no alarms and no surprises please..
-
CVE-2024-10905 (CVSS 10): Critical Vulnerability in SailPoint IdentityIQ Exposes Sensitive Data
CVE-2024-10905 (CVSS 10): Critical Vulnerability in SailPoint IdentityIQ Exposes Sensitive Data A critical vulnerability has been discovered in SailPoint IdentityIQ, a widely used identity and access management (IAM) platform. This flaw, tracked as CVE-2024-10905, has been assigned a CVSS score of… Go to gbhackers.com
-
Fuji Electric Indonesia Suffers Ransomware Attack: Business Partner Data Potentially Leaked
Fuji Electric Indonesia Suffers Ransomware Attack: Business Partner Data Potentially Leaked Fuji Electric Co., Ltd. has disclosed a ransomware attack targeting its wholly-owned subsidiary, Fuji Electric Indonesia (FEID). The incident, which occurred in late November 2024, rendered several PCs and servers… Go to gbhackers.com
-
CVE-2024-51378 (CVSS 10): Critical CyberPanel Flaw Under Active Attack, CISA Warns
CVE-2024-51378 (CVSS 10): Critical CyberPanel Flaw Under Active Attack, CISA Warns The Cybersecurity and Infrastructure Security Agency (CISA) has warned about a critical vulnerability in CyberPanel, an open-source web hosting control panel. This flaw, tracked as CVE-2024-51378, is being actively exploited… Go to gbhackers.com
-
U.S. Offered $10M for Hacker Just Arrested by Russia
U.S. Offered $10M for Hacker Just Arrested by Russia In January 2022, KrebsOnSecurity identified a Russian man named Mikhail Matveev as “Wazawaka,” a cybercriminal who was deeply involved in the formation and operation of multiple ransomware groups. The U.S. government indicted Matveev as a top ransomware purveyor a year later, offering $10 million for information…
-
New Andromeda/Gamarue Command-and-Control Cluster Targets APAC Industries
New Andromeda/Gamarue Command-and-Control Cluster Targets APAC Industries In a recent report, the Cybereason Security Services Team unveiled the discovery of a new cluster of Command-and-Control (C2) servers linked to the infamous Andromeda (aka Gamarue) malware family. This… Go to gbhackers.com
-
Akira v2 Emerges: Rust-Based Ransomware Raises the Stakes
Akira v2 Emerges: Rust-Based Ransomware Raises the Stakes The Akira ransomware took a significant leap earlier this year with the introduction of a new Rust-based variant, according to a detailed analysis from Check Point Research (CPR). This version,… Go to gbhackers.com
-
Phishing Frenzy: Cloudflare Domains Exploited in Latest Attacks
Phishing Frenzy: Cloudflare Domains Exploited in Latest Attacks A new report from cybersecurity firm Fortra has revealed a dramatic increase in the abuse of Cloudflare’s pages.dev and workers.dev domains for phishing attacks. This abuse capitalizes on Cloudflare’s trusted… Go to gbhackers.com
-
Beware of Celestial Stealer: New MaaS Targets Browsers and Crypto Wallets
Beware of Celestial Stealer: New MaaS Targets Browsers and Crypto Wallets A new report from Trellix Advanced Research Center has exposed the inner workings of Celestial Stealer, a sophisticated Malware-as-a-Service (MaaS) platform targeting developers, gamers, and cryptocurrency users. The JavaScript-based infostealer… Go to gbhackers.com
-
Ransomware-hit vodka maker Stoli files for bankruptcy in the United States
Ransomware-hit vodka maker Stoli files for bankruptcy in the United States Stoli Group USA, the US subsidiary of vodka maker Stoli, has filed for bankruptcy – and a ransomware attack is at least partly to blame. The American branch of Stoli, which imports and distributes Stoli brands in the United States, as well as the…
-
Tech support scams leverage Google ads again and again, fleecing unsuspecting internet users
Tech support scams leverage Google ads again and again, fleecing unsuspecting internet users It’s not a new technique, but that doesn’t mean that cybercriminals cannot make rich rewards from SEO poisoning. Read more in my article on the Tripwire State of Security blog. Graham Cluley Go to grahamcluley
-
Welcoming the Armenian Government to Have I Been Pwned
Welcoming the Armenian Government to Have I Been Pwned Today, we’re happy to welcome the 37th government to have full and free access to domain searches of their gov domains in Have I Been Pwned, Armenia. Armenia’s National Computer Incident Response Team AM-CERT now joins three dozen other national counterparts in gaining visibility into how…
-
Onapsis Expands Code Security Capabilities to Accelerate and De-Risk SAP BTP Development Projects
Onapsis Expands Code Security Capabilities to Accelerate and De-Risk SAP BTP Development Projects Go to gbhackers.com
-
Wyden and Schmitt Call for Investigation of Pentagon’s Phone Systems
Wyden and Schmitt Call for Investigation of Pentagon’s Phone Systems Go to gbhackers.com
