AT&T is warning of a massive data breach where threat actors stole the call logs for approximately 109 million customers, or nearly all of its mobile customers, from an online database on the company's Snowflake account. [...]
The NSA has a video recording of a 1982 lecture by Adm. Grace Hopper titled “Future Possibilities: Data, Hardware, Software, and People.” The agency is (so far) refusing to release it. Basically, the recording is in an obscure video format. People at the NSA can’t easily watch it …
Accessibility be damned, preventing phishing is the priority After around two decades of allowing one-time passwords (OTPs) delivered by text message to assist log ins to bank accounts in Singapore, the city-state will abandon the authentication technique.... [...]
Meet DodgeBox, son of StealthVector Chinese government-backed cyber espionage gang APT41 has very likely added a loader dubbed DodgeBox and a backdoor named MoonWalk to its malware toolbox, according to cloud security service provider Zscaler’s ThreatLabz research team.... [...]
Ultra-conservative org funnily enough not ready to turn the other cheek After claiming to break into a database belonging to The Heritage Foundation, and then leaking 2GB of files belonging to the ultra-conservative think tank, the hacktivist crew SiegedSec claims to have disbanded.... [...]
The American Radio Relay League (ARRL) finally confirmed that some of its employees' data was stolen in a May ransomware attack initially described as a "serious incident." [...]
Signal is finally tightening its desktop client's security by changing how it stores plain text encryption keys for the data store after downplaying the issue since 2018. [...]
Enlarge More than 1.5 million email servers are vulnerable to attacks that can deliver executable attachments to user accounts, security researchers said. The servers run versions of the Exim mail transfer agent that are vulnerable to a critical vulnerability that came to light 10 days ago. Tracked as …
Enlarge More than 1.5 million email servers are vulnerable to attacks that can deliver executable attachments to user accounts, security researchers said. The servers run versions of the Exim mail transfer agent that are vulnerable to a critical vulnerability that came to light 10 days ago. Tracked as …
Newly discovered flaw affects OpenSSH 8.7 and 8.8 daemon The founder of Openwall has discovered a new signal handler race condition in the core sshd daemon used in RHEL 9.x and its various offshoots.... [...]
Google has announced a fivefold increase in payouts for bugs found in its systems and applications reported through its Vulnerability Reward Program, with a new maximum bounty of $151,515 for a single security flaw. [...]
Dallas County is notifying over 200,000 people that the Play ransomware attack, which occurred in October 2023, exposed their personal data to cybercriminals. [...]
A new threat actor known as CRYSTALRAY has significantly broadened its targeting scope with new tactics and exploits, now counting over 1,500 victims whose credentials were stolen and cryptominers deployed. [...]
Not a lot of details : Apple has issued a new round of threat notifications to iPhone users across 98 countries, warning them of potential mercenary spyware attacks. It’s the second such alert campaign from the company this year, following a similar notification sent to users in 92 nations …
Advance Auto Parts is sending data breach notifications to over 2.3 million people whose personal data was stolen in recent Snowflake data theft attacks. [...]
Letters from CISO Ethan Steiger suggest the data related to job applications Advance Auto Parts' CISO just revealed for the first time the number of individuals affected when criminals broke into its Snowflake instance – a hefty 2.3 million.... [...]
Scumbag targeted many victims – and those who tried to help them A scumbag who used to work as a privacy consultant has been put behind bars for nine years for a "grotesque" cyberstalking campaign against more than a dozen victims.... [...]
LockBit variant targets backup software - which you may remember is supposed to help you recover from ransomware Yet another new ransomware gang, this one dubbed EstateRansomware, is now exploiting a Veeam vulnerability that was patched more than a year ago to deploy file-encrypting malware, a LockBit variant, and extort …
Multiple malware attack saw personal data acessed, but rocket science remained safe The Japanese Space Exploration Agency (JAXA) discovered it was under attack using zero-day exploits while working with Microsoft to probe a 2023 cyberattack on its systems.... [...]
Multiple malware assault saw personal data accessed, rocket science remained safe The Japanese Space Exploration Agency (JAXA) discovered it was under attack using zero-day exploits while working with Microsoft to probe a 2023 cyberattack on its systems.... [...]
Enlarge (credit: Getty Images) Threat actors carried out zero-day attacks that targeted Windows users with malware for more than a year before Microsoft fixed the vulnerability that made them possible, researchers said Tuesday. The vulnerability, present in both Windows 10 and 11, causes devices to open Internet Explorer, a …
The seemingly legitimate online marketplace Huione Guarantee is being used as a platform for laundering money from online scams, especially "pig butchering" investment fraud, researchers say. [...]
Amazon Web Services (AWS) is pleased to announce the successful attestation of our conformance with the National Institute of Standards and Technology (NIST) Secure Software Development Framework (SSDF), Special Publication 800-218. This achievement underscores our ongoing commitment to the security and integrity of our software supply chain. Executive Order …
GitLab warned today that a critical vulnerability in its product's GitLab Community and Enterprise editions allows attackers to run pipeline jobs as any other user. [...]
The latest variants of the ViperSoftX info-stealing malware use the common language runtime (CLR) to load and execute PowerShell commands within AutoIt scripts to evade detection. [...]
CISA and the FBI urged software companies on Wednesday to review their products and eliminate path OS command injection vulnerabilities before shipping. [...]
