FreshRSS

πŸ”’
❌ About FreshRSS
☷
β–³ πŸ”ƒ
There are new available articles, click to refresh the page.
Before yesterdaySecurity

Hacktivist attacks erupt in Middle East following Hamas assault on Israel

Groups range from known collectives to new outfits eager to raise their profile

Hacktivism efforts have proliferated rapidly in the Middle East following the official announcement of a war between Palestine and Israel.…

  • October 9th 2023 at 13:00
  • β†—

Cybercriminals Using EvilProxy Phishing Kit to Target Senior Executives in U.S. Firms

By Newsroom
Senior executives working in U.S.-based organizations are being targeted by a new phishing campaign that leverages a popular adversary-in-the-middle (AiTM) phishing toolkit namedΒ EvilProxyΒ to conduct credential harvesting and account takeover attacks. Menlo Security said the activity started in July 2023, primarily singling out banking and financial services, insurance, property management and

Webinar: How vCISOs Can Navigating the Complex World of AI and LLM Security

By The Hacker News
In today's rapidly evolving technological landscape, the integration of Artificial Intelligence (AI) and Large Language Models (LLMs) has become ubiquitous across various industries. This wave of innovation promises improved efficiency and performance, but lurking beneath the surface are complex vulnerabilities and unforeseen risks that demand immediate attention from cybersecurity professionals

Datacenter cabling biz Volex confirms digital break-in

All sites operational, no 'material' financial impact expected but stock markets still worried

Volex, the British integrated maker of critical power and data transmission cables, confirmed this morning that intruders accessed data after breaking into its tech infrastructure.…

  • October 9th 2023 at 11:30
  • β†—

"I Had a Dream" and Generative AI Jailbreaks

By The Hacker News
"Of course, here's an example of simple code in the Python programming language that can be associated with the keywords "MyHotKeyHandler," "Keylogger," and "macOS," this is a message from ChatGPT followed by a piece of malicious code and a brief remark not to use it for illegal purposes. Initially published byΒ Moonlock Lab, the screenshots of ChatGPT writing code for a keylogger malware is yet

High-Severity Flaws in ConnectedIO's 3G/4G Routers Raise Concerns for IoT Security

By Newsroom
Multiple high-severity security vulnerabilities have been disclosed in ConnectedIO's ER2000 edge routers and the cloud-based management platform that could be exploited by malicious actors to execute malicious code and access sensitive data. "An attacker could have leveraged these flaws to fully compromise the cloud infrastructure, remotely execute code, and leak all customer and device

Security Patch for Two New Flaws in Curl Library Arriving on October 11

By Newsroom
The maintainers of theΒ Curl libraryΒ have released an advisory warning of two security vulnerabilities that are expected to be addressed as part of an forthcoming update set for release on October 11, 2023. ThisΒ includesΒ a high-severity and a low-severity flaw tracked under the identifiers CVE-2023-38545 and CVE-2023-38546, respectively. Additional details about the issues and the exact version

Inside FTX’s All-Night Race to Stop a $1 Billion Crypto Heist

By Andy Greenberg
The same chaotic day FTX declared bankruptcy, someone began stealing hundreds of millions of dollars from its coffers. A WIRED investigation reveals the company’s β€œvery crazy night” trying to stop them.

Gaza-Linked Cyber Threat Actor Targets Israeli Energy and Defense Sectors

By Newsroom
A Gaza-based threat actor has been linked to a series of cyber attacks aimed at Israeli private-sector energy, defense, and telecommunications organizations. Microsoft, which revealed details of the activity in its fourth annualΒ Digital Defense Report, is tracking the campaign under the nameΒ Storm-1133. "We assess this group works to further the interests of Hamas, a Sunni militant group that is

Chinese smart TV boxes infected with malware in PEACHPIT ad fraud campaign

PLUS: Sony admits to MoveITbreach; Blackbaud fined again, Qakbot's sorta back from the dead; and more

Infosec in brief Bot defense software vendor Human Security last week detailed an attack that "sold off-brand mobile and Connected TV (CTV) devices on popular online retailers and resale sites … preloaded with a known malware called Triada."…

  • October 9th 2023 at 01:27
  • β†—

Israel's Failure to Stop the Hamas Attack Shows the Danger of Too Much Surveillance

By Matt Burgess, Lily Hay Newman
Hundreds dead, thousands woundedβ€”Hamas’ surprise attack on Israel shows the limits of even the most advanced and invasive surveillance dragnets as full-scale war erupts.

