ShinyHunters member gets 3 years in prison for breaching 60 firms
The U.S. District Court in Seattle sentenced ShinyHunters member Sebastien Raoult to three years in prison and ordered a restitution of $5,000,000. #Broker #Computer #Customer #Data #Hackers #InfoSec #Legal #Prison #Security #ShinyHunters #Theft
Anthropic researchers find that AI models can be trained to deceive
A study co-authored by researchers at Anthropic finds that AI models can be trained to deceive -- and that this deceptive behavior is difficult to combat.
Juniper Networks recently patched a critical pre-authentication Remote Code Execution (RCE) vulnerability in the J-Web configuration interface across all versions of Junos OS on SRX firewalls and EX switches. Unauthenticated actors could exploit this vulnerability to gain root access or initiate Denial of Service (DoS) attacks on devices that have not been patched. Ensure your systems are updated promptly to mitigate this risk. Check for exposed J-Web configuration interfaces using this Censys Search query: services.software.uniform_resource_identifier: cpe:2.3:a:juniper:jweb:*:*:*:*:*:*:*:*. * As emphasized last year in CISA’s BOD 23-02 guidance, exposed network management interfaces continue to pose a significant risk. Restrict access to these interfaces from the public internet wherever possible.
Cryptojacker arrested in Ukraine over EUR 1.8 million mining scheme
The 29-year-old individual was apprehended in Mykolaiv, Ukraine, on 9 January. Three properties were searched to gather evidence against the main suspect. The arrest comes after months of intensive collaboration between Ukrainian authorities, Europol and a cloud provider, who worked tirelessly to identify and locate the individual behind the widespread cryptojacking operation.The suspect is believed to have mined over USD...
Act Now: CISA Flags Active Exploitation of Microsoft SharePoint Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security vulnerability impacting Microsoft SharePoint Server to its
Follow-On Extortion Campaign Targeting Victims of Akira and Royal Ransomware
Arctic Wolf Labs has investigated several cases where ransomware victims are being targeted for follow-on extortion attempts by threat actors who are aware of ransom attack details.
Le service de renseignement suisse surveille aussi le trafic de données national
Avec l'entrée en vigueur de la nouvelle loi sur le renseignement en 2017, le Service de renseignement de la Confédération (SRC) s'est vu doté de nouvelles capacités de surveillance. Contrairement aux promesses faites lors de la campagne électorale, celles-ci sont également utilisées pour surveiller le trafic de données en Suisse.
SEC Has Not Approved Bitcoin ETFs, but Its Hacked X Account Briefly Said Otherwise
The X account of the U.S. Securities and Exchange Commission, which is deciding whether to approve bitcoin ETFs, "was compromised," the regulator told CoinDesk.
Netgear, Hyundai latest X accounts hacked to push crypto drainers
The official Netgear and Hyundai MEA Twitter/X accounts (together with over 160,000 followers) are the latest hijacked to push scams designed to infect potential victims with cryptocurrency wallet drainer malware.
Meet Ika & Sal: The Bulletproof Hosting Duo from Hell
In 2020, the United States brought charges against four men accused of building a bulletproof hosting empire that once dominated the Russian cybercrime industry and supported multiple organized cybercrime groups. All four pleaded guilty to conspiracy and racketeering charges. But…
Dutch man sabotaged Iranian nuclear program without Dutch government's knowledge: report
In 2008, a Dutchman played a crucial role in the United States and Israeli-led operation to sabotage Iran’s nuclear program. The then 36-year-old Erik van Sabben infiltrated an Iranian nuclear complex and released the infamous Stuxnet virus, paralyzing the country’s nuclear program. The AIVD recruited the man, but Dutch politicians knew nothing about the operation, the Volkskrant reports after investigating the sabotage for two years.
Du nouveau dans la (l'in) sécurité de l'Internet ?
Le 3 janvier 2024, une partie du trafic IP à destination de la filiale espagnole d'Orange n'a pas été transmis, en raison d'un problème BGP, le système dont dépend tout l'Internet. Une nouveauté, par rapport aux nombreux autres cas BGP du passé, est qu'il semble que le problème vienne du piratage d'un compte utilisé par Orange. Quelles leçons tirer de cette apparente nouveauté ?
Bitwarden Heist - How to Break Into Password Vaults Without Using Passwords
Sometimes, making particular security design decisions can have unexpected consequences. For security-critical software, such as password managers, this can easily lead to catastrophic failure: In this blog post, we show how Bitwarden’s Windows Hello …
In both his twitter (err, X) thread and in a subsequent posting he provided a comprehensive background and triage of the malware dubbed SpectralBlur. In terms of its capabilities he noted: SpectralBlur is a moderately capable backdoor, that can upload/download files, run a shell, update its configuration, delete files, hibernate or sleep, based on commands issued from the C2. -Greg He also pointed out similarities to/overlaps with the DPRK malware known as KandyKorn (that we covered in our “Mac Malware of 2024” report), while also pointing out there was differences, leading him to conclude: We can see some similarities ... to the KandyKorn. But these feel like families developed by different folks with the same sort of requirements. -Greg
Ivanti fixed a critical remote code execution (RCE) vulnerability in its Endpoint Management software (EPM) that can let unauthenticated attackers hijack enrolled devices or the core server.
Hackers hijack govt and business accounts on X for crypto scams
Hackers are increasingly targeting verified accounts on X (formerly Twitter) belonging to government and business profiles and marked with 'gold' and 'grey' checkmarks to promote cryptocurrency scams, phishing sites, and sites with crypto drainers.
Exclusive: Russian hackers were inside Ukraine telecoms giant for months
Russian hackers were inside Ukrainian telecoms giant Kyivstar's system from at least May last year in a cyberattack that should serve as a "big warning" to the West, Ukraine's cyber spy chief told Reuters. The hack, one of the most dramatic since Russia's full-scale invasion nearly two years ago, knocked out services provided by Ukraine's biggest telecoms operator for some 24 million users for days from Dec. 12.
Hacker hijacks Orange Spain RIPE account to cause BGP havoc
Orange Spain suffered an internet outage today after a hacker breached the company's RIPE account to misconfigure BGP routing and an RPKI configuration.
CVE-2023-46747 : Unauthenticated Remote Code Execution in F5 BIG-IP - Malware Analysis - Malware Analysis, News and Indicators
On 26th October, 2023 F5 released a security advisory about a critical unauthenticated remote code execution vulnerability, CVE-2023-46747, in F5’s BIG-IP configuration utility. This vulnerability could allow unauthent…