FreshRSS

🔒
☐ ☆ ✇ The Hacker News

High-Severity Flaws Uncovered in Atlassian Products and ISC BIND Server

By THN — September 22nd 2023 at 08:00
Atlassian and the Internet Systems Consortium (ISC) have disclosed several security flaws impacting their products that could be exploited to achieve denial-of-service (DoS) and remote code execution. The Australian software services provider said that the four high-severity flaws were fixed in new versions shipped last month. This includes - CVE-2022-25647 (CVSS score: 7.5) - A deserialization
☐ ☆ ✇ The Register - Security

ESA gets the job of building Europe's secure satcomms network

September 22nd 2023 at 05:31

IRIS2 oversight deal signed as constellation’s schedule slips, and Ariane 6 hits another snag

The European Space Agency has signed up to build and launch the European Union's Infrastructure for Resilience, Interconnectivity and Security by Satellite constellation.…

☐ ☆ ✇ The Hacker News

Apple Rushes to Patch 3 New Zero-Day Flaws: iOS, macOS, Safari, and More Vulnerable

By THN — September 22nd 2023 at 02:11
Apple has released yet another round of security patches to address three actively exploited zero-day flaws impacting iOS, iPadOS, macOS, watchOS, and Safari, taking the total tally of zero-day bugs discovered in its software this year to 16. The list of security vulnerabilities is as follows - CVE-2023-41991 - A certificate validation issue in the Security framework that could allow a
☐ ☆ ✇ The Register - Security

US govt IT help desk techie 'leaked top secrets' to foreign nation

September 21st 2023 at 22:10

National defense files can earn you $55K … and espionage charges

A US government worker has been arrested and charged with spying for Ethiopia, according to court documents unsealed Thursday.…

☐ ☆ ✇ The Hacker News

Mysterious 'Sandman' Threat Actor Targets Telecom Providers Across Three Continents

By THN — September 21st 2023 at 19:55
A previously undocumented threat actor dubbed Sandman has been attributed to a set of cyber attacks targeting telecommunic koation providers in the Middle East, Western Europe, and the South Asian subcontinent. Notably, the intrusions leverage a just-in-time (JIT) compiler for the Lua programming language known as LuaJIT as a vehicle to deploy a novel implant called LuaDream. "The activities we
☐ ☆ ✇ The Register - Security

TransUnion reckons big dump of stolen customer data came from someone else

September 21st 2023 at 18:58

Prolific info-thief strikes again

Updated Days after a miscreant boasted leaking a 3GB-plus database from TransUnion containing financial information on 58,505 people, the credit-checking agency has claimed the info was actually swiped from a third party.…

☐ ☆ ✇ WeLiveSecurity

OilRig’s Outer Space and Juicy Mix: Same ol’ rig, new drill pipes

September 21st 2023 at 18:30
ESET researchers document OilRig’s Outer Space and Juicy Mix campaigns, targeting Israeli organizations in 2021 and 2022
☐ ☆ ✇ The Register - Security

Cisco spends $28B on data cruncher Splunk in cybersecurity push

September 21st 2023 at 14:55

$157/share cash deal is the largest acquisition in networking titan's history

Cisco is making its most expensive acquisition ever – by far - with an announcement it's buying data crunching software firm Splunk for $157 per share, or approximately $28 billion (£22.8b).…

☐ ☆ ✇ The Hacker News

Researchers Raise Red Flag on P2PInfect Malware with 600x Activity Surge

By THN — September 21st 2023 at 12:51
The peer-to-peer (P2) worm known as P2PInfect has witnessed a surge in activity since late August 2023, witnessing a 600x jump between September 12 and 19, 2023. "This increase in P2PInfect traffic has coincided with a growing number of variants seen in the wild, suggesting that the malware's developers are operating at an extremely high development cadence," Cado Security researcher Matt Muir
☐ ☆ ✇ The Hacker News

