BlackCat ransomware hits Azure Storage with Sphynx encryptor
The BlackCat (ALPHV) ransomware gang now uses stolen Microsoft accounts and the recently spotted Sphynx encryptor to encrypt targets' Azure cloud storage.
Ransomware flingers hit Manchester cops in the supply chain • The Register
The UK's Greater Manchester Police (GMP) has admitted that crooks have got their mitts on some of its data after a third-party supplier responsible for ID badges was attacked. According to the Manchester Evening News the stolen data included the names and pictures of police officers held by the supplier for use on thousands of ID badges.
TikTok fined €345M by Irish DPC for violating children’s privacy
The Irish Data Protection Commission (DPC) fined TikTok €345 million ($368 million) for violating the privacy of children.
When MFA isn't actually MFA
Due to a recent Google change, MFA isn't truly MFA.
How Google Authenticator made one company’s network breach much, much worse
Google's app for generating MFA codes syncs to user accounts by default. Who knew?
Can't Be Contained: Finding a Command Injection Vulnerability in Kubernetes
Akamai researchers discover a critical vulnerability in Kubernetes that can lead to remote code execution.
Update Adobe Acrobat and Reader to Patch Actively Exploited Vulnerability
Adobe's September 2023 update addresses a new zero-day vulnerability (CVE-2023-26369) in Acrobat and Reader that attackers are exploiting in the wild.
macOS MetaStealer | New Family of Obfuscated Go Infostealers Spread in Targeted Attacks
The rise of macOS infostealers continues with the latest entrant aiming to compromise business environments with targeted social engineering lures.
CVE-2023-38146: Arbitrary Code Execution via Windows Themes
This is a fun bug I found while poking around at weird Windows file formats. It's a kind of classic Windows style vulnerability featuring broken signing, sketchy DLL loads, file races, cab files, and Mark-of-the-Web silliness. It was also my first experience submitting to the MSRC Windows bug bounty since leaving Microsoft in April of 2022.
Trojanized Free Download Manager found to contain a Linux backdoor
Kaspersky researchers analyzed a Linux backdoor disguised as Free Download Manager software that remained under the radar for at least three years.
Threat actor leaks sensitive data belonging to Airbus
The multinational aerospace corporation Airbus has launched an investigation into the recent leak of information allegedly stolen from the company. The multinational aerospace corporation Airbus announced that it is investigating a data leak after cybersecurity firm Hudson Rock reported that a hacker posted information on thousands of the company’s vendors to the dark web.
Mozilla patches Firefox, Thunderbird against zero-day exploited in attacks
Mozilla released emergency security updates today to fix a critical zero-day vulnerability exploited in the wild, impacting its Firefox web browser and Thunderbird email client.
Critical WebP bug: many apps, not just browsers, under threat
The heap buffer overflow (CVE-2023-4863) vulnerability in the WebP Codec is being actively exploited in the wild.
With 0-days hitting Chrome, iOS, and dozens more this month, is no software safe? | Ars Technica
With 70 zero-days uncovered so far this year, 2023 is on track to set a new record.
PSA: Ongoing Webex malvertising campaign drops BatLoader
A new malvertising campaign is targeting corporate users who are downloading the popular web conferencing software Webex. Threat actors have bought an advert that impersonates Cisco's brand and is displayed first when performing a Google search.
Attacker combines phone, email lures into believable, complex attack chain
A social engineering phone call lends authenticity to the attacker’s malicious email
Ransomware crew hits Save The Children, steals 7TB of data
Cybercrime crew BianLian says it has broken into the IT systems of a top nonprofit and stolen a ton of files, including what the miscreants claim is financial, health, and medical data. As highlighted by VX-Underground and Emsisoft threat analyst Brett Callow earlier today, BianLian bragged on its website it had hit an organization that, based on the gang's description of its unnamed victim, looks to be Save The Children International. The NGO, which employs about 25,000 people, says it has helped more than a billion kids since it was founded in 1919.
%2Fcloudfront-us-east-2.images.arcpublishing.com%2Freuters%2FERXLSAZCHFP3RDULRLS5A7EU5E.jpg?width=92&height=&ar=&mode=&format=avif&dpr=2)
Microsoft to defend customers on AI copyright challenges
Microsoft will pay legal damages on behalf of customers using its artificial intelligence (AI) products if they are sued for copyright infringement for the output generated by such systems, the company said on Thursday.
ChatGPT fails in languages like Tamil and Bengali
Outside of English, ChatGPT makes up words, fails logic tests, and can't do basic information retrieval.
KNVB paid ransom to prevent cyber criminals from publishing footballers' passports
The Dutch football association KNVB paid the ransom demanded by cyber criminals in a ransomware attack in April. The hackers stole Dutch and other football players’ passports, ID cards, home addresses, and salary slips and threatened to publish the data if the football association didn’t pay the ransom, the KNVB said on Tuesday.
Cybersecurity issue prompts computer shutdowns at MGM Resorts properties across US
Casino and hotel giant MGM Resorts International says a cybersecurity issue led to the shutdown of computer systems at its properties across the U.S.
“MrTonyScam” — Botnet of Facebook Users Launch High-Intent Messenger Phishing Attack on Business Accounts
Facebook’s Messenger platform has been heavily abused in the past month to spread endless messages with malicious attachments from a swarm of fake and hijacked personal accounts. These threat actors are targeting millions of business accounts on Facebook’s platform — from highly-rated marketplace sellers to large corporations, with fake business inquiries, achieving a staggering “success rate” with approximately 1 out of 70 infected!
Active North Korean campaign targeting security researchers
Threat Analysis Group shares findings on a new campaign by North Korean actors targeting security researchers.
North Korea-backed hackers target security researchers with 0-day
Google researchers say currently unfixed vulnerability affects a popular software package.
Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach
In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. Since then, a steady trickle of six-figure cryptocurrency heists targeting security-conscious…
The International Criminal Court Will Now Prosecute Cyberwar Crimes
FOR YEARS, SOME cybersecurity defenders and advocates have called for a kind of Geneva Convention for cyberwar, new international laws that would create clear consequences for anyone hacking civilian critical infrastructure, like power grids, banks, and hospitals. Now the lead prosecutor of the International Criminal Court at the Hague has made it clear that he intends to enforce those consequences—no new Geneva Convention required. Instead, he has explicitly stated for the first time that the Hague will investigate and prosecute any hacking crimes that violate existing international law, just as it does for war crimes committed in the physical world.
Last Week on My Mac: How quickly can Apple release a security update?
We seldom get much insight into how long Apple takes to release an urgent update to macOS, but last week must have seen one of the quickest in recent times. By my reckoning, Apple’s engineers accomplished that in 6-10 days, across four of its operating systems, and with two distinct vulnerabilities.
China’s iPhone ban expected to expand to more government agencies soon
A report yesterday revealed that China has banned government officials from using iPhones and other foreign technology within government agencies. Now, a report from Bloomberg says that this is only the start of China’s crackdown on iPhone, with a much broader set of restrictions also in the works.
Microsoft pledges legal protection for AI-generated copyright breaches
US tech giant will assume customers’ liability for material created by AI assistants in Word and coding tools
Code Vulnerabilities Put Proton Mails at Risk
The Sonar Research team discovered critical code vulnerabilities in Proton Mail, Skiff and Tutanota. This post covers the technical details of the XSS vulnerability in Proton Mail.