Atlassian Releases Critical Software Fixes to Prevent Remote Code Execution
Atlassian has released software fixes to address four critical flaws in its software that could lead to remote code execution.
Russian Hackers’ Lawsuit Reveals Weaknesses In Apple’s iOS 16
A Moscow legal battle strongly indicates that phone forensics tools used by both the FBI and FSB are exploiting security loopholes in Apple’s operating system.
23andMe confirms hackers stole ancestry data on 6.9 million users
Genetic testing company 23andMe revealed that its data breach was much worse than previously reported, hitting about half of its total customers.
P2Pinfect - New Variant Targets MIPS Devices
Cado Security Labs has been monitoring on the rapid growth of a cross-platform botnet, named “P2Pinfect”. Here's the latest updates.
What it means — CitrixBleed ransomware group woes grow as over 60 credit unions, hospitals, financial services and more breached in US. | by Kevin Beaumont | Dec, 2023 | DoublePulsar
Credit union technology firm Trellance own Ongoing Operations LLC, and provide a platform called Fedcomp — used by double digit number of other credit unions across the United States. This Fedcomp…
IRGC-Affiliated Cyber Actors Exploit PLCs in Multiple Sectors, Including U.S. Water and Wastewater Systems Facilities
The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Environmental Protection Agency (EPA), and the Israel National Cyber Directorate (INCD)—hereafter referred to as "the authoring agencies"—are disseminating this joint Cybersecurity Advisory (CSA) to highlight continued malicious cyber activity against operational technology devices by Iranian Government Islamic Revolutionary Guard Corps (IRGC)-affiliated Advanced Persistent Threat (APT) cyber actors.
Phineas Fisher, Hacktivism, and Magic Tricks
It's said that a good magician never reveals their secrets. Computer hacking is a particularly good type of magic trick, and for the most part, hackers don't reveal their secrets either. It's sometimes hard to reconcile this, because we read about hacking all the time -- in newspapers, at conferences,
N. Korean Hackers 'Mixing' macOS Malware Tactics to Evade Detection
The North Korean threat actors behind macOS malware strains such as RustBucket and KANDYKORN have been observed "mixing and matching" different elements of the two disparate attack chains, leveraging RustBucket droppers to deliver KANDYKORN.
The Far-Reaching Consequences of LogoFAIL
The Binarly REsearch team investigates vulnerable image parsing components across the entire UEFI firmware ecosystem and finds all major device manufacturers are impacted on both x86 and ARM-based devices.
Amazon’s Q has ‘severe hallucinations’ and leaks confidential data in public preview, employees warn
Some hallucinations could ‘potentially induce cardiac incidents in Legal,’ according to internal documents
Vidar Infostealer Steals Booking.com Credentials in Fraud Scam
Learn how a threat actor used spearphishing emails and social engineering tactics to obtain a hotel’s credentials and solicit customers’ payment information.
Cyber Threats affecting "International Geneva"
In the heart of International Geneva, a diverse ecosystem thrives, housing 38 international organizations (IOs), 432 non-governmental organizations (NGOs), and several hundred associations active at an international level, all united by a shared mission: to make the world a place of peace and justice. NGOs are the unsung heroes, addressing armed conflicts, natural disasters, and humanitarian crises, championing human rights, and advancing the Sustainable Development Goals (SDGs). Like many other organizations, NGOs heavily rely on technology, which is critical for projecting their activities globally in real time. Yet, in today’s digital landscape, this reality brings its own set of challenges.
Qlik Sense Remote Code Execution Technical Exploitation -
Deep technical details of how we combined HTTP request tunneling and path traversal vulnerabilities to permit unauthorized RCE in Qlik Sense.
Uncovering the Dark Web Underground Forum: “Exploit.in” a Nexus for Illicit Cyber Activities
In the hidden corners of the internet, a parallel economy thrives—one that operates beyond the reach of conventional search engines and law enforcement agencies. Dark Web Forums have become the breeding grounds for cybercriminals. In the world of cybersecurity, Exploit in is a well-known private Russian hacker forum. Since it began in 2012, the forum has developed into a well-known exchange and sales platform for various cybercrime tools and stolen data. A wide range of cybercrime-related topics are covered by Exploit, such as credit card information, email spamming tools, social engineering, security & vulnerabilities, social network hacking, cryptography, cracked tools, buying and selling of hacked databases, info-stealer & Malware as a service (Maas). The creators of Exploit, a well-known cybercrime forum where ransomware gangs recruit affiliates and promote their Ransomware-as-a-Service (RaaS) offerings, have declared that ransomware advertisements are no longer permitted and will be taken down.