The Rise of the Malicious App

By The Hacker News — September 21st 2023 at 10:38
Security teams are familiar with threats emanating from third-party applications that employees add to improve their productivity. These apps are inherently designed to deliver functionality to users by connecting to a “hub” app, such as Salesforce, Google Workspace, or Microsoft 365. Security concerns center on the permission scopes that are granted to the third party apps, and the potential
☐ ☆ ✇ The Register - Security

Menacing marketeers fined by ICO for 1.9M cold calls

September 21st 2023 at 10:17

Five businesses facing half a million in collective penalties for illegally phoning folk registered with TPS

The UK data watchdog has penalized five businesses it says collectively made 1.9 million cold calls to members of the public, illegally, as those people had opted out of being menaced at home by marketeers.…

☐ ☆ ✇ The Hacker News

China Accuses U.S. of Decade-Long Cyber Espionage Campaign Against Huawei Servers

By THN — September 21st 2023 at 09:39
China's Ministry of State Security (MSS) has accused the U.S. of breaking into Huawei's servers, stealing critical data, and implanting backdoors since 2009, amid mounting geopolitical tensions between the two countries. In a message posted on WeChat, the government authority said U.S. intelligence agencies have "done everything possible" to conduct surveillance, secret theft, and intrusions on
☐ ☆ ✇ The Hacker News

Cyber Group 'Gold Melody' Selling Compromised Access to Ransomware Attackers

By THN — September 21st 2023 at 09:11
A financially motivated threat actor has been outed as an initial access broker (IAB) that sells access to compromised organizations for other adversaries to conduct follow-on attacks such as ransomware. SecureWorks Counter Threat Unit (CTU) has dubbed the e-crime group Gold Melody, which is also known by the names Prophet Spider (CrowdStrike) and UNC961 (Mandiant). "This financially motivated
☐ ☆ ✇ The Hacker News

Ukrainian Hacker Suspected to be Behind "Free Download Manager" Malware Attack

By THN — September 21st 2023 at 08:48
The maintainers of Free Download Manager (FDM) have acknowledged a security incident dating back to 2020 that led to its website being used to distribute malicious Linux software. "It appears that a specific web page on our site was compromised by a Ukrainian hacker group, exploiting it to distribute malicious software," it said in an alert last week. "Only a small subset of users, specifically
☐ ☆ ✇ The Register - Security

India's biggest tech centers named as cyber crime hotspots

September 21st 2023 at 06:57

Global tech companies' Bharat offices attract the wrong sort of interest

India is grappling with a three-and-a-half year surge in cyber crime, with analysis suggesting cities like Bengaluru and Gurugram – centers of India's tech development – are hubs of this activity.…

☐ ☆ ✇ The Register - Security

Data breach reveals distressing info: People who order pineapple on pizza

September 21st 2023 at 06:27

Pizza Hut Australia says 190,000 customers' info – including order history – has been accessed

Pizza Hut's Australian outpost has suffered a data breach.…

☐ ☆ ✇ The Hacker News

Beware: Fake Exploit for WinRAR Vulnerability on GitHub Infects Users with Venom RAT

By THN — September 21st 2023 at 05:03
A malicious actor released a fake proof-of-concept (PoC) exploit for a recently disclosed WinRAR vulnerability on GitHub with an aim to infect users who downloaded the code with Venom RAT malware. "The fake PoC meant to exploit this WinRAR vulnerability was based on a publicly available PoC script that exploited a SQL injection vulnerability in an application called GeoServer, which is tracked
☐ ☆ ✇ The Register - Security

Feds raise alarm over Snatch ransomware as extortion crew brags of Veterans Affairs hit

September 20th 2023 at 22:32

Invasion of the data snatchers

The Snatch ransomware crew has listed on its dark-web site the Florida Department of Veterans Affairs as one of its latest victims – as the Feds warn organizations to be on the lookout for indicators of compromise linked to the extortionist gang.…

☐ ☆ ✇ The Register - Security

Signal adopts new alphabet jumble to protect chats from quantum computers

September 20th 2023 at 20:28

X3DH readied for retirement as PQXDH is rolled out

Signal has adopted a new key agreement protocol in an effort to keep encrypted Signal chat messages protected from any future quantum computers.…

