in DrayTek residential and enterprise routers can be exploited to fully compromise vulnerable devices. Forescout researchers discovered 14 new vulnerabilities in DrayTek routers, two of which have been rated as critical. Of the 14 security flaws nine are rated high, and three are rated medium in severity. The flaws impact residential and enterprise […]

Published: 2024-10-02T18:11:33



Security Affairs

Rhadamanthys information stealer introduces AI-driven capabilities

The Rhadamanthys information stealer has been upgraded with advanced features, including the use of artificial intelligence (AI) for optical character recognition (OCR). Researchers at the Recorded Future’s Insikt group have documented the evolution of the Rhadamanthys info stealer. The malware was first identified in 2022, and since then it has been upgraded with advanced features, […]

Published: 2024-10-02T13:42:02



Security Affairs

Critical Zimbra Postjournal flaw CVE-2024-45519 actively exploited in the wild. Patch it now!

Threat actors attempt to exploit recently disclosed vulnerability CVE-2024-45519 in Synacor’s Zimbra Collaboration. Proofpoint cybersecurity researchers reported that threat actors are attempting to exploit a recently disclosed vulnerability, tracked as CVE-2024-45519, in Synacor’s Zimbra Collaboration. Starting on September 28, 2024, threat actors have been attempting to exploit the issue to achieve remote code execution on […]

Published: 2024-10-02T09:21:33



News Packet Storm

Ransowmare Crew Infects 100+ Orgs Monthly With New MedusaLocker Variant

CIA Seeks Informants In North Korea, Iran, And China

Ivanti EPM Vulnerability Exploited In The Wild

Zero-Day Breach At Rackspace Sparks Vendor Blame Game

14 DrayTek Vulns Patched, Including RCE Flaw

Evil Corp/REvil Malware Crime Group Outed As Family Affair

The Fix For BGP's Weaknesses Has Issues Of Its Own

NIST's Security Flaw Database Still Backlogged With 17k+ Unprocessed Bugs. Not Great

Record Breaking DDoS Attack Peaked At 3.8 Tbps, 2.14 Billion Pps

More LockBit Hackers Arrested, Unmasked As Servers Siezed

T-Mobile Pays $16 Million Fine For Three Years' Worth Of Data Breaches

Zimbra Mail Servers Under Siege Through RCE Vuln

Cybersecurity Experts Praise Veto Of California's AI Safety Bill

Rackspace Internal Monitoring Web Servers Hit By Zero Day

Ransomware Forces Hospital To Turn Away Ambulances

Organizations Warned Of Exploited SAP, Gpac, And D-Link Vulnerabilities

Systems Used By Courts And Governments Across The US Riddled By Vulnerabilities

US Charges 3 Iranians Over Presidential Campaign Hacking

WMDDH Discloses Data Breach Impacting 127,000

Cloud Threats Have Execs The Most Freaked Out Because They're Not Prepared

Opinion: How To Design A US Data Privacy Law

Attacking Unix Systems Via CUPS, Part I

Critical Nvidia Bug Allows Container Escape, Host Takeover

Five Eyes Agencies Release Guidance On Detecting Active Directory Intrusions

EU Privacy Regulator Fines Meta 91 Million Euros Over Password Storage

SecurityWeek

Ransomware Hits Critical Infrastructure Hard, Costs Adding UpIndustry Moves for the week of September 30, 2024 - SecurityWeek

In Other News: Doxing With Meta Ray-Ban Glasses, OT Hunting, NVD Backlog

Google Cloud Announces General Availability of New Confidential Computing Options

Collapse of National Security Elites’ Cyber Firm Leaves Bitter Wake

Cybersecurity M&A Roundup: 37 Deals Announced in September 2024

Google Hardens Pixel’s Baseband Security Mitigations

Russia Arrests 96 People Tied to US-Disrupted Cryptocurrency Exchanges

Apple iOS 18.0.1 Patches Password Exposure and Audio Snippet Bugs

Microsoft, DOJ Dismantle Domains Used by Russian FSB-Linked Hacking Group

CISO Salary Surge: Fewer Job Changes, Bigger Paychecks for Experienced Cybersecurity Leaders

CISA News

CISA Kicks Off 21st Anniversary of Cybersecurity Awareness Month

CISA Releases Anonymous Threat Response Guidance and Toolkit for K-12 Schools

Joint ODNI, FBI, and CISA Statement

CISA Releases Plan to Align Operational Cybersecurity Priorities for Federal Agencies

FBI and CISA Release Joint PSA, Just So You Know: False Claims of Hacked Voter Information Likely Intended to Sow Distrust of U.S. Elections

CISA Releases Election Security Focused Checklists for Both Cybersecurity and Physical Security

CISA Launches New Portal to Improve Cyber Reporting

Election Security Partners Host 7th Annual Tabletop the Vote Exercise for 2024

Joint ODNI, FBI, and CISA Statement on Iranian Election Influence Efforts

FBI and CISA Release Joint PSA, Just So You Know: Ransomware Disruptions During Voting Periods Will Not Impact the Security and Resilience of Vote Casting or Counting

CISA Blog

Region 8 Invites You to Secure Our World

CISA Director Jen Easterly Remarks at the Election Center 39th Annual National Conference in Detroit

Learn with Region 8’s Webinar Program

Shaping the legacy of partnership between government and private sector globally: JCDC

SAFECOM and NCSWIC Develop Global Positioning System (GPS) for Public Safety Location Services: Use Cases and Best Practices

Region 10 Team Provides Vital Election Security Training for Idaho

SAFECOM Membership Spotlight ft. Red Grasso, North Carolina Department of Information Technology

SAFECOM Releases New Resource for Cloud Adoption

With Open Source Artificial Intelligence, Don’t Forget the Lessons of Open Source Software

SAFECOM and NCSWIC Publish Fall 2023 Joint SAFECOM-NCSWIC Bi-Annual Meeting Executive Summaries

All CISA Advisories

Subnet Solutions Inc. PowerSYSTEM Center

CISA Adds One Known Exploited Vulnerability to Catalog

Delta Electronics DIAEnergie

TEM Opera Plus FM Family Transmitter

CISA Releases Three Industrial Control Systems Advisories

CISA Adds One Known Exploited Vulnerability to Catalog

CISA Releases Two Industrial Control Systems Advisories

Optigo Networks ONS-S8 Spectra Aggregation Switch

ASD’s ACSC, CISA, FBI, NSA, and International Partners Release Guidance on Principles of OT Cybersecurity for Critical Infrastructure Organizations

Mitsubishi Electric MELSEC iQ-F FX5-OPC

CISA Adds Four Known Exploited Vulnerabilities to Catalog

CISA’s VDP Platform 2023 Annual Report Showcases Success

Advantech ADAM-5630

goTenna Pro ATAK Plugin

Cisco Releases Security Updates for IOS and IOS XE Software

Atelmo Atemio AM 520 HD Full HD Satellite Receiver

CISA Releases Five Industrial Control Systems Advisories

ASD’s ACSC, CISA, and US and International Partners Release Guidance on Detecting and Mitigating Active Directory Compromises

