CSO Online
Dark Reading
Dark Web Informer
Europol
Krebs on Security
NSA
Reuters
Security Affairs
The Hacker News
Wired
ZDNET
The Tor Project and Tails have merged operations
Fri Sep 27 2024
The Tor Project and Tails OS have joined forces and merged operations to counter a growing number of digital threats. The Tor Project and Tails have merged operations to enhance collaboration and expand training, outreach, and strengthen both organizations’ efforts to protect users globally from digital surveillance and censorship. The two organizations aim to better […]
Security Affairs
Daily Dose of Dark Web Informer - September 27th, 2024
Sat Sep 28 2024
This daily article is intended to make it easier for those who want to stay updated with my regular posts. Any subscriber-only content will be clearly marked at the end of the link.
Dark Web Informer
A Threat Actor Allegedly is Selling Data of an Unidentified Car Dealership Company in Thailand
Fri Sep 27 2024
A Threat Actor Allegedly is Selling Data of an Unidentified Car Dealership Company in Thailand
Dark Web Informer
Remote code execution exploit for CUPS printing service puts Linux desktops at risk
Fri Sep 27 2024
A security researcher has developed an exploit that leverages several vulnerabilities in CUPS (common UNIX printing system), the default printing system on most Linux systems.
CSO Online
Liquid Blood Targeted the Website of National Bank of Tajikistan
Fri Sep 27 2024
Liquid Blood Targeted the Website of National Bank of Tajikistan
Dark Web Informer
Websec Targeted the Website of The People's Party
Fri Sep 27 2024
Websec Targeted the Website of The People's Party
Dark Web Informer
A Threat Actor has Allegedly Leaked Data from T-shirtmakers
Fri Sep 27 2024
A Threat Actor has Allegedly Leaked Data from T-shirtmakers
Dark Web Informer
Cyber vandalism on Wi-Fi networks at UK train stations spread an anti-Islam message
Fri Sep 27 2024
UK police are investigating a cyberattack that disrupted Wi-Fi networks at several train stations across the country. U.K. transport officials and police are investigating a cyber attack on public Wi-Fi networks at the country’s biggest railway stations. Following the ‘cyber-security incident,’ passengers trying to log onto the Wi-Fi at several stations on Wednesday evening were […]
Security Affairs
RipperSec Targeted the Website of Addiko Bank AG
Fri Sep 27 2024
RipperSec Targeted the Website of Addiko Bank AG
Dark Web Informer
US charges British man over 'hack-to-trade' scheme
Fri Sep 27 2024
A British man has been arrested and charged by U.S. authorities with hacking into the computers of five companies to obtain details about their expected earnings, and making $3.75 million of illegal profit by trading before results were released.
Reuters
dirsearch - Web Path Discovery
Fri Sep 27 2024
dirsearch - Web Path Discovery
Dark Web Informer
Microsoft announces sweeping changes to controversial Recall feature for Windows 11 Copilot+ PCs
Fri Sep 27 2024
The 'photographic memory' feature in Windows 11 is set to begin rolling out soon. Will these security improvements be enough to satisfy critics?
ZDNET
Bangladesh Civilian Force Targeted the Website of Mumbai Custom
Fri Sep 27 2024
Bangladesh Civilian Force Targeted the Website of Mumbai Custom
Dark Web Informer
A Threat Actor is Allegedly Selling Data of Australian Citizens
Fri Sep 27 2024
A Threat Actor is Allegedly Selling Data of Australian Citizens
Dark Web Informer
A Threat Actor has Allegedly Leaked Data of Weather Event
Fri Sep 27 2024
A Threat Actor has Allegedly Leaked Data of Weather Event
Dark Web Informer
Progress Software Releases Patches for 6 Flaws in WhatsUp Gold – Patch Now
Fri Sep 27 2024
Progress Software has released another round of updates to address six security flaws in WhatsUp Gold, including two critical vulnerabilities. The issues, the company said, have been resolved in version 24.0.1 released on September 20, 2024. The company has yet to release any details about what the flaws are other than listing their CVE identifiers - CVE-2024-46905 (CVSS score: 8.8) ...
