Category: Attack Feeds

– [[{“value”:”Cybersecurity researchers have disclosed that 5% of all Adobe Commerce and Magento stores have been hacked by malicious actors by exploiting a security vulnerability dubbed CosmicSting. Tracked as CVE-2024-34102 (CVSS score: 9.8), the critical flaw relates to an improper restriction of XML external entity reference (XXE) vulnerability that could result in remote code execution. The shortcoming,”}]]  – Read More ...

– How to make the most of the new features in Sophos Firewall v21.  – Read More  – Sophos News 

– [[{“value”:”Dynamic malware analysis is a key part of any threat investigation. It involves executing a sample of a malicious program in the isolated environment of a malware sandbox to monitor its behavior and gather actionable indicators. Effective analysis must be fast, in-depth, and precise. These five tools will help you achieve it with ease. 1. Interactivity Having the ability...

– [[{“value”:”Three different organizations in the U.S. were targeted in August 2024 by a North Korean state-sponsored threat actor called Andariel as part of a likely financially motivated attack. “While the attackers didn’t succeed in deploying ransomware on the networks of any of the organizations affected, it is likely that the attacks were financially motivated,” Symantec, part of Broadcom, said...

– SSSCIP reports a strategic shift in Russian cyber operations in H1 2024. Targeting Ukraine’s defence sectors, attacks doubled,…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:” Something interesting is happening across America’s cyber allies. From the United Kingdom to the Netherlands, Japan, South Korea, and Canada, there is an evolution in cyber strategic thought taking root. The United States spearheaded this fresh approach to securing national interests in and through cyberspace with its 2023 Defend Forward strategy, which built on a 2018 strategy pivot....

– In today’s digitally connected world, political messaging and misinformation are becoming increasingly sophisticated. Political campaigns and misinformation efforts, particularly those that are well-funded, have significant societal impacts. These campaigns have historically exploited political and ideological views to resonate with people, convince them to act, or even lure them into scams. Generative AI technologies such as […]  – Read More ...

– [[{“value”:”A new set of malicious packages has been unearthed in the Python Package Index (PyPI) repository that masqueraded as cryptocurrency wallet recovery and management services, only to siphon sensitive data and facilitate the theft of valuable digital assets. “The attack targeted users of Atomic, Trust Wallet, Metamask, Ronin, TronLink, Exodus, and other prominent wallets in the crypto ecosystem,””}]]  –...

– [[{“value”:”Cybersecurity researchers are warning about active exploitation attempts targeting a newly disclosed security flaw in Synacor’s Zimbra Collaboration. Enterprise security firm Proofpoint said it began observing the activity starting September 28, 2024. The attacks seek to exploit CVE-2024-45519, a severe security flaw in its postjournal service that could enable unauthenticated attackers to”}]]  – Read More  – The Hacker News 

– Did you know that over 80% of web applications fail due to poor planning and execution? Now imagine…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– Checkmarx researchers discovered PyPI malware posing as crypto wallet tools. These malicious packages stole private keys and recovery…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:”The threat actors behind the Rhadamanthys information stealer have added new advanced features to the malware, including using artificial intelligence (AI) for optical character recognition (OCR) as part of what’s called “Seed Phrase Image Recognition.” “This allows Rhadamanthys to extract cryptocurrency wallet seed phrases from images, making it a highly potent threat for anyone dealing in”}]]  – Read More ...

– Sophos’ Younghoo Lee will present his research on the use of AI to analyze both text and image data to classify spam, phishing, and unsafe web content in Dublin.  – Read More  – Sophos News 

– [[{“value”:”In episode 18 of “The AI Fix” our hosts discover that OpenAI’s Advanced Voice mode is too emotional for Europeans, a listener writes a Viking saga about LinkedIn, ChatGPT is a terrible doctor, and the voice of Meta AI takes to Meta’s platforms to complain about Meta AI reading things people post on Meta’s platforms. Mark discovers what Darth...

– [[{“value”:” An international consortium of law enforcement agencies on Tuesday announced additional arrests, seizures and sanctions targeting LockBit ransomware infrastructure, the latest actions taken to hobble what was once among the most prolific ransomware operations going. The actions include four arrests, seized servers and sanctions targeting an affiliate working with LockBit who authorities say has links to Evil Corp.,...

– AFP news agency suffers a cyberattack disrupting its content delivery systems. News coverage continues as experts investigate, with…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:” Kevin Mandia, founder of Mandiant and co-founder and general partner at Ballistic Ventures, has joined SpecterOps, a Virginia-based startup focused on attack path management, as the chair of its board of directors.  Founded in 2017, SpecterOps offers software that allows companies to better defend identities, particularly those used in conjunction with Microsoft Active Directory, Azure AD, Entra ID...

– Since its emergence, Generative AI has revolutionized enterprise productivity. GenAI tools enable faster and more effective software development, financial analysis, business planning, and customer engagement. However, this business agility comes with significant risks, particularly the potential for sensitive data leakage. As organizations attempt to balance productivity gains with security  – Read More  – The Hacker News 

– Investing in the cybersecurity experts of tomorrow.  – Read More  – Sophos News 

– [[{“value”:”More than 140,000 phishing websites have been found linked to a phishing-as-a-service (PhaaS) platform named Sniper Dz over the past year, indicating that it’s being used by a large number of cybercriminals to conduct credential theft. “For prospective phishers, Sniper Dz offers an online admin panel with a catalog of phishing pages,” Palo Alto Networks Unit 42 researchers Shehroze...

