Category: Attack Feeds

– [[{“value”:” Large organizations that train developers with secure-by-design practices can reliably reduce the number of vulnerabilities introduced into software products by more than 50%, according to a new report from Secure Code Warrior. The Australia-based secure coding platform and software firm analyzed data from 600 enterprise customers over nine years to find out what improvements, if any, can be...

– [[{“value”:”China’s National Computer Virus Emergency Response Center (CVERC) has doubled down on claims that the threat actor known as the Volt Typhoon is a fabrication of the U.S. and its allies. The agency, in collaboration with the National Engineering Laboratory for Computer Virus Prevention Technology, went on to accuse the U.S. federal government, intelligence agencies, and Five Eyes countries...

– [[{“value”:”Cybersecurity researchers have disclosed a new malware campaign that delivers Hijack Loader artifacts that are signed with legitimate code-signing certificates. French cybersecurity company HarfangLab, which detected the activity at the start of the month, said the attack chains aim to deploy an information stealer known as Lumma. Hijack Loader, also known as DOILoader, IDAT Loader, and”}]]  – Read More ...

– [[{“value”:”The maintainers of the Jetpack WordPress plugin have released a security update to remediate a critical vulnerability that could allow logged-in users to access forms submitted by others on a site. Jetpack, owned by WordPress maker Automattic, is an all-in-one plugin that offers a comprehensive suite of tools to improve site safety, performance, and traffic growth. It’s used on...

– Intel Broker claims a major data breach at Cisco, allegedly stealing source codes, confidential documents, and credentials from…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– Another day, another ticketing platform breached!  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:” Whether it’s selling books, delivering groceries, broadcasting professional football games, or providing countless organizations with IT infrastructure, it’s imperative for Amazon to provide world-class security for its hundreds of millions of customers. But the company has realized the tech used to supply that security can only take it so far.  Executives for the company say that security being...

– [[{“value”:” Around 87,000 IPs are likely susceptible to a Fortinet vulnerability that the Cybersecurity and Infrastructure Security Agency put on its “must patch” list last week because attackers are actively exploiting it, according to data from the nonprofit Shadowserver Foundation. The number was at 87,930 on Saturday before dropping slightly to 86,602 on Sunday. CISA placed the critical remote...

– NCC Group experts share details of how they exploited critical zero-day vulnerabilities in Phoenix Contact EV chargers (electric…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:”Hey there, it’s your weekly dose of “what the heck is going on in cybersecurity land” – and trust me, you NEED to be in the loop this time. We’ve got everything from zero-day exploits and AI gone rogue to the FBI playing crypto kingpin – it’s full of stuff they don’t 🤫 want you to know. So let’s...

– [[{“value”:”Cybersecurity researchers have found that entry points could be abused across multiple programming ecosystems like PyPI, npm, Ruby Gems, NuGet, Dart Pub, and Rust Crates to stage software supply chain attacks. “Attackers can leverage these entry points to execute malicious code when specific commands are run, posing a widespread risk in the open-source landscape,” Checkmarx researchers Yehuda”}]]  – Read...

– The link between detection and response (DR) practices and cloud security has historically been weak. As global organizations increasingly adopt cloud environments, security strategies have largely focused on “shift-left” practices—securing code, ensuring proper cloud posture, and fixing misconfigurations. However, this approach has led to an over-reliance on a multitude of DR tools spanning  – Read More  – The Hacker...

– [[{“value”:”A suspected nation-state adversary has been observed weaponizing three security flaws in Ivanti Cloud Service Appliance (CSA) a zero-day to perform a series of malicious actions. That’s according to findings from Fortinet FortiGuard Labs, which said the vulnerabilities were abused to gain unauthenticated access to the CSA, enumerate users configured in the appliance, and attempt to access the”}]]  –...

– Deploy the new 2nd Gen XGS Series desktops with zero touch.  – Read More  – Sophos News 

– [[{“value”:”Threat actors are actively attempting to exploit a now-patched security flaw in Veeam Backup & Replication to deploy Akira and Fog ransomware. Cybersecurity vendor Sophos said it has been tracking a series of attacks in the past month leveraging compromised VPN credentials and CVE-2024-40711 to create a local account and deploy the ransomware. CVE-2024-40711, rated 9.8 out of 10.0...