The Hacker News
PoC Honeypot for Detecting Exploit Attempts Against CVE-2024-47177
Fri Sep 27 2024
PoC Honeypot for Detecting Exploit Attempts Against CVE-2024-47177
Dark Web Informer
How Does the Tor Network Work?
Fri Sep 27 2024
How Does the Tor Network Work?
Dark Web Informer
The best VPN for streaming in 2024: Expert tested and reviewed
Fri Sep 27 2024
The best VPNs for streaming offer high speeds and aren't blocked by popular services, including Netflix and Hulu. With these VPNs, you can watch your favorite content from anywhere in the world.
ZDNET
Avangrid partners with state fusion cell to fight cyber threats via data sharing
Fri Sep 27 2024
Avangrid’s award-winning cybersecurity initiative uses real-time data sharing to protect the energy grid.
CSO Online
DEFACER KAMPUNG Defaced the Website of Premium Group
Fri Sep 27 2024
DEFACER KAMPUNG Defaced the Website of Premium Group
Dark Web Informer
Z-BL4CX-H4T Defaced the Website of PCM Masale
Fri Sep 27 2024
Z-BL4CX-H4T Defaced the Website of PCM Masale
Dark Web Informer
A Threat Actor has Allegedly Leaked Data of MS GLOW Beauty
Fri Sep 27 2024
A Threat Actor has Allegedly Leaked Data of MS GLOW Beauty
Dark Web Informer
The best VPN for Mac in 2024: Expert tested and reviewed
Fri Sep 27 2024
Many Mac VPNs offer high performance, speed, and security. These are our top VPN recommendations for Mac users in 2024.
ZDNET
CUPS flaws allow remote code execution on Linux systems under certain conditions
Fri Sep 27 2024
A researcher has disclosed details of an unpatched Linux vulnerability, initially labeled as critical, that allows remote code execution. The popular cybersecurity researcher Simone Margaritelli (@evilsocket) disclosed technical details of an unpatched vulnerability impacting Linux systems. On September 23, Margaritelli announced plans to disclose an unauthenticated remote code execution (RCE) vulnerability affecting all GNU/Linux systems […]
Security Affairs
Worried about that critical RCE Linux bug? Here's why you can relax
Fri Sep 27 2024
Yes, there are security holes in OpenPrinting CUPS, which Linux, Chrome OS, MacOS, and some Unix systems use for printing, but it's not that bad. Here's how to check if you're at risk.
ZDNET
A Threat Actor is Selling Data of Discord
Fri Sep 27 2024
A Threat Actor is Selling Data of Discord
Dark Web Informer
A Threat Actor Allegedly Leaked Data of Toyota Bicutan Paranaque
Fri Sep 27 2024
A Threat Actor Allegedly Leaked Data of Toyota Bicutan Paranaque
Dark Web Informer
Microsoft privilege escalation issue forces the debate: ‘When is something a security hole?’
Fri Sep 27 2024
Security vendor Fortra announced on Friday what it is describing as a Microsoft security hole that would allow an attacker who had stolen low-level access credentials to escalate them to high-level ac
CSO Online
Critical Linux CUPS Printing System Flaws Could Allow Remote Command Execution
Fri Sep 27 2024
A new set of security vulnerabilities has been disclosed in the OpenPrinting Common Unix Printing System (CUPS) on Linux systems that could permit remote command execution under certain conditions. "A remote unauthenticated attacker can silently replace existing printers' (or install new ones) IPP urls with a malicious one, resulting in arbitrary command execution (on the computer) when a print...
The Hacker News
A critical Nvidia Container Toolkit bug can allow a complete host takeover
Fri Sep 27 2024
Nvidia has patched a critical vulnerability affecting its container toolkit (formerly known as Nvidia docker).