– [[{“value”:”Cybersecurity researchers have uncovered a new cryptojacking campaign targeting the Docker Engine API with the goal of co-opting the instances to join a malicious Docker Swarm controlled by the threat actor. This enabled the attackers to “use Docker Swarm’s orchestration features for command-and-control (C2) purposes,” Datadog researchers Matt Muir and Andy Giron said in an analysis. The attacks”}]]  –...

– [[{“value”:”The U.S. Department of Justice (DoJ) has charged a 39-year-old U.K. national for perpetrating a hack-to-trade fraud scheme that netted him nearly $3.75 million in illegal profits. Robert Westbrook of London was arrested last week and is expected to be extradited to the U.S. to face charges related to securities fraud, wire fraud, and five counts of computer fraud....

– [[{“value”:” Telecom giant T-Mobile will pay a $31.5 million fine to settle investigations with the Federal Communications Commission for past data breaches that exposed the personal data of millions of customers. While half of that total will take the form of a traditional fine, the other half will be invested into fulfilling a consent decree mandating that T-Mobile put...

– [[{“value”:” A California man accused of failing to pay taxes on tens of millions of dollars allegedly earned from cybercrime also paid local police officers hundreds of thousands of dollars to help him extort, intimidate and silence rivals and former business partners, a new indictment charges. KrebsOnSecurity has learned that many of the man’s alleged targets were members of...

– [[{“value”:” Leading spyware company NSO Group said in a court filing that it agreed with Apple on its recent motion to drop its lawsuit against the Israel-based firm over the alleged targeting of its users, and asked a judge to consider reimbursing it for its legal expenses. The NSO Group filing, dated Friday, offers largely different reasons for why...

– NOYB, a European privacy group has filed a complaint with Austrian authorities, alleging that Mozilla breached GDPR by…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– Sophos continues to be the only vendor named a Leader in Endpoint, Firewall, MDR, XDR and EDR in the latest reports from G2  – Read More  – Sophos News 

– [[{“value”:” With ransomware gangs proving capable of quickly reconstituting after government takedown operations, an international alliance wants to ramp up those offensive measures even more. “What we’ve observed is that there is no one operation that’s going to disrupt ransomware permanently,” Anne Neuberger, deputy national security advisor for cyber and emerging technology, told reporters in a call Monday. “Instead,...

– [[{“value”:”Hold onto your hats, folks, because the cybersecurity world is anything but quiet! Last week, we dodged a bullet when we discovered vulnerabilities in CUPS that could’ve opened the door to remote attacks. Google’s switch to Rust is paying off big time, slashing memory-related vulnerabilities in Android. But it wasn’t all good news – Kaspersky’s forced exit from the...

– [[{“value”:”A London-based man is facing extradition to the United States after allegedly masterminding a scheme to hack public companies prior to their earnings announcements and use the secrets he uncovered to make millions of dollars on the stock market. Read more in my article on the Hot for Security blog.”}]]  – Read More  – Graham Cluley 

– Darktrace AI detected and stopped a thread hijacking attack in real-time, preventing email account compromise and data theft.…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– ChiceDNA exposed 8,000 sensitive records, including biometric images, personal details, and facial DNA data in an unsecured WordPress…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:”Attackers are increasingly turning to session hijacking to get around widespread MFA adoption. The data supports this, as: 147,000 token replay attacks were detected by Microsoft in 2023, a 111% increase year-over-year (Microsoft).  Attacks on session cookies now happen in the same order of magnitude as password-based attacks (Google). But session hijacking isn’t a new technique – so”}]]  –...

– [[{“value”:”Critical security vulnerabilities have been disclosed in six different Automatic Tank Gauge (ATG) systems from five manufacturers that could expose them to remote attacks. “These vulnerabilities pose significant real-world risks, as they could be exploited by malicious actors to cause widespread damage, including physical damage, environmental hazards, and economic losses,” Bitsight researcher”}]]  – Read More  – The Hacker News 

– Imagine a sophisticated cyberattack cripples your organization’s most critical productivity and collaboration tool — the platform you rely on for daily operations. In the blink of an eye, hackers encrypt your emails, files, and crucial business data stored in Microsoft 365, holding it hostage using ransomware. Productivity grinds to a halt and your IT team races to assess the...

– [[{“value”:” Since the launch of ChatGPT in November 2022, AI regulation has been hotly debated. Despite the looming cybersecurity risks that generative AI models and large language models (LLMs) pose, regulators have instead been locked in conversations on ethics and social responsibility, leaving potentially catastrophic vulnerabilities by the wayside.  This is not for lack of risk comprehension; the industry...

– [[{“value”:”The Irish Data Protection Commission (DPC) has fined Meta €91 million ($101.56 million) as part of a probe into a security lapse in March 2019, when the company disclosed that it had mistakenly stored users’ passwords in plaintext in its systems. The investigation, launched by the DPC the next month, found that the social media giant violated four different...