– Game Freak’s “Teraleak” appears to expose nearly 1 terabyte of sensitive Pokémon data, including source code, cancelled games,…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:”The Iranian threat actor known as OilRig has been observed exploiting a now-patched privilege escalation flaw impacting the Windows Kernel as part of a cyber espionage campaign targeting the U.A.E. and the broader Gulf region. “The group utilizes sophisticated tactics that include deploying a backdoor that leverages Microsoft Exchange servers for credentials theft, and exploiting vulnerabilities”}]]  – Read More ...

– [[{“value”:”The U.S. Department of Justice (DoJ) has announced arrests and charges against several individuals and entities in connection with allegedly manipulating digital asset markets as part of a widespread fraud operation. The law enforcement action – codenamed Operation Token Mirrors – is the result of the U.S. Federal Bureau of Investigation (FBI) taking the “unprecedented step” of creating its...

– [[{“value”:” An advisory committee to the Cybersecurity and Infrastructure Security Agency on Friday approved a series of reports to be delivered to the agency aimed at boosting national cyber resilience, increasing public awareness of CISA efforts, and better securing the world’s digital ecosystem. Members of CISA’s Cybersecurity Advisory Committee approved the four draft reports and multiple recommendations in response...

– [[{“value”:”A new tax-themed malware campaign targeting insurance and finance sectors has been observed leveraging GitHub links in phishing email messages as a way to bypass security measures and deliver Remcos RAT, indicating that the method is gaining traction among threat actors. “In this campaign, legitimate repositories such as the open-source tax filing software, UsTaxes, HMRC, and InlandRevenue were”}]]  –...

– [[{“value”:” Members of Congress are pressing federal agencies and telecommunications companies for more information about a reported Chinese government-backed hacking campaign that breached the networks of at least three major U.S. telecoms. Earlier this month, the Wall Street Journal reported that a hacking group tied to Beijing successfully broke into the networks of Verizon, AT&T and Lumen Technologies. The...

– Security-focused wearable company HyperRing has launched a joint venture with Paul, the co-founder of The College of Extraordinary…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:” Russian government hackers are targeting known, unpatched vulnerabilities to victimize specific organizations like governments and defense contractors while also scanning the internet for any susceptible systems to attack, U.S. and U.K. cyber agencies said in a joint alert. The threat actors tied to the Russian Foreign Intelligence Service (SVR) “are highly capable of and interested in exploiting software...

– [[{“value”:”Threat actors constantly change tactics to bypass cybersecurity measures, developing innovative methods to steal user credentials. Hybrid password attacks merge multiple cracking techniques to amplify their effectiveness. These combined approaches exploit the strengths of various methods, accelerating the password-cracking process.  In this post, we’ll explore hybrid attacks — what they are”}]]  – Read More  – The Hacker News 

– Octo2 malware is targeting Android devices by disguising itself as popular apps like NordVPN and Google Chrome. This…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– The Sophos Women in Technology Network (SWiT) is empowering young girls and women through events and programs that inspire careers in technology and champion gender equality.  – Read More  – Sophos News 

– [[{“value”:”The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning that it has observed threat actors leveraging unencrypted persistent cookies managed by the F5 BIG-IP Local Traffic Manager (LTM) module to conduct reconnaissance of target networks. It said the module is being used to enumerate other non-internet-facing devices on the network. The agency, however, did not disclose who”}]]  –...

– [[{“value”:”GitLab has released security updates for Community Edition (CE) and Enterprise Edition (EE) to address eight security flaws, including a critical bug that could allow running Continuous Integration and Continuous Delivery (CI/CD) pipelines on arbitrary branches. Tracked as CVE-2024-9164, the vulnerability carries a CVSS score of 9.6 out of 10. “An issue was discovered in GitLab EE”}]]  – Read...

– [[{“value”:”The Dutch police have announced the takedown of Bohemia and Cannabia, which has been described as the world’s largest and longest-running dark web market for illegal goods, drugs, and cybercrime services. The takedown is the result of a collaborative investigation with Ireland, the United Kingdom, and the United States that began towards the end of 2022, the Politie said....

– [[{“value”:” The number of malicious packages found in the open-source ecosystem has dramatically grown in the past year, according to a new report from Sonatype. The cybersecurity firm found that the number of malicious packages intentionally uploaded into open-source repositories has jumped by more than 150% compared to last year. Open-source software, a transparent development process where almost anyone...

