Infosecurity News
Ebury Botnet Operators Diversify with Financial and Crypto Theft
The 15-year-old Ebury botnet is more active than ever, as ESET found 400,000 Linux servers compromised for cryptocurrency theft and financial gain
The Hacker News
New Guide Explains How to Eliminate the Risk of Shadow SaaS and Protect Corporate Data
Beware of "Shadow SaaS" - a hidden threat to organizations. Learn more: click the link for a must-read guide.
Security Affairs
A flaw in the R programming language could allow code execution
A flaw in the R programming language enables the execution of arbitrary code when parsing specially crafted RDS and RDX files.
SecurityWeek
SafeBase Scores $33M Series B Investment
SafeBase has raised north of $50 million since launching in 2020 with plans to simplify vendor risk assessment disclosures.
DarkReading
Muddling Meerkat Poses Nation-State DNS Mystery
Likely China-linked adversary has blanketed the Internet with DNS mail requests over the past five years via open resolvers, furthering Great Firewall of China ambitions. But the exact nature of its activity is unclear.
Cyber Security News
xz-utils Backdoor Found in Kali Linux Installations - Check for Malware Infection
A backdoor was recently discovered in the xz-utils package versions 5.6.0 to 5.6.1, shocking the Linux community. This poses a significant threat to the security of Linux distributions, including Kali Linux.
SecurityWeek
'WallEscape' Linux Vulnerability Leaks User Passwords
Vulnerability (CVE-2024-28085) in core Linux system utilities package util-linux allows attackers to leak user passwords using fake prompts.
The DFIR Report
From OneNote to RansomNote: An Ice Cold Intrusion - The DFIR Report
Key Takeaways We provide a range of services, one of which is our Threat Feed, specializing in monitoring Command and Control frameworks like Cobalt Strike, Metasploit, Sliver, Viper, Mythic, Havoc, … Read More
The Hacker News
New Linux Bug Could Lead to User Password Leaks and Clipboard Hijacking
A new Linux vulnerability puts user passwords at risk. It exploits the "wall" command to potentially leak passwords on Ubuntu & Debian systems.
The Hacker News
Darcula Phishing Network Leveraging RCS and iMessage to Evade Detection
Beware of Darcula, a Phishing-as-a-Service platform targeting 100+ countries with over 20,000 fake domains.
Bleeping Computer
New Darcula phishing service targets iPhone users via iMessage
A new phishing-as-a-service (PhaaS) named 'Darcula' uses 20,000 domains to spoof brands and steal credentials from Android and iPhone users in more than 100 countries.
%20(2).webp)
Cyber Security News
How ChatGPT and Bard Are Patching Up JavaScript Flaws : New Research
Despite JavaScript's widespread use, writing secure code remains challenging, leading to web application vulnerabilities.
Ars Technica
Unpatchable vulnerability in Apple chip leaks secret encryption keys
Fixing newly discovered side channel will likely take a major toll on performance.
SecurityWeek
Tarsal Raises $6 Million for Security Data Movement Platform
Tarsal raises $6 million in a seed funding round led by Harpoon Ventures and Mango Capital and appoints new CTO.
Ars Technica
ASCII art elicits harmful responses from 5 major AI chatbots
LLMs are trained to block harmful responses. Old-school images can override those rules.
The Cyber Express
Cyble Rockets to Top 100 AI Startups List Funded by Y Combinator!
Atlanta-based Cyble Inc. has once again made waves in the cybersecurity industry. The trailblazing AI-powered threat intelligence platform secured a
DarkReading
CISO Corner: NSA Guidelines; a Utility SBOM Case Study; Lava Lamps
Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps.
Cyber Security News
Kali Linux 2024.1 Released with New Hacking Tools - What's New!
Kali Linux 2024.1 was released, marking the year's first release with new hacking tools, visual elements and updates.
Bleeping Computer
Kali Linux 2024.1 released with 4 new tools, UI refresh
Kali Linux has released version 2024.1, the first version of 2024, with four new tools, a theme refresh, and desktop changes.
Ars Technica
Doing DNS and DHCP for your LAN the old way—the way that works
Are you a sysadmin with control issues who needs a weekend project? Look no further!
CyberSecurity Dive
Bank of America customer data exposed in IT provider breach
Infosys McCamish Systems, which works closely with the lender, was impacted by the cybersecurity incident in November that exposed customer Social Security numbers and other account information.
