Weak password and infostealer blamed for Orange Spain outage
No 2FA or special characters to prevent database takeover and BGP hijack
One in four apps remain exposed to Log4Shell
Two years after the Log4Shell vulnerability in the open source Java-based Log4j logging utility was disclosed, circa one in four applications are dependent on outdated libraries, leaving them open to exploitation. Research from security shop Veracode revealed that the vast majority of vulnerable apps may never have updated the Log4j library after it was implemented by developers as 32 percent were running pre-2015 EOL versions.
How to bypass Windows Hello, log into vulnerable laptops
Hardware security hackers have detailed how it's possible to bypass Windows Hello's fingerprint authentication and login as someone else – if you can steal or be left alone with their vulnerable device. The research was carried out by Blackwing Intelligence, primarily Jesse D'Aguanno and Timo Teräs, and was commissioned and sponsored by Microsoft's Offensive Research and Security Engineering group. The pair's findings were presented at the IT giant's BlueHat conference last month, and made public this week. You can watch the duo's talk below, or dive into the details in their write-up here.
Rhysida ransomware gang claims attack on British Library • The Register
The Rhysida ransomware group says it's behind the highly disruptive October cyberattack on the British Library, leaking a snippet of stolen data in the process. A low-res image shared to its leak site appears to show a handful of passport scans, along with other documents, some of which display the format of HMRC employment documents.
ICBC hit by ransomware impacting global trades
China's largest bank, ICBC, was hit by ransomware that resulted in disruption of financial services (FS) systems on Thursday Beijing time, according to a notice on its website
Casio keyed up after data loss hits customers in 149 countries • The Register
Crooks broke into the ClassPad server and swiped online learning database Japanese electronics giant Casio said miscreants broke into its ClassPad server and stole a database with personal information belonging to customers in 149 countries. ClassPad is Casio's education web app, and in a Wednesday statement on its website, the firm said an intruder breached a ClassPad server and swiped hundreds of thousands of "items" belonging to individuals and organizations around the globe.
CIA exposed to intelligence interception due to X's URL bug
Musk's mega-app-in-waiting goes from chopping headlines to profile URLs An ethical hacker has exploited a bug in the way X truncates URLs to take over a CIA Telegram channel used to receive intelligence. Kevin McSheehan, who uses the online handle "Pad," spotted the issue after hovering over the link to the CIA's Telegram channel displayed on its X social media profile.
Routers have been rooted by Chinese spies US and Japan warn
BlackTech crew looking to steal sensitive data traffic
US-Canada water commission confirms 'cybersecurity incident"
NoEscape promises 'colossal wave of problems' if IJC doesn't pay up The International Joint Commission, a body that manages water rights along the US-Canada border, has confirmed its IT security was targeted, after a ransomware gang claimed it stole 80GB of data from the organization.
Ransomware flingers hit Manchester cops in the supply chain • The Register
The UK's Greater Manchester Police (GMP) has admitted that crooks have got their mitts on some of its data after a third-party supplier responsible for ID badges was attacked. According to the Manchester Evening News the stolen data included the names and pictures of police officers held by the supplier for use on thousands of ID badges.
Ransomware crew hits Save The Children, steals 7TB of data
Cybercrime crew BianLian says it has broken into the IT systems of a top nonprofit and stolen a ton of files, including what the miscreants claim is financial, health, and medical data. As highlighted by VX-Underground and Emsisoft threat analyst Brett Callow earlier today, BianLian bragged on its website it had hit an organization that, based on the gang's description of its unnamed victim, looks to be Save The Children International. The NGO, which employs about 25,000 people, says it has helped more than a billion kids since it was founded in 1919.
Attackers access military data through fencing supplier
Irony, not barbed wire, cuts the deepest
Ransomware infection wipes all CloudNordic servers
IT outfit says it can't — and won't — pay the ransom demand
Want to pwn a satellite? Turns out it's surprisingly easy
A study into the feasibility of hacking low-Earth orbit satellites has revealed that it's worryingly easy to do. In a presentation at the Black Hat security conference in Las Vegas, Johannes Willbold, a PhD student at Germany's Ruhr University Bochum, explained he had been investigating the security of satellites. He studied three types of orbital machinery and found that many were utterly defenseless against remote takeover because they lack the most basic security systems.
