TL;DR: Attackers will break in and pwn you, as a US government red team demonstrated The US Cybersecurity and Infrastructure Agency often breaks into critical organizations' networks – with their permission, of course – to simulate real-world cyber attacks and thereby help improve their security. In one of those recent …
Meet Liminal Panda, which prowls telecom networks in South Asia and Africa A senior US senator has warned that American tech companies’ activities in China represent a national security risk, in a hearing that saw infosec biz CrowdStrike testify it has identified another cyber-espionage crew it believes is backed …
Ransomware scum LockBit claims it did the dirty deed Equinox, a New York State health and human services organization, has begun notifying over 21 thousand clients and staff that cyber criminals stole their health, financial, and personal information in a "data security incident" nearly seven months ago.... [...]
No word on when or if the issue will be fixed Chinese government-linked snoops are exploiting a zero-day bug in Fortinet's Windows VPN client to steal credentials and other information, according to memory forensics outfit Volexity.... [...]
Plus: Maxar Space Systems confirms employee info stolen in digital intrusion Ford Motor Company says it is looking into allegations of a data breach after attackers claimed to have stolen an internal database containing 44,000 customer records and dumped the info on a cyber crime souk for anyone …
If you didn't fix this a month ago, your to-do list probably needs a reshuffle Two VMware vCenter server bugs, including a critical heap-overflow vulnerability that leads to remote code execution (RCE), have been exploited in attacks after Broadcom’s first attempt to fix the flaws fell short.... [...]
Un-carrier said to be among those hit by Salt Typhoon, including AT&T, Verizon T-Mobile US said it is "monitoring" an "industry-wide" cyber-espionage campaign against American networks – amid fears Chinese government-backed spies compromised the un-carrier among with various other telecommunications providers.... [...]
Yank access to management interface, stat A critical zero-day vulnerability in Palo Alto Networks' firewall management interface that can allow an unauthenticated attacker to remotely execute code is now officially under active exploitation.... [...]
NHS supplier that leaked employee info fell victim to fiddly access controls that can leave databases dangling online Private businesses and public-sector organizations are unwittingly exposing millions of people's sensitive information to the public internet because they misconfigure Microsoft’s Power Pages website creation program.... [...]
Plus a bonus hard-coded local API key A now-patched, high-severity bug in Fortinet's FortiClient VPN application potentially allows a low-privilege rogue user or malware on a vulnerable Windows system to gain higher privileges from another user, execute code and possibly take over the box, and delete log files.... [...]
Feds don't name Salt Typhoon, but describe Beijing band's alleged deeds The US government has confirmed there was "a broad and significant cyber espionage campaign" conducted by China-linked snoops against "multiple" American telecommunications providers' networks.... [...]
Plus: CISA's ScubaGear dives deep to fix M365 misconfigs Bitdefender has released a free decryption tool that can unlock data encrypted by the ShrinkLocker ransomware.... [...]
We call this lead degeneration What's claimed to be more than 183 million records of people's contact details and employment info has been stolen or otherwise obtained from a data broker and put up for sale by a miscreant.... [...]
Ohm, for flux sake China's Volt Typhoon crew and its botnet are back, compromising old Cisco routers once again to break into critical infrastructure networks and kick off cyberattacks, according to security researchers.... [...]
A Canadian and an American living in Turkey 'walk into' cloud storage environments... Two men allegedly compromised what's believed to be multiple organizations' Snowflake-hosted cloud environments, stole sensitive data within, and extorted at least $2.5 million from at least three victims.... [...]
We all know by now that monsters never die, right? Two high-profile criminal gangs, Scattered Spider and BlackCat/ALPHV, seemed to disappear into the darkness like their namesakes following a series of splashy digital heists last year, after which there were arrests and website seizures.... [...]
'Multiple' malware samples likely targeting education orgs Criminals are using game-related applications to infect Windows systems with a malicious software framework called Winos4.0 that gives the attackers full control over compromised machines.... [...]
Alleged intrusion spotted in June updated Chinese government cyberspies Volt Typhoon reportedly breached Singapore Telecommunications over the summer as part of their ongoing attacks against critical infrastructure operators.... [...]
Hellcat crew claimed to have gained access via the company's Atlassian Jira system Schneider Electric confirmed that it is investigating a breach as a ransomware group Hellcat claims to have stolen more than 40 GB of compressed data — and demanded the French multinational energy management company pay $125,000 …
Puppeteer or Pupeter? One of them will snoop around on your machine and steal your credentials An ongoing typosquatting campaign is targeting developers via hundreds of popular JavaScript libraries, whose weekly downloads number in the tens of millions, to infect systems with info-stealing and snooping malware.... [...]
You snooze, you lose, er, win Google claims one of its AI models is the first of its kind to spot a memory safety vulnerability in the wild – specifically an exploitable stack buffer underflow in SQLite – which was then fixed before the buggy code's official release.... [...]
How 'Gary' defeated Bowser broke into the interactive alarm clock A hacker who uses the handle GaryOderNichts has found a way to break into Nintendo's recently launched Alarmo clock, and run code on the device.... [...]
Emeraldwhale gang looked sharp – until it made a common S3 bucket mistake A criminal operation dubbed Emeraldwhale has been discovered after it dumped more than 15,000 credentials belonging to cloud service and email providers in an open AWS S3 bucket, according to security researchers.... [...]
Plus a free micropatch until Redmond fixes the flaw There's a Windows Themes spoofing zero-day bug on the loose that allows attackers to steal people's NTLM credentials.... [...]
Or: why using the same iCloud account for malware development and gaming is a bad idea The US government has named and charged a Russian national, Maxim Rudometov, with allegedly developing and administering the notorious Redline infostealer.... [...]