Windows 0-day was exploited by North Korea to install advanced rootkit
FudModule rootkit burrows deep into Windows, where it can bypass key security defenses.
Litespeed Cache bug exposes millions of WordPress sites to takeover attacks
A critical vulnerability in the LiteSpeed Cache WordPress plugin can let attackers take over millions of websites after creating rogue admin accounts. #Admin #Cache #Computer #InfoSec #LiteSpeed #Plugin #Security #Takeover #Website #WordPress
Iran Reportedly Grapples With Major Cyberattack on Banking Systems
The last known cyberattack waged against Iranian infrastructure took place last December with blame placed on Israel and the US.
Widespread Cloud Exposure: Extortion Campaign Used Exposed AWS ENV Files To Target 110,000 Domains
A cloud extortion campaign exploited misconfigured AWS .env files to target 110,000 domains, stealing credentials and ransoming cloud storage data.
Microchip August 20, 2024
Chipmaker Microchip reveals cyber attack
Defense contractor gets hacked – what's the worst that could happen
MITRE Marks Major Milestone, Minting 400 CNAs as NVD Backlog Grows - Socket
MITRE has just minted its 400th CNA, as the NVD struggles to tame its backlog of CVEs awaiting analysis, which has increased by 30% since June.
Data Exfiltration from Slack AI via indirect prompt injection
This vulnerability can allow attackers to steal anything a user puts in a private Slack channel by manipulating the language model used for content generation. This was responsibly disclosed to Slack (more details in Responsible Disclosure section at the end).
The Abuse of ITarian RMM by Dolphin Loader
Looking into the abuse of ITarian RMM and introducing Dolphin Loader
Toyota confirms breach after stolen data leaks on hacking forum
Toyota confirmed that its network was breached after a threat actor leaked an archive of 240GB of data stolen from the company's systems on a hacking forum.
Routers from China-based TP-Link a national security threat, US lawmakers claim
The two members of Congress called on the Commerce Department to investigate risks related to TP-Link routers amid concerns over state-backed Chinese hacking operations.
How multiple vulnerabilities in Microsoft apps for macOS pave the way to stealing permissions
An adversary could exploit these vulnerabilities by injecting malicious libraries into Microsoft's applications to gain their entitlements and user-granted permissions.
Windows driver zero-day exploited by Lazarus hackers to install rootkit
The notorious North Korean Lazarus hacking group exploited a zero-day flaw in the Windows AFD.sys driver to elevate privileges and install the FUDModule rootkit on targeted systems. #BYOVD #Bring #CVE-2024-38193 #Driver #Group #Lazarus #Microsoft #Own #Vulnerability #Your #Zero-Day
stardom dreams, stalking devices and the secret conglomerate selling both
people frequently reach out to me with companies to look into. usually it takes me about 10 minutes before i move on for one reason or another—it's not interesting for a story or has good security, for example. i didnt expect anything different when an acquaintance told me about Tracki, a self-proclaimed "world leader in GPS tracking" that they suspected could be used nefariously. at first glance, Tracki appeared to be a serious company, maybe even one that cared about security. we could never have guessed what was about to unfold before us. half a year into our investigation, we'd found it all: a hidden conglomerate posing as five independent companies, masked from governments and customers alike through the use of dozens of false identities, US letterbox companies, and an undeclared owner. a 90s phone sex scheme that, through targeting by one of hollywood's most notorious fixers, spiraled into a collection of almost a hundred domains advertising everything from online dating to sore throat remedies. a slew of device-assisted murder cases, on top of potential data breaches affecting almost 12 million users, ranging from federal government officials to literal infants. and most importantly, a little-known Snoop Dogg song. how in the world did we get here? starting our descent
Post-Quantum Cryptography Standards Officially Announced by NIST – a History and Explanation - SecurityWeek
NIST has formally published three post-quantum cryptography standards from the competition it held to develop cryptography able to withstand the anticipated quantum computing decryption of current asymmetric encryption.