CyberSecurity Dive
Contractual obligations driving data privacy, cybersecurity upgrades
To secure work from business partners, more companies are getting serious about having the right technical and legal safeguards, a specialist says.
Trend Micro
CVE-2024-21412: Water Hydra Targets Traders with Microsoft Defender SmartScreen Zero-Day
The APT group Water Hydra has been exploiting the zero-day Microsoft Defender SmartScreen vulnerability (CVE-2024-21412) in its campaigns targeting financial market traders. This vulnerability, which has now been patched by Microsoft, was discovered and disclosed by the Trend Micro Zero Day Initiative.
CyberNews
Another recall for Tesla could be in the works
US regulators upgraded a probe into Tesla's EV power steering system after thousands of drivers reported losing the ability to control their vehicle's steering wheel.
Bleeping Computer
DHS employees jailed for stealing data of 200K U.S. govt workers
Three former Department of Homeland Security (DHS) employees were sentenced to prison for stealing proprietary U.S. government software and databases containing the personal data of 200,000 federal employees.
DarkReading
CISO Corner: Deep Dive Into SecOps, Insurance, & CISOs' Evolving Role
Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps.
Bleeping Computer
Tesla hacked again, 24 more zero-days exploited at Pwn2Own Tokyo
Security researchers hacked the Tesla infotainment system and demoed a total of 24 zero-days on the second day of the Pwn2Own Automotive 2024 hacking competition.
HACKRead
Pwn2Own Automotive: Tesla, Sony, Alpine Players Breached on Day One
Bug Bounty Bonanza: Hackers Rake in Millions as Connected Cars Show Security Cracks at Pwn2Own Automotive 2024.
Bleeping Computer
Tesla hacked, 24 zero-days demoed at Pwn2Own Automotive 2024
Security researchers hacked a Tesla Modem and collected awards of $722,500 on the first day of Pwn2Own Automotive 2024 for three bug collisions and 24 unique zero-day exploits.
The Cyber Express
Australia Reels from Widespread Cyberattacks, PM Albanese Terms it a ‘Scourge’
In the wake of a coordinated cyberattacks on Australia, Prime Minister Anthony Albanese has labeled the incident a 'scourge,' vowing
Security Affairs
Experts created a PoC for Apache OFBiz flaw CVE-2023-51467
Researchers published a proof-of-concept (PoC) code for the recently disclosed critical flaw CVE-2023-51467 in the Apache OfBiz.
Cyber Security News
Critical Apache OFBiz Zero-day Flaw Exploited in the Wild
Researchers uncovered Bypass Zero-day flaw tracked as CVE-2023-51467, with a CVSS score of 9.8 affecting Apache OFBiz open-source.
The Record
Vulnerability laws create ‘bug bounties with Chinese characteristics’
The Click Here podcast team talks with research analyst Dakota Cary about China’s vulnerability disclosure process and how a recent law is part of a broad plan to reinvigorate its pipeline of cyber talent.
Bleeping Computer
Apache OFBiz RCE flaw exploited to find vulnerable Confluence servers
A critical Apache OFBiz pre-authentication remote code execution vulnerability is being actively exploited using public proof of concept (PoC) exploits.
Security Affairs
Experts warn of critical Zero-Day in Apache OfBiz
Experts warn of new zero-day flaw that affects Apache OfBiz, an open-source Enterprise Resource Planning (ERP) system.
The Hacker News
Critical Zero-Day in Apache OfBiz ERP System Exposes Businesses to Attack
A zero-day security flaw discovered in Apache OfBiz ERP system could allow unauthorized access.
The Cyber Express
Y Combinator Spotlights AI-powered Threat Intelligence Platform Cyble Among Top Startups
Atlanta-based Cyble Inc., a trailblazing AI-powered threat intelligence platform, has reached a remarkable milestone by earning recognition among the distinguished
HACKRead
Kali Linux 2023.4 is Out: Cloud ARM64, Hyper-V, Pi 5, & More!
Attention Kali Linux enthusiasts! Your holiday treat has arrived with the release of Kali Linux 2023.4, packed with a plethora of new features. Download now and elevate your Kali experience!
Cyber Security News
Kali Linux 2023.4 Released With New Hacking Tools
Offensive Security releases Kali Linux 2023.4, the latest version of the popular operating system and is the last 2023 version.
Bleeping Computer
Kali Linux 2023.4 released with GNOME 45 and 15 new tools
Kali Linux 2023.4, the fourth and final version of 2023, is now available for download, with fifteen new tools and the GNOME 45 desktop environment.
