AWS re:Invent 2024, which takes place December 2–6 in Las Vegas, will be packed with invaluable sessions for security professionals, cloud architects, and compliance leaders who are eager to learn about the latest security innovations. This year’s event puts best practices for zero trust, generative AI …
Prosecutors hand Russo-Swede a half-billion bill The operator of the longest-running money laundering machine in dark web history, Bitcoin Fog, has been sentenced to 12 years and six months in US prison.... [...]
Also: Crypto hacks will continue; CoD hacker gets thousands banned, and more in brief One of the suspected masterminds behind the widespread Snowflake breach has been arrested in Canada – but the saga isn't over, eh.... [...]
Hackers are targeting Windows machines using the ZIP file concatenation technique to deliver malicious payloads in compressed archives without security solutions detecting them. [...]
As the winter season kicks in, scammers are not missing the chance to target senior British residents with bogus "winter heating allowance" and "cost of living support" scam texts. [...]
The Federal Bureau of Investigation (FBI) is urging police departments and governments worldwide to beef up security around their email systems, citing a recent increase in cybercriminal services that use hacked police email accounts to send unauthorized subpoenas and customer data requests to U.S.-based technology companies. In …
A malicious Python package named 'fabrice' has been present in the Python Package Index (PyPI) since 2021, stealing Amazon Web Services credentials from unsuspecting developers. [...]
Squid-A-Rama will be in Des Moines at the end of the month. Visitors will be able to dissect squid, explore fascinating facts about the species, and witness a live squid release conducted by local divers. How are they doing a live squid release? Simple: this is Des Moines, Washington …
After being used in Akira and Fog ransomware attacks, a critical Veeam Backup & Replication (VBR) security flaw was also recently exploited to deploy Frag ransomware. [...]
More than 60,000 D-Link network-attached storage devices that have reached end-of-life are vulnerable to a command injection vulnerability with a publicly available exploit. [...]
Attackers could exploit several vulnerabilities in the Mazda Connect infotainment unit, present in multiple car models including Mazda 3 (2014-2021), to execute arbitrary code with root permission. [...]
Palo Alto Networks warned customers to restrict access to their next-generation firewalls because of a potential remote code execution vulnerability in the PAN-OS management interface. [...]
We all know by now that monsters never die, right? Two high-profile criminal gangs, Scattered Spider and BlackCat/ALPHV, seemed to disappear into the darkness like their namesakes following a series of splashy digital heists last year, after which there were arrests and website seizures.... [...]
The most recent update to the Google Android app has startled users as they notice the mysterious "search.app" links being generated when sharing content and links from the Google app externally. [...]
The Open Source Initiative has published (news article here ) its definition of “open source AI,” and it’s terrible. It allows for secret training data and mechanisms. It allows for development to be done in secret. Since for a neural network, the training data is the source code—it …
'Multiple' malware samples likely targeting education orgs Criminals are using game-related applications to infect Windows systems with a malicious software framework called Winos4.0 that gives the attackers full control over compromised machines.... [...]
An international coalition of police agencies has taken a major whack at criminals accused of running a host of online scams, including phishing, the stealing of account credentials and other sensitive data, and the spreading of ransomware, Interpol said recently. The operation, which ran from the beginning of April …
Curiosity gives crims access to wallets and passwords Organizations should be on the lookout for bogus copyright infringement emails as they might be the latest ploy by cybercriminals to steal their data.... [...]
North Korean threat actor BlueNoroff has been targeting crypto-related businesses with a new multi-stage malware for macOS systems. [...]
Today, CISA warned that attackers are exploiting a critical missing authentication vulnerability in Palo Alto Networks Expedition, a migration tool that can help convert firewall configuration from Checkpoint, Cisco, and other vendors to PAN-OS. [...]
Nokia's investigation of recent claims of a data breach found that the source code leaked on a hacker forum belongs to a third party and company and customer data has not been impacted. [...]
The Canadian government has ordered the dissolution of TikTok Technology Canada following a multi-step review that provided information and evidence of the social media company posing a national risk. [...]
Interesting research: “ Hacking Back the AI-Hacker: Prompt Injection as a Defense Against LLM-driven Cyberattacks “: Large language models (LLMs) are increasingly being harnessed to automate cyberattacks, making sophisticated exploits more accessible and scalable. In response, we propose a new defense strategy tailored to counter LLM-driven cyberattacks. We introduce Mantis, a …
Hewlett Packard Enterprise (HPE) released updates for Instant AOS-8 and AOS-10 software to address two critical vulnerabilities in Aruba Networking Access Points. [...]
Really interesting research: “ An LLM-Assisted Easy-to-Trigger Backdoor Attack on Code Completion Models: Injecting Disguised Vulnerabilities against Strong Detection “: Abstract : Large Language Models (LLMs) have transformed code com- pletion tasks, providing context-based suggestions to boost developer productivity in software engineering. As users often fine-tune these models for specific applications, poisoning …
Ultra-Reliable Wireless Backhaul doesn't live up to its name Cisco is issuing a critical alert notice about a flaw that makes its so-called Ultra-Reliable Wireless Backhaul systems easy to subvert.... [...]
