FreshRSS

🔒
❌ About FreshRSS
☷
△ 🔃
There are new available articles, click to refresh the page.
Before yesterdaySecurity

Maine Mass Shooting Disinformation Floods Social Media as Suspect Remains at Large

By David Gilbert
In the hours following the worst mass shooting in Maine’s history, disinformation about the suspected gunman flooded social media with false claims that he had been arrested.

Microsoft Warns as Scattered Spider Expands from SIM Swaps to Ransomware

By Newsroom
The prolific threat actor known as Scattered Spider has been observed impersonating newly hired employees in targeted firms as a ploy to blend into normal on-hire processes and takeover accounts and breach organizations across the world. Microsoft, which disclosed the activities of the financially motivated hacking crew, described the adversary as "one of the most dangerous financial criminal

Record-Breaking 100 Million RPS DDoS Attack Exploits HTTP/2 Rapid Reset Flaw

By Newsroom
Cloudflare on Thursday said it mitigated thousands of hyper-volumetric HTTP distributed denial-of-service (DDoS) attacks that exploited a recently disclosed flaw called HTTP/2 Rapid Reset, 89 of which exceeded 100 million requests per second (RPS). "The campaign contributed to an overall increase of 65% in HTTP DDoS attack traffic in Q3 compared to the previous quarter," the web infrastructure

The Danger of Forgotten Pixels on Websites: A New Case Study

By The Hacker News
While cyberattacks on websites receive much attention, there are often unaddressed risks that can lead to businesses facing lawsuits and privacy violations even in the absence of hacking incidents. A new case study highlights one of these more common cases.  Download the full case study here. It's a scenario that could have affected any type of company, from healthcare to finance, e-commerce to

ServiceNow quietly addresses unauthenticated data exposure flaw from 2015

Researcher who publicized issue brands company’s communication 'appalling'

ServiceNow is issuing a fix for a flaw that exposes data after a researcher published a method for unauthenticated attackers to steal an organization's sensitive files.…

  • October 26th 2023 at 08:30
  • ↗

Iranian Group Tortoiseshell Launches New Wave of IMAPLoader Malware Attacks

By Newsroom
The Iranian threat actor known as Tortoiseshell has been attributed to a new wave of watering hole attacks that are designed to deploy a malware dubbed IMAPLoader. "IMAPLoader is a .NET malware that has the ability to fingerprint victim systems using native Windows utilities and acts as a downloader for further payloads," the PwC Threat Intelligence team said in a Wednesday analysis. "It uses

Critical Flaw in NextGen's Mirth Connect Could Expose Healthcare Data

By Newsroom
Users of Mirth Connect, an open-source data integration platform from NextGen HealthCare, are being urged to update to the latest version following the discovery of an unauthenticated remote code execution vulnerability. Tracked as CVE-2023-43208, the vulnerability has been addressed in version 4.4.1 released on October 6, 2023. "This is an easily exploitable, unauthenticated remote code

YoroTrooper: Researchers Warn of Kazakhstan's Stealthy Cyber Espionage Group

By Newsroom
A relatively new threat actor known as YoroTrooper is likely made up of operators originating from Kazakhstan. The assessment, which comes from Cisco Talos, is based on their fluency in Kazakh and Russian, use of Tenge to pay for operating infrastructure, and very limited targeting of Kazakhstani entities, barring the government's Anti-Corruption Agency. "YoroTrooper attempts to obfuscate the

Canada goosed as attackers shutter hospitals and China deepfakes its politicians

Eh? Canucks cracked by cyber crims

Cybercriminals have Canada in the crosshairs, with five Ontario hospitals and a fresh Spamoflague disinformation campaign targeting "dozens" of Canadian government officials, including the PM.…

  • October 25th 2023 at 19:45
  • ↗

Okta's Latest Security Breach Is Haunted by the Ghost of Incidents Past

By Lily Hay Newman
A recent breach of authentication giant Okta has impacted nearly 200 of its clients. But repeated incidents and the company’s delayed disclosure have security experts calling foul.