Japan's Computer Emergency Response Team Coordination Center (JPCERT/CC) is warning that Japanese organizations are being targeted in attacks by the North Korean 'Kimsuky' threat actors. [...]
Company announces intent following Ticketmaster, Santander break-ins A month after incident response giant Mandiant suggested the litany of data thefts linked to Snowflake account intrusions had the common component of lacking multi-factor authentication (MFA) controls, the cloud storage and data analytics company is offering a mandatory MFA option to …
The Russia-based cybercrime group dubbed “ Fin7,” known for phishing and malware attacks that have cost victim organizations an estimated $3 billion in losses since 2013, was declared dead last year by U.S. authorities. But experts say Fin7 has roared back to life in 2024 — setting up thousands of …
Microsoft fixed a Windows zero-day vulnerability that has been actively exploited in attacks for eighteen months to launch malicious scripts while bypassing built-in security features. [...]
Identity and access management (IAM) can seem like a gentle hill at first. It’s not too difficult to manage, assigning logins and passwords, and granting access control based on a person’s job in an organization. However, that gentle hill can shift as you start to configure IAM …
New attack against the RADIUS authentication protocol: The Blast-RADIUS attack allows a man-in-the-middle attacker between the RADIUS client and server to forge a valid protocol accept message in response to a failed authentication request. This forgery could give the attacker access to network devices and services without the attacker …
Company says data exfiltration was extremely difficult to detect Fujitsu Japan says an unspecified "advanced" malware strain was to blame for a March data theft, insisting the strain was "not ransomware", yet it hasn't revealed how many individuals are affected.... [...]
A large-scale fraud campaign with over 700 domain names is likely targeting Russian-speaking users looking to purchase tickets for the Summer Olympics in Paris. [...]
BlackByte, LockBit among the criminals using bespoke tools As ransomware crews increasingly shift beyond just encrypting victims' files and demanding a payment to unlock them, instead swiping sensitive info straight away, some of the more mature crime organizations are developing custom malware for their data theft.... [...]
Google announced today that passkeys are now available for high-risk users when enrolling in the Advanced Protection Program, which provides the strongest level of account security. [...]
Fixes have been made, it appears, but disclosure or discussion is invisible Column Found a bug? It turns out that reporting it with a story in The Register works remarkably well... mostly. After publication of my "Kryptonite" article about a prompt that crashes many AI chatbots, I began to …
Freeware AutoIt also used to hide entire PowerShell environments in scripts A rapidly-changing infostealer malware known as ViperSoftX has evolved to become more dangerous, according to security researchers at threat detection vendor Trellix.... [...]
If someone can do a little MITM'ing and hash cracking, they can log in with no valid password needed Cybersecurity experts at universities and Big Tech have disclosed a vulnerability in a common client-server networking protocol that allows snoops to potentially bypass user authentication via man-in-the-middle (MITM) attacks.... [...]
Citrix, SAP also deserve your attention – because miscreants are already thinking about Exploit Wednesday Patch Tuesday Clear your Microsoft system administrator's diary: The bundle of fixes in Redmond's July Patch Tuesday is a doozy, with at least two bugs under active exploitation.... [...]
RT News snarks back after it's accused of building social nyet-work for Kremlin The FBI and cybersecurity agencies in Canada and the Netherlands say they have taken down an almost 1,000-strong Twitter bot farm set up by Russian state-run RT News that used generative AI to spread disinformation …
Almost a thousand Twitter accounts controlled by a large bot farm pushing Russian propaganda and domains used to register the bots were taken down in a joint international law enforcement operation led by the U.S. Justice Department. [...]
Microsoft Corp. today issued software updates to plug at least 139 security holes in various flavors of Windows and other Microsoft products. Redmond says attackers are already exploiting at least two of the vulnerabilities in active attacks against Windows users. The first Microsoft zero-day this month is CVE-2024-38080, a …
Blast-RADIUS, an authentication bypass in the widely used RADIUS/UDP protocol, enables threat actors to breach networks and devices in man-in-the-middle MD5 collision attacks. [...]
Fujitsu confirms that information related to some individuals and customers' business has been compromised during the data breach detected earlier this year. [...]
Enlarge (credit: Getty Images) One of the most widely used network protocols is vulnerable to a newly discovered attack that can allow adversaries to gain control over a range of environments, including industrial controllers, telecommunications services, ISPs, and all manner of enterprise networks. Short for Remote Authentication Dial-In User …
In this post, we continue with our recommendations for achieving least privilege at scale with AWS Identity and Access Management (IAM). In Part 1 of this two-part series, we described the first five of nine strategies for implementing least privilege in IAM at scale. We also looked at a …
Least privilege is an important security topic for Amazon Web Services (AWS) customers. In previous blog posts, we’ve provided tactical advice on how to write least privilege policies, which we would encourage you to review. You might feel comfortable writing a few least privilege policies for yourself, but …
Today is Microsoft's July 2024 Patch Tuesday, which includes security updates for 142 flaws, including two actively exploited and two publicly disclosed zero-days. [...]
Hackers are trying to exploit a vulnerability in the Modern Events Calendar WordPress plugin that is present on more than 150,000 websites to upload arbitrary files to a vulnerable site and execute code remotely. [...]