Advantech ADAM-5550

goTenna Pro X and Pro X2

Citrix Releases Security Updates for XenServer and Citrix Hypervisor

CISA Warns of Hurricane-Related Scams

Threat Actors Continue to Exploit OT/ICS through Unsophisticated Means

Alisonic Sibylla

Moxa MXview One

CISA Adds One Known Exploited Vulnerability to Catalog

Franklin Fueling Systems TS-550 EVO

OMNTEC Proteus Tank Monitoring

OPW Fuel Management Systems SiteSentinel

Dover Fueling Solutions ProGauge MAGLINK LX CONSOLE

Exploit-DB.com RSS Feed

[webapps] reNgine 2.2.0 - Command Injection (Authenticated)

[webapps] openSIS 9.1 - SQLi (Authenticated)

[webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)

[webapps] NoteMark < 0.13.0 - Stored XSS

[webapps] Gitea 1.22.0 - Stored XSS

[webapps] Invesalius3 - Remote Code Execution

[dos] Windows TCP/IP - RCE Checker and Denial of Service

[webapps] Aurba 501 - Authenticated RCE

[webapps] HughesNet HT2000W Satellite Modem - Password Reset

[webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Device Config Disclosure

[webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass

[webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config

[webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass

[webapps] Helpdeskz v2.0.2 - Stored XSS

[webapps] Calibre-web 0.6.21 - Stored XSS

[webapps] Devika v1 - Path Traversal via 'snapshot_path'

[local] Genexus Protection Server 9.7.2.10 - 'protsrvservice' Unquoted Service Path

[local] SolarWinds Kiwi Syslog Server 9.6.7.1 - Unquoted Service Path

[local] Oracle Database 12c Release 1 - Unquoted Service Path

[webapps] Ivanti vADC 9.9 - Authentication Bypass

[local] Bonjour Service 'mDNSResponder.exe' - Unquoted Service Path Privilege Escalation

[webapps] Xhibiter NFT Marketplace 1.10.2 - SQL Injection

[webapps] Azon Dominator Affiliate Marketing Script - SQL Injection

[webapps] Microweber 2.0.15 - Stored XSS

[webapps] Customer Support System 1.0 - Stored XSS

[webapps] Automad 2.0.0-alpha.4 - Stored Cross-Site Scripting (XSS)

[webapps] SolarWinds Platform 2024.1 SR1 - Race Condition

[webapps] Flatboard 3.2 - Stored Cross-Site Scripting (XSS) (Authenticated)

[webapps] Poultry Farm Management System v1.0 - Remote Code Execution (RCE)

[webapps] Boelter Blue System Management 1.3 - SQL Injection

[webapps] WP-UserOnline 2.88.0 - Stored Cross Site Scripting (XSS) (Authenticated)

[webapps] PHP < 8.3.8 - Remote Code Execution (Unauthenticated) (Windows)

[webapps] AEGON LIFE v1.0 Life Insurance Management System - SQL injection vulnerability.

[webapps] AEGON LIFE v1.0 Life Insurance Management System - Unauthenticated Remote Code Execution (RCE)

[webapps] XMB 1.9.12.06 - Stored XSS

[webapps] Carbon Forum 5.9.0 - Stored XSS

[webapps] AEGON LIFE v1.0 Life Insurance Management System - Stored cross-site scripting (XSS)

[webapps] appRain CMF 4.0.5 - Remote Code Execution (RCE) (Authenticated)

[webapps] CMSimple 5.15 - Remote Code Execution (RCE) (Authenticated)

[webapps] WBCE CMS v1.6.2 - Remote Code Execution (RCE)

[webapps] Monstra CMS 3.0.4 - Remote Code Execution (RCE)

[webapps] Dotclear 2.29 - Remote Code Execution (RCE)

[webapps] Serendipity 2.5.0 - Remote Code Execution (RCE)

[webapps] Sitefinity 15.0 - Cross-Site Scripting (XSS)

[webapps] FreePBX 16 - Remote Code Execution (RCE) (Authenticated)

[webapps] Akaunting 3.1.8 - Server-Side Template Injection (SSTI)

[webapps] Check Point Security Gateway - Information Disclosure (Unauthenticated)

[webapps] Aquatronica Control System 5.1.6 - Information Disclosure

[webapps] changedetection < 0.45.20 - Remote Code Execution (RCE)

[webapps] ElkArte Forum 1.1.9 - Remote Code Execution (RCE) (Authenticated)

Full Disclosure

Some SIM / USIM card security (and ecosystem) info

SEC Consult SA-20240930-0 :: Local Privilege Escalation via MSI Installer in Nitro PDF Pro (CVE-2024-35288)

Backdoor.Win32.Benju.a / Unauthenticated Remote Command Execution

Backdoor.Win32.Prorat.jz / Remote Stack Buffer Overflow (SEH)

Backdoor.Win32.Amatu.a / Remote Arbitrary File Write (RCE)

Backdoor.Win32.Agent.pw / Remote Stack Buffer Overflow (SEH)

Backdoor.Win32.Boiling / Remote Command Execution

Defense in depth -- the Microsoft way (part 88): a SINGLE command line shows about 20, 000 instances of CWE-73

SEC Consult SA-20240925-0 :: Uninstall Password Bypass in BlackBerry CylanceOPTICS Windows Installer Package (CVE-2024-35214)

Apple iOS 17.2.1 - Screen Time Passcode Retrieval (Mitigation Bypass)

CyberDanube Security Research 20240919-0 | Multiple Vulnerabilities in Netman204

Submit Exploit CVE-2024-42831

Stored XSS in "Edit Profile" - htmlyv2.9.9

Stored XSS in "Menu Editor" - htmlyv2.9.9

Backdoor.Win32.BlackAngel.13 / Unauthenticated Remote Command Execution

Open Source Security

Re[2]: cups-browsed vulnerable to DDoS amplification attack

Re: cups-browsed vulnerable to DDoS amplification attack

Re: cups-browsed vulnerable to DDoS amplification attack

cups-browsed vulnerable to DDoS amplification attack

PowerDNS Security Advisory 2024-04

CVE-2024-47554: Apache Commons IO: Possible denial of service attack on untrusted input to XmlStreamReader

CVE-2024-47561: Apache Avro Java SDK: Arbitrary Code Execution when reading Avro Data (Java SDK)

Multiple vulnerabilities in Jenkins and Jenkins plugins

CVE-2024-45772: Apache Lucene Replicator: Deserialization of Untrusted Data

Re: CVE-2024-40761: Apache Answer: Avatar URL leaked user email addresses

Re: List linux CVEs for a given stable release?

Re: CUPS printing system vulnerabilities

Re: CVE-2024-40761: Apache Answer: Avatar URL leaked user email addresses

Re: CVE-2024-40761: Apache Answer: Avatar URL leaked user email addresses

Re: CUPS printing system vulnerabilities

Ethical Hacking News

Android 15 QPR1 Beta 2: A Revolution in Tablet Computing and a Triumphant Return of Lock Screen Widgets

Android 15 QPR1 Beta 2 brings significant updates to Android tablets, including desktop windowing and the return of lock screen widgets. Learn more about the new features and improvements in this latest iteration of the Android operating system.

