Category: Attack Feeds

– Make the most of your Sophos Firewall.  – Read More  – Sophos News 

– [[{“value”:”The U.S. Securities and Exchange Commission (SEC) has charged four current and former public companies for making “materially misleading disclosures” related to the large-scale cyber attack that stemmed from the hack of SolarWinds in 2020. The SEC said the companies – Avaya, Check Point, Mimecast, and Unisys – are being penalized for how they handled the disclosure process in...

– [[{“value”:”Artificial Intelligence (AI) has rapidly evolved from a futuristic concept to a potent weapon in the hands of bad actors. Today, AI-based attacks are not just theoretical threats—they’re happening across industries and outpacing traditional defense mechanisms.  The solution, however, is not futuristic. It turns out a properly designed identity security platform is able to deliver defenses”}]]  – Read More ...

– [[{“value”:” It’s the final day of our first ever Pwn2Own Ireland. After three days of exploitation, we have awarded $993,625, so it seem likely we will pass the $1,000,000 mark. Still, there are no guarantees in Pwn2Own, so stay tuned for all the results. “}]]  – Read More  – Zero Day Initiative – Blog 

– [[{“value”:”The Irish data protection watchdog on Thursday fined LinkedIn €310 million ($335 million) for violating the privacy of its users by conducting behavioral analyses of personal data for targeted advertising. “The inquiry examined LinkedIn’s processing of personal data for the purposes of behavioral analysis and targeted advertising of users who have created LinkedIn profiles (members),” the Data”}]]  – Read...

– Blockchain, known for its role in cybersecurity, fintech, and cryptocurrencies, raises the question: Is it secure? Absolutely! With…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:” Fortinet and Mandiant are sounding the alarms about an active campaign exploiting a critical bug in FortiManager products that allows a remote hacker to manage associated devices. Mandiant and Fortinet investigated more than 50 organizations this month that were hit by the campaign, but found indications that it started as early as June 27. The Google-owned cybersecurity firm...

– [[{“value”:” The problem of fake remote tech workers attempting to gain employment at Western companies has been in the news quite a bit these days. Quite a bit.   But this problem may not be restricted to North Korean operatives, and more and more organizations are stepping up to reveal their own encounters with fake IT employees, while sounding an...

– Secure payment solutions ensure safe transfers amidst rising risks of cybercrime and fraud. Discover how third-party platforms like…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:”Cybersecurity researchers have discovered an advanced version of the Qilin ransomware sporting increased sophistication and tactics to evade detection. The new variant is being tracked by cybersecurity firm Halcyon under the moniker Qilin.B. “Notably, Qilin.B now supports AES-256-CTR encryption for systems with AESNI capabilities, while still retaining Chacha20 for systems that lack this support”}]]  – Read More  – The...

– [[{“value”:”Historically, Mac users haven’t had to worry about malware as much as their Windows-using cousins. But that doesn’t mean that Mac users should be complacent. And the recent discovery of a new malware strain emphasises that the threat – even if much smaller than on Windows – remains real. Read more in my article on the Tripwire State of...

– [[{“value”:”Cybersecurity researchers have disclosed a security flaw impacting Amazon Web Services (AWS) Cloud Development Kit (CDK) that could have resulted in an account takeover under specific circumstances. “The impact of this issue could, in certain scenarios, allow an attacker to gain administrative access to a target AWS account, resulting in a full account takeover,” Aqua said in a report...

– [[{“value”:”Cisco on Wednesday said it has released updates to address an actively exploited security flaw in its Adaptive Security Appliance (ASA) that could lead to a denial-of-service (DoS) condition. The vulnerability, tracked as CVE-2024-20481 (CVSS score: 5.8), affects the Remote Access VPN (RAVPN) service of Cisco ASA and Cisco Firepower Threat Defense (FTD) Software. Arising due to resource”}]]  –...

– A cybersecurity researcher discovered a massive data leak exposing over 115,000 sensitive documents associated with the UN Trust…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:” Ransomware developers are used to their malware being detected. Once defenses against it have been built, they revise and update their code to circumvent those defenses. Then developers deploy an updated version in renewed attacks, often with increased sophistication, to evade detection and achieve their malicious objectives. That cycle has started anew with the Qilin ransomware-as-a-service operation, according...

– [[{“value”:”Sometimes, it turns out that the answers we struggled so hard to find were sitting right in front of us for so long that we somehow overlooked them. When the Department of Homeland Security, through the Cybersecurity and Infrastructure Security Agency (CISA), in coordination with the FBI, issues a cybersecurity warning and prescribes specific action, it’s a pretty good...