Apple's Encryption Is Under Attack by a Mysterious Group

By Andrew Couts
Plus: Sony confirms a breach of its networks, US federal agents get caught illegally using phone location data, and more.

White Supremacist Active Clubs Are Breeding on Telegram

By David Gilbert
A β€œfriendlier” front for racist extremism has spread rapidly across the US in recent months, as active club channels network on Telegram's encrypted messaging app.

AI based ethical hacking tool

By /u/Civil_Alternative410

Checkout this new Ethical Hacking AI tool, it’s still in beta phase but here are the main interesting features

  1. Write commands for various tools in natural language and it translates it to the actual command. Currently supports nmap, crackmapexec, zap and nuclei. Also let’s you edit and run the command right there in its interface.
  2. Process nmap results in plain text format and provides suggestions on commands to run to detect vulnerabilities. It also suggests metasploit modules based on cves
  3. Totally offline so it can be used in envs that don’t have internet access

I think the natural language needs improvement but it’s still in beta so should get better over time.

It’s one to keep an eye on for sure

submitted by /u/Civil_Alternative410
[link] [comments]

23andMe User Data Stolen in Targeted Attack on Ashkenazi Jews

By Lily Hay Newman
At least a million data points from 23andMe accounts appear to have been exposed on BreachForums. While the scale of the campaign is unknown, 23andMe says it's working to verify the data.

CISA reveals 'Admin123' as top security threat in cyber sloppiness chart

Calls for wider adoption of security-by-design principles continue to ring loudly from Uncle Sam

The US Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) are blaming unchanged default credentials as the prime security misconfiguration that leads to cyberattacks.…

  • October 6th 2023 at 18:42
  • β†—

DinodasRAT used against governmental entity in Guayana – Week in security with Tony Anscombe

The backdoor can exfiltrate files, manipulate Windows registry keys, and execute commands that are capable of performing various actions on a victim’s machine
  • October 6th 2023 at 12:15
  • β†—

Fake friends and followers on social media – and how to spot them

One of the biggest threats to watch out for on social media is fraud perpetrated by people who aren’t who they claim to be. Here’s how to recognize them.
  • October 6th 2023 at 09:30
  • β†—

Weekly Update 368

By Troy Hunt
Weekly Update 368

This must be my first "business as usual" weekly update since August and damn it's nice to be back to normal! New sponsor, new breaches, new blog post and if you're in this part of the world, a brand new summer creeping over the horizon. I've now got a couple of months with very little in the way of travel plans and a goal to really knock a bunch of new HIBP features out of the park, some of which I talk about in this week's video. Enjoy! 🍻

Weekly Update 368
Weekly Update 368
Weekly Update 368
Weekly Update 368

References

  1. Sponsored by: NTT’s Samurai XDR offers affordable enterprise-grade security for businesses of any size. $40 /endpoint/year. Try it free for 30 days!
  2. The Horse Isle breach went into HIBP (if you're a big fan of fantasy horse games, this one is for you!)
  3. The Activision breach also went into HIBP (only employees and what looks like contractors in this one, probably more embarrassing for the organisation than actually impactful)
  4. And the Hjedd breach went into HIBP too (if you're a big fan of Chinese porn, well, uh, yeah...)
  5. You never actually believed the claims of "safe, secure, anonymous", did you? (turns out that's literally horseshit 🐎)

Operation Jacana: Foundling hobbits in Guyana

ESET researchers discovered a cyberespionage campaign against a governmental entity in Guyana
  • October 5th 2023 at 09:30
  • β†—

MGM Resorts attackers hit personal data jackpot, but house lost $100M

Racecars and cyber insurance will balance its books in no time, though

MGM Resorts has admitted that the cyberattack it suffered in September will likely cost the company at least $100 million.…

  • October 6th 2023 at 15:30
  • β†—

North Korea's Lazarus Group Launders $900 Million in Cryptocurrency

By Newsroom
As much as $7 billion in cryptocurrency has been illicitly laundered through cross-chain crime, with the North Korea-linked Lazarus Group linked to the theft of roughly $900 million of those proceeds between July 2022 and July of this year. "As traditional entities such asΒ mixersΒ continue to be subject to seizures and sanctions scrutiny, the crypto crime displacement to chain- or asset-hopping

CDW data to be leaked next week after negotiations with LockBit break down

Ransomware spokesperson scoffs at IT reseller's offer of payment

CDW, one of the largest resellers on the planet, will have its data leaked by LockBit after negotiations over the ransom fee broke down, a spokesperson for the cybercrime gang says.…

