Security Affairs
Security Affairs newsletter Round 447 by Pierluigi Paganini
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
SecurityWeek
Breaches by Iran-Affiliated Hackers Spanned Multiple U.S. States, Federal Agencies Say
The Municipal Water Authority of Aliquippa was just one of multiple organizations breached in the U.S. by Iran-linked "Cyber Av3ngers" hackers
Security Affairs
Experts devised attack technique to extract ChatGPT training data
Researchers devised an attack technique that could have been used to trick ChatGPT into disclosing training data.
PCMag
23andMe Hackers Accessed Over 14,000 Customer Accounts
The hack, which provided unauthorized access to 'files containing profile information about other users’ ancestry,' impacted 0.1% of 23andMe's users worldwide.
Bleeping Computer
Over 20,000 vulnerable Microsoft Exchange servers exposed to attacks
Tens of thousands of Microsoft Exchange email servers in Europe, the U.S., and Asia exposed on the public internet are vulnerable to remote code execution flaws.
Bleeping Computer
Google Chrome's new cache change could boost performance
Google is introducing a significant change to Chrome's Back/Forward Cache (BFCache) behavior, allowing web pages to be stored in the cache, even if a webmaster specifies not to store a page in the browser's cache.
Bleeping Computer
US Health Dept urges hospitals to patch critical Citrix Bleed bug
The U.S. Department of Health and Human Services (HHS) warned hospitals this week to patch the critical 'Citrix Bleed' Netscaler vulnerability actively exploited in attacks.
Cyber Security News
Google Revealed RETVec to Defend Malicious Emails & Spam for Gmail Users
Researchers at Google recently developed and unveiled a new resilient and efficient text vectorizer dubbed as "RETVec,".
The Hacker News
Agent Racoon Backdoor Targets Organizations in Middle East, Africa, and U.S.
A mysterious malware called Agent Racoon is infiltrating organizations in the Middle East, Africa, and the U.S.
Security Affairs
Fortune-telling website WeMystic exposes 13M+ user records
WeMystic, a website on astrology, numerology, tarot, and spiritual orientation, left an open database exposing 34GB of sensitive data.
The Hacker News
Russian Hacker Vladimir Dunaev Convicted for Creating TrickBot Malware
Russian national Vladimir Dunaev found guilty for developing TrickBot malware, facing up to 35 years in prison.
HACKRead
Particle Network's Intent-Centric Approach Aims to Simplify and Secure Web3
Discover Particle Network’s Web3 evolution! From a Wallet-as-a-Service tool to the Intent-Centric Modular Access Layer, explore the platform’s commitment to empowering developers and enhancing user experiences.
CSO
Is China waging a cyber war with Taiwan?
Nation-state hacking groups based in China have sharply ramped up cyberattacks against Taiwan this year, according to multiple reports.
HACKRead
Cyberattack Defaces Israeli-Made Equipment at US Water Agency, Brewing Firm
The targets included the Equipment used by the Municipal Water Authority of Aliquippa, Pennsylvania and Brewmation, a New York-based company specializing in turnkey brewing and distilling equipment.
Security Affairs
Expert warns of Turtle macOS ransomware
The popular cybersecurity researcher Patrick Wardle dissected the new macOS ransomware Turtle used to target Apple devices.
Bleeping Computer
The Week in Ransomware - December 1st 2023 - Police hits affiliates
An international law enforcement operation claims to have dismantled a ransomware affiliate operation in Ukraine, which was responsible for attacks on organizations in 71 countries.
Bleeping Computer
TrickBot malware dev pleads guilty, faces 35 years in prison
On Thursday, a Russian national pleaded guilty to charges related to his involvement in developing and deploying the Trickbot malware, which was used in attacks against hospitals, companies, and individuals in the United States and worldwide.
Ars Technica
1960s chatbot ELIZA beat OpenAI’s GPT-3.5 in a recent Turing test study
AI chatbot deception paper suggests that some bots (and people) aren't very persuasive.
Ars Technica
Broadcom cuts at least 2,800 VMware jobs following $69 billion acquisition
Broadcom hasn't said how many people will be affected, or much of anything else.