CSO Online
How to Plan and Prepare for Penetration Testing
Fri Sep 27 2024
As security technology and threat awareness among organizations improves so do the adversaries who are adopting and relying on new techniques to maximize speed and impact while evading detection. Ransomware and malware continue to be the method of choice by big game hunting (BGH) cyber criminals, and the increased use of hands-on or “interactive intrusion” techniques is especially alarming....
The Hacker News
U.S. sanctioned virtual currency exchanges Cryptex and PM2BTC for facilitating illegal activities
Fri Sep 27 2024
The U.S. government sanctioned the virtual currency exchanges Cryptex and PM2BTC for facilitating cybercrime and money maundering. The U.S. government sanctioned two cryptocurrency exchanges, Cryptex and PM2BTC, and indicted a Russian national for allegedly facilitating cybercriminal activities and money laundering. The authorities believe that these exchanges facilitate the laundering of proceeds from cybercrime. “The Justice […]
Security Affairs
Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks
Fri Sep 27 2024
The threat actor known as Storm-0501 has targeted government, manufacturing, transportation, and law enforcement sectors in the U.S. to stage ransomware attacks. The multi-stage attack campaign is designed to compromise hybrid cloud environments and perform lateral movement from on-premises to cloud environment, ultimately resulting in data exfiltration, credential theft, tampering, persistent...
The Hacker News
Carrier Global takes collaborative approach to cybersecurity
Fri Sep 27 2024
For enterprises that do business worldwide, cybersecurity can be a complex undertaking, as risks such as phishing attacks by threat actors continuously evolve across the globe to bypass traditional de
CSO Online
Tesla’s Cybertruck Goes, Inevitably, to War
Fri Sep 27 2024
A handful of Tesla’s electric pickup trucks are armed and ready for battle in the hands of Chechen forces fighting in Ukraine as part of Russia’s ongoing invasion. Can the EV take the heat?
Wired
Cybersecurity Certifications: The Gateway to Career Advancement
Fri Sep 27 2024
In today's fast-evolving digital landscape, cybersecurity has become a cornerstone of organizational resilience. As cyber threats grow increasingly sophisticated, the demand for skilled cybersecurity professionals has never been higher. Whether you're a seasoned cyber professional or just starting your journey, signing up for the GIAC Newsletter ensures you're always informed and equipped for...
The Hacker News
New HTML Smuggling Campaign Delivers DCRat Malware to Russian-Speaking Users
Fri Sep 27 2024
Russian-speaking users have been targeted as part of a new campaign distributing a commodity trojan called DCRat (aka DarkCrystal RAT) by means of a technique known as HTML smuggling. The development marks the first time the malware has been deployed using this method, a departure from previously observed delivery vectors such as compromised or fake websites, or phishing emails bearing PDF...
The Hacker News
U.S. Sanctions Two Crypto Exchanges for Facilitating Cybercrime and Money Laundering
Fri Sep 27 2024
The U.S. government on Thursday sanctioned two cryptocurrency exchanges and unsealed an indictment against a Russian national for his alleged involvement in the operation of several money laundering services that were offered to cybercriminals. The virtual currency exchanges, Cryptex and PM2BTC, have been alleged to facilitate the laundering of cryptocurrencies possibly obtained through...
The Hacker News
42% of daily X users have a negative view of it - losing the block feature won't help
Thu Sep 26 2024
What X needs is stronger blocking, not this.