-
CISA Issues Guidance to Telecom Sector on Salt Typhoon Threat
CISA Issues Guidance to Telecom Sector on Salt Typhoon Threat Individuals concerned about the privacy of their communications should consider using encrypted messaging apps and encrypted voice communications, CISA and FBI officials say. Jai Vijayan, Contributing Writer Go to gbhackers.com
-
Veeam Urges Updates After Discovering Critical Vulnerability
Veeam Urges Updates After Discovering Critical Vulnerability The vulnerability affects certain versions of the Veeam Service Provider Console that can only be fixed by updating with the latest patch. Kristina Beek, Associate Editor, Dark Reading Go to gbhackers.com
-
Pegasus Spyware Infections Proliferate Across iOS, Android Devices
Pegasus Spyware Infections Proliferate Across iOS, Android Devices The notorious spyware from Israel’s NSO Group has been found targeting journalists, government officials, and corporate executives in multiple variants discovered in a threat scan of 3,500 mobile phones. Elizabeth Montalbano, Contributing Writer Go to gbhackers.com
-
Navigating the Changing Landscape of Cybersecurity Regulations
Navigating the Changing Landscape of Cybersecurity Regulations The evolving regulatory environment presents both challenges and opportunities for businesses. Michael McLaughlin Go to gbhackers.com
-
Digital Certificates With Shorter Lifespans Reduce Security Vulnerabilities
Digital Certificates With Shorter Lifespans Reduce Security Vulnerabilities Proposals from Google and Apple drastically reduce the life cycle of certificates, which should mean more oversight — and hopefully better control. Stephen Lawton Go to gbhackers.com
-
Google Chrome Security Update, Patch for High-severity Vulnerability
Google Chrome Security Update, Patch for High-severity Vulnerability Google has released a significant security update for its Chrome browser, aiming to address several vulnerabilities and enhance user safety.The Stable channel has… Go to gbhackers.com
-
Progress WhatsUp Gold RCE Vulnerability – PoC Exploit Released
Progress WhatsUp Gold RCE Vulnerability – PoC Exploit Released A registry overwrite remote code execution (RCE) vulnerability has been identified in NmAPI.exe, part of the WhatsUp Gold network monitoring software.This vulnerability, present… Go to gbhackers.com
-
MobSF XSS Vulnerability Let Attackers Inject Malicious Scripts
MobSF XSS Vulnerability Let Attackers Inject Malicious Scripts A critical vulnerability has been identified in the Mobile Security Framework (MobSF) that allows attackers to inject malicious scripts into the system.This vulnerability, CVE-2024-53999… Go to gbhackers.com
-
CISA Releases Advisory to Monitor Networks to Detect Malicious Cyber Actors
CISA Releases Advisory to Monitor Networks to Detect Malicious Cyber Actors The National Security Agency (NSA) has partnered with the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and other entities… Go to gbhackers.com
-
PEFT-As-An-Attack, Jailbreaking Language Models For Malicious Prompts
PEFT-As-An-Attack, Jailbreaking Language Models For Malicious Prompts Federated Parameter-Efficient Fine-Tuning (FedPEFT) is a technique that combines parameter-efficient fine-tuning (PEFT) with federated learning (FL) to improve the efficiency and privacy of training… Go to gbhackers.com
-
Vodka maker Stoli files for bankruptcy in US after ransomware attack
Vodka maker Stoli files for bankruptcy in US after ransomware attack Stoli Group’s U.S. companies have filed for bankruptcy following an August ransomware attack and Russian authorities seizing the company’s remaining distilleries in the country. […] Sergiu Gatlan Go to bleepingcomputer
-
Cloudflare’s developer domains increasingly abused by threat actors
Cloudflare’s developer domains increasingly abused by threat actors Cloudflare’s ‘pages.dev’ and ‘workers.dev’ domains, used for deploying web pages and facilitating serverless computing, are being increasingly abused by cybercriminals for phishing and other malicious activities. […] Bill Toulas Go to bleepingcomputer
-
US shares tips to block hackers behind recent telecom breaches
US shares tips to block hackers behind recent telecom breaches CISA released guidance today to help network defenders harden their systems against attacks coordinated by the Salt Typhoon Chinese threat group that breached multiple major global telecommunications providers earlier this year. […] Sergiu Gatlan Go to bleepingcomputer
-
Exploit released for critical WhatsUp Gold RCE flaw, patch now
Exploit released for critical WhatsUp Gold RCE flaw, patch now A proof-of-concept (PoC) exploit for a critical-severity remote code execution flaw in Progress WhatsUp Gold has been published, making it critical to install the latest security updates as soon as possible. […] Bill Toulas Go to bleepingcomputer
