PoC exploit code shows why this is a patch priority Security engineers have released a proof-of-concept exploit for four critical Ivanti Endpoint Manager bugs, giving those who haven't already installed patches released in January extra incentive to revisit their to-do lists.... [...]
Said bugs 'can have significant implications' – glad to hear that from Redmond Microsoft is so concerned about security in its Copilot products for folks that it’s lifted bug bounty payments for moderate-severity vulnerabilities from nothing to a maximum of $5,000, and expanded the range of vulnerabilities it …
FBI and CISA issue reminder - deep sigh - about the importance of patching and backups The operators of Ghost ransomware continue to claim victims and score payments, but keeping the crooks at bay is possible by patching known vulnerabilities and some basic infosec actions, according to a joint advisory issued …
You can find out if your GitHub codebase is leaking keys... but so can miscreants A free automated tool that lets anyone scan public GitHub repositories for exposed AWS credentials has been released.... [...]
If this makes you feel sick, knowing this happened before ransomware actors started targeting medical info may help An alleged security SNAFU that occurred during the Obama administration has finally been settled under the second Trump administration.... [...]
Because stealing your credentials, banking info, and IP just wasn’t enough A new variant of Snake Keylogger is making the rounds, primarily hitting Windows users across Asia and Europe. This strain also uses the BASIC-like scripting language AutoIt to deploy itself, adding an extra layer of obfuscation to …
Roses aren't cheap, violets are dear, now all your access token are belong to Vladimir Digital thieves – quite possibly Kremlin-linked baddies – have been emailing out bogus Microsoft Teams meeting invites to trick victims in key government and business sectors into handing over their authentication tokens, granting access to emails …
Roses are red, violets are blue, CVE-2024-53704 is sweet for a ransomware crew Miscreants are actively abusing a high-severity authentication bypass bug in unpatched internet-facing SonicWall firewalls following the public release of proof-of-concept exploit code.... [...]
Some employees steal sticky notes, others 'borrow' malicious code A crew identified as a Chinese government-backed espionage group appears to have started moonlighting as a ransomware player – further evidence that lines are blurring between nation-state cyberspies and financially motivated cybercriminals.... [...]
Networks in US and beyond compromised by Beijing's super-snoops pulling off priv-esc attacks China's Salt Typhoon spy crew exploited vulnerabilities in Cisco devices to compromise at least seven devices linked to global telecom providers and other orgs, in addition to its previous victim count.... [...]
FBI, CISA harrumph at Microsoft and VMware in call for coders to quit baking avoidable defects into stuff US authorities have labelled buffer overflow vulnerabilities "unforgivable defects”, pointed to the presence of the holes in products from the likes of Microsoft and VMware, and urged all software developers to …
300+ US companies, 70+ individuals hit by the fraudsters An Arizona woman who created a "laptop farm" in her home to help fake IT workers pose as US-based employees has pleaded guilty in a scheme that generated over $17 million for herself... and North Korea.... [...]
Analysts tell El Reg why Russia's operators aren't that careful, and why North Korea wants money AND data Feature Ransomware gangsters and state-sponsored online spies fall on opposite ends of the cyber-crime spectrum.... [...]
'Near-global' initial access campaign active since 2021 An initial-access subgroup of Russia's Sandworm last year wriggled its way into networks within the US, UK, Canada and Australia, stealing credentials and data from "a limited number of organizations," according to Microsoft.... [...]
Numerous systemic vulnerabilities could scuttle $5.4T industry Despite the escalating cyber threats targeting America's maritime transportation system, the US Coast Guard still lacks a comprehensive strategy to secure this critical infrastructure - nor does it have reliable access to data on cybersecurity vulnerabilities and past attacks, the Government Accountability …
These crooks have no chill A previously unknown gang dubbed Triplestrength poses a triple threat to organizations: It infects victims' computers with ransomware, then hijacks their cloud accounts to illegally mine for cryptocurrency.... [...]
Remote position, webcam not working, then glitchy AI face... Red alert! Twice, over the past two months, Dawid Moczadło has interviewed purported job seekers only to discover that these "software developers" were scammers using AI-based tools — likely to get hired at a security company also using artificial intelligence, and …
OCR plugin great for extracting crypto-wallet secrets from galleries Kaspersky eggheads say they’ve spotted the first app containing hidden optical character recognition spyware in Apple’s App Store. Cunningly, the software nasty is designed to steal cryptocurrency.... [...]
CEO of Cloud Software a 'special government employee' probing for Team Elon The US Treasury has revealed Tom Krause – the chief exec of Citrix and Netscaler owner Cloud Software Group – has "read-only" access to a vital federal government payment system that disburses trillions of dollars annually.... [...]
When cloud customers don't clean up after themselves, part 97 Abandoned AWS S3 buckets could be reused to hijack the global software supply chain in an attack that would make Russia's "SolarWinds adventures look amateurish and insignificant," watchTowr Labs security researchers have claimed.... [...]
And it doesn't take a crystal ball to predict the future If the nonstop flood of ransomware attacks doesn't already make every day feel like Groundhog Day, then a look back at 2024 – and predictions for 2025 – definitely will.... [...]
Consider patching soon because cybercrooks love to hit vulnerable tools from Broadcom's virtualization giant Broadcom has fixed five flaws, collectively deemed "high severity," in VMware's IT operations and log management tools within Cloud Foundation, including two information disclosure bugs that could lead to credential leakage under certain conditions.... [...]
‘No one was kicked off the NTSB in the middle of investigating a crash’ interview Gutting the Cyber Safety Review Board as it was investigating how China's Salt Typhoon breached American government and telecommunications networks was "foolish" and "bad for national security," according to retired US Navy Rear Admiral …
Stealing crypto is so 2024. Supply-chain attacks leading to data exfil pays off better? North Korea's Lazarus Group compromised hundreds of victims across the globe in a massive secret-stealing supply chain attack that was ongoing as of earlier this month, according to security researchers.... [...]
And now you won't stop calling me, I'm kinda busy A new variant of the Mirai-based malware Aquabot is actively exploiting a vulnerability in Mitel phones to build a remote-controlled botnet, according to Akamai's Security Intelligence and Response Team.... [...]