ZDNET
Hacking Kia cars made after 2013 using just their license plate
Thu Sep 26 2024
Researchers discovered critical flaws in Kia’s dealer portal that could allow to hack Kia cars made after 2013 using just their license plate. In June 2024, a team of experts (Neiko Rivera, Sam Curry, Justin Rhinehart, Ian Carroll) discovered multiple vulnerabilities in Kia vehicles that allowed remote control of key functions using their license plates. […]
Security Affairs
Critical NVIDIA Container Toolkit Vulnerability Could Grant Full Host Access to Attackers
Fri Sep 27 2024
A critical security flaw has been disclosed in the NVIDIA Container Toolkit that, if successfully exploited, could allow threat actors to break out of the confines of a container and gain full access to the underlying host. The vulnerability, tracked as CVE-2024-0132, carries a CVSS score of 9.0 out of a maximum of 10.0. It has been addressed in NVIDIA Container Toolkit version v1.16.2 and...
The Hacker News
Daily Dose of Dark Web Informer - September 26th, 2024
Thu Sep 26 2024
This daily article is intended to make it easier for those who want to stay updated with my regular posts. Any subscriber-only content will be clearly marked at the end of the link.
Dark Web Informer
A Threat Actor on a Hacking Forum has Allegedly Leaked data of Federal Firearms Licenses of USA
Thu Sep 26 2024
A Threat Actor on a Hacking Forum has Allegedly Leaked data of Federal Firearms Licenses of USA
Dark Web Informer
How hackers could have remotely controlled millions of cars
Thu Sep 26 2024
A website flaw - since patched - enabled these researchers to remotely track a car's location, unlock its doors, honk the horn, and start the engine.
ZDNET
Critical RCE vulnerability found in OpenPLC
Thu Sep 26 2024
Cisco’s Talos reported critical and high-severity flaws in OpenPLC that could lead to DoS condition and remote code execution. Cisco’s Talos threat intelligence unit has disclosed details of five newly patched vulnerabilities in OpenPLC, an open-source programmable logic controller. These vulnerabilities can be exploited to trigger a denial-of-service (DoS) condition or execute remote code. OpenPLC […]
Security Affairs
grep Allegedly has Leaked the Albert Menes Database
Thu Sep 26 2024
grep Allegedly has Leaked the Albert Menes Database
Dark Web Informer
A Threat Actor Allegedly Leaked the Adouceo Database
Thu Sep 26 2024
A Threat Actor Allegedly Leaked the Adouceo Database
Dark Web Informer
Moroccan Cyber Forces Targeted the Website of Tzeva Adom
Thu Sep 26 2024
Moroccan Cyber Forces Targeted the Website of Tzeva Adom
Dark Web Informer
STEM Fest: Engineering Ideas Into Reality
Thu Sep 26 2024
Join the National Cryptologic Museum for the 10th Annual STEM Fest! Explore a world of discovery where science, technology, engineering and math come together!
NSA
The best VPN trials of 2024: Expert tested and reviewed
Thu Sep 26 2024
We found the best VPN free trials so you can test out a range of VPNs before you commit.
ZDNET
A Threat Actor is Allegedly Selling the Data of Capital Markets Elite Group
Thu Sep 26 2024
A Threat Actor is Allegedly Selling the Data of Capital Markets Elite Group
Dark Web Informer
Hackers Could Have Remotely Controlled Kia Cars Using Only License Plates
Thu Sep 26 2024
Cybersecurity researchers have disclosed a set of now patched vulnerabilities in Kia vehicles that, if successfully exploited, could have allowed remote control over key functions simply by using only a license plate. "These attacks could be executed remotely on any hardware-equipped vehicle in about 30 seconds, regardless of whether it had an active Kia Connect subscription," security...
The Hacker News
Different Types of Network Attacks
Thu Sep 26 2024
Different Types of Network Attacks
Dark Web Informer
U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex
Thu Sep 26 2024
The United States today unveiled sanctions and indictments against the alleged proprietor of Joker's Stash, a now-defunct cybercrime store that peddled tens of millions of payment cards stolen in some of the largest data breaches of the past decade. The government also indicted a top Russian cybercriminal known as Taleon, whose cryptocurrency exchange Cryptex has evolved into one of Russia's most active money laundering networks.