New BLUFFS attack lets attackers hijack Bluetooth connections
Researchers at Eurecom have developed six new attacks collectively named 'BLUFFS' that can break the secrecy of Bluetooth sessions, allowing for device impersonation and man-in-the-middle (MitM) attacks.
Okta reveals additional attackers' activities in October 2023 Breach
Cloud identity and access management solutions provider Okta revealed additional threat actor activity linked to the October 2023 breach.
Play Ransomware Goes Commercial - Now Offered as a Service to Cybercriminals
Play ransomware has turned into Ransomware-as-a-Service (RaaS), allowing other cybercriminals to use it.
Medical Transcription Service Data Breach Impacts Multiple Health Systems
Northwell Health and Cook County Health both notified patients of a third-party data breach that originated at Perry Johnson & Associates, a medical transcription vendor. The HHS data breach portal now shows that the Perry Johnson & Associates data breach impacted nearly 9 million individuals, making it one of the largest reported healthcare data breaches this year.
Welltok data breach exposes data of 8.5 million US patients
Healthcare SaaS provider Welltok is warning that a data breach exposed the personal data of nearly 8.5 million patients in the U.S. after a file transfer program used by the company was hacked in a data theft attack.
%2Fcloudfront-us-east-2.images.arcpublishing.com%2Freuters%2FINHIMMZQFBJP5HCXGXXGTFC7EE.jpg?width=92&height=&ar=&mode=&format=avif&dpr=2)
Japan space agency hit with cyberattack, rocket and satellite info not accessed | Reuters
Japan's space agency was hit with a cyberattack but the information the hackers accessed did not include anything important for rocket and satellite operations, a spokesperson said on Wednesday.
InfectedSlurs Botnet Spreads Mirai via Zero-Days
Akamai SIRT has uncovered two zero-day vulnerabilities that are being actively exploited to spread a Mirai variant in the wild. Read on for details and mitigation.
Spyware Targeting Against Serbian Civil Society - The Citizen Lab
We confirm that two members of Serbian civil society were targeted with spyware earlier this year. Both have publicly criticized the Serbian government. We are not naming the individuals at this time by their request. The Citizen Lab’s technical analysis of forensic artifacts was conducted in support of an investigation led by Access Now in collaboration with the SHARE Foundation. Researchers from Amnesty International independently analyzed the cases and their conclusions match our findings.
Spyware in Serbia: civil society under attack - Access Now
Access Now and our partners have discovered that civil society in Serbia have been targeted with invasive spyware technology. Here’s what we know.
DP World confirms data stolen in cyberattack, no ransomware used
International logistics giant DP World has confirmed that data was stolen during a cyber attack that disrupted its operations in Australia earlier this month. However, no ransomware payloads or encryption was used in the attack.
DPRK Crypto Theft | macOS RustBucket Droppers Pivot to Deliver KandyKorn Payloads
Two apparently separate North Korean crypto theft campaigns targeting macOS users appear to be linked as threat actors mix and match droppers and payloads.
440,000 Sets of Personal Info Affected by Hack of Line Operator | Nippon.com
LY Corp., which operates popular messaging app Line and internet portal Yahoo! Japan, said Monday that an estimated 440,000 records of personal information may have been compromised by a third-party breach of its system.
MadCat ransom gang caught stealing from other criminals
A new strain of ransomware called MadCat has been linked by security researchers to suspected scammers who pretend to sell passport details on the dark web so they can rip off their fellow crooks.
Telekopye: Chamber of Neanderthals’ secrets
ESET research shares insights about groups operating Telekopye, Telegram bots that scam people in online marketplaces, their internal onboarding process, different tricks of trade that Neanderthals use, and more.
STA: Power utility HSE suffers serious cyberattack
HSE, Slovenia's largest power utility, has been targetted by a cyberattack that started on Wednesday night and escalated on Friday night. In-house and external experts are working to resolve the situation. The supply of electricity is not jeopardised.
Into the Trash: Analyzing LitterDrifter
Gamaredon, also known as Primitive Bear, ACTINIUM, and Shuckworm, is a unique player in the Russian espionage ecosystem that targets a wide variety of almost exclusively Ukrainian entities. While researchers often struggle to uncover evidence of Russian espionage activities, Gamaredon is notably conspicuous. The group behind it conducts large-scale campaigns while still primarily focusing on regional targets. The Security Service of Ukraine (SSU) identified the Gamaredon personnel as Russian Federal Security Service (FSB) officers.