-
Veeam warns of critical RCE bug in Service Provider Console
Veeam warns of critical RCE bug in Service Provider Console Veeam released security updates today to address two Service Provider Console (VSPC) vulnerabilities, including a critical remote code execution (RCE) discovered during internal testing. […] Sergiu Gatlan Go to bleepingcomputer
-
Cyberattack Compromises Marin City Housing Project, $950,000 in Public Funds Stolen
Cyberattack Compromises Marin City Housing Project, $950,000 in Public Funds Stolen A significant cybersecurity incident has impacted the Golden Gate Village housing project in Marin City, resulting in the theft of $950,000 of public funds allocated for critical renovations. The Marin… Go to gbhackers.com
-
DMM Bitcoin Ceases Operations Following $300 Million Cyberattack, Attributed to Lazarus Group
DMM Bitcoin Ceases Operations Following $300 Million Cyberattack, Attributed to Lazarus Group DMM Bitcoin, a leading Japanese cryptocurrency exchange, has announced its impending closure following a major cybersecurity incident. The exchange fell victim to a sophisticated cyberattack on May 31st, 2024, resulting… Go to gbhackers.com
-
RECOPE, Costa Rica’s State-Owned Energy Provider, Grapples with Ransomware Attack and Fuel Supply Disruption
RECOPE, Costa Rica’s State-Owned Energy Provider, Grapples with Ransomware Attack and Fuel Supply Disruption Refinadora Costarricense de Petróleo (RECOPE), the state-owned entity responsible for Costa Rica’s fuel supply chain, has been targeted by a ransomware attack, impacting operations and raising concerns about potential fuel… Go to gbhackers.com
-
SecureG, CTIA Project Secures Business Phone Calls
SecureG, CTIA Project Secures Business Phone Calls BCID mitigates the risk of consumers being harmed by fraud and bad actors by vetting to deliver a trusted, branded call experience for consumers. Jennifer Lawinski Go to gbhackers.com
-
Crypto.com Launches $2 Million Bug Bounty Program with HackerOne
Crypto.com Launches $2 Million Bug Bounty Program with HackerOne Crypto.com, a leading cryptocurrency platform with over 100 million users worldwide, has announced a significant upgrade to its bug bounty program in partnership with HackerOne. This move reinforces the company’s… Go to gbhackers.com
-
Veeam Issues Patch for Critical RCE Vulnerability in Service Provider Console
Veeam Issues Patch for Critical RCE Vulnerability in Service Provider Console Veeam has released security updates to address a critical flaw impacting Service Provider Console (VSPC) that could pave the way for remote code execution on susceptible instances. The vulnerability, tracked as CVE-2024-42448, carries a CVSS score of 9.9 out of a maximum of 10.0.…
-
Critical SailPoint IdentityIQ Vulnerability Exposes Files to Unauthorized Access
Critical SailPoint IdentityIQ Vulnerability Exposes Files to Unauthorized Access A critical security vulnerability has been disclosed in SailPoint’s IdentityIQ identity and access management (IAM) software that allows unauthorized access to content stored within the application directory. The flaw, tracked as CVE-2024-10905, has a CVSS score of 10.0, indicating maximum severity. It affects IdentityIQ versions 8.2.…
-
Hackers Use Corrupted ZIPs and Office Docs to Evade Antivirus and Email Defenses
Hackers Use Corrupted ZIPs and Office Docs to Evade Antivirus and Email Defenses Cybersecurity researchers have called attention to a novel phishing campaign that leverages corrupted Microsoft Office documents and ZIP archives as a way to bypass email defenses. “The ongoing attack evades #antivirus software, prevents uploads to sandboxes, and bypasses Outlook’s spam filters, allowing…
-
Cisco Warns of Exploitation of Decade-Old ASA WebVPN Vulnerability
Cisco Warns of Exploitation of Decade-Old ASA WebVPN Vulnerability Cisco on Monday updated an advisory to warn customers of active exploitation of a decade-old security flaw impacting its Adaptive Security Appliance (ASA). The vulnerability, tracked as CVE-2014-2120 (CVSS score: 4.3), concerns a case of insufficient input validation in ASA’s WebVPN login page that could allow…
-
NachoVPN Tool Exploits Flaws in Popular VPN Clients for System Compromise
NachoVPN Tool Exploits Flaws in Popular VPN Clients for System Compromise Cybersecurity researchers have disclosed a set of flaws impacting Palo Alto Networks and SonicWall virtual private network (VPN) clients that could be potentially exploited to gain remote code execution on Windows and macOS systems. “By targeting the implicit trust VPN clients place in servers,…
-
Sophos named a Gartner® Peer Insights™ Customers’ Choice for Managed Detection and Response (MDR) Services for the 2nd time