Pro-Russia group exploits Roundcube zero-day in attacks on European government emails

With this zero-day, researchers say the 'scrappy' group is stepping up its operations

The Winter Vivern cyber spy group is exploiting an XSS zero-day vulnerability in attacks on European governments.…

  • October 25th 2023 at 16:45
  • ↗

Nation State Hackers Exploiting Zero-Day in Roundcube Webmail Software

By Newsroom
The threat actor known as Winter Vivern has been observed exploiting a zero-day flaw in Roundcube webmail software on October 11, 2023, to harvest email messages from victims' accounts. "Winter Vivern has stepped up its operations by using a zero-day vulnerability in Roundcube," ESET security researcher Matthieu Faou said in a new report published today. Previously, it was using known

Critical OAuth Flaws Uncovered in Grammarly, Vidio, and Bukalapak Platforms

By Newsroom
Critical security flaws have been disclosed in the Open Authorization (OAuth) implementation of popular online services such as Grammarly, Vidio, and Bukalapak, building upon previous shortcomings uncovered in Booking[.]com and Expo. The weaknesses, now addressed by the respective companies following responsible disclosure between February and April 2023, could have allowed malicious actors to

A fortified data vault to give you peace of mind

Watch our webinar to hear more about comprehensive data protection from Zerto and HPE

Webinar It's a challenge to maintain the availability and security of mission critical data in today's environment. As IT teams know only too well, there's no quiet season for enterprise IT operations or cyber threats.…

  • October 25th 2023 at 12:53
  • ↗

The Rise of S3 Ransomware: How to Identify and Combat It

By The Hacker News
In today's digital landscape, around 60% of corporate data now resides in the cloud, with Amazon S3 standing as the backbone of data storage for many major corporations.  Despite S3 being a secure service from a reputable provider, its pivotal role in handling vast amounts of sensitive data (customer personal information, financial data, intellectual property, etc.), provides a juicy target for

Elon Musk Mocked Ukraine, and Russian Trolls Went Wild

By Matt Burgess
Inauthentic accounts on X flocked to its owner’s post about Ukrainian president Vlodymr Zelensky, hailing “Comrade Musk” and boosting pro-Russia propaganda.

Act Now: VMware Releases Patch for Critical vCenter Server RCE Vulnerability

By Newsroom
VMware has released security updates to address a critical flaw in the vCenter Server that could result in remote code execution on affected systems. The issue, tracked as CVE-2023-34048 (CVSS score: 9.8), has been described as an out-of-bounds write vulnerability in the implementation of the DCE/RPC protocol. "A malicious actor with network access to vCenter Server may trigger an out-of-bounds

Winter Vivern exploits zero-day vulnerability in Roundcube Webmail servers

ESET Research recommends updating Roundcube Webmail to the latest available version as soon as possible
  • October 25th 2023 at 09:30
  • ↗

Malvertising Campaign Targets Brazil's PIX Payment System with GoPIX Malware

By Newsroom
The popularity of Brazil's PIX instant payment system has made it a lucrative target for threat actors looking to generate illicit profits using a new malware called GoPIX. Kaspersky, which has been tracking the active campaign since December 2022, said the attacks are pulled off using malicious ads that are served when potential victims search for "WhatsApp web" on search engines. "The

Hunters International leaks pre-op plastic surgery pics in negotiation no-no

No honor among thieves as group denies Hive ransomware links

A newly emerged ransomware gang claims to have successfully gained access to the systems of a US plastic surgeon's clinic, leaking patients' pre-operation pictures in an attempt to hurry a ransom payment.…

  • October 25th 2023 at 08:30
  • ↗

Tenable + Ermetic

By /u/JustifiedSimplicity

With the recent close of Tenable’s Ermetic acquisition, does anyone know their plans for rolling this into the current suite? We’re existing Tenable Cloud Security customers and I’m wondering if the Ermetic app will replace the existing CS app or if they plan to integrate the two?

The current CS feature set came from their Accurics’ acquisition in 2021, and we’ve been a bit underwhelmed with how they’ve integrated this into the overall platform. It always felt a bit bolted on, not to mention the slow pace of development post acquisition.