PCMag
A Lucrative Scam: Black Basta Ransomware Gang Rakes in $107 Million
The Russian-speaking group has received Bitcoin payments totaling $107 million since 2022, according to a blockchain tracking firm.
Bleeping Computer
Hackers use new Agent Raccoon malware to backdoor US targets
A novel malware named 'Agent Raccoon' (or Agent Racoon) is being used in cyberattacks against organizations in the United States, the Middle East, and Africa.
SC Magazine
Fidelity National Financial back to ‘normal business operations’ after cyberattack
All roads in the FNF case lead to a ransomware incident, but there’s still no confirmation which group executed the attack or if a ransom was paid.
Bleeping Computer
French government recommends against using foreign chat apps
Prime Minister of France Élisabeth Borne signed a circular last week requesting all government employees to uninstall foreign communication apps such as Signal, WhatsApp, and Telegram by December 8, 2023, in favor of a French messaging app named 'Olvid.'
Bleeping Computer
VMware fixes critical Cloud Director auth bypass unpatched for 2 weeks
VMware has fixed a critical authentication bypass vulnerability in Cloud Director appliance deployments, a bug that was left unpatched for over two weeks since it was disclosed on November 14th.
SecurityWeek
Congressmen Ask DOJ to Investigate Water Utility Hack, Warning It Could Happen Anywhere
Members of Congress asked the DoJ to investigate how hackers breached the Municipal Water Authority of Aliquippa in Pennsylvania.
Bleeping Computer
Windows 10 KB5032278 update adds Copilot AI assistant, fixes 13 bugs
Microsoft has started rolling out its Copilot AI assistant to Windows 10 with the KB5032278 November 2023 non-security preview update for systems running Windows 10, version 22H2.
PCMag
Is the NSA Buying Data on Americans? Senator Wants Answers From Spy Agency
Senator Ron Wyden is vowing to block the nomination of a new NSA leader until the intelligence agency comes clean on the matter.
HACKRead
Google to Delete Inactive Gmail Accounts From Today
According to Google, once your Gmail account is deleted, it will not be possible to recover photos, files, emails, contact information, or purchases such as music, apps, movies, or books that you may have acquired using your Google account.
SecurityWeek
Staples Confirms ‘Cybersecurity Risk’ Disrupting Online Stores
Office supply retail giant confirms security incident disrupted online orders, communications channels and customer service lines.
Security Affairs
US govt sanctioned North Korea-linked APT Kimsuky
The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced sanctions against North Korea-linked APT group Kimsuky.
Cyber Security News
New Android Malware FjordPhantom Spreads Covertly Via Email, SMS, & Messaging Apps
In the ever-evolving realm of cybersecurity, Promon, a trailblazer in mobile security solutions, has brought a novel adversary—FjordPhantom.
The Cyber Express
Manipulating Hacktivist Propaganda to Collect Cyber Behavioral Threat Information
The broader government and commercial cyber threat intelligence community is missing an opportunity to not only diffuse hacktivist propaganda, but
The Cyber Wire
Ukraine at D+685: Influence operations in a winter war.
Russian disinformation seeks to reach anglophone audiences, and makes some claims that would be too far-fetched to get past a science-fiction editor.
SecurityWeek
In Other News: Utilities Targeted by Hackers, Aerospace Attacks, Killnet Leader Unmasked
Utilities in the US and Europe targeted in cyberattacks, aerospace hacking, and Killnet Russian leader unmasked.
The Hacker News
New FjordPhantom Android Malware Targets Banking Apps in Southeast Asia
Researchers uncover FjordPhantom, a sophisticated malware targeting users in Southeast Asia.
Security Affairs
Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022
The Black Basta ransomware gang infected over 300 victims accumulating ransom payments exceeding $100 million.
Cyber Security News
New SugarGh0st RAT Delivered via Malicious Windows Shortcut & JavaScript
Recently cybersecurity researchers at Cisco Talos discovered a malicious campaign that was found to delivering a new RAT dubbed "SugarGh0st."
SC Magazine
Black Basta’s ransom haul tops $100M in less than 2 years
Analysis reveals 18 of ransomware gang Black Basta’s 300-plus victims were extorted over $1 million each, with one handed over $9 million.