Published: Wed Sep 25 22:10:10 2024



Ethical Hacking News

Malware 101: A Comprehensive Guide to Understanding the Most Common Types of Malware



The world of cybersecurity is constantly evolving, and with it comes a multitude of threats that can compromise your device, steal your personal information, or disrupt your online activities. At the heart of these threats are malicious software programs known as malware. In this comprehensive guide, we will delve into the world of malware, exploring its definition, types, delivery methods, and prevention strategies.



Published: Wed Sep 25 22:32:18 2024



Ethical Hacking News

Critical Ivanti vTM Auth Bypass Bug Now Exploited in Attacks: A Growing Concern for Organizations


A critical Ivanti vTM application delivery controller vulnerability is currently being actively exploited by threat actors, allowing remote unauthenticated attackers to bypass authentication on Internet-exposed vTM admin panels. This vulnerability could potentially lead to the creation of rogue administrator users, posing significant risks to organizations relying on this application delivery controller to manage their network traffic and applications.

Published: Wed Sep 25 23:48:06 2024



Ethical Hacking News

A Comprehensive Guide to Multi-Cloud Security: Best Practices and Challenges

Discover the best practices and challenges associated with multi-cloud security in this comprehensive guide. Learn how to develop a solid multi-cloud security strategy that protects your data and resources in a multi-cloud environment.

Published: Thu Sep 26 00:14:50 2024



Ethical Hacking News

New Era of Cybersecurity Challenges: The Exploitation of Microsoft's Windows Smart App Control Zero-Day Vulnerability



In a significant update, Microsoft has addressed a critical zero-day vulnerability in its Windows Smart App Control and SmartScreen security features. This vulnerability, identified as CVE-2024-38217, has been actively exploited by threat actors since 2018, posing a significant risk to users worldwide. Microsoft's September 2024 Patch Tuesday update includes fixes for four zero-day vulnerabilities, including this one, highlighting the need for prioritizing patching updates and staying vigilant in the face of evolving cybersecurity threats.

Published: Thu Sep 26 00:39:15 2024



Ethical Hacking News

WordPress.org Denies Service to WP Engine: A Conflict of Interest?

WordPress.org has blocked WP Engine's servers from accessing WordPress.org resources, potentially putting millions of websites at risk. The move is seen as a major blow to the web hosting provider and raises questions about corporate responsibility, intellectual property rights, and the future of open-source projects.

Published: Thu Sep 26 00:44:37 2024



Ethical Hacking News

Cyber Storm: The Salt Typhoon Saga Unfolds as Chinese Spies Breach US ISPs



China's Salt Typhoon cyber spies are deep inside US ISPs, a disturbing development that highlights the ongoing cat-and-mouse game between Chinese state-sponsored hackers and US authorities.



Published: Thu Sep 26 00:51:59 2024



Ethical Hacking News

The Cyber Conflict Escalation: China's Warning to Taiwan Over Network Security Precautions

China has issued a stern warning to Taiwan over network security precautions amid escalating tensions over the status of Taiwan. The Ministry of State Security claimed that a group linked to Taiwan's military was behind recent cyber attacks, but Taiwan's government denies the allegations. As tensions continue to escalate, it is essential to take steps to prevent cyber attacks and protect online systems from state-sponsored malware.

Published: Thu Sep 26 01:05:01 2024



Ethical Hacking News

10 Nasty Software Bugs Put Thousands of Fuel Storage Tanks at Risk of Cyberattacks



Tens of thousands of fuel storage tanks in critical infrastructure facilities remain vulnerable to zero-day attacks due to buggy Automatic Tank Gauge systems from multiple vendors, say infosec researchers. The recent discovery of ten critical security bugs in these devices has raised significant concerns about the potential for cyberattacks on fuel storage tanks, highlighting the need for better security measures in the energy sector.



Published: Thu Sep 26 02:02:04 2024



Ethical Hacking News

Mandiant Unveils Cheat Sheet to Help Organizations Identify Potential North Korean IT Operatives

Uncovering the Hidden Dangers: A Guide to Identifying North Korean IT Operatives

Published: Thu Sep 26 02:08:04 2024



Ethical Hacking News

The Unsettling Rise of UltraAV: A Low-Profile Antivirus Brand Replacing Kaspersky on US PCs



The US government's recent ban on Kaspersky selling its products stateside has led to the sudden appearance of UltraAV as a mandatory antivirus software for some Windows systems. The low-profile brand raises concerns about security implications and the role of government regulation in shaping the cybersecurity industry, prompting users to question whether this new brand can provide adequate protection.

Published: Thu Sep 26 02:25:35 2024



Ethical Hacking News

Ransomware: The Growing Threat to Global Financial Stability

As ransomware continues to make headlines due to its impact on global financial institutions, it's essential to understand the threat and take steps to protect yourself. From high-profile attacks on organizations like MoneyGram to individual users, ransomware is a growing concern that requires attention.

Published: Thu Sep 26 02:39:53 2024



Ethical Hacking News

Necro Malware Continues to Haunt Android Users: A Persistent Threat

Necro malware has been found on several popular Android apps, including Wuta Camera and Max Browser, leaving thousands of users vulnerable to cyber threats. With its ability to deliver intrusive ads and steal money through fake subscription payments, this malware campaign is a stark reminder of the need for vigilance when downloading mobile apps from unverified sources.

Published: Thu Sep 26 02:50:54 2024



Ethical Hacking News

Microsoft Unveils Comprehensive Secure Future Initiative: A Multifaceted Program for Enhanced Cybersecurity


Microsoft Unveils Comprehensive Secure Future Initiative to Enhance Cybersecurity and Protect Global Citizens

Published: Thu Sep 26 03:00:10 2024



Ethical Hacking News

The Dark Reality of Ransomware: Understanding the Risks and Prevention Strategies

Ransomware: The Hidden Threat Lurking in Your Digital Footprints

Published: Thu Sep 26 03:12:37 2024



Ethical Hacking News

Cybersecurity Threats Emerge: The Rise of Rust-Based Splinter Post-Exploitation Tool



A new post-exploitation red team tool called Splinter has emerged in the wild, prompting cybersecurity researchers to raise an alarm about its potential threat. The Splinter tool is built using the Rust programming language and boasts a range of features commonly found in penetration testing tools, making it a valuable target for threat actors seeking to compromise organizations. While there is no information available on who created the tool, its impact could be significant if misused.



Published: Thu Sep 26 04:42:40 2024



Ethical Hacking News

The Unfulfilled Promise of SOAR: How Agentic AI is Revolutionizing Security Operations Centers


The cybersecurity industry has long awaited a solution to Security Orchestration, Automation, and Response (SOAR)'s unfulfilled promises. A new technology called Agentic AI has emerged as a potential game-changer, promising to address the fundamental challenges of SOC automation that have hindered previous solutions. With its advanced generative capabilities, Agentic AI can automate complex tasks, providing real-time insights and enabling organizations to respond quickly and effectively to emerging threats.