Bleeping Computer
Linux version of Qilin ransomware focuses on VMware ESXi
A sample of the Qilin ransomware gang's VMware ESXi encryptor has been found and it could be one of the most advanced and customizable Linux encryptors seen to date.
CyberNews
Tech whiz kid Sam Altman is out of OpenAI for good: what happened?
Sam Altman, the ousted CEO of ChatGPT creator OpenAI, will definitely not return to the company he co-founded. It’s time to ask what happened.
The Record
Aspen Cyber Summit 2023 — Live Coverage
Laurie Locascio, the director of the National Institute of Standards and Technology (NIST), kicked off the conference by discussing what will surely be a recurring theme: artificial intelligence.
The Record
Ukraine’s deputy minister of digital transformation on building a military tech sector from scratch
On a recent trip to Ukraine, Click Here spoke with Ukraine's Alex Bornyakov about the country's booming drone sector and the Brave1 initiative, which aims to get innovative weapons into the hands of soldiers in a matter of weeks, not months.
Ars Technica
University of Chicago researchers seek to “poison” AI art generators with Nightshade
Altered images could destroy AI model training efforts that scrape art without consent.
Ars Technica
RIP to my 8-port Unifi switch after years and years of Texas outdoor temps
Turns out that only lightning could kill the otherwise-unkillable US-8-150W.
The Record
Chilean government warns of Black Basta ransomware attacks after customs incident
The government of Chile warned of ransomware attacks by a notorious gang of hackers after its customs department dealt with an incident on Tuesday.
Trend Micro
Exposing Infection Techniques Across Supply Chains and Codebases
This entry delves into threat actors' intricate methods to implant malicious payloads within seemingly legitimate applications and codebases.
The Hacker News
LUCR-3: Scattered Spider Getting SaaS-y in the Cloud
🚨Beware of LUCR-3 (aka Scattered Spider) – a threat actor targeting Fortune 2000 companies for extortion.
The Hacker News
Zanubis Android Banking Trojan Poses as Peruvian Government App to Target Users
New Android banking trojan Zanubis disguises as a Peruvian government app to infiltrate your device.
Infosecurity News
Android Banking Trojan Zanubis Evolves to Target Peruvian Users
The Trojan utilizes the Obfuscapk obfuscator for Android APK files, Kaspersky explained
The DFIR Report
From ScreenConnect to Hive Ransomware in 61 hours - The DFIR Report
In 2022, The DFIR Report observed an increase in the adversarial usage of Remote Management and Monitoring (RMM) tools. When compared to post-exploitation channels that heavily rely on terminals, such … Read More
Ars Technica
Funky AI-generated spiraling medieval village captivates social media
"This was the point where AI-generated art passed the Turing Test for me."
SecurityWeek
Hacker Conversations: Alex Ionescu
SecurityWeek talks to Alex Ionescu, a cybersecurity expert who combined a career as a business executive with that of a security researcher.
SecurityWeek
Over $1 Million Offered at New Pwn2Own Automotive Hacking Contest
ZDI is offering more than $1 million at the Pwn2Own Automotive hacking contest, hosted in January at the Automotive World conference in Tokyo.
DataBreaches
Joint statement on data scraping and data protection
The Information Commissioner’s Office and eleven other data protection and privacy authorities from around the world have today published a joint...
Cyber Security News
Kali Linux 2023.3 Released - What's New!
Offensive Security recently launched Kali Linux 2023.3 with several new mods, changes, and new tools, which bring a multitude of positive effects and benefits to end-users.
Naked Security
Using WinRAR? Be sure to patch against these code execution bugs…
Imagine if you clicked on a harmless-looking image, but an unknown application fired up instead…
Bleeping Computer
Kali Linux 2023.3 released with 9 new tools, internal changes
Kali Linux 2023.3, the third version of 2023, is now available for download, with nine new tools and internal optimizations.
DataBreaches
El Salvadoran database raises questions of possible political intrigue
A database listed for sale on a popular hacking forum may raise some political questions for El Salvadorans. On August 16, a listing offered 114GB of files...
Naked Security
S3 Ep146: Tell us about that breach! (If you want to.)
Serious security stories explained clearly in plain English – listen now. (Full transcript available.)
