Hacker Leaks Cisco Data
IntelBroker has leaked 2.9 Gb of data stolen recently from a Cisco DevHub instance, but claims it’s only a fraction of the total.
Source Code of $3,000-a-Month macOS Malware ‘Banshee Stealer’ Leaked
The Banshee Stealer macOS malware operation, which emerged earlier this year, was reportedly shut down following a source code leak.
Microchip Technology Reports $21.4 Million Cost From Ransomware Attack
Microchip Technology (NASDAQ: MCHP) revealed in its latest financial report on Tuesday that expenses related to the recent cybersecurity incident reached $21.4 million.
ESET Distributor’s Systems Abused to Deliver Wiper Malware
ESET has launched an investigation after the systems of its official product distributor in Israel were abused to send out emails delivering wiper malware. The targeted users received an email — signed by ESET’s Advanced Threat Defense (ATD) team — informing them about government-backed attackers trying to compromise their devices.
New Google Project Aims to Become Global Clearinghouse for Scam, Fraud Data
Google launches Global Signal Exchange (GSE), an initiative aimed at fostering the sharing of online fraud and scam intelligence.
MITRE Announces AI Incident Sharing Project
MITRE’s AI Incident Sharing initiative helps organizations receive and hand out data on real-world AI incidents. Non-profit technology and R&D company MITRE has introduced a new mechanism that enables organizations to share intelligence on real-world AI-related incidents. Shaped in collaboration with over 15 companies, the new AI Incident Sharing initiative aims to increase community knowledge of threats and defenses involving AI-enabled systems.
iPhone Mirroring Exposes Employees' Personal Applications
The iPhone Mirroring feature in macOS Sequoia and iOS 18 may expose employees’ private applications to corporate IT environments.
Personal Information Compromised in Universal Music Data Breach
Universal Music Group is informing hundreds of individuals about a recent data breach impacting personal information.
Record-Breaking DDoS Attack Peaked at 3.8 Tbps, 2.14 Billion Pps
Web performance and security firm Cloudflare recently mitigated another record-breaking DDoS attack. According to Matthew Prince, the company’s CEO, the attack peaked at 3.8 terabits per second (Tbps) and 2.14 billion packets per second (Pps). The attack was aimed at an unidentified customer of an unnamed hosting provider that uses Cloudflare services.
Deloitte Says No Threat to Sensitive Data After Hacker Claims Server Breach
A notorious hacker has announced the theft of data from an improperly protected server allegedly belonging to Deloitte. The hacker known as IntelBroker announced late last week on the BreachForums cybercrime forum the availability of “internal communications” obtained from Deloitte, specifically an internet-exposed Apache Solr server that was accessible with default credentials.
CrowdStrike Overhauls Testing and Rollout Procedures to Avoid System Crashes
CrowdStrike says it has revamped several testing, validation, and update rollout processes to prevent a repeat of the embarrassing July outage that caused widespread disruption on Windows systems around the world.
VMware Patches Remote Code Execution Flaw Found in Chinese Hacking Contest
VMware warned that an attacker with network access could send a specially crafted packet to execute remote code. CVSS severity score 9.8/10.
Apple Suddenly Drops NSO Group Spyware Lawsuit
Apple said there’s “too significant a risk” of exposing the anti-exploit work needed to fend off the very adversaries involved in the case.
Microsoft Says Windows Update Zero-Day Being Exploited to Undo Security Fixes
Microsoft on Tuesday raised an alarm for in-the-wild exploitation of a critical flaw in Windows Update, warning that attackers are rolling back security fixes on certain versions of its flagship operating system.
Recent SonicWall Firewall Vulnerability Potentially Exploited in the Wild
SonicWall is warning customers that the recently patched critical vulnerability CVE-2024-40766 may be exploited in the wild.
Identity of Notorious Hacker USDoD Revealed
The notorious hacker USDoD, who is best known for high-profile data leaks, appears to be a man from Brazil, according to investigations conducted by CrowdStrike and others. Over the past few years, USDoD, aka EquationCorp, has leaked vast amounts of information stolen from major organizations. His targets include the FBI’s InfraGard portal, Airbus, credit reporting firm TransUnion, background checking service National Public Data (NPD), and many others.
Microsoft Copilot Studio Vulnerability Led to Information Disclosure
A vulnerability in Microsoft Copilot Studio could be exploited to access sensitive information on the internal infrastructure used by the service, Tenable reports. The flaw, tracked as CVE-2024-38206 (CVSS score of 8.5) and described as a ‘critical’ information disclosure bug, has been fully mitigated, Microsoft said in an August 6 advisory.