☐ ☆ ✇ The Register - Security

International Criminal Court hit in cyber-attack amid Russia war crimes probe

September 20th 2023 at 19:46

Right as judges issued warrants against Putin

The International Criminal Court said crooks breached its IT systems last week, and that attack isn't over yet, with the ICC saying the "cybersecurity incident" is still ongoing.…

☐ ☆ ✇ The Register - Security

Pot calls the kettle hack as China claims Uncle Sam did digital sneak peek first

September 20th 2023 at 17:06

Beijing accuses US of breaking into Huawei servers in 2009

The ongoing face-off between Washington and Beijing over technology and security issues has taken a new twist, with China accusing the US of hacking into the servers of Huawei in 2009 and conducting other cyber-attacks to steal critical data.…

☐ ☆ ✇ The Register - Security

Robocall scammers sentenced in US after netting $1.2M via India-based call centers

September 20th 2023 at 13:29

Part of network of crims who used 'trickery and threats' to target elderly

Two Indian nationals have each received 41-month prison sentences in the United States for their involvement in a $1.2 million robocall scam targeting the elderly, according to New Jersey prosecutors on Tuesday.…

☐ ☆ ✇ The Hacker News

Finnish Authorities Dismantle Notorious PIILOPUOTI Dark Web Drug Marketplace

By THN — September 20th 2023 at 12:51
Finnish law enforcement authorities have announced the takedown of PIILOPUOTI, a dark web marketplace that specialized in illegal narcotics trade since May 2022. "The site operated as a hidden service in the encrypted TOR network," the Finnish Customs (aka Tulli) said in a brief announcement on Tuesday. "The site has been used in anonymous criminal activities such as narcotics trade." The agency
☐ ☆ ✇ The Hacker News

Critical Security Flaws Exposed in Nagios XI Network Monitoring Software

By THN — September 20th 2023 at 12:38
Multiple security flaws have been disclosed in the Nagios XI network monitoring software that could result in privilege escalation and information disclosure. The four security vulnerabilities, tracked from CVE-2023-40931 through CVE-2023-40934, impact Nagios XI versions 5.11.1 and lower. Following responsible disclosure on August 4, 2023, They have been patched as of September 11, 2023, with
☐ ☆ ✇ The Register - Security

Sysadmin and spouse admit to part in 'massive' pirated Avaya licenses scam

September 20th 2023 at 12:17

Could spend 20 years in prison after selling $88M in ADI software keys

A sysadmin and his partner pleaded guilty this week to being part of a "massive" international ring that sold software licenses worth $88 million for "significantly below the wholesale price."…

☐ ☆ ✇ The Hacker News

Do You Really Trust Your Web Application Supply Chain?

By The Hacker News — September 20th 2023 at 10:34
Well, you shouldn’t. It may already be hiding vulnerabilities. It's the modular nature of modern web applications that has made them so effective. They can call on dozens of third-party web components, JS frameworks, and open-source tools to deliver all the different functionalities that keep their customers happy, but this chain of dependencies is also what makes them so vulnerable. Many of
☐ ☆ ✇ The Hacker News

Fresh Wave of Malicious npm Packages Threaten Kubernetes Configs and SSH Keys

By THN — September 20th 2023 at 10:13
Cybersecurity researchers have discovered a fresh batch of malicious packages in the npm package registry that are designed to exfiltrate Kubernetes configurations and SSH keys from compromised machines to a remote server. Sonatype said it has discovered 14 different npm packages so far: @am-fe/hooks, @am-fe/provider, @am-fe/request, @am-fe/utils, @am-fe/watermark, @am-fe/watermark-core, @
☐ ☆ ✇ The Hacker News

Sophisticated Phishing Campaign Targeting Chinese Users with ValleyRAT and Gh0st RAT

By THN — September 20th 2023 at 09:56
Chinese-language speakers have been increasingly targeted as part of multiple email phishing campaigns that aim to distribute various malware families such as Sainbox RAT, Purple Fox, and a new trojan called ValleyRAT. "Campaigns include Chinese-language lures and malware typically associated with Chinese cybercrime activity," enterprise security firm Proofpoint said in a report shared with The
☐ ☆ ✇ The Hacker News