Published: Thu Sep 26 05:03:51 2024



Ethical Hacking News

Russian State-Sponsored Advanced Persistent Threat Actor Compromises U.S. Government Targets: A Growing Concern for National Security


A joint cybersecurity advisory by the FBI and CISA reveals that a Russian state-sponsored advanced persistent threat actor has been targeting various U.S. state, local, territorial, and tribal (SLTT) government networks, as well as aviation networks, for over two years. The actor's sophisticated tactics and techniques have allowed it to successfully breach numerous networks, compromise sensitive information, and potentially disrupt critical infrastructure. Organizations are urged to take immediate action to secure their networks and systems in response to this threat.

Published: Thu Sep 26 05:36:13 2024



Ethical Hacking News

Ransomware: The Evolving Threat to Personal and Business Security

Learn how to protect yourself from ransomware attacks with our comprehensive guide, featuring expert advice on prevention, detection, and removal techniques. Discover the latest threats and trends in the world of cybersecurity.

Published: Thu Sep 26 05:40:38 2024



Ethical Hacking News

Kaspersky's Uncertain Exit: A Web of Trust and Concerns



Kaspersky Exits U.S., Automatically Replaces Software With UltraAV, Raising Concerns: A Devastating Blow to Trust and Transparency in the Cybersecurity Industry

In a move that has left many in the cybersecurity community on edge, Kaspersky, a renowned antivirus software provider, has begun the process of exiting the United States market. This development is a result of a formal ban imposed by the U.S. government due to national security concerns, which was implemented as part of a broader crackdown on Russian-owned companies and their alleged ties to the country's government.



Published: Thu Sep 26 05:46:54 2024



Ethical Hacking News

The Evolving Landscape of Password Security: A Comprehensive Analysis

While mandatory password expiration policies may have been sufficient in the past, they are no longer considered an effective solution to safeguard sensitive information. Instead, organizations must adopt robust authentication mechanisms, multifactor authentication, and effective password management policies to protect their users' online presence.

Published: Thu Sep 26 07:23:51 2024



Ethical Hacking News

Discord Introduces DAVE: A Game-Changing End-to-End Encryption Protocol for Secure Audio and Video Calls

Discord has unveiled a groundbreaking new protocol called DAVE, which promises to provide unparalleled protection for sensitive communications via audio and video calls. By utilizing this protocol, users can rest assured that their conversations will remain private and secure.

Published: Thu Sep 26 07:36:28 2024



Ethical Hacking News

The Lazarus Group: Unpacking the Complexities of North Korea's State-Sponsored Cyber Threat

Uncovering the complexities of North Korea's state-sponsored cyber threat, this article provides an in-depth examination of the Lazarus Group's activities and tactics.

Published: Thu Sep 26 08:12:47 2024



Ethical Hacking News

The GeoServer Vulnerability: Understanding the Risks and Implications


A critical vulnerability has been identified in the popular GeoServer software, allowing for Remote Code Execution (RCE) by unauthenticated users. Understanding the risks and implications of this vulnerability is essential for software developers and users to protect themselves against potential attacks.

Published: Thu Sep 26 08:23:39 2024



Ethical Hacking News

Noyb Takes on Mozilla: The Privacy-Preserving Attribution Feature Raises Concerns Over Data Tracking and User Consent



Noyb takes on Mozilla: a new complaint raises concerns over Firefox's tracking feature Privacy-Preserving Attribution (PPA), highlighting the ongoing debate over data tracking and user consent in the digital age. The incident underscores the importance of transparency, user agency, and clear policies regarding data collection practices.



Published: Thu Sep 26 08:40:22 2024



Ethical Hacking News

The Looming Shadow of Cyber Infiltration: 3,191 Congressional Staffer Personal Data Leaked on Dark Web

The Dark Web Breach: Uncovering the Alarming Consequences of Exposed Congressional Staffer Data

Published: Thu Sep 26 08:56:20 2024



Ethical Hacking News

Necro Trojan Resurfaces on Android, Infects 11 Million Devices via Popular Apps



The Necro Trojan malware has resurfaced on Android devices, infecting 11 million users across popular apps and game mods. With its advanced obfuscation techniques and steganography methods, this new variant poses a significant threat to mobile security. Read the full article to learn more about the resurgence of Necro Trojan and how to protect yourself against this malicious malware.

Published: Thu Sep 26 09:15:19 2024



Ethical Hacking News

Ransomware: The Growing Threat to Global Cybersecurity


Ransomware has become a growing threat to global cybersecurity, with various types of malware using social engineering tactics, malicious ads, and other methods to spread infections. By understanding the risks and taking proactive measures, individuals and businesses can protect themselves from these cyber threats and reduce their chances of falling victim to a ransomware attack.

Published: Thu Sep 26 09:52:13 2024



Ethical Hacking News

Israel's Shadow War: Unveiling the Mysterious Infiltration of Lebanese Telecoms Networks

Israel has been accused of infiltrating Lebanese telecom networks, allowing it to send targeted warnings to specific individuals and groups, sparking concerns about escalating conflict in the region.

Published: Thu Sep 26 11:20:05 2024



Ethical Hacking News

Telegram's Evolving Policy on User Data: A Shift Towards Transparency and Cooperation

Telegram's decision to provide user data to law enforcement in response to legal requests marks a significant shift in the platform's policy on user data. As the company navigates regulatory requirements and balances security with compliance, its users will be watching closely to see how this evolution unfolds.

Published: Thu Sep 26 11:37:03 2024



Ethical Hacking News

A Critical Container Toolkit Bug Exposes Cloud Environments to Host Takeover


In a recent security alert, Nvidia has revealed a critical vulnerability in its widely used Container Toolkit that could allow a rogue user or software to escape their containers and take complete control of the underlying host. The bug, tracked as CVE-2024-0132, earned a 9.0 out of 10 CVSS severity rating, making it one of the most critical security issues in recent times.

Published: Fri Sep 27 17:08:04 2024



Ethical Hacking News

A Closed Ecosystem is Not Anticompetitive: Google's Case Against DOJ's Ad Tech Antitrust Trial


In a high-stakes antitrust trial, Google has taken the defense that its closed ad ecosystem is not anticompetitive, but rather safer for users. The Department of Justice (DOJ) claims that Google's dominance in the ad tech market stifles competition, while Google argues that a more controlled environment protects both advertisers and publishers from malicious actors.



Published: Fri Sep 27 17:33:22 2024



Ethical Hacking News

Micrsoft's Recall Feature: A Double-Edged Sword for Security and Privacy



Microsoft's latest AI-powered feature, Recall, aims to enhance user productivity by providing a visual activity log of Windows desktop activities. However, concerns over privacy and security have been raised, prompting the company to revise its design and implementation.



Published: Fri Sep 27 20:33:53 2024



Ethical Hacking News

HPE Patches Critical Security Holes in Aruba PAPI, Raising Concerns Among Sysadmins


Hewlett Packard Enterprise (HPE) has released patches for three critical security vulnerabilities in its networking subsidiary's Proprietary Access Protocol Interface (PAPI), raising concerns among sysadmins. The patches aim to address flaws found in Aruba's AOS-8 and AOS-10 operating systems, which are rated 9.8 out of 10 on the Common Vulnerability Scoring System (CVSS). This development underscores the importance of ongoing vigilance in addressing emerging vulnerabilities and staying abreast of the latest developments in network security.