Ars Technica
Hosting Ars, part three: CI/CD, or how I learned to stop worrying and love DevOps
This time we discuss how we manage, update, and deploy the code that makes Ars work.
SecurityWeek
Human Cyber-Risk Can Be Demonstrably Mitigated by Behavior Changing Training: Analysis
The process of encouraging secure cyber habits in end users is evolving from traditional awareness training toward changing user behavior.
Ars Technica
Meta launches Llama 2, an open source AI model that allows commercial applications
A family of pretrained and fine-tuned language models in sizes from 7 to 70 billion parameters.
DataBreaches
BlackCat adds a community behavioral health center in Alabama to its leak site (UPDATED)
AlphV (aka BlackCat) threat actors have added Highland Health Systems in Alabama to their leak site. As proof of claims, they have leaked a number of files...
Naked Security
Zimbra Collaboration Suite warning: Patch this 0-day right now (by hand)!
Zimbra didn’t actually say, “Do not delay/Do it today,” but they did say, “We kindly request your cooperation to apply the fix manually.”
SecurityWeek
Infisical Snags $2.8M Seed Funding for Secrets Sprawl Security Tech
Infisical banks $2.8 million in seed funding as investors continue to bet on companies in the software supply chain security space.
Ars Technica
Op-ed: Why the great #TwitterMigration didn’t quite pan out
The flight from Musk's Twitter to the "free" fediverse never really took off.
DarkReading
Open Source LLM Projects Likely Insecure, Risky to Use
New LLM-based projects typically become successful in a short period of time, but the security posture of these generative AI projects are very low, making them extremely unsafe to use.
The Hacker News
Startup Security Tactics: Friction Surveys
Startup Security Tactics: Friction Surveys | Read more hacking news on The Hacker News cybersecurity news website and learn how to protect against cyberattacks and software vulnerabilities.
The DFIR Report
A Truly Graceful Wipe Out - The DFIR Report
In this intrusion, dated May 2023, we observed Truebot being used to deploy Cobalt Strike and FlawedGrace (aka GraceWire & BARBWIRE) resulting in the exfiltration of data and the deployment … Read More
Bleeping Computer
Kali Linux 2023.2 released with 13 new tools, pre-built HyperV image
Kali Linux 2023.2, the second version of 2023, is now available with a pre-built Hyper-V image and thirteen new tools, including the Evilginx framework for stealing credentials and session cookies.
Cyber Security News
Kali Linux 2023.2 Released - What's New!
Offensive Security launched Kali Linux 2023.2, an updated Penetration testing distro with new features, hacking tools, and various updates.
DataBreaches
Bits ‘n Pieces (Trozos y Piezas)
CO: SECOP II platform affected by “presumed hacking” The SECOP II platform is a transactional platform with accounts for state entities and contractors...
ZDNet
Linux security: What is sudo and why is it so important?
Sudo stands for "superuser do" and effectively gives a regular user access to administrator-like powers. Here's how to use this powerful tool.
Security Affairs
Smashing Pumpkins frontman paid ransom to a hacker who threatened to leak the band’s songs
The frontman of the American alternative rock band Smashing Pumpkins, Billy Corgan, has revealed he paid hackers who stole the band’s songs The frontman of the alternative rock band Smashing Pumpkins, Billy Corgan, revealed he paid a ransom after a hacker stole the band’s songs and threatened to leak them. The hacker stole some of the most important songs from […]
DataBreaches
Bits ‘n Pieces (Trozos y Piezas)
CL: Saville Row attacked by BlackCat Saville Row, a Chilean clothing store, was added to BlackCat’s leak site on April 21. Sample files provided by the...
Security Affairs
Thousands of publicly-exposed Apache Superset installs exposed to RCE attacks
Apache Superset open-source data visualization platform is affected by an insecure default configuration that could lead to remote code execution. Apache Superset is an open-source data visualization and data exploration platform. The maintainers of the software have released security patches to address an insecure default configuration, tracked as CVE-2023-27524 (CVSS score: 8.9), that could lead to remote […]
The Hacker News
Apache Superset Vulnerability: Insecure Default Configuration Exposes Servers to RCE Attacks
A dangerous default configuration in Apache Superset has been discovered, which (CVE-2023-27524) could allow attackers to gain remote code execution.
Bleeping Computer
Google: Ukraine targeted by 60% of Russian phishing attacks in 2023
Google's Threat Analysis Group (TAG) has been monitoring and disrupting Russian state-backed cyberattacks targeting Ukraine's critical infrastructure in 2023.
