Google fixed two actively exploited Android zero-day flaws as part of its November security updates, addressing a total of 51 vulnerabilities. [...]

Justice still being served, but many systems are down A statewide IT outage attributed to "unauthorized activity" is affecting the availability of services provided by all courts in Washington.... [...]

I’ve been writing about the possibility of AIs automatically discovering code vulnerabilities since at least 2018. This is an ongoing area of research: AIs doing source code scanning, AIs finding zero-days in the wild, and everything in between. The AIs aren’t very good at it yet, but …

You snooze, you lose, er, win Google claims one of its AI models is the first of its kind to spot a memory safety vulnerability in the wild – specifically an exploitable stack buffer underflow in SQLite – which was then fixed before the buggy code's official release.... [...]

UK consumer group Which? finds some everyday items including watches and speakers are ‘stuffed with trackers’ Air fryers that gather your personal data and audio speakers “stuffed with trackers” are among examples of smart devices engaged in “excessive” surveillance, according to the consumer group Which? The organisation tested three …

Nokia is investigating whether a third-party vendor was breached after a hacker claimed to be selling the company's stolen source code. [...]

Threat actors are abusing DocuSign's Envelopes API to create and mass-distribute fake invoices that appear genuine, impersonating well-known brands like Norton and PayPal. [...]

Schneider Electric has confirmed a developer platform was breached after a threat actor claimed to steal 40GB of data from the company's JIRA server. [...]

UK's National Cyber Security Centre (NCSC) has published an analysis of a Linux malware named "Pigmy Goat" created to backdoor Sophos XG firewall devices as part of recently disclosed attacks by Chinese threat actors. [...]

Victims were placed in serious danger following highly sensitive data dump The City of Columbus, Ohio, has confirmed half a million people's data was accessed and potentially stolen when Rhysida's ransomware raided its systems over the summer.... [...]

At Google Cloud, we’re committed to providing the strongest security for our customers. As pioneers in bringing multi-factor authentication (MFA) to millions of Google users worldwide, we've seen firsthand how it strengthens security without sacrificing a smooth and convenient online experience. That’s why we will soon require …

A new phishing campaign dubbed 'CRON#TRAP' infects Windows with a Linux virtual machine that contains a built-in backdoor to give stealthy access to corporate networks. [...]

Weak and reused credentials continue to plague users and organizations. Learn from Specops software about why passwords are so easy to hack and how organizations can fortify their security efforts. [...]

​The City of Columbus, Ohio, notified 500,000 individuals that a ransomware gang stole their personal and financial information in a July 2024 cyberattack. [...]

Security is a shared responsibility between Amazon Web Services (AWS) and you, the customer. As a customer, the services you choose, how you connect them, and how you run your solutions can impact your security posture. To help customers fulfill their responsibilities and find the right balance for their …

Really interesting story of Sophos’s five-year war against Chinese hackers. [...]

Mondays are for checking months of logs, apparently, if MFA's not enabled In potentially bad news for those with long names and/or employers with verbose domain names, Okta spotted a security hole that could have allowed crims to pass Okta AD/LDAP Delegated Authentication (DelAuth) using only a …

Is that a walrus in your server logs, or aren't you pleased to see me? Opinion At the start of September, Transport for London was hit by a major cyber attack. TfL is the public body that moves many of London's human bodies to and from work and play …

​Cisco says that non-public files recently downloaded by a threat actor from a misconfigured public-facing DevHub portal don't contain information that could be exploited in future breaches of the company's systems. [...]

A relatively new ransomware operation named Interlock attacks organizations worldwide, taking the unusual approach of creating an encryptor to target FreeBSD servers. [...]

Also, ecommerce fraud ring disrupted, another Operation Power Off victory, Sino SOHO botnet spotted, and more in brief The US Department of Justice has charged six people with two separate schemes to defraud Uncle Sam out of millions of dollars connected to IT product and services contracts.... [...]

Also, ecommerce fraud ring disrupted, another Operation Power Off victory, Sino SOHO botnet spotted, and more Security in brief The US Department of Justice has charged six people with two separate schemes to defraud Uncle Sam out of millions of dollars connected to IT product and services contracts.... [...]

Researchers have shown that it's possible to abuse OpenAI's real-time voice API for ChatGPT-4o, an advanced LLM chatbot, to conduct financial scams with low to moderate success rates. [...]

A recently disclosed Microsoft SharePoint remote code execution (RCE) vulnerability tracked as CVE-2024-38094 is being exploited to gain initial access to corporate networks. [...]

Calls for improvements will soon turn into demands when new rules come into force The UK's finance regulator is urging all institutions under its remit to better prepare for IT meltdowns like that of CrowdStrike in July.... [...]