Published: Fri Sep 27 21:13:13 2024



Ethical Hacking News

The World-First Mobile Crypto Drainer App: A Wake-Up Call for Web3 Users

Researchers have identified a world-first mobile crypto-draining attack on Google's Play Store, targeting web3 users exclusively with a dodgy app dubbed "WalletConnect." The attackers stole $70,000 from victims who downloaded the malicious app, which was masqueraded as an official WalletConnect protocol app. This incident highlights the need for advanced security solutions and cybersecurity awareness to protect web3 users from such malicious activities.

Published: Fri Sep 27 21:29:44 2024



Ethical Hacking News

Promptly Patching Critical Flaws: Progress Software Releases Latest Security Updates for WhatsUp Gold

Progress Software has released a patch for WhatsUp Gold addressing six critical security flaws, including two rated at CVSS 8.8 and one at CVSS 9.8, in an effort to mitigate the threat posed by malicious actors.

Published: Fri Sep 27 22:07:41 2024



Ethical Hacking News

Critical Linux CUPS Printing System Flaws Leave Systems Vulnerable to Remote Command Execution

Four critical vulnerabilities have been discovered in the OpenPrinting Common Unix Printing System (CUPS) on Linux systems that could permit remote command execution under certain conditions. Learn more about the discovery and how you can protect your organization from these potential threats.

Published: Fri Sep 27 22:22:19 2024



Ethical Hacking News

The Dark Web's Dirty Dozen: US Sanctions Two Crypto Exchanges for Money Laundering and Cybercrime Facilitation



The U.S. government has taken a major step in its efforts to combat cybercrime and money laundering by imposing sanctions on two cryptocurrency exchanges, Cryptex and PM2BTC. The move is part of an ongoing law enforcement crackdown called Operation Endgame and is aimed at disrupting networks that facilitate illicit activities. Two Russian nationals have been charged with involvement in the operation of several money laundering services offered to cybercriminals.

Published: Fri Sep 27 23:06:11 2024



Ethical Hacking News

A Critical NVIDIA Container Toolkit Vulnerability: A Threat to Cloud Security

A critical vulnerability in NVIDIA's container toolkit has exposed hosts to complete takeover, highlighting the importance of prioritizing cloud security. With patches now available, organizations must take immediate action to safeguard their operations.

Published: Fri Sep 27 23:14:40 2024



Ethical Hacking News

Hacking the Highway: The Alarming Discovery of Remote Vehicle Control via License Plates


A recent discovery by cybersecurity researchers has revealed a set of critical vulnerabilities in Kia vehicles that could potentially allow hackers to remotely control key functions using only a license plate. The implications are alarming, highlighting the need for urgent attention and action from automotive manufacturers, governments, and consumers alike.

Published: Fri Sep 27 23:20:09 2024



Ethical Hacking News

New Malware Strains Uncovered: KLogEXE and FPSpy Used in Targeted Attacks by North Korean Hackers


North Korean hackers, attributed to group Kimsuky or APT43, have deployed two new malware strains dubbed KLogExe and FPSpy in targeted attacks. These malware strains represent enhancements to Sparkling Pisces' existing arsenal, highlighting the group's continuous evolution and increasing capabilities.

Published: Fri Sep 27 23:48:32 2024



Ethical Hacking News

Reclaiming Control: Mastering the Art of Effective SIEM Management



The Hacker News presents a comprehensive guide to reclaiming control from overwhelmed Security Information and Event Management (SIEM) systems, providing actionable insights for organizations seeking to transform their approach to security.



Published: Fri Sep 27 23:54:07 2024



Ethical Hacking News

The Tor Project and Tails Merge Operations: A New Era in Cybersecurity

The Tor Project and Tails OS have merged operations to enhance collaboration, expand training, outreach, and strengthen their efforts to protect users globally from digital surveillance and censorship.

Published: Sat Sep 28 00:22:57 2024



Ethical Hacking News

Cyber Vandalism on Public Wi-Fi Networks: A Threat to Global Security



UK train stations have been hit by a sophisticated cyberattack spreading an anti-Islam message on public Wi-Fi networks. The attack has raised concerns about the potential for hate speech and propaganda on public platforms. As the use of public Wi-Fi networks continues to grow, so too does the risk of attacks like this one. It is essential that we prioritize cybersecurity and take steps to protect ourselves from such threats.

Published: Sat Sep 28 00:40:12 2024



Ethical Hacking News

The Dark Side of Cryptocurrency: U.S. Sanctions Cryptex and PM2BTC for Facilitating Illicit Activities

The U.S. government has sanctioned two cryptocurrency exchanges, Cryptex and PM2BTC, for allegedly facilitating cybercrime and money laundering. The sanctions are part of a broader effort to combat Russian money laundering operations and hold accountable those who facilitate illicit activities in the cryptocurrency industry.

Published: Sat Sep 28 01:22:53 2024



Ethical Hacking News

Crypto Scam App Uncovered: A Sophisticated Deception in the WalletConnect Ecosystem

A recent discovery by cybersecurity researchers has uncovered a malicious Android app that masqueraded as the legitimate WalletConnect open-source protocol, leading to the theft of approximately $70,000 in cryptocurrency over a period of nearly five months. Learn more about this sophisticated deception and how you can protect yourself from similar threats.

Published: Sat Sep 28 07:50:40 2024



Ethical Hacking News

A Cyberattack on Kuwait's Health Ministry Sparks Concerns Over Patient Safety

A recent cyberattack on the Kuwait Health Ministry has left the country's hospitals reeling, with multiple systems disrupted and the Sahel healthcare app disabled. The attack highlights the growing threat posed by cyberattacks on healthcare organizations worldwide and underscores the importance of robust cybersecurity measures to prevent such threats.

Published: Sat Sep 28 08:27:54 2024



Ethical Hacking News

A Glitchy Disaster: Microsoft's Patch Tuesday Preview Leaves Windows 11 Users Reeling



Microsoft's latest attempt to bring stability and security updates to its Windows 11 operating system has ended up being a disaster. The company released an optional preview update, known as KB5043145, last week, which has been met with widespread criticism from users and IT professionals alike. According to reports from Microsoft's support article and the company's feedback forum, this latest update has caused a plethora of problems, including stability issues, blue or green screens, and glitches with USB and Wi-Fi connectivity.



Published: Mon Sep 30 09:27:12 2024



Ethical Hacking News

Global News Agence France-Presse Hit by Sophisticated Cyberattack: What We Know So Far



Agence France-Presse, one of the world's leading global news agencies, has fallen victim to a sophisticated cyberattack that has left its partners and clients grappling with the implications. The attack, which occurred on Friday, September 30th, 2024, at approximately 10:19 AM, sent shockwaves through the media industry as it impacted AFP's IT systems and content delivery services.