10,000 of Kim Jong Un's soldiers believed to be headed for front line The EU has joined US and South Korean officials in expressing concern over a Russian transfer of technology to North Korea in return for military assistance against Ukraine.... [...]
In case today’s news cycle wasn’t shocking enough, here’s a gem from Sophos Fresh from a series of serious reports detailing its five-year battle with Chinese cyberattackers, Sophos has dropped a curious story about users of a popular infostealer-cum-RAT targeting a niche group of victims.... [...]
Hackers are increasingly targeting Windows users with the malicious Winos4.0 framework, distributed via seemingly benign game-related apps. [...]
Cisco has fixed a maximum severity vulnerability that allows attackers to run commands with root privileges on vulnerable Ultra-Reliable Wireless Backhaul (URWB) access points that provide connectivity for industrial wireless automation. [...]
A new malicious package called 'SteelFox' mines for cryptocurrency and steals credit card data by using the "bring your own vulnerable driver" technique to get SYSTEM privileges on Windows machines. [...]
Court systems across Washington state have been down since Sunday when officials said "unauthorized activity" was detected on their networks. [...]
22,000 IP addresses taken down, 59 servers seized, 41 arrests in 95 countries Interpol is reporting a big win after a massive combined operation against online criminals made 41 arrests and seized hardware thought to be used for nefarious purposes.... [...]
The Federal Ministry of Justice in Germany has drafted a law to provide legal protection to security researchers who discover and responsibly report security vulnerabilities to vendors. [...]
Experts say incident has 'all the hallmarks of ransomware' Telematics tech biz Microlise says an attack that hit its network likely did not expose customer data, although staff aren't so lucky.... [...]
Microsoft is warning Azure cloud users that a Chinese controlled botnet is engaging in “highly evasive” password spraying. Not sure about the “highly evasive” part; the techniques seem basically what you get in a distributed password-guessing attack: “Any threat actor using the CovertNetwork-1658 infrastructure could conduct password spraying campaigns …
Alleged intrusion spotted in June updated Chinese government cyberspies Volt Typhoon reportedly breached Singapore Telecommunications over the summer as part of their ongoing attacks against critical infrastructure operators.... [...]
Data pinched from pwned outside supplier, thief claims IntelBroker, a notorious peddler of stolen data, claims to have pilfered source code, private keys, and other sensitive materials belonging to Nokia.... [...]
Canadian authorities have arrested a man on suspicion he breached hundreds of accounts belonging to users of cloud storage provider Snowflake and used that access to steal personal data belonging to millions of people, authorities said Tuesday. “Following a request by the United States, Alexander Moucka (aka Connor Moucka …
Hellcat crew claimed to have gained access via the company's Atlassian Jira system Schneider Electric confirmed that it is investigating a breach as a ransomware group Hellcat claims to have stolen more than 40 GB of compressed data — and demanded the French multinational energy management company pay $125,000 …
FBI recovers just $8M after scam crashes Heartland Tri-State Bank The FBI has recovered $8 million in funds from a cryptocurrency scam that netted $47 million and devastated the Kansas city of Elkhart.... [...]
Google has announced that multi-factor authentication (MFA) will be mandatory on all Cloud accounts by the end of 2025 to enhance security. [...]
Vulnerability management is a vital part of network, application, and infrastructure security, and its goal is to protect an organization from inadvertent access and exposure of sensitive data and infrastructure. As part of vulnerability management, organizations typically perform a risk assessment to determine which vulnerabilities pose the greatest risk …
Interpol announced it arrested 41 individuals and taken down 1,037 servers and infrastructure running on 22,000 IP addresses facilitating cybercrime in an international law enforcement action titled Operation Synergia II. [...]
Why? Because that's where the money is Business email compromise scammers are trying to up their success rate by using a DocuSign API.... [...]
A 26-year-old man in Ontario, Canada has been arrested for allegedly stealing data from and extorting more than 160 companies that used the cloud data service Snowflake. Image: https://www.pomerium.com/blog/the-real-lessons-from-the-snowflake-breach On October 30, Canadian authorities arrested Alexander Moucka, a.k.a. Connor Riley Moucka of …
Puppeteer or Pupeter? One of them will snoop around on your machine and steal your credentials An ongoing typosquatting campaign is targeting developers via hundreds of popular JavaScript libraries, whose weekly downloads number in the tens of millions, to infect systems with info-stealing and snooping malware.... [...]
Data security and data authorization, as distinct from user authorization, is a critical component of business workload architectures. Its importance has grown with the evolution of artificial intelligence (AI) technology, with generative AI introducing new opportunities to use internal data sources with large language models (LLMs) and multimodal foundation …
The U.S. Cybersecurity & Infrastructure Security Agency is warning about last-minute influence operations conducted by Iranian and Russian actors to undermine the public trust in the integrity and fairness of the upcoming presidential election. [...]
Canadian authorities have arrested a man suspected of having stolen the data of hundreds of millions after targeting over 165 organizations, all of them customers of cloud storage company Snowflake. [...]