Signal Messenger Introduces PQXDH Quantum-Resistant Encryption

By THN — September 20th 2023 at 09:29
Encrypted messaging app Signal has announced an update to the Signal Protocol to add support for quantum resistance by upgrading the Extended Triple Diffie-Hellman (X3DH) specification to Post-Quantum Extended Diffie-Hellman (PQXDH). "With this upgrade, we are adding a layer of protection against the threat of a quantum computer being built in the future that is powerful enough to break current
☐ ☆ ✇ The Register - Security

Broaden your cyber security knowhow at CyberThreat 2023

September 20th 2023 at 09:23

November’s two day conference sees experts from the cyber security community share their insight and knowledge

Sponsored Post Cyber security remains a top three priority for most, if not all, organisations. The risks associated with failure to implement adequate defences were once again highlighted by the ransomware incident which impacted several hospital computer systems across the US last month.…

☐ ☆ ✇ The Hacker News

GitLab Releases Urgent Security Patches for Critical Vulnerability

By THN — September 20th 2023 at 07:18
GitLab has shipped security patches to resolve a critical flaw that allows an attacker to run pipelines as another user. The issue, tracked as CVE-2023-5009 (CVSS score: 9.6), impacts all versions of GitLab Enterprise Edition (EE) starting from 13.12 and prior to 16.2.7 as well as from 16.3 and before 16.3.4. "It was possible for an attacker to run pipelines as an arbitrary user via scheduled
☐ ☆ ✇ The Register - Security

Singapore may split liability for phishing losses between banks and victims

September 20th 2023 at 05:45

Won't someone please think of the banks?

Singapore officials announced on Monday that next month they will deliver a consultation paper detailing a split liability scheme that will mean both consumers and banks are on the hook for financial losses flowing from scams.…

☐ ☆ ✇ The Hacker News

Trend Micro Releases Urgent Fix for Actively Exploited Critical Security Vulnerability

By THN — September 20th 2023 at 05:28
Cybersecurity company Trend Micro has released patches and hotfixes to address a critical security flaw in Apex One and Worry-Free Business Security solutions for Windows that has been actively exploited in real-world attacks. Tracked as CVE-2023-41179 (CVSS score: 9.1), it relates to a third-party antivirus uninstaller module that's bundled along with the software. The complete list of impacted
☐ ☆ ✇ The Register - Security

Marvell disputes claim Cavium backdoored chips for Uncle Sam

September 19th 2023 at 20:55

Allegations date back a decade to leaked Snowden docs

Cavium, a maker of semiconductors acquired in 2018 by Marvell, was allegedly identified in documents leaked in 2013 by Edward Snowden as a vendor of semiconductors backdoored for US intelligence. Marvell denies it or Cavium placed backdoors in products at the behest of the US government.…

☐ ☆ ✇ The Register - Security

Russian allegedly smuggled US weapons electronics to Moscow

September 19th 2023 at 19:55

Feds claim sniper scope displays sold in sanctions-busting move

A Russian national helped smuggle, via shell companies in Hong Kong, more than $1.6 million in microelectronics to Moscow potentially to support its war against Ukraine, it is claimed.…

☐ ☆ ✇ WIRED

Chinese Spies Infected Dozens of Networks With Thumb Drive Malware

By Andy Greenberg — September 19th 2023 at 14:00
Security researchers found USB-based Sogu espionage malware spreading within African operations of European and US firms.
☐ ☆ ✇ The Hacker News

ShroudedSnooper's HTTPSnoop Backdoor Targets Middle East Telecom Companies

By THN — September 19th 2023 at 12:35
Telecommunication service providers in the Middle East are the target of a new intrusion set dubbed ShroudedSnooper that employs a stealthy backdoor called HTTPSnoop. "HTTPSnoop is a simple, yet effective, backdoor that consists of novel techniques to interface with Windows HTTP kernel drivers and devices to listen to incoming requests for specific HTTP(S) URLs and execute that content on the
❌