Major Backdoor in Millions of RFID Cards Allows Instant Cloning
French security services firm Quarkslab has made an eye-popping discovery: a significant backdoor in millions of contactless cards made by Shanghai Fudan Microelectronics Group, a leading chip manufacturer in China.
Post-Quantum Cryptography Standards Officially Announced by NIST – a History and Explanation - SecurityWeek
NIST has formally published three post-quantum cryptography standards from the competition it held to develop cryptography able to withstand the anticipated quantum computing decryption of current asymmetric encryption.
Windows Update Flaws Allow Undetectable Downgrade Attacks
Researcher showcases hack against Microsoft Windows Update architecture, turning fixed vulnerabilities into zero-days.
Acronis Product Vulnerability Exploited in the Wild
Cybersecurity and data protection technology company Acronis last week warned that threat actors are exploiting a critical-severity vulnerability patched nine months ago. Tracked as CVE-2023-45249 (CVSS score of 9.8), the security defect impacts Acronis Cyber Infrastructure (ACI) and allows threat actors to execute arbitrary code remotely due to the use of default passwords.
Apple Rolls Out Security Updates for iOS, macOS
Apple on Monday announced a hefty round of security updates that address dozens of vulnerabilities impacting both newer and older iOS and macOS devices. iOS 17.6 and iPadOS 17.6 were released for the latest generation iPhone and iPad devices with fixes for 35 security defects that could lead to authentication and policy bypasses, unexpected application termination or system shutdown, information disclosure, denial-of-service (DoS), and memory leaks.
Recent Zyxel NAS Vulnerability Exploited by Botnet
A recently disclosed critical-severity vulnerability in discontinued Zyxel NAS devices is already exploited in botnet attacks, the Shadowserver Foundation warns. Tracked as CVE-2024-29973, the issue is described as a code injection flaw that can be exploited remotely without authentication. It was introduced last year, when Zyxel patched CVE-2023-27992, a similar code injection bug. “While patching this vulnerability, they added a new endpoint which uses the same approach as the old ones, and while doing so, implemented the same mistakes as its predecessors,” explains Outpost24 security researcher Timothy Hjort, who discovered and reported the security defect.
Apple Patches Vision Pro Vulnerability Used in Possibly ‘First Ever Spatial Computing Hack’
Apple on Monday updated visionOS, the operating system powering its Vision Pro virtual reality headset, to version 1.2, which addresses several vulnerabilities, including what may be the first security flaw that is specific to this product. visionOS 1.2 patches nearly two dozen vulnerabilities. However, a vast majority of them are in components that visionOS shares with other Apple products, such as iOS, macOS and tvOS.
NIST Getting Outside Help for National Vulnerability Database
NIST announced on Wednesday that it will be receiving outside help to get the National Vulnerability Database (NVD) back on track within the next few months. The organization informed the cybersecurity community in February that it should expect delays in the analysis of Common Vulnerabilities and Exposures (CVE) identifiers in the NVD, saying that it was working to establish a consortium to improve the program.
The UK Says a Huge Payroll Data Breach by a ‘Malign Actor’ Has Exposed Details of Military Personnel
The UK Ministry of Defense said a breach at a third-party payroll system exposed as many as 272,000 armed forces personnel and veterans.
Siemens Industrial Product Impacted by Exploited Palo Alto Firewall Vulnerability
The recently disclosed Palo Alto Networks firewall vulnerability tracked as CVE-2024-3400, which has been exploited in attacks for at least one month, has been found to impact one of Siemens’ industrial products. In an advisory published late last week, Siemens revealed that its Ruggedcom APE1808 devices configured with a Palo Alto Networks virtual next-generation firewall (NGFW) could be affected by CVE-2024-3400.
Security Flaw in WP-Members Plugin Leads to Script Injection
Attackers could exploit a high-severity cross-site Scripting (XSS) vulnerability in the WP-Members Membership WordPress plugin to inject arbitrary scripts into web pages, according to an advisory from security firm Defiant.
Details and Lessons Learned From the Ransomware Attack on the British Library
The British Library has shared details on the destructive ransomware attack it experienced in October 2023. Although the attack on the national library of the UK occurred five months ago, the Library’s infrastructure won’t be rebuilt until mid-April 2024, and then the full restoration of systems and data can begin.
Thousands of Ivanti VPN Appliances Impacted by Recent Vulnerability
The Shadowserver Foundation identifies thousands of Ivanti VPN instances likely impacted by a recent remote code execution flaw.