Sophos named a Gartner® Peer Insights™ Customers’ Choice for Managed Detection and Response (MDR) Services for the 2nd time Sophos is the only vendor named a Customers’ Choice across Endpoint Protection Platforms, Network Firewalls, and Managed Detection and Response rajansanhotra Go to sophos
-
Algorithms Are Coming for Democracy—but It’s Not All Bad
Algorithms Are Coming for Democracy—but It’s Not All Bad In 2025, AI is poised to change every aspect of democratic politics—but it won’t necessarily be for the worse. India’s prime minister, Narendra Modi, has used AI to translate his speeches for his multilingual electorate in real time, demonstrating how AI can help diverse democracies to…
-
I-O DATA Routers Under Attack: Urgent Firmware Update Needed!
I-O DATA Routers Under Attack: Urgent Firmware Update Needed! Multiple vulnerabilities have been discovered in I-O DATA routers UD-LT1 and UD-LT1/EX, and active exploitation is already underway. JPCERT/CC, a Japanese cybersecurity organization, issued a warning that these vulnerabilities leave… Go to gbhackers.com
-
Microsoft Emphasizes TPM 2.0 as a “Necessity” for Secure Windows 11 Deployment
Microsoft Emphasizes TPM 2.0 as a “Necessity” for Secure Windows 11 Deployment In a recent blog post, Microsoft reiterated the importance of Trusted Platform Module (TPM) 2.0 for Windows 11 security, calling it a “necessity” for a secure and future-proof Windows 11… Go to gbhackers.com
-
PoC Exploit Releases for Critical Zabbix Vulnerability – CVE-2024-42327 (CVSS 9.9)
PoC Exploit Releases for Critical Zabbix Vulnerability – CVE-2024-42327 (CVSS 9.9) Security researcher Alejandro Ramos has published a detailed technical analysis and proof-of-concept (PoC) exploit code for CVE-2024-42327, a critical SQL injection vulnerability affecting Zabbix, a widely used open-source enterprise network… Go to gbhackers.com
-
Solana Web3.js Library Compromised in Targeted Supply Chain Attack
Solana Web3.js Library Compromised in Targeted Supply Chain Attack A sophisticated supply chain attack has been identified within the widely-used @solana/web3.js JavaScript library, potentially jeopardizing the security of numerous developers and users within the Solana ecosystem. Malicious code was injected… Go to gbhackers.com
-
Why Phishers Love New TLDs Like .shop, .top and .xyz
Why Phishers Love New TLDs Like .shop, .top and .xyz Phishing attacks increased nearly 40 percent in the year ending August 2024, with much of that growth concentrated at a small number of new generic top-level domains (gTLDs) — such as .shop, .top, .xyz — that attract scammers with rock-bottom prices and no meaningful registration…
-
CVE-2024-42448 (CVSS 9.9): Critical RCE Vulnerability in Veeam VSPC
CVE-2024-42448 (CVSS 9.9): Critical RCE Vulnerability in Veeam VSPC Veeam Software, a prominent provider of backup and disaster recovery solutions, has released urgent security updates to address two critical vulnerabilities in its Service Provider Console (VSPC). One of these… Go to gbhackers.com
-
PoC Confirms Root Privilege Exploit in TP-Link Archer AXE75 Vulnerability (CVE-2024-53375)
PoC Confirms Root Privilege Exploit in TP-Link Archer AXE75 Vulnerability (CVE-2024-53375) A newly discovered vulnerability in the TP-Link Archer AXE75 router, tracked as CVE-2024-53375, could allow remote attackers to execute arbitrary commands on vulnerable devices. This critical flaw, identified by security… Go to gbhackers.com
-
CISA Flags Three Actively Exploited Vulnerabilities in Critical Systems
CISA Flags Three Actively Exploited Vulnerabilities in Critical Systems The Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert regarding three critical security vulnerabilities actively exploited in the wild. These vulnerabilities, now included in CISA’s Known Exploited Vulnerabilities… Go to gbhackers.com
-
Threat Actors Exploiting Misconfigured Docker Remote API Servers with Gafgyt Malware
Threat Actors Exploiting Misconfigured Docker Remote API Servers with Gafgyt Malware Trend Micro Research has revealed a significant evolution in the behavior of the Gafgyt malware (also known as Bashlite or Lizkebab), which is now targeting misconfigured Docker Remote API servers…. Go to gbhackers.com
-
Google Chrome Addresses High-Severity Flaw in V8 JavaScript Engine (CVE-2024-12053)
Google Chrome Addresses High-Severity Flaw in V8 JavaScript Engine (CVE-2024-12053) Google has released a security update for its Chrome web browser to mitigate a high-severity “type confusion” vulnerability (CVE-2024-12053) residing within the V8 JavaScript engine. This vulnerability has the potential… Go to gbhackers.com
-
The AI Fix #27: Why is AI full of real-life Bond villains?