– [[{“value”:” Of the more than 14,000 IPs of exposed and vulnerable medical devices, health care login portals, and databases throughout the world, nearly half are found in the U.S., according to a report released Thursday. Censys — a search platform that can identify internet-connected devices — scoured the public net and categorized the vast medical playground used by malicious...

– [[{“value”:” Marriott International and its subsidiary Starwood Hotels and Resorts have agreed to a settlement with the federal and state authorities over three separate data breaches between 2014 and 2020. In a 16-page proposed consent order with the Federal Trade Commission, the hotel chains agreed to a series of compulsory actions to improve the way they handle, store and...

– Internet Archive suffered a massive cyberattack, leading to a data breach where 31 million user records were stolen…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– The post CISA official: AI tools ‘need to have a human in the loop’ appeared first on CyberScoop.   – Read More  – CyberScoop 

– Casio experienced a major cyberattack on October 5, 2024, causing system disruptions and raising concerns about a potential…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– Boston and London, U.S. and U.K., 10th October 2024, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– Austin, TX, USA, 10th October 2024, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:”OpenAI on Wednesday said it has disrupted more than 20 operations and deceptive networks across the world that attempted to use its platform for malicious purposes since the start of the year. This activity encompassed debugging malware, writing articles for websites, generating biographies for social media accounts, and creating AI-generated profile pictures for fake accounts on X. “Threat”}]]  –...

– [[{“value”:”Financial Business and Consumer Solutions (FBCS), a debt collection agency previously used by Comcast, was the subject of a ransomware attack in February 2024, which had a database of names, addresses, social security numbers, dates of birth, and Comcast account details exposed. Read more in my article on the Hot for Security blog.”}]]  – Read More  – Graham Cluley 

– [[{“value”:”Cybersecurity security researchers are warning about an unpatched vulnerability in Nice Linear eMerge E3 access controller systems that could allow for the execution of arbitrary operating system (OS) commands. The flaw, assigned the CVE identifier CVE-2024-9441, carries a CVSS score of 9.8 out of a maximum of 10.0, according to VulnCheck. “A vulnerability in the Nortek Linear eMerge E3...

– The current SOC model relies on a scarce resource: human analysts. These professionals are expensive, in high demand, and increasingly difficult to retain. Their work is not only highly technical and high-risk, but also soul-crushingly repetitive, dealing with a constant flood of alerts and incidents. As a result, SOC analysts often leave in search of better pay, the opportunity...

– [[{“value”:”Cybersecurity researchers have shed light on a new digital skimmer campaign that leverages Unicode obfuscation techniques to conceal a skimmer dubbed Mongolian Skimmer. “At first glance, the thing that stood out was the script’s obfuscation, which seemed a bit bizarre because of all the accented characters,” Jscrambler researchers said in an analysis. “The heavy use of Unicode characters, many”}]] ...

– [[{“value”:”The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting Fortinet products to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2024-23113 (CVSS score: 9.8), relates to cases of remote code execution that affects FortiOS, FortiPAM, FortiProxy, and FortiWeb. “A”}]]  – Read More  – The Hacker...

– [[{“value”:”Mozilla has revealed that a critical security flaw impacting Firefox and Firefox Extended Support Release (ESR) has come under active exploitation in the wild. The vulnerability, tracked as CVE-2024-9680, has been described as a use-after-free bug in the Animation timeline component. “An attacker was able to achieve code execution in the content process by exploiting a use-after-free in”}]]  –...

– [[{“value”:”Join us as we delve into the world of unexpected security breaches and legal loopholes, where your robot vacuum cleaner might be spying on you, and ordering a pizza could cost you your right to sue. All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault.”}]] ...

– [[{“value”:” OpenAI said it has disrupted more than 20 operations and networks over the past year from foreign actors attempting to use the company’s generative AI technologies to influence political sentiments around the world and meddle in elections, including the United States. In some cases, the actors attempted to use ChatGPT and other OpenAI tools to analyze and generate...

– Zug, Switzerland, October 8, 2024 // Supra, the 500k TPS Layer-1 blockchain with MultiVM compatibility for MoveVM and…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News