Published: Mon Sep 30 09:41:48 2024



Ethical Hacking News

The Unreliable Shield: Remote ID Verification Technology Falls Short on Equitability



The US government's efforts to implement remote identity verification (RiDV) technology have hit a snag due to the revelation of significant bias, inconsistency, and unreliability in five RiDV products tested across various demographic groups. The study's findings have sparked concerns about inequitable treatment of certain groups within the US government's online platforms.



Published: Mon Sep 30 09:54:24 2024



Ethical Hacking News

Cybersecurity Woes: Cloud Threats Loom Large as Executives Struggle to Stay Ahead

Cybersecurity experts are sounding the alarm about cloud threats, which have become a major concern for top executives. The latest PwC report reveals that cloud threats are the leading cause of security worry among business leaders, with 42% citing them as their most significant threat.

Published: Mon Sep 30 10:00:23 2024



Ethical Hacking News

AI Package Name Hallucinations: A Growing Threat to Software Security

The increasing reliance on large language models (LLMs) for code generation has raised concerns about the potential for AI-generated package names to be fabricated or inaccurate. A recent study conducted by researchers from the University of Texas at San Antonio, the University of Oklahoma, and Virginia Tech shed light on this pressing concern, highlighting the need for robust security measures and stringent quality control checks when deploying LLMs in public-facing applications.

Published: Mon Sep 30 10:07:22 2024



Ethical Hacking News

Cybersecurity Threats on the Rise: A Growing Concern for Individuals and Organizations

Cybersecurity threats are becoming increasingly prevalent, with new and sophisticated attacks emerging every day. From ransomware attacks to nation-state-backed cybercrime, individuals and organizations must take proactive measures to protect themselves against these growing threats.

Published: Mon Sep 30 10:14:13 2024



Ethical Hacking News

Binance's Crackdown on Cross-Border Cryptocurrency Scams: A Global Perspective

Binance has been praised for helping Indian authorities bust a Chinese scam app that was allegedly operating in the country. The exchange's cooperation highlights the growing importance of international cooperation in combating cross-border cryptocurrency scams.

Published: Mon Sep 30 10:20:10 2024



Ethical Hacking News

Critical Flaws in Tank Gauge Systems Expose Gas Stations to Remote Attacks

The recent revelation of critical vulnerabilities in automatic tank gauge (ATG) systems has exposed gas stations and other critical infrastructure facilities to remote attacks, posing significant real-world risks to physical damage, environmental hazards, and economic losses.

Published: Mon Sep 30 10:59:48 2024



Ethical Hacking News

Session Hijacking 2.0: The Latest Threat to MFA Adoption


Session hijacking has evolved into an identity-based attack that targets cloud-based apps and services. With 147,000 token replay attacks detected by Microsoft in 2023 alone, this new approach to session hijacking poses a significant threat to MFA adoption. Learn more about how Session Hijacking 2.0 is bypassing traditional security controls and what organizations can do to stay ahead of the evolving threat landscape.

Published: Mon Sep 30 11:06:53 2024



Ethical Hacking News

A Comprehensive Examination of Recent Cybersecurity Incidents: A Growing Concern for Global Security

Recent incidents highlighted by the Lockbit ransomware gang demonstrate its increasing sophistication and ruthlessness, emphasizing the need for robust cybersecurity measures and increased vigilance in addressing emerging threats.

Published: Mon Sep 30 11:40:23 2024



Ethical Hacking News

Israeli Cyber Command Launches Daring Strike on Beirut Airport Control Tower

Israeli intelligence officials have confirmed that their cyber command unit successfully breached the communication network of the Rafic Hariri International Airport in Beirut, Lebanon, prompting an Iranian civilian plane to change course and return to Tehran.

Published: Mon Sep 30 12:33:18 2024



Ethical Hacking News

Widespread Vulnerabilities Found in Court and Government Systems Across the US

Widespread Vulnerabilities Found in Court and Government Systems Across the US. A recent series of disclosures highlights critical vulnerabilities in commercial platforms used by hundreds of courts and government agencies, raising serious concerns about the security and integrity of these systems.

Published: Mon Sep 30 19:02:57 2024



Ethical Hacking News

Rackspace Systems Hit by Zero-Day Exploit in Third-Party Application


A recent zero-day exploit in a third-party application highlights the ongoing threat of sophisticated cyber attacks and the importance of robust security measures. The incident serves as a wake-up call for cloud hosting companies to prioritize their security measures and stay ahead of emerging threats.



Published: Mon Sep 30 19:49:11 2024



Ethical Hacking News

Ransomware Rattles Healthcare System: A Glimpse into the Devastating Consequences


The University Medical Center in Lubbock, Texas, has been forced to turn away ambulances after a devastating cyberattack by ransomware operators. The attack has severely limited the hospital's operations, putting its patients' lives at risk. As the situation continues to unfold, experts are warning of the potential for immense ripple effects from this type of attack.

Published: Mon Sep 30 19:56:14 2024



Ethical Hacking News

Patelco Credit Union Data Breach Exposes Sensitive Information of Over 1 Million Individuals

Patelco Credit Union has disclosed that its systems were compromised by a ransomware attack this summer, affecting over 1 million individuals. The incident highlights the importance of robust cybersecurity measures and ongoing vigilance. By staying informed and taking necessary steps to secure their personal information, individuals can minimize the risk of falling victim to similar attacks in the future.

Published: Mon Sep 30 20:28:52 2024



Ethical Hacking News

Rackspace Systems Compromised by Zero-Day Exploit of Third-Party ScienceLogic Application

Rackspace's internal monitoring web servers were compromised by an attacker who exploited a zero-day vulnerability in a third-party ScienceLogic application, highlighting the importance of proactive security measures and transparent communication in protecting against emerging cyber threats.

Published: Tue Oct 1 08:07:45 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

New Malicious Swarm Botnet Exploits Docker API for Cryptojacking Campaign



A new cryptojacking attack has been discovered that exploits vulnerabilities in the Docker API to create a malicious swarm botnet, compromising multiple Docker hosts and expanding the threat actor's control over these compromised systems. The attackers used a combination of Internet scanning tools and the Docker Engine API to gain initial access and deploy cryptocurrency miners on compromised containers, ultimately turning the compromised systems into a botnet for further exploitation.

Published: Tue Oct 1 08:30:08 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

A Global Cyber Landscape Shattered: The Ongoing Saga of Attacks, Exploits, and Intrusions

Recent cyberattacks have exposed vulnerabilities in various systems, highlighting the need for enhanced security measures and a proactive approach to protecting sensitive information.

Published: Tue Oct 1 08:51:35 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Uncovering the Web of Deceit: The Shocking Links between Evil Corp and Russian Intelligence



Published: Tue Oct 1 11:01:04 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Growing Menace of Unpatched Routers: A Deluge of Vulnerabilities Exposed by U.S. CISA



Four new vulnerabilities have been added to CISA's Known Exploited Vulnerabilities catalog, highlighting the ongoing need for enhanced network security vigilance. The four newly added vulnerabilities include a Command Injection Vulnerability in D-Link DIR-820 Router, an OS Command Injection Vulnerability in DrayTek Multiple Vigor Routers, a Null Pointer Dereference Vulnerability in Motion Spell GPAC, and a Deserialization of Untrusted Data Vulnerability in SAP Commerce Cloud. Organizations must take immediate action to address these known exploited vulnerabilities by conducting vulnerability assessments, implementing patches and updates, configuring firewalls and intrusion detection systems, establishing incident response capabilities, and maintaining accurate records of remediation activities. By doing so, businesses can mitigate potential risks and ensure their networks remain secure in an ever-evolving threat landscape.