The AI Fix #27: Why is AI full of real-life Bond villains? In episode 27 of The AI Fix, robots catch a ball, lead a revolt, and enjoy a juicy steak. Or do they? Graham struggles with a Micro USB cable, a student struggles with a school’s anti-AI rules, and OpenAI’s Sora video generation AI…
-
North Korean hackers masquerade as remote IT workers and venture capitalists to steal crypto and secrets
North Korean hackers masquerade as remote IT workers and venture capitalists to steal crypto and secrets In itslust for stealing cryptocurrency and sensitive information, North Korean hackers are disguising themselves as remote IT workers, recruiters, and even venture capitalists. Read more in my article on the Hot for Security blog. Graham Cluley Go to grahamcluley
-
No guarantees of payday for ransomware gang that claims to have hacked children’s hospital
No guarantees of payday for ransomware gang that claims to have hacked children’s hospital What is the point of INC Ransom’s attack on Alder Hey? They are not likely to be paid, and the attack on a children’s hospital only increases the chances that they will one day find their collars felt by law enforcement.…
-
152: Stacc Attack
152: Stacc Attack Jarett Dunn, AKA StaccOverflow, stole millions of dollars from a website called Pump Fun, and he wanted to do it in the most dramatic and theatrical way he could. His big heist is known as the “Stacc Attack”. https://x.com/STACCoverflow He has a merch store now freestacc.io. Sponsors Support for this show comes…
-
Misconfigured WAFs Heighten DoS, Breach Risks
Misconfigured WAFs Heighten DoS, Breach Risks Organizations that rely on their content delivery network provider for Web application firewall services may be inadvertently leaving themselves open to attack. Jai Vijayan, Contributing Writer Go to gbhackers.com
-
BigID Releases Data Activity Monitoring to Extend DDR, Detect Malicious Actors, and Strengthen Data Security Posture
BigID Releases Data Activity Monitoring to Extend DDR, Detect Malicious Actors, and Strengthen Data Security Posture Go to gbhackers.com
-
KnowBe4 Releases the Latest Phishing Trends in Q3 2024 Phishing Report
KnowBe4 Releases the Latest Phishing Trends in Q3 2024 Phishing Report Go to gbhackers.com
-
Decade-Old Cisco Vulnerability Under Active Exploit
Decade-Old Cisco Vulnerability Under Active Exploit Cisco encourages users to update to an unaffected version of its Adaptive Security Appliance (ASA) software since there are no workarounds for the 2014 vulnerability. Kristina Beek, Associate Editor, Dark Reading Go to gbhackers.com
-
Cyber-Unsafe Employees Increasingly Put Orgs at Risk
Cyber-Unsafe Employees Increasingly Put Orgs at Risk Too much access and privilege, plus a host of unsafe cyber practices, plague most workplaces, and the introduction of tools like GenAI will only make things worse. Kristina Beek, Associate Editor, Dark Reading Go to gbhackers.com
-
Venom Spider Spins Web of New Malware for MaaS Platform
Venom Spider Spins Web of New Malware for MaaS Platform A novel backdoor malware and a loader that customizes payload names for each victim have been added to the threat group’s cybercriminal tool set. Elizabeth Montalbano, Contributing Writer Go to gbhackers.com
-
Ransomware’s Grip on Healthcare
Ransomware’s Grip on Healthcare Until C-level executives fully understand potential threats and implement effective mitigation strategies, healthcare organizations will remain vulnerable and at risk of disruption. Claudio Gallo Go to gbhackers.com
-
Note From the Editor-in-Chief
Note From the Editor-in-Chief A change in ownership and what it means for our readers. Kelly Jackson Higgins, Editor-in-Chief, Dark Reading Go to gbhackers.com
-
‘White FAANG’ Data Export Attack: A Gold Mine for PII Threats
‘White FAANG’ Data Export Attack: A Gold Mine for PII Threats Websites these days know everything about you — even some details you might not realize. Hackers can take advantage of that with a sharp-toothed attack that exploits Europe’s GDPR-mandated data portability rules. Nate Nelson, Contributing Writer Go to gbhackers.com
-
Salesforce Applications Vulnerability Could Allow Full Account Takeover
Salesforce Applications Vulnerability Could Allow Full Account Takeover A critical vulnerability has been discovered in Salesforce applications that could potentially allow a full account takeover.The vulnerability, uncovered during a penetration testing… Go to gbhackers.com