– [[{“value”:”The North Korean threat actor known as Lazarus Group has been attributed to the zero-day exploitation of a now-patched security flaw in Google Chrome to seize control of infected devices. Cybersecurity vendor Kaspersky said it discovered a novel attack chain in May 2024 that targeted the personal computer of an unnamed Russian national with the Manuscrypt backdoor. This entails...

– [[{“value”:”Fortinet has confirmed details of a critical security flaw impacting FortiManager that has come under active exploitation in the wild. Tracked as CVE-2024-47575 (CVSS score: 9.8), the vulnerability is also known as FortiJump and is rooted in the FortiGate to FortiManager (FGFM) protocol. “A missing authentication for critical function vulnerability [CWE-306] in FortiManager fgfmd daemon may”}]]  – Read More ...

– [[{“value”:” Welcome to Day Three of our first ever Pwn2Own Ireland competition! We’ve already awarded $874,875, and we have 15 attempts left to go. Will we hit the $1,000,000 mark or will all remaining attempts end up in bug collisions? Stay tuned to find out. All times are Irish Standard Time (GMT +1:00). “}]]  – Read More  – Zero...

– A hacker leaked the personal data of 180,000 Esport North Africa users just before the tournament. While no…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:”The SolarWinds have returned to haunt four cybersecurity companies who tried to hide their breaches and ended up with their trousers around their ankles, and North Korea succeeds in getting one of its IT workers hired… but what’s their plan? All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity...

– [[{“value”:”New variants of a banking malware called Grandoreiro have been found to adopt new tactics in an effort to bypass anti-fraud measures, indicating that the malicious software is continuing to be actively developed despite law enforcement efforts to crack down on the operation. “Only part of this gang was arrested: the remaining operators behind Grandoreiro continue attacking users all...

– Cisco Talos reveals TA866’s (also known as Asylum Ambuscade) sophisticated tactics and its link to the new WarmCookie…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– On October 24 and 25, SophosAI presents ideas on how to use models large and small—and defend against malignant ones.  – Read More  – Sophos News 

– [[{“value”:”A high-severity flaw impacting Microsoft SharePoint has been added to the Known Exploited Vulnerabilities (KEV) catalog by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday, citing evidence of active exploitation. The vulnerability, tracked as CVE-2024-38094 (CVSS score: 7.2), has been described as a deserialization vulnerability impacting SharePoint that could result”}]]  – Read More  – The Hacker News 

– [[{“value”:”Identity security is front, and center given all the recent breaches that include Microsoft, Okta, Cloudflare and Snowflake to name a few. Organizations are starting to realize that a shake-up is needed in terms of the way we approach identity security both from a strategic but also a technology vantage point.  Identity security is more than just provisioning access ...

– Millions of iOS and Android users are at risk after Symantec discovered that popular apps contain hardcoded, unencrypted…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– Cyber attackers are using encoded JavaScript files to hide malware, abusing Microsoft’s Script Encoder to disguise harmful scripts…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:” The United States remains highly vulnerable to the negative economic and security impacts posed by cyber threats. Despite the robust work of numerous administrations, our nation’s critical infrastructure still lacks resiliency and we have failed to secure our most systemically important entities. In order for this to change, cybersecurity must be an essential, day-one policy priority for the...

– [[{“value”:” Not long ago, the ability to digitally track someone’s daily movements just by knowing their home address, employer, or place of worship was considered a dangerous power that should remain only within the purview of nation states. But a new lawsuit in a likely constitutional battle over a New Jersey privacy law shows that anyone can now access...

– [[{“value”:”Threat actors have been observed abusing Amazon S3 (Simple Storage Service) Transfer Acceleration feature as part of ransomware attacks designed to exfiltrate victim data and upload them to S3 buckets under their control. “Attempts were made to disguise the Golang ransomware as the notorious LockBit ransomware,” Trend Micro researchers Jaromir Horejsi and Nitesh Surana said. “However, such is”}]]  –...

– It may come as a surprise to learn that 34% of security practitioners are in the dark about how many SaaS applications are deployed in their organizations. And it’s no wonder—the recent AppOmni 2024 State of SaaS Security Report reveals that only 15% of organizations centralize SaaS security within their cybersecurity teams. These statistics not only highlight a critical...