Published: Tue Oct 1 11:49:38 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Ransomware Attack Brings Healthcare System to Its Knees: UMC Health System Diverts Patients Amidst IT Outage


A recent ransomware attack on UMC Health System has forced the organization to divert patients due to an ongoing IT outage. The hospital has noted that the investigation into the security incident is still ongoing, and updates will be provided when more information becomes available. This cybersecurity incident highlights the need for healthcare organizations to have robust measures in place to protect against such threats.

Published: Tue Oct 1 13:28:41 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Evil Corp Hit with New Sanctions: BitPaymer Ransomware Charges Weigh Heavy

The sanctions imposed on Evil Corp members mark an escalation in the ongoing battle against this notorious group. The recent development highlights the importance of cooperation and education in mitigating the threat posed by these malicious actors, as well as the need for continued awareness and innovation in cybersecurity defenses.

Published: Tue Oct 1 13:55:21 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Paragon Puzzle: Unraveling the Complexities of US Government Spying Contracts

The United States Immigration and Customs Enforcement (ICE) agency has signed a lucrative contract worth $2 million with Israeli commercial spyware vendor Paragon Solutions, sparking concerns about the misuse of such technology. As part of a broader effort to reshape the commercial spyware market, the US government aims to prevent the misuse of spyware while promoting its responsible use.

Published: Tue Oct 1 14:18:03 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Evil Corp: The Notorious Russian Cybercrime Gang with Ties to NATO Allies

Evil Corp, a notorious Russian cybercrime gang with ties to NATO allies, has been making headlines in recent years. In a joint report released by the UK's National Crime Agency (NCA), FBI, and Australian Federal Police, new details have emerged about the group's activities, including its use of Lockbit ransomware platform and ties to Russian intelligence. The US Department of State is offering a $5 million reward for information leading to the arrest of Maksim Yakubets and other members of Evil Corp. Learn more about this evolving threat and how we can stay ahead of it.

Published: Tue Oct 1 14:38:39 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Rackspace Monitoring Data Breach Exposes Sensitive Customer Information via ScienceLogic Zero-Day Attack


Rackspace monitoring data was stolen following a zero-day attack on its ScienceLogic SL1 platform, exposing sensitive customer information. The breach highlights the importance of staying vigilant against zero-day attacks and taking swift action to address them.

Published: Tue Oct 1 21:45:54 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Growing Backlog of Unprocessed Vulnerability Reports: A Threat to Global Cybersecurity

The US government's National Institute of Standards and Technology (NIST) has been struggling to clear its backlog of unprocessed vulnerability reports, leaving many experts and organizations concerned about the impact this may have on global cybersecurity.

Published: Wed Oct 2 08:35:00 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Unstable Foundation: How RPKI's Weaknesses Expose the Internet to Further Attacks



Published: Wed Oct 2 08:53:16 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

CosmicSting: The Devastating Magento and Adobe Commerce Vulnerability Exploited by Malicious Actors



Cybersecurity researchers have disclosed that 5% of all Adobe Commerce and Magento stores have been hacked by malicious actors by exploiting a security vulnerability dubbed CosmicSting. This critical flaw, which allows arbitrary file reading on unpatched systems, has resulted in widespread attacks across the globe, with at least seven distinct groups identified as partaking in these exploitation efforts. In light of these findings, it is essential for Magento and Adobe Commerce store owners to take immediate action to protect their systems against this devastating vulnerability.

Published: Wed Oct 2 09:06:31 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Looming Threat of North Korea's Andariel Hacking Group: A Shift to Financial Attacks on U.S. Organizations

Andariel, a highly sophisticated state-sponsored threat actor, has recently shifted its focus from espionage operations to financially motivated attacks on U.S. organizations, marking a significant escalation of the threat landscape. To stay ahead of these threats, businesses must understand the tactics and techniques employed by Andariel and take proactive measures to protect themselves against state-sponsored attack.

Published: Wed Oct 2 09:39:49 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Rhadamanthys Information Stealer: A Malicious AI-Driven Tool for Cryptocurrency Thieves


Rhadamanthys information stealer, a highly sophisticated AI-driven malware tool, has been upgraded to version 0.7.0 with advanced features including AI-powered Optical Character Recognition (OCR) for extracting cryptocurrency seed phrases from images. This malicious software is designed specifically for stealing sensitive information from infected systems and offers a subscription fee of $250 per month or $550 for 90 days. Stay informed about emerging threats like Rhadamanthys and learn how to protect yourself against sophisticated malware tools.

Published: Wed Oct 2 11:06:27 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Mass Exploitation of Critical Zimbra Vulnerability



Published: Wed Oct 2 22:30:13 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Unveiling of OpenStack Dalmatian: A New Era for Cloud Computing

OpenStack's 30th edition, Dalmatian, has been released, bringing a new dashboard, improved GPU support, and enhanced security features to the table. This latest iteration promises to further establish OpenStack as a viable alternative to established cloud players like VMware.

Published: Wed Oct 2 22:36:46 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

FCC Launches $200 Million Pilot Program to Protect Schools and Libraries from Cyber Threats

The Federal Communications Commission (FCC) has unveiled a $200 million pilot program aimed at bolstering the cybersecurity defenses of schools and libraries across the United States, providing funding for advanced firewalls, identity protection services, malware protection, Virtual Private Networks (VPNs), and other measures to combat cyber attacks. The Schools and Libraries Cybersecurity Pilot Program seeks to equip these institutions with the necessary tools and resources to protect against growing threats.

Published: Wed Oct 2 22:44:22 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Critical Zimbra RCE Vulnerability Exploited to Compromise Email Servers via Phishing Emails

Recently disclosed RCE vulnerability in Zimbra email servers has been actively exploited through phishing emails, allowing hackers to gain unauthorized access. Upgrading to newer versions or applying mitigating steps are recommended to prevent further exploitation.

Published: Thu Oct 3 00:04:43 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Data Breach Incarnate: The Rise of Real-Time Facial Recognition with Meta Glasses

Meta glasses have become a tool for surveillance, raising concerns about data privacy and security. A Harvard student has demonstrated how to use facial recognition technology with $379 Meta Ray-Ban 2 smart sunglasses to extract personal information in real-time, sparking questions about consent, privacy, and the potential misuse of such technology.

Published: Thu Oct 3 00:14:04 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Great Draytek Debacle: 700,000 Routers Vulnerable to Exploitation by Malicious Actors

Breaking News: 700K+ Draytek Routers Exposed to Public Internet, Vulnerable to Remote Hijacking and Exploitation

Published: Thu Oct 3 00:20:41 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Fake Trading Apps Target Victims Globally via Apple App Store and Google Play: A Growing Concern for Cybersecurity


Fake trading apps have become a significant threat to global cybersecurity, with a growing number of victims falling prey to these malicious applications. These apps, often disguised as legitimate investment platforms, promise quick financial gains to lure unsuspecting users into making significant investments. As the global landscape continues to evolve, it is essential for users to remain vigilant and take proactive measures to protect themselves from falling victim to such scams.