  • October 6th 2023 at 13:21
  • β†—

How to stop ransomware thieves WORMing their way into your data

Stay immutable in the face of cyber crime adversity, says Object First

Sponsored Feature Most of us dislike cyber criminals, but not many of us dislike them quite as much as Anthony Cusimano.…

  • October 6th 2023 at 12:41
  • β†—

Google promises Germany to creep on users less after market power probe

Regulation complements EU's Digital Markets Act to cover more services

Google has committed to being a little less creepy with user data in response to proceedings from the German Federal Cartel Office (Bundeskartellamt).…

  • October 6th 2023 at 11:56
  • β†—

Chinese Hackers Target Semiconductor Firms in East Asia with Cobalt Strike

By Newsroom
Threat actors have been observed targeting semiconductor companies in East Asia with lures masquerading as Taiwan Semiconductor Manufacturing Company (TSMC) that are designed to deliver Cobalt Strike beacons. The intrusion set, perΒ EclecticIQ, leverages a backdoor called HyperBro, which is then used as a conduit to deploy the commercial attack simulation software and post-exploitation toolkit.

New OS Tool Tells You Who Has Access to What Data

By The Hacker News
Ensuring sensitive data remains confidential, protected from unauthorized access, and compliant with data privacy regulations is paramount. Data breaches result in financial and reputational damage but also lead to legal consequences. Therefore, robust data access security measures are essential to safeguard an organization’s assets, maintain customer trust, and meet regulatory requirements.Β  A

GitHub's Secret Scanning Feature Now Covers AWS, Microsoft, Google, and Slack

By Newsroom
GitHub hasΒ announcedΒ an improvement to its secret scanning feature that extends validity checks to popular services such as Amazon Web Services (AWS), Microsoft, Google, and Slack. Validity checks,Β introducedΒ by the Microsoft subsidiary earlier this year, alert users whether exposed tokens found byΒ secret scanningΒ are active, thereby allowing for effective remediation measures. It was first

Supermicro's BMC Firmware Found Vulnerable to Multiple Critical Vulnerabilities

By Newsroom
Multiple security vulnerabilities have been disclosed in the Intelligent Platform Management Interface (IPMI) firmware for Supermicro baseboard management controllers (BMCs) that could result in privilege escalation and execution of malicious code on affected systems. The seven flaws, tracked from CVE-2023-40284 through CVE-2023-40290, vary in severity from High to Critical, according to Binarly

GoldDigger Android trojan targets Vietnamese banking apps, code contains hints of wider targets

More malware scum using acessibility features to steal personal info

Singapore-based infosec outfit Group-IB on Thursday released details of a new Android trojan that exploits the operating system's accessibility features to steal info that enables theft of personal information.…

  • October 6th 2023 at 01:06
  • β†—

Cisco warns of critical flaw in Emergency Responder code

Hard-coded credentials strike again

Cisco has issued a security advisory about a vulnerability in its Emergency Responder software that would allow an unauthenticated remote attacker to log in to an affected device using the root account.…

  • October 5th 2023 at 19:45
  • β†—

Another security update, Apple? You're really keeping up with your tech rivals

Zero day? More like every day, amirite?

Apple has demonstrated that it can more than hold its own among the tech giants, at least in terms of finding itself on the wrong end of zero-day vulnerabilities.…

  • October 5th 2023 at 18:16
  • β†—

QakBot Threat Actors Still in Action, Using Ransom Knight and Remcos RAT in Latest Attacks

By Newsroom
Despite the disruption to its infrastructure, the threat actors behind the QakBot malware have been linked to an ongoing phishing campaign since early August 2023 that led to the delivery of Ransom Knight (aka Cyclops) ransomware and Remcos RAT. This indicates that β€œthe law enforcement operation may not have impacted Qakbot operators’ spam delivery infrastructure but rather only their

Cisco Releases Urgent Patch to Fix Critical Flaw in Emergency Responder Systems

By Newsroom
Cisco has released updates to address a critical security flaw impacting Emergency Responder that allows unauthenticated, remote attackers to sign into susceptible systems using hard-coded credentials. The vulnerability, tracked asΒ CVE-2023-20101Β (CVSS score: 9.8), is due to the presence of static user credentials for the root account that the company said is usually reserved for use during

Analysis and Config Extraction of Lu0Bot, a Node.js Malware with Considerable Capabilities

By The Hacker News
Nowadays, more malware developers are using unconventional programming languages to bypass advanced detection systems. The Node.js malware Lu0Bot is a testament to this trend. By targeting a platform-agnostic runtime environment common in modern web apps and employing multi-layer obfuscation, Lu0Bot is a serious threat to organizations and individuals. Although currently, the malware has low
❌