Nearly every AMD CPU since 2017 vulnerable to Inception bug
AMD processor users, you have another data-leaking vulnerability to deal with: like Zenbleed, this latest hole can be to steal sensitive data from a running vulnerable machine.
JumpCloud says 'nation state' gang hit some customers
JumpCloud says a "sophisticated nation-state" attacker broke into its IT systems and targeted some of its customers. The identity and access management provider, particularly popular with sysadmins wrangling Macs on corporate networks, said it first discovered signs of an intrusion on June 27. The biz at the time determined persons unknown got "unauthorized access to a specific area of our infrastructure" using a "sophisticated spear-phishing campaign" that began five days prior.
Dump these Cisco phone adapters because it's not fixing them
There is a critical security flaw in a Cisco phone adapter, and the business technology giant says the only step to take is dumping the hardware and migrating to new kit. In an advisory, Cisco this week warned about the vulnerability in the SPA112 2-Port Adapter that, if exploited, could allow a remote attacker to essentially take control of a compromised device by seizing full privileges and executing arbitrary code. The flaw, tracked as CVE-2023-20126, is rated as "critical," with a base score o
Black Basta claims it's selling off stolen Capita data
No worries, outsourcer only handles government tech contracts worth billions
Linux kernel logic allowed Spectre attack on major cloud
Kernel 6.2 ditched a useful defense against ghostly chip design flaw
Data-leak flaw in Qualcomm, HiSilicon-based Wi-Fi AP chips
WPA stands for will-provide-access, if you can successfully exploit a target's setup
France bans all recreational apps from government devices
The government of France has banned TikTok – and all other recreational apps – from phones issued to its employees. The nation's ministère de la transformation et de la fonction publiques last Friday issued a statement PDF announcing the policy, which minister of transformation and public service Stanislas Guerini justified on grounds that no recreational apps have sufficiently robust security for them to be deployed on government-owned devices.
German airport websites downed by DDoS attacks
A series of distributed denial-of-service (DDoS) attacks shut down seven German airports' websites on Thursday, a day after a major IT glitch at Lufthansa grounded flights.
Cisco warns of critical flaw in ClamAV antivirus
Switchzilla hardware and software need attention, unless you fancy arbitrary remote code execution
Hyundai and Kia issue software upgrades to thwart theft hack
Gone in 60 seconds using a USB-A plug and brute force instead of a key
Apple sued for promising privacy, failing at it
What's allowed for Cupertino is verboten for everyone else Apple has again been sued for promising privacy and allegedly failing to provide it. The complaint [PDF], filed in Northern California District Court on behalf of plaintiff Julie Cima, claims Apple captures iPhone customer data despite device settings declaring a preference that information should not be shared.
Threat groups are using Windows LNK files to gain access
Microsoft's move last year to block macros by default in Office applications is forcing miscreants to find other tools with which to launch cyberattacks, including the software vendor's LNK files – the shortcuts Windows uses to point to other files.
Twitter leak: 200m+ account database now free to download
No passwords, but plenty of stuff for social engineering and doxxing
Data-leak flaw in Qualcomm, HiSilicon-based Wi-Fi AP chips
WPA stands for will-provide-access, if you can successfully exploit a target's setup
France bans all recreational apps from government devices
The government of France has banned TikTok – and all other recreational apps – from phones issued to its employees. The nation's ministère de la transformation et de la fonction publiques last Friday issued a statement [PDF](https://www.transformation.gouv.fr/files/presse/cp_interdiction_applications_recreatives_telephone_pro_agents.pdf) announcing the policy, which minister of transformation and public service Stanislas Guerini justified on grounds that no recreational apps have sufficiently robust security for them to be deployed on government-owned devices.
German airport websites downed by DDoS attacks
A series of distributed denial-of-service (DDoS) attacks shut down seven German airports' websites on Thursday, a day after a major IT glitch at Lufthansa grounded flights.