-
TP-Link HomeShield Function Vulnerability Let Attackers Inject Malicious Commands
TP-Link HomeShield Function Vulnerability Let Attackers Inject Malicious Commands A significant vulnerability has been identified in TP-Link’s HomeShield function, affecting a range of their devices, including the Archer, Deco, and Tapo series routers…. Go to gbhackers.com
-
ElizaRAT Exploits Google, Telegram, & Slack Services For C2 Communications
ElizaRAT Exploits Google, Telegram, & Slack Services For C2 Communications APT36, a Pakistani cyber-espionage group, has recently upgraded its arsenal with ElizaRAT, a sophisticated Windows RAT that, initially detected in 2023, employs advanced evasion… Go to gbhackers.com
-
Russia Sentenced Hydra Dark Web Market Developer for Life Time
Russia Sentenced Hydra Dark Web Market Developer for Life Time A Russian court has sentenced Stanislav Moiseyev, believed to be the founder of the notorious Hydra darknet marketplace, to life imprisonment.The Moscow Regional… Go to gbhackers.com
-
Sweet Security Introduces Evolutionary Leap in Cloud Detection and Response, Releasing First Unified Detection…
Sweet Security Introduces Evolutionary Leap in Cloud Detection and Response, Releasing First Unified Detection… With Sweet, customers can now unify detection and response for applications, workloads, and cloud infrastructure Sweet Security today announced the release of its unified Cloud… Go to gbhackers.com
-
Korea arrests CEO for adding DDoS feature to satellite receivers
Korea arrests CEO for adding DDoS feature to satellite receivers South Korean police have arrested a CEO and five employees for manufacturing over 240,000 satellite receivers pre-loaded or later updated to include DDoS attack functionality at a purchaser’s request. […] Bill Toulas Go to bleepingcomputer
-
Russia sentences Hydra dark web market leader to life in prison
Russia sentences Hydra dark web market leader to life in prison Russian authorities have sentenced the leader of the criminal group behind the now-closed dark web platform Hydra Market to life in prison. […] Sergiu Gatlan Go to bleepingcomputer
-
BootKitty UEFI malware exploits LogoFAIL to infect Linux systems
BootKitty UEFI malware exploits LogoFAIL to infect Linux systems The recently uncovered ‘Bootkitty’ UEFI bootkit, the first malware of its kind targeting Linux systems, exploits CVE-2023-40238, aka ‘LogoFAIL,’ to infect computers running on a vulnerable UEFI firmware. […] Bill Toulas Go to bleepingcomputer
-
Mozilla really wants you to set Firefox as default Windows browser
Mozilla really wants you to set Firefox as default Windows browser In an effort to turn the tide, Mozilla is testing a fresh approach that could persuade more people to switch their default browser on Windows during the installation of the browser. […] Mayank Parmar Go to bleepingcomputer
-
Google Chrome’s AI feature lets you quickly check website trustworthiness
Google Chrome’s AI feature lets you quickly check website trustworthiness Google Chrome’s upcoming feature uses AI to provide a summary of reviews from independent websites about the store or website you’re visiting. […] Mayank Parmar Go to bleepingcomputer
-
Cisco Confirms Active Exploitation of Decade-Old WebVPN Vulnerability in ASA Software
Cisco Confirms Active Exploitation of Decade-Old WebVPN Vulnerability in ASA Software Cisco Systems has issued an updated security advisory regarding CVE-2014-2120, a vulnerability affecting the WebVPN login page of Cisco Adaptive Security Appliance (ASA) Software. Originally disclosed in 2014, this vulnerability… Go to gbhackers.com
-
Critical Vulnerabilities in mySCADA myPRO Software Pose Significant Risk to Industrial Control Systems
Critical Vulnerabilities in mySCADA myPRO Software Pose Significant Risk to Industrial Control Systems Researchers have disclosed critical vulnerabilities in mySCADA’s myPRO software, a widely deployed industrial automation platform. These security flaws could permit remote attackers to gain unauthorized access and complete control over… Go to gbhackers.com
-
TR-24-1876 (IBM Security Verify Access Appliance Güvenlik Bildirimi)
TR-24-1876 (IBM Security Verify Access Appliance Güvenlik Bildirimi) Go to usom.gov
-
Surprise Exit: Gelsinger Retires from Intel After 40 Years