DataBreaches
Bits ‘n Pieces (Trozos y Piezas)
Cementos Bío-Bío S.A attacked by BlackByte Cementos Bio-Bio S.A, a Chilean cement company, was added to BlackBye’s leaks site on April 9. DataBreaches...
ZDNet
4 ways to secure your remote work setup
Your at-home or on-the-go work setup could be compromising your company's security. Experts told ZDNET how you can avoid common vulnerabilities.
DataBreaches
Bits ‘n Pieces (Trozos y Piezas)
CL: Attack on multinational SONDA claimed by Medusa The Chilean IT multinational SONDA, which has a presence in 11 countries, has been placed on the leaks page...
ZDNet
How to encrypt a file on Linux (and when you should)
Looking for the easiest method for protecting a file behind a layer of encryption in Linux? Here are two easy ways.
DataBreaches
Bits ‘n Pieces (Trozos y Piezas)
ES: Secondary education center hit by Stormous After several months out of the public eye, the pro-Russian Stormous Ransomware group reappeared in February...
Naked Security
In Memoriam – Gordon Moore, who put the more in “Moore’s Law”
His prediction was called a “Law”, though it was an exhortation to engineering excellence as much it was an estimate.
DataBreaches
Bits ‘n Pieces (Trozos y Piezas)
CR: CONASSIF Hacked With Chinese Characters El Consejo Nacional de Supervisión del Sistema Financiero (CONASSIF) is involved with the Costa Rican financial...
Ars Technica
If your Netgear Orbi router isn’t patched, you’ll want to change that pronto
The threat is serious enough to warrant a manual check ASAP.
Naked Security
Dangerous Android phone 0-day bugs revealed – patch or work around them now!
Despite its usually inflexible 0-day disclosure policy, Google is keeping four mobile modem bugs semi-secret due to likely ease of exploitation.
DataBreaches
Bits ‘n Pieces (Trozos y Piezas)
ES: HLA Grupo Hospitalario data listed for sale after web server misconfiguration On March 14, a forum user on BreachForums listed data from the HLA Grupo...
Bleeping Computer
Kali Linux 2023.1 introduces 'Purple' distro for defensive security
Offensive Security has released Kali Linux 2023.1, the first version of 2023 and the project's 10th anniversary, with a new distro called 'Kali Purple,' aimed at Blue and Purple teamers for defensive security.
DataBreaches
Bits ‘n Pieces (Trozos y Piezas)
CL: BlackCat confirms attack on Fonasa DataBreaches recently reported a malware attack on Chile’s National Health Fund (FONASA). There is an update to...
Naked Security
Feds warn about right Royal ransomware rampage that runs the gamut of TTPs
Wondering which cybercrime tools, techniques and procedures to focus on? How about any and all of them?
DataBreaches
Bits ‘n Pieces (Trozos y Piezas)
ES: Stormous claims attack on Zurcal The Zurcal group, which belongs to the energy saving and efficiency sector, has been named by Stormous Ransomware in its...
DataBreaches
Bits ‘n Pieces (Trozos y Piezas)
CO: The Red de Salud del Norte Joaquín Paz Borrero Hospital hit with ransomware The Cali District Government has implemented its contingency plan due to a...
Naked Security
S3 Ep123: Crypto company compromise kerfuffle [Audio + Text]
Latest episode – listen now! Top-notch advice for cybersecurity, both at work and at home.
Naked Security
NPM JavaScript packages abused to create scambait links in bulk
Free spins? Bonus game points? Cheap social media followers? What harm could it possibly do if you just take a tiny little look?!
Naked Security
Coinbase breached by social engineers, employee data stolen
Another day, another “sophisticated” attack. This time, the company has handily included some useful advice along with its mea culpa…
DataBreaches
Bits ‘n Pieces (Trozos y Piezas)
ES: Cosmetics firm added by LockBit Skin and hair products firm Montibello has been added by LockBit3.0 to their leaks page. The listing was added on...
Security Affairs
AdSense fraud campaign relies on 10,890 sites that were infected since September 2022
The threat actors behind a massive AdSense fraud campaign infected 10,890 WordPress sites since September 2022. In November 2022, researchers from security firm Sucuri reported to have tracked a surge in WordPress malware redirecting website visitors to fake Q&A sites via ois[.]is. The experts were tracking the campaign since September 2022, the campaign’s end goal was black […]
Loading more articles....