Krebs on Security
China-linked APT group Salt Typhoon compromised some U.S. internet service providers (ISPs)
Thu Sep 26 2024
China-linked threat actors compromised some U.S. internet service providers (ISPs) as part of a cyber espionage campaign code-named Salt Typhoon. China-linked threat actors have breached several U.S. internet service providers in recent months as part of a cyber espionage campaign code-named Salt Typhoon. The state-sponsored hackers aimed at gathering intelligence from the targets or carrying […]
Security Affairs
Here are the top 3 causes of breaches – and how to mitigate them
Thu Sep 26 2024
The stakes are higher than ever for organizations worldwide regarding cybersecurity incidents, as the fallout of such incidents is becoming more costly and complex.
CSO Online
SAP SE revamps application security scanning using simulation and automation
Thu Sep 26 2024
As a result, SAP is always evolving its security measures to stay ahead of cyber threats.
CSO Online
N. Korean Hackers Deploy New KLogEXE and FPSpy Malware in Targeted Attacks
Thu Sep 26 2024
Threat actors with ties to North Korea have been observed leveraging two new malware strains dubbed KLogEXE and FPSpy. The activity has been attributed to an adversary tracked as Kimsuky, which is also known as APT43, ARCHIPELAGO, Black Banshee, Emerald Sleet (formerly Thallium), Sparkling Pisces, Springtail, and Velvet Chollima. "These samples enhance Sparkling Pisces' already extensive arsenal...
The Hacker News
Overloaded with SIEM Alerts? Discover Effective Strategies in This Expert-Led Webinar
Thu Sep 26 2024
Imagine trying to find a needle in a haystack, but the haystack is on fire, and there are a million other needles you also need to find. That's what dealing with security alerts can feel like. SIEM was supposed to make this easier, but somewhere along the way, it became part of the problem. Too many alerts, too much noise, and not enough time to actually stop threats. It's time for a change....
The Hacker News
Amid Air Strikes and Rockets, an SMS From the Enemy
Thu Sep 26 2024
As Israel intensifies its attacks on Lebanon, eerie messages have been arriving on the phones of civilians on both sides of the border, with authorities in each country accusing the other of psychological warfare.
Wired
Chinese hackers allegedly hacked US ISPs for cyber espionage
Thu Sep 26 2024
Chinese state-sponsored hackers have been found to have gained access to multiple US internet service providers (ISPs) to establish persistence and carry out cyber espionage activities.
CSO Online
UK police investigating Islamophobic hack of Wi-Fi at train stations
Thu Sep 26 2024
British police said on Thursday they had launched an investigation into a cyberattack after passengers at the country's major railway stations saw an Islamophobic message when they tried to use Wi-Fi services.
Reuters
EPSS vs. CVSS: What’s the Best Approach to Vulnerability Prioritization?
Thu Sep 26 2024
Many businesses rely on the Common Vulnerability Scoring System (CVSS) to assess the severity of vulnerabilities for prioritization. While these scores provide some insight into the potential impact of a vulnerability, they don’t factor in real-world threat data, such as the likelihood of exploitation. With new vulnerabilities discovered daily, teams don’t have the time - or the budget - to...
The Hacker News
Millions of Vehicles Could Be Hacked and Tracked Thanks to a Simple Website Bug
Thu Sep 26 2024
Researchers found a flaw in a Kia web portal that let them track millions of cars, unlock doors, and start engines at will—the latest in a plague of web bugs that’s affected a dozen carmakers.