Surprise Exit: Gelsinger Retires from Intel After 40 Years In a surprise move that sent ripples through the tech world, Intel Corporation announced today that CEO Pat Gelsinger has retired, effective December 1, 2024. This marks the end of… Go to gbhackers.com
-
Horns&Hooves Campaign Delivers RATs via Fake Emails and JavaScript Payloads
Horns&Hooves Campaign Delivers RATs via Fake Emails and JavaScript Payloads A newly discovered malware campaign has been found to target private users, retailers, and service businesses mainly located in Russia to deliver NetSupport RAT and BurnsRAT. The campaign, dubbed Horns&Hooves by Kaspersky, has hit more than 1,000 victims since it began around March 2023. The…
-
A Guide to Securing AI App Development: Join This Cybersecurity Webinar
A Guide to Securing AI App Development: Join This Cybersecurity Webinar Artificial Intelligence (AI) is no longer a far-off dream—it’s here, changing the way we live. From ordering coffee to diagnosing diseases, it’s everywhere. But while you’re creating the next big AI-powered app, hackers are already figuring out ways to break it. Every AI app…
-
SmokeLoader Malware Resurfaces, Targeting Manufacturing and IT in Taiwan
SmokeLoader Malware Resurfaces, Targeting Manufacturing and IT in Taiwan Taiwanese entities in manufacturing, healthcare, and information technology sectors have become the target of a new campaign distributing the SmokeLoader malware. “SmokeLoader is well-known for its versatility and advanced evasion techniques, and its modular design allows it to perform a wide range of attacks,” Fortinet FortiGuard…
-
THN Recap: Top Cybersecurity Threats, Tools and Tips (Nov 25 – Dec 1)
THN Recap: Top Cybersecurity Threats, Tools and Tips (Nov 25 – Dec 1) Ever wonder what happens in the digital world every time you blink? Here’s something wild – hackers launch about 2,200 attacks every single day, which means someone’s trying to break into a system somewhere every 39 seconds. And get this – while…
-
8 Million Android Users Hit by SpyLoan Malware in Loan Apps on Google Play
8 Million Android Users Hit by SpyLoan Malware in Loan Apps on Google Play Over a dozen malicious Android apps identified on the Google Play Store that have been collectively downloaded over 8 million times contain malware known as SpyLoan, according to new findings from McAfee Labs. “These PUP (potentially unwanted programs) applications use social…
-
Details about the iOS Inactivity Reboot Feature
Details about the iOS Inactivity Reboot Feature I recently wrote about the new iOS feature that forces an iPhone to reboot after it’s been inactive for a longish period of time. Here are the technical details, discovered through reverse engineering. The feature triggers after seventy-two hours of inactivity, even it is remains connected to Wi-Fi.…
-
Zero-Day Exploit Code Released for Windows Task Scheduler Flaw (CVE-2024-49039), Actively Exploited by RomCom Group
Zero-Day Exploit Code Released for Windows Task Scheduler Flaw (CVE-2024-49039), Actively Exploited by RomCom Group A proof-of-concept (PoC) exploit code for CVE-2024-49039, a zero-day vulnerability in Windows Task Scheduler, has been publicly released, raising concerns about increased attacks. This vulnerability, with a CVSS score of… Go to gbhackers.com
-
KrbRelayEx: A Kerberos Relaying Tool for Penetration Testing
KrbRelayEx: A Kerberos Relaying Tool for Penetration Testing KrbRelayEx is an open-source tool designed for security professionals to assess the security of Active Directory environments. It leverages the power of Kerberos relaying, a technique that exploits the trust… Go to gbhackers.com
-
Google Chrome Enhances User Security with AI-Powered Website Reviews
Google Chrome Enhances User Security with AI-Powered Website Reviews Google Chrome is set to bolster online safety for users with the integration of a new AI-driven feature: “Store Reviews.” This functionality aims to provide users with a streamlined method… Go to gbhackers.com
-
CVE-2024-48651: ProFTPD Vulnerability Grants Root Access to Attackers
CVE-2024-48651: ProFTPD Vulnerability Grants Root Access to Attackers Popular FTP server ProFTPD has been found to contain a critical security flaw that could allow attackers to gain root access to vulnerable systems. The vulnerability, tracked as CVE-2024-48651 (CVSS… Go to gbhackers.com
-
OpenAI Considers Ads for ChatGPT: Will Free Users Pay the Price?