With companies like Wiz grabbing mindshare, we’re hoping this play catches Tenable up.

submitted by /u/JustifiedSimplicity
[link] [comments]

Alert: PoC Exploits Released for Citrix and VMware Vulnerabilities

By Newsroom
Virtualization services provider VMware has alerted customers to the existence of a proof-of-concept (PoC) exploit for a recently patched security flaw in Aria Operations for Logs. Tracked as CVE-2023-34051 (CVSS score: 8.1), the high-severity vulnerability relates to a case of authentication bypass that could lead to remote code execution. "An unauthenticated, malicious actor can inject files

VMware reveals critical vCenter vuln that you may have patched already without knowing it

Takes rare step of issuing patches for end-of-life versions, as some staff report end-of-career letters

VMware has disclosed a critical vulnerability in its vCenter Server – and that it issued an update to fix it weeks ago, along with patches for unsupported versions of the software.…

  • October 25th 2023 at 04:30
  • ↗

The AI-Generated Child Abuse Nightmare Is Here

By Matt Burgess
Thousands of child abuse images are being created with AI. New images of old victims are appearing, as criminals trade datasets.

Hot fuzz: Cascade finds dozens of RISC-V chip bugs using random data storm

ETH Zurich boffins say they've devised a better CPU fuzzer to find flaws

Video Boffins from ETH Zurich have devised a novel fuzzer for finding bugs in RISC-V chips and have used it to find more than three dozen.…

  • October 24th 2023 at 21:41
  • ↗

Citrix urges 'immediate; patch for critical NetScaler bug as exploit POC made public

At this point, just assume your kit is compromised

Citrix has urged admins to "immediately" apply a fix for CVE-2023-4966, a critical information disclosure bug that affects NetScaler ADC and NetScaler Gateway, admitting it has been exploited.…

  • October 24th 2023 at 21:00
  • ↗

Ex-NSA techie pleads guilty to selling state secrets to Russia

Wannabe spy undone by system logs, among other lapses in judgement

A former US National Security Agency techie has plead guilty to six counts of violating the Espionage Act after being caught handing classified information to FBI agents he thought were Russian spies. …

  • October 24th 2023 at 16:45
  • ↗

1Password confirms attacker tried to pull list of admin users after Okta intrusion

Says logins are safe, as high-profile customers complain they knew about the breach before Okta

1Password is confirming it was attacked by cyber criminals after Okta was breached for the second time in as many years, but says customers' login details are safe.…

  • October 24th 2023 at 15:15
  • ↗

Element users are asking for protection against government encryption busting

NATO, United Nations, US DoD, and French government among its customer base

Element, one of the companies behind decentralized comms platform Matrix, says customers are asking it to insert a protective clause from the encryption-busting element of UK government's Online Safety Bill (OSB).…

  • October 24th 2023 at 14:30
  • ↗

Ex-NSA Employee Pleads Guilty to Leaking Classified Data to Russia

By Newsroom
A former employee of the U.S. National Security Agency (NSA) has pleaded guilty to charges accusing him of attempting to transmit classified defense information to Russia. Jareh Sebastian Dalke, 31, served as an Information Systems Security Designer for the NSA from June 6, 2022, to July 1, 2022, where he had Top Secret clearance to access sensitive documents. The latest development comes more

One login to rule them all: Should you sign in with Google or Facebook on other websites?

Why use and keep track of a zillion discrete accounts when you can log into so many apps and websites using your Facebook or Google credentials, right? Not so fast. What’s the trade-off?
  • October 23rd 2023 at 09:30
  • ↗

A Controversial Plan to Scan Private Messages for Child Abuse Meets Fresh Scandal

By Vas Panagiotopoulos
An EU government body is pushing a proposal to combat child sexual abuse material that has significant privacy implications. Its lead advocate is making things even messier.

A Powerful Tool US Spies Misused to Stalk Women Faces Its Potential Demise

By Dell Cameron
Though often viewed as the “crown jewel” of the US intelligence community, fresh reports of abuse by NSA employees and chaos in the US Congress put the tool's future in jeopardy.

34 Cybercriminals Arrested in Spain for Multi-Million Dollar Online Scams

By Newsroom
Spanish law enforcement officials have announced the arrest of 34 members of a criminal group that carried out various online scams, netting the gang about €3 million ($3.2 million) in illegal profits. Authorities conducted searches across 16 locations Madrid, Malaga, Huelva, Alicante, and Murcia, seizing two simulated firearms, a katana sword, a baseball bat, €80,000 in cash, four high-end

Make API Management Less Scary for Your Organization

By The Hacker News
While application development has evolved rapidly, the API management suites used to access these services remain a spooky reminder of a different era. Introducing new API management infrastructure with these legacy models still poses challenges for organizations as they modernize. Transitioning from monolithic architectures to agile microservices empowers developers to make quick changes. Using
❌