Wired
Privacy non-profit noyb claims that Firefox tracks users with privacy preserving feature
Thu Sep 26 2024
Privacy non-profit noyb filed a complaint with the Austrian DPA against Firefox for enabling tracking in Firefox without user consent. Privacy non-profit None Of Your Business (noyb) has filed a complaint with Austria’s data protection authority (DSB) against Mozilla for enabling the privacy feature Privacy-Preserving Attribution (PPA) in Firefox without user consent. Noyb claims that […]
Security Affairs
Watering Hole Attack on Kurdish Sites Distributing Malicious APKs and Spyware
Thu Sep 26 2024
As many as 25 websites linked to the Kurdish minority have been compromised as part of a watering hole attack designed to harvest sensitive information for over a year and a half. French cybersecurity firm Sekoia, which disclosed details of the campaign dubbed SilentSelfie, described the intrusion set as long-running, with first signs of infection detected as far back as December 2022. The...
The Hacker News
South Korea to criminalise watching or possessing sexually explicit deepfakes
Thu Sep 26 2024
South Korean lawmakers on Thursday passed a bill that criminalises possessing or watching sexually explicit deepfake images and videos, with penalties set to include prison terms and fines.
Reuters
India's Star Health sues Telegram after hacker uses app's chatbots to leak data
Thu Sep 26 2024
Top Indian insurer Star Health has sued Telegram and a self-styled hacker after Reuters reported that the hacker was using chatbots on the messaging app to leak personal data and medical reports of policy holders.
Reuters
5 obscure web browsers that will finally break your Chrome addiction
Thu Sep 26 2024
Give one of these alternative browsers just a few minutes of your time and you'll never go back. They're all free, so what have you got to lose?
ZDNET
Attackers impersonate freight companies in double brokering scams
Thu Sep 26 2024
Scammers are increasingly impersonating transportation companies to bid on shipments and then contract the job at a lower price to potentially less reliable carriers.
CSO Online
Cloudflare Warns of India-Linked Hackers Targeting South and East Asian Entities
Thu Sep 26 2024
An advanced threat actor with an India nexus has been observed using multiple cloud service providers to facilitate credential harvesting, malware delivery, and command-and-control (C2). Web infrastructure and security company Cloudflare is tracking the activity under the name SloppyLemming, which is also called Outrider Tiger and Fishing Elephant. "Between late 2022 to present, SloppyLemming...
The Hacker News
Beware the risks of vulnerable VPNs: update, maintain, monitor, and protect
Thu Sep 26 2024
We live in a world that is always on and always vulnerable.
CSO Online
Data of 3,191 congressional staffers leaked in the dark web
Thu Sep 26 2024
The personal information of over 3,000 congressional staffers was leaked on the dark web following a major cyberattack on the U.S. Capitol. The personal information of approximately 3,191 congressional staffers has been leaked on the dark web, according to new research from internet security firm Proton and Constella Intelligence. The leaked data includes passwords, IP […]
Security Affairs
Why Windows 11 requires a TPM - and how to get around that
Wed Sep 25 2024
Windows 11 officially requires a Trusted Platform Module. Here's what it does and how you can work around that requirement if your old PC doesn't have one.
ZDNET
Chinese Hackers Infiltrate U.S. Internet Providers in Cyber Espionage Campaign
Thu Sep 26 2024
Nation-state threat actors backed by Beijing broke into a "handful" of U.S. internet service providers (ISPs) as part of a cyber espionage campaign orchestrated to glean sensitive information, The Wall Street Journal reported Wednesday. The activity has been attributed to a threat actor that Microsoft tracks as Salt Typhoon, which is also known as FamousSparrow and GhostEmperor. "Investigators...
The Hacker News
Zero trust, not no trust: A practical guide to implementing ZTNA
Thu Sep 26 2024
Zero-trust network access (ZTNA) is a security model that follows the principle of “never trust, always verify.
CSO Online
Accenture forges own path to improve attack surface management
Wed Sep 25 2024
Accenture’s award-winning attack surface management program strengthens the company’s resiliency and security posture.