Disrupting a covert Iranian influence operation
We banned accounts linked to an Iranian influence operation using ChatGPT to generate content focused on multiple topics, including the U.S. presidential campaign. We have seen no indication that this content reached a meaningful audience.
Beyond the wail: deconstructing the BANSHEE infostealer
The BANSHEE malware is a macOS-based infostealer that targets system information, browser data, and cryptocurrency wallets.
DDoS attack volume rises, peak power reaches 1.7 Tbps
The total number of DDoS attacks during H1 2024 amounted to 830,000, an increase of 46% when compared to H1 2023, according to Gcore.
Geopolitical Tensions Drive Explosion in DDoS Attacks
Radware found that Web DDoS attacks rose by 265% in H1 2024, driven by hacktivist groups amid rising geopolitical tensions
SolarWinds fixes critical RCE bug affecting all Web Help Desk versions
A critical vulnerability in SolarWinds' Web Help Desk solution for customer support could be exploited to achieve remote code execution, the American business software developer warns in a security advisory today.
Zabbix Server Vulnerability Lets Attacker Execute Arbitrary Code
A critical security vulnerability, identified as CVE-2024-22116, has been patched in Zabbix, a popular monitoring solution.
Ransomware attackers introduce new EDR killer to their arsenal
Sophos discovers the threat actors behind RansomHub ransomware using EDRKillShifter in attacks
Leaked Environment Variables Allow Large-Scale Extortion Operation of Cloud Environments
We recount an extensive cloud extortion campaign leveraging exposed .env files of at least 110k domains to compromise organizations' AWS environments.
Doppelgänger operation rushes to secure itself amid ongoing detections, German agency says
Recent scrutiny of the Russia-linked Doppelgänger influence operation has disrupted how it behaves, according to the BayLfV, an agency of the Bavarian state government.
White House working on cyber insurance policy proposal for ‘catastrophic’ incidents
At the Black Hat cybersecurity conference on Thursday, National Cyber Director Harry Coker, Jr. said his office is working with the Department of Treasury’s federal insurance office as well as officials at the Cybersecurity and Infrastructure Security Agency (CISA) on the effort.
Gafgyt Malware Variant Exploits GPU Power and Cloud Native Environments
Aqua Nautilus researchers discovered a new variant of Gafgyt targeting machines with weak SSH passwords.
The Hidden Treasures of Crash Reports
Sadly, nobody really loves crash reports, but I’m here to change that! This research, a crash course on crash reports, will highlight how these often overlooked files are an invaluable source of information, capable of revealing malware infections, exploitation attempts, or even buggy (exploitable?) system code. Such insights are critical for defense and offense, empowering us to either protect or exploit macOS systems.
Troy Hunt: Inside the "3 Billion People" National Public Data Breach
I decided to write this post because there's no concise way to explain the nuances of what's being described as one of the largest data breaches ever. Usually, it's easy to articulate a data breach; a service people provide their information to had someone snag it through an act of unauthorised access and publish a discrete corpus of information that can be attributed back to that source. But in the case of National Public Data, we're talking about a data aggregator most people had never heard of where a "threat actor" has published various partial sets of data with no clear way to attribute it back to the source. And they're already the subject of a class action, to add yet another variable into the mix. I've been collating information related to this incident over the last couple of months, so let me talk about what's known about the incident, what data is circulating and what remains a bit of a mystery.
Want to Win a Bike Race? Hack Your Rival’s Wireless Shifters | WIRED
Please don’t, actually. But do update your Shimano Di2 shifters’ software to prevent a new radio-based form of cycling sabotage. #bicycles #cyberattacks #cybersecurity #cycling #fitness #hacks #security
Inside the FBI's Dashboard for Wiretapping the World
Never-before-published screenshots of an internal FBI tool show how the agency monitored millions of messages from the secretly backdoored messaging app Anom.