Published: Thu Oct 3 00:32:27 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Over 700,000 DrayTek Routers Exposed to Hacking via 14 New Vulnerabilities


DrayTek router security: 14 new vulnerabilities discovered in millions of devices worldwide, with patches already released by the manufacturer to address these issues.


Published: Thu Oct 3 01:26:01 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Dark Side of Transparency: Telegram's U-Turn on User Data Sharing

Telegram has shared U.S. user data with law enforcement on over a dozen occasions, potentially revealing IP addresses or phone numbers of hundreds of users. The company's decision to comply with law enforcement requests raises concerns about online privacy and security.

Published: Thu Oct 3 01:43:07 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Facial Recognition Data Breach: The Rise of Real-Time Surveillance with Meta Glasses



Facial Recognition Data Breach: The Rise of Real-Time Surveillance with Meta Glasses

A Harvard student's experiment using facial recognition technology with Meta Ray-Ban 2 smart glasses raises questions about our increasing reliance on surveillance and data collection in everyday life.



Published: Thu Oct 3 03:21:53 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Ivanti Endpoint Manager Flaw: A Critical Security Breach Exposed

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding the active exploitation of a security flaw in Ivanti Endpoint Manager (EPM). The identified vulnerability, tracked as CVE-2024-29824, carries an elevated CVSS score of 9.6 out of a maximum of 10.0, underscoring its critical severity.

Published: Thu Oct 3 03:46:48 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Dark Side of License Plate Recognition: A Surveillance State on steroids

License plate recognition technology has become an increasingly ubiquitous tool in modern surveillance, raising significant concerns about individual privacy and civil liberties. As companies like DRN collect vast amounts of data on citizens' vehicles, it is essential that policymakers take steps to ensure that these tools are used responsibly and in accordance with human rights standards.

Published: Thu Oct 3 06:33:27 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Consequences of Cybercrime: British-Nigerian Men Sentenced for Multimillion-Dollar Business Email Scam



Two British-Nigerian men have been sentenced to prison for their involvement in a multimillion-dollar business email scam that targeted various organizations in the United States, including local government entities, colleges, and construction firms. The scammers, Oludayo Kolawole John Adeagbo and Donald Ikenna Echeazu, exploited tactics such as registering domain names similar to those of clients or customers of the victim organizations and preying on unwitting staff to order seemingly routine payments to their own accounts. This article will delve into the details of the scam, the methods used by the scammers, and the impact of the case on law enforcement efforts.



Published: Thu Oct 3 07:46:31 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

A Cloud-Based Pandora's Box: The Rise of AI-Powered Sex Chat Services

In a disturbing trend, cybercriminals are exploiting cloud credentials to operate and resell AI-powered sex chat services, often veering into darker role-playing scenarios, including child sexual exploitation and rape. As researchers warn, the use of stolen cloud credentials can feed an army of AI sex bots, posing significant security risks for organizations.

Published: Thu Oct 3 08:54:54 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

New VeilShell Backdoor Malware Reveals Sophistication of North Korean Hackers' Stealthy Attacks


North Korean hackers have been using a new backdoor malware called VeilShell as part of their stealthy cyber attacks, targeting Cambodia and likely other Southeast Asian countries. The malicious activity is believed to be the handiwork of APT37, also known as InkySquid, Reaper, RedEyes, Ricochet Chollima, Ruby Sleet, and ScarCruft. This article provides a detailed analysis of the VeilShell malware and its tactics, highlighting the sophistication of North Korean hackers' attacks and the need for organizations to stay vigilant against such threats.

Published: Thu Oct 3 09:21:45 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Lurking in Plain Sight: The Years-Long Cryptomining Campaign Behind "perfctl" Linux Malware


A recent study by Aqua Nautilus has revealed that a Linux malware known as "perfctl" has been secretly mining cryptocurrency using infected servers for years. Dubbed a significant threat to system administrators, the malware remains evasive in its approach to evading detection and removal from compromised systems.

Published: Thu Oct 3 10:52:58 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Perilous Realm of Non-Human Identities: A Growing Concern for Enterprise Security



The cybersecurity landscape has undergone a significant transformation over the past decade, as traditional perimeter-based security measures have become increasingly obsolete. Non-human identities (NHIs) pose a unique challenge for enterprise security teams and require a comprehensive approach to secrets security to mitigate risks. Discover how organizations can adopt a robust secrets security strategy to bolster their overall security posture and reduce attack surfaces.

Published: Thu Oct 3 11:08:10 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

New Perfctl Malware Campaign Targets Linux Servers for Cryptocurrency Mining and Proxyjacking


A newly discovered malware campaign dubbed perfctl is targeting Linux servers for cryptocurrency mining and proxyjacking, leaving cybersecurity experts scrambling to address this emerging threat. To learn more about the perfctl malware campaign and how it can be mitigated, read on for an in-depth examination of the TTPs and countermeasures employed by the attackers.

Published: Thu Oct 3 11:13:55 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Over 4,000 Unpatched Adobe Commerce and Magento Stores Compromised by Exploiting Critical Vulnerability CVE-2024-34102: A Threat Assessment

A recent attack exploiting the CosmicSting vulnerability has compromised over 4,000 e-stores, including major organizations such as Ray-Ban and Cisco. The vulnerability is a critical bug that can result in arbitrary code execution, making it essential for store owners to patch their systems immediately.

Published: Thu Oct 3 11:33:51 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

CosmicSting Attacks: A Looming Shadow Over E-commerce Security



A massive wave of sophisticated attacks dubbed "CosmicSting" has left an alarming number of Adobe Commerce and Magento online stores vulnerable to exploitation, with over 4,000 shops compromised in this unprecedented attack. This article delves into the details of the CosmicSting vulnerability, its impact on e-commerce businesses, and provides actionable advice for protecting against these attacks.



Published: Thu Oct 3 12:44:40 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

The Dutch Police Data Breach: A State-Sponsored Attack or a Cybersecurity Miscalculation?

The Dutch police force has recently suffered a significant data breach, compromising the personal and professional details of numerous officers. The breach, which was detected last week, is believed to have been carried out by a state actor, according to the national police force, Politie.

Published: Thu Oct 3 15:12:07 2024 by llama3.2 3B Q4_K_M



Ethical Hacking News

Google Unveils Enhanced Pixel Security Features to Mitigate 2G Exploits and Baseband Attacks

Google has unveiled a series of innovative security features designed to counter the growing threat posed by 2G exploits and baseband attacks in its latest Pixel devices. The company's efforts come as threat actors continue to employ sophisticated methods to exploit vulnerabilities in cellular basebands, which can potentially lead to remote code execution and other forms of malicious activity.

Published: Thu Oct 3 15:25:05 2024 by llama3.2 3B Q4_K_M










     


© Ethical Hacking News . All rights reserved.

Privacy | Terms of Use | Contact Us