CSO Online
New variant of Necro Trojan infected more than 11 million devices
Wed Sep 25 2024
Experts warn of Necro Trojan found in Google Play, threat actors are spreading it through fake versions of legitimate Android apps. Researchers from Kaspersky discovered a new version of the Necro Trojan in multiple apps uploaded to the Google Play store. The malware was hidden in popular applications and game mods. Kaspersky researchers first spotted […]
Security Affairs
A catastrophic browser flaw is patched almost immediately - here's how
Wed Sep 25 2024
A researcher discovers a nasty bug in the Arc browser and the next day it's fixed. If only all proprietary software got this sort of attention.
ZDNET
Timeshare Owner? The Mexican Drug Cartels Want You
Wed Sep 25 2024
The FBI is warning timeshare owners to be wary of a prevalent telemarketing scam involving a violent Mexican drug cartel that tries to trick elderly people into believing someone wants to buy their property. This is the story of a couple who recently lost more than $50,000 to an ongoing timeshare scam that spans at least two dozen phony escrow, title and realty firms.
Krebs on Security
The critical importance of choosing the right data center firewall
Wed Sep 25 2024
Data centers are the backbone of modern IT architecture.
CSO Online
Google's Shift to Rust Programming Cuts Android Memory Vulnerabilities by 52%
Wed Sep 25 2024
Google has revealed that its transition to memory-safe languages such as Rust as part of its secure-by-design approach has led to the percentage of memory-safe vulnerabilities discovered in Android dropping from 76% to 24% over a period of six years. The tech giant said focusing on Safe Coding for new features not only reduces the overall security risk of a codebase, but also makes the switch...
The Hacker News
Thousands of internet-exposed fuel gauges could be hacked and dangerously exploited
Wed Sep 25 2024
Thousands of automatic tank gauge (ATG) systems used in gas stations, power plants, airports, military bases, and other critical infrastructure facilities are exposed to the internet and using insecur
CSO Online
Mozilla Faces Privacy Complaint for Enabling Tracking in Firefox Without User Consent
Wed Sep 25 2024
Vienna-based privacy non-profit noyb (short for None Of Your Business) has filed a complaint with the Austrian data protection authority (DPA) against Firefox maker Mozilla for enabling a new feature called Privacy-Preserving Attribution (PPA) without explicitly seeking users' consent. "Contrary to its reassuring name, this technology allows Firefox to track user behavior on websites," noyb said...
The Hacker News
Cybersecurity Researchers Warn of New Rust-Based Splinter Post-Exploitation Tool
Wed Sep 25 2024
Cybersecurity researchers have flagged the discovery of a new post-exploitation red team tool called Splinter in the wild. Palo Alto Networks Unit 42 shared its findings after it discovered the program on several customers' systems. "It has a standard set of features commonly found in penetration testing tools and its developer created it using the Rust programming language," Unit 42's Dominik...
The Hacker News
ChatGPT macOS Flaw Could've Enabled Long-Term Spyware via Memory Function
Wed Sep 25 2024
A now-patched security vulnerability in OpenAI's ChatGPT app for macOS could have made it possible for attackers to plant long-term persistent spyware into the artificial intelligence (AI) tool's memory. The technique, dubbed SpAIware, could be abused to facilitate "continuous data exfiltration of any information the user typed or responses received by ChatGPT, including any future chat sessions...
The Hacker News
Expert Tips on How to Spot a Phishing Link
Wed Sep 25 2024
Phishing attacks are becoming more advanced and harder to detect, but there are still telltale signs that can help you spot them before it's too late. See these key indicators that security experts use to identify phishing links:1. Check Suspicious URLs Phishing URLs are often long, confusing, or filled with random characters. Attackers use these to disguise the link's true destination...
The Hacker News
CrowdStrike outage redefines EDR market emphasis
Wed Sep 25 2024
July’s infamous CrowdStrike outage has shaken up the endpoint detection and response (EDR) marketplace by placing a much greater emphasis on stability and reliability.