– [[{“value”:”Cybersecurity researchers have shed light on a new adversarial technique that could be used to jailbreak large language models (LLMs) during the course of an interactive conversation by sneaking in an undesirable instruction between benign ones. The approach has been codenamed Deceptive Delight by Palo Alto Networks Unit 42, which described it as both simple and effective, achieving an...

– While organizations of all sizes are impacted by the shortage of cybersecurity professionals, smaller organizations feel its impact most sharply.  – Read More  – Sophos News 

– Dutch police arrested four individuals for selling stolen personal data via Telegram groups, seizing devices and firearms in…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:” Welcome back to Pwn2Own Ireland 2024! Yesterday, we awarded $516,250 for over 50 unique 0-day bugs. Today looks to be just as exciting with attempts on phones, cameras, printers, and smart speakers. We’ll be updating this blog in real time as results become available. We have a full schedule of attempts today, so stay tuned! All times are...

– Lumma Stealer malware uses fake CAPTCHA to deceive victims. This information-stealing malware targets sensitive data like passwords and…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:” The U.S. intelligence community is anticipating a potentially tumultuous post-election period this year, where foreign governments will seek to amplify domestic unrest to cast doubt about the legitimacy of the winner while undermining confidence in democracy. Officials at the Office of the Director of National Intelligence singled out Russia, using some of their strongest language to date to...

– [[{“value”:”Security researchers have uncovered a new flaw in some AI chatbots that could have allowed hackers to steal personal information from users. The flaw, which has been named “Imprompter”, which uses a clever trick to hide malicious instructions within seemingly-random text. Read more in my article on the Hot for Security blog.”}]]  – Read More  – Graham Cluley 

– [[{“value”:”Russian-speaking users have become the target of a new phishing campaign that leverages an open-source phishing toolkit called Gophish to deliver DarkCrystal RAT (aka DCRat) and a previously undocumented remote access trojan dubbed PowerRAT. “The campaign involves modular infection chains that are either Maldoc or HTML-based infections and require the victim’s intervention to trigger the”}]]  – Read More  –...

– Anti-bot services on the dark web allow phishers to bypass Google’s Red Page warnings, evading detection and making…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:” The victor of the 2024 presidential election must resolve conflicting cybersecurity regulations, better deter cyberattacks, address the cyber workforce shortage, develop plans with the private sector on critical infrastructure protection and review how to keep the economy going in the event of major hacks, a task force of cyber experts said in a report released Tuesday. Those were...

– Cary, NC, 22nd October 2024, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:” Ransomware attacks on the health care sector are rising and putting lives at risk, led by Iranian hackers, Microsoft said in a report Tuesday. The report, which draws on both internal company data and external data, points to a 300% increase in ransomware attacks on the health sector since 2015, and an increase in stroke and cardiac arrest...

– [[{“value”:” The Securities and Exchange Commission said it has reached a settlement with four companies for making materially misleading statements about the impact of the 2020 SolarWinds Orion software breach on their business. The regulator on Tuesday charged the four companies — Unisys Corp., Avaya Holdings Corp., Check Point Software Technologies and Mimecast Limited — with minimizing the compromise...

– [[{“value”:”Bad actors have been observed targeting Docker remote API servers to deploy the SRBMiner crypto miner on compromised instances, according to new findings from Trend Micro. “In this attack, the threat actor used the gRPC protocol over h2c to evade security solutions and execute their crypto mining operations on the Docker host,” researchers Abdelrahman Esmail and Sunil Bharti said...

– [[{“value”:”In episode 21 of “The AI Fix””, Mark and Graham comfort themselves with a limbless AI pet as they learn about a terrifying robot dog with a flamethrower, fission-powered data centres, AI suicide pods, and a multi-limbed robot with a passion for classical music. Graham finds out what happens if you sellotape an Alexa to a Chihuahua, and Mark...

– [[{“value”:”Details have emerged about a now-patched security flaw in Styra’s Open Policy Agent (OPA) that, if successfully exploited, could have led to leakage of New Technology LAN Manager (NTLM) hashes. “The vulnerability could have allowed an attacker to leak the NTLM credentials of the OPA server’s local user account to a remote server, potentially allowing the attacker to relay...

– Service accounts are vital in any enterprise, running automated processes like managing applications or scripts. However, without proper monitoring, they can pose a significant security risk due to their elevated privileges. This guide will walk you through how to locate and secure these accounts within Active Directory (AD), and explore how Silverfort’s solutions can help enhance your  – Read...