Hackers working on behalf of the Chinese government are using a botnet of thousands of routers, cameras, and other Internet-connected devices to perform highly evasive password spray attacks against users of Microsoft’s Azure cloud service, the company warned Thursday. The malicious network, made up almost entirely of TP-Link …

Hackers working on behalf of the Chinese government are using a botnet of thousands of routers, cameras, and other Internet-connected devices to perform highly evasive password spray attacks against users of Microsoft’s Azure cloud service, the company warned Thursday. The malicious network, made up almost entirely of TP-Link …

A number of cybercriminal innovations are making it easier for scammers to cash in on your upcoming travel plans. This story examines a recent spear-phishing campaign that ensued when a California hotel had its booking.com credentials stolen. We’ll also explore an array of cybercrime services aimed at …

Great blow-up sculpture. Blog moderation policy. [...]

The Housing Authority of the City of Los Angeles (HACLA), one of the largest public housing authorities in the United States, confirmed that a cyberattack hit its IT network after recent breach claims from the Cactus ransomware gang. [...]

OpenAI's new "ChatGPT search" Chrome extension feels like nothing more than a typical search hijacker, changing Chrome's settings so your address bar searches go through ChatGPT Search instead. [...]

LastPass is warning about an ongoing campaign where scammers are writing reviews for its Chrome extension to promote a fake customer support phone number. However, this phone number is part of a much larger campaign to trick callers into giving scammers remote access to their computers, as discovered by …

Synology, a Taiwanese network-attached storage (NAS) appliance maker, patched two critical zero-days exploited during last week's Pwn2Own hacking competition within days. [...]

Posted by the Big Sleep team Introduction In our previous post, Project Naptime: Evaluating Offensive Security Capabilities of Large Language Models, we introduced our framework for large-language-model-assisted vulnerability research and demonstrated its potential by improving the state-of-the-art performance on Meta's CyberSecEval2 benchmarks. Since then, Naptime has evolved into Big …

The Dstat.cc DDoS review platform has been seized by law enforcement, and two suspects have been arrested after the service helped fuel distributed denial-of-service attacks for years. [...]

Local authority websites downed in response to renewed support for Ukraine Multiple UK councils had their websites either knocked offline or were inaccessible to residents this week after pro-Russia cyber nuisances added them to a daily target list.... [...]

How 'Gary' defeated Bowser broke into the interactive alarm clock A hacker who uses the handle GaryOderNichts has found a way to break into Nintendo's recently launched Alarmo clock, and run code on the device.... [...]

Emeraldwhale gang looked sharp – until it made a common S3 bucket mistake A criminal operation dubbed Emeraldwhale has been discovered after it dumped more than 15,000 credentials belonging to cloud service and email providers in an open AWS S3 bucket, according to security researchers.... [...]

Education is critical to effective security. As organizations migrate, modernize, and build with Amazon Web Services (AWS), engineering and development teams need specific skills and knowledge to embed security into workloads. Lack of support for these skills can increase the likelihood of security incidents. AWS has partnered with SANS …

Sophos disclosed today a series of reports dubbed "Pacific Rim" that detail how the cybersecurity company has been sparring with Chinese threat actors for over 5 years as they increasingly targeted networking devices worldwide, including those from Sophos. [...]

Microsoft warns that Chinese threat actors use the Quad7 botnet, compromised of hacked SOHO routers, to steal credentials in password-spray attacks. [...]

Hackers are attempting to exploit two zero-day vulnerabilities in PTZOptics pan-tilt-zoom (PTZ) live streaming cameras used in industrial, healthcare, business conferences, government, and courtroom settings. [...]

​Microsoft announced today that Windows 10 home users can delay the switch to Windows 11 for one more year if they're willing to pay $30 for Extended Security Updates (ESU). [...]

The free version of the popular WordPress plugin LiteSpeed Cache has fixed a dangerous privilege elevation flaw on its latest release that could allow unauthenticated site visitors to gain admin rights. [...]

This is a good point : Part of the problem is that we are constantly handed lists...list of required controls...list of things we are being asked to fix or improve...lists of new projects...lists of threats, and so on, that are not ranked for risks. For example …

Way back in 2018, people noticed that you could find secret military bases using data published by the Strava fitness app. Soldiers and other military personal were using them to track their runs, and you could look at the public data and find places where there should be no …

qBittorrent has addressed a remote code execution flaw caused by the failure to validate SSL/TLS certificates in the application's DownloadManager, a component that manages downloads throughout the app. [...]

A phishing campaign dubbed 'Phish n' Ships' has been underway since at least 2019, infecting over a thousand legitimate online stores to promote fake product listings for hard-to-find items. [...]

A scary few Halloween hours for team behind hugely popular web plugin LottieFiles is overcoming something of a Halloween fright after battling to regain control of a compromised developer account that was used to exploit users' crypto wallets.... [...]

A commissioned study conducted by Forrester Consulting on behalf of Cynet in October 2024 found that Cynet's All-in-One Cybersecurity Platform generated $2.73 million in savings, paying for itself in under six months, for a return on investment of 426%. [...]