CSO Online
Agentic AI in SOCs: A Solution to SOAR's Unfulfilled Promises
Wed Sep 25 2024
Security Orchestration, Automation, and Response (SOAR) was introduced with the promise of revolutionizing Security Operations Centers (SOCs) through automation, reducing manual workloads and enhancing efficiency. However, despite three generations of technology and 10 years of advancements, SOAR hasn’t fully delivered on its potential, leaving SOCs still grappling with many of the same...
The Hacker News
U.S. CISA adds Ivanti Virtual Traffic Manager flaw to its Known Exploited Vulnerabilities catalog
Wed Sep 25 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti Virtual Traffic Manager vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Ivanti Virtual Traffic Manager authentication bypass vulnerability CVE-2024-7593(CVSS score of 9.8) to its Known Exploited Vulnerabilities (KEV) catalog. In Mid-August 2024, Ivanti addressed the vulnerability CVE-2024-7593 that impacts […]
Security Affairs
Arkansas City water treatment facility switched to manual operations following a cyberattack
Wed Sep 25 2024
Arkansas City, a small city in Cowley County, Kansas, was forced to switch its water treatment facility to manual operations due to a cyberattack. Arkansas City, Kansas, had to switch its water treatment facility to manual operations over the weekend due to a cyberattack that was detected on Sunday. As of the 2020 census, Arkansas City has […]
Security Affairs
WikiLeaks' Assange to make first public appearance since release in Strasbourg
Wed Sep 25 2024
WikiLeaks' founder Julian Assange is set to make his first public appearance since being freed from a British jail when he gives evidence to the Council of Europe next month, his organisation said on Wednesday.
Reuters
Transportation Companies Hit by Cyberattacks Using Lumma Stealer and NetSupport Malware
Wed Sep 25 2024
Transportation and logistics companies in North America are the target of a new phishing campaign that delivers a variety of information stealers and remote access trojans (RATs). The activity cluster, per Proofpoint, makes use of compromised legitimate email accounts belonging to transportation and shipping companies so as to inject malicious content into existing email conversations. As many...
The Hacker News
When technical debt strikes the security stack
Wed Sep 25 2024
Most veteran CISOs implicitly understand the concept of technical debt and how it increases the risk across IT assets and applications.
CSO Online
New Android banking trojan Octo2 targets European banks
Wed Sep 25 2024
A new version of the Android banking trojan Octo, called Octo2, supports improved features that allow to takeover infected devices. ThreatFabric researchers discovered a new version of the Android banking trojan Octo, called Octo2, that supports more advanced remote action capabilities needed for Device Takeover attacks. The new malware has already targeted users in European […]
Security Affairs
CISA Flags Critical Ivanti vTM Vulnerability Amid Active Exploitation Concerns
Wed Sep 25 2024
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting Ivanti Virtual Traffic Manager (vTM) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability in question is CVE-2024-7593 (CVSS score: 9.8), which could be exploited by a remote unauthenticated attacker to bypass the...
The Hacker News
CrowdStrike defends access to Windows kernel at US Congressional hearing into July worldwide update failure
Wed Sep 25 2024
A CrowdStrike executive told a US Congressional hearing on Tuesday that the company’s endpoint detection and response sensor has to continue accessing the Windows kernel, despite criticism by some cyb
CSO Online
Cyber startup Wiz explores shares sale at up to $20 billion valuation, Bloomberg News reports
Tue Sep 24 2024
U.S.-Israeli cybersecurity startup Wiz is exploring a potential sale of existing shares at a valuation ranging from $15 billion to $20 billion, Bloomberg News reported on Tuesday.
Reuters
A generative artificial intelligence malware used in phishing attacks
Tue Sep 24 2024
HP researchers detected a dropper that was generated by generative artificial intelligence services and used to deliver AsyncRAT malware. While investigating a malicious email, HP researchers discovered a malware generated by generative artificial intelligence services and used to deliver the AsyncRAT malware. The AI-generated malware was discovered in June 2024, the phishing message used an invoice-themed lure […]
Security Affairs