OpenAI Considers Ads for ChatGPT: Will Free Users Pay the Price? OpenAI, the company behind the wildly popular AI chatbot ChatGPT, might be introducing advertisements to its free platform. This move comes as the company grapples with the astronomical costs of… Go to gbhackers.com
-
From US to UAE: APT35 Expands Reach in Cyber Espionage
From US to UAE: APT35 Expands Reach in Cyber Espionage The ThreatBook Research and Response Team has revealed a sophisticated campaign by APT35, also known as Magic Hound or Charming Kitten, targeting the aerospace and semiconductor industries across multiple countries,… Go to gbhackers.com
-
RevC2 and Venom Loader Exploit MaaS in Advanced Campaigns
RevC2 and Venom Loader Exploit MaaS in Advanced Campaigns The latest findings from ThreatLabz reveal two novel malware families, RevC2 and Venom Loader, actively deployed in campaigns between August and October 2024. Leveraging the Malware-as-a-Service (MaaS) platform of the… Go to gbhackers.com
-
New Report Reveals SmokeLoader’s Advanced Tactics in Taiwan Campaign
New Report Reveals SmokeLoader’s Advanced Tactics in Taiwan Campaign A recent report by FortiGuard Labs has highlighted a targeted cyberattack involving the infamous SmokeLoader malware. This campaign, observed in September 2024, aimed at several industries in Taiwan, including manufacturing,… Go to gbhackers.com
-
Horns&Hooves Campaign Leverages NetSupport and BurnsRAT for Widespread Compromise
Horns&Hooves Campaign Leverages NetSupport and BurnsRAT for Widespread Compromise In a detailed report by Kaspersky Labs, the Horns&Hooves campaign emerges as a notable example of cybercriminal ingenuity, leveraging dual RAT payloads—NetSupport RAT and BurnsRAT—to compromise systems across various sectors…. Go to gbhackers.com
-
‘Bootkitty’ First Bootloader to Take Aim at Linux
‘Bootkitty’ First Bootloader to Take Aim at Linux Though it’s still just a proof of concept, the malware is functional and can evade the Secure Boot process on devices from multiple vendors. Jai Vijayan, Contributing Writer Go to gbhackers.com
-
Interpol Cyber-Fraud Action Nets More Than 5K Arrests
Interpol Cyber-Fraud Action Nets More Than 5K Arrests Chalk up another win for global cooperation among law enforcement, this time targeting seven types of cyber fraud, including voice phishing and business email compromise. Dark Reading Staff Go to gbhackers.com
-
Name That Edge Toon: Shackled!
Name That Edge Toon: Shackled! Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 gift card. John Klossner Go to gbhackers.com
-
Does Your Company Need a Virtual CISO?
Does Your Company Need a Virtual CISO? With cybersecurity talent hard to come by and companies increasingly looking for guidance and best practices, virtual and fractional chief information security officers can make a lot of sense. Robert Lemos, Contributing Writer Go to gbhackers.com
-
2 UK Hospitals Targeted in Separate Cyberattacks
2 UK Hospitals Targeted in Separate Cyberattacks Alder Hey Children’s Hospital got hit with a ransomware attack, while the nature of an incident at Wirral University Teaching Hospital remains undisclosed. Dark Reading Staff Go to gbhackers.com
-
Incident Response Playbooks: Are You Prepared?
Incident Response Playbooks: Are You Prepared? The playbooks that accompany your incident response plan provide efficiency and consistency in responses, help reduce downtime and dwell time, and can be a cost-saving and reputational-saving measure for your organization. James Bruhl Go to gbhackers.com
-
Microsoft Boosts Device Security With Windows Resiliency Initiative
Microsoft Boosts Device Security With Windows Resiliency Initiative Microsoft is readying a new release of Windows in 2025 that will have significant security controls such as more resilient drivers and “self-defending” operating system kernel. Jeffrey Schwartz Go to gbhackers.com
-
Why Should Gamers Use a Proxy?
Why Should Gamers Use a Proxy? Feature Gaming Without Proxy Gaming With Proxy Ping and Latency High ping, leading to lag Reduced ping for smoother gameplay Geo-Restrictions Limited access to some servers Unblocks restricted gaming servers… Go to gbhackers.com