SecurityWeek
New 'Turtle’ macOS Ransomware Analyzed
New Turtle macOS ransomware is not sophisticated but shows that cybercriminals continue to target Apple devices.
Security Affairs
CISA adds ownCloud and Google Chrome bugs to its Known Exploited Vulnerabilities catalog
US CISA added ownCloud and Google Chrome vulnerabilities to its Known Exploited Vulnerabilities catalog......
Cyber Security News
Black Basta Ransomware Received Over $100 Million From Victims
Black Basta, a ransomware strain with more than 329 victims has been reported to have made more than $100 million in ransom payments.
SecurityWeek
US Sanctions North Korean Cyberespionage Group Kimsuky
The US has announced sanctions against North Korean cyberespionage group Kimsuky over its intelligence gathering activities.
Infosecurity News
NCSC Urges UK Water Companies to Secure Control Systems
Guidance follows US incident involving Unitronics programmable logic controllers
The Hacker News
Qakbot Takedown Aftermath: Mitigations and Protecting Against Future Threats
DOJ and FBI dismantle Qakbot malware and botnet, but is the threat really gone? Find out the aftermath and mitigation strategies.
The Hacker News
Chinese Hackers Using SugarGh0st RAT to Target South Korea and Uzbekistan
Chinese-speaking threat actor targeting Uzbekistan Ministry of Foreign Affairs and South Korean users with dangerous SugarGh0st RAT.
Infosecurity News
Apple Patches Actively Exploited iOS Zero-Days
Vulnerabilities may be linked to commercial spyware operations
The Hacker News
Discover How Gcore Thwarted Powerful 1.1Tbps and 1.6Tbps DDoS Attacks
Gcore's customer faced two massive DDoS attacks peaking at 1.1 and 1.6 Tbps. Discover the attacker's strategies and how Gcore defended against them.
The Hacker News
WhatsApp's New Secret Code Feature Lets Users Protect Private Chats with Password
WhatsApp's new Secret Code feature adds an extra layer of security to your private chats by setting unique passwords for locked chats.
The Cyber Express
The Top 5 Tech Trends to Watch Out for in 2024
Authored by Neelesh Kripalani, Chief Technology Officer, Clover Infotech Once again, we have reached that time of the year, when
SecurityWeek
Simple Attack Allowed Extraction of ChatGPT Training Data
Researchers found that a ‘silly’ attack method could have been used to trick ChatGPT into handing over training data.
Infosecurity News
UK Celebrates “World-First” Anti-Fraud Deal With Big Tech
Government says tech firms have pledged to remove malicious content
-1.webp)
Cyber Security News
Notepad++ Input Validation Flaws Leads to uncontrolled Search Path Vulnerability
Notepad++ has been discovered with an uncontrolled search path vulnerability which could allow threat actors.
The Hacker News
U.S. Treasury Sanctions North Korean Kimsuky Hackers and 8 Foreign Agents
OFAC sanctions North Korea-linked group Kimsuky and 8 agents for supporting WMD programs.
The Hacker News
Zyxel Releases Patches to Fix 15 Flaws in NAS, Firewall, and AP Devices
Zyxel released patches for 15 security issues in NAS, firewall, and AP devices. Includes 3 critical flaws allowing authentication bypass and comman
CSO
Apple patches info-stealing, zero day bugs in iPads and Macs
The vulnerabilities that can allow the leaking of sensitive information and enable arbitrary code execution have had exploitations in the wild.
The Hacker News
Zero-Day Alert: Apple Rolls Out iOS, macOS, and Safari Patches for 2 Actively Exploited Flaws
Two critical security flaws in iOS, macOS, and Safari are under attack. Find out the details of CVE-2023-42916 and CVE-2023-42917 and how they could l
Cyber Security News
WhatsApp Secret Code Feature Lets Users Set Unique Locked Chat Passwords
WhatsApp Secret Code feature provides additional protection to ensure users' private conversations remain secure and protected from unauthorized access.
Bleeping Computer
LogoFAIL attack can install UEFI bootkits through bootup logos
Multiple security vulnerabilities collectively named LogoFAIL affect image-parsing components in the UEFI code from various vendors. Researchers warn that they could be exploited to hijack the execution flow of the booting process and to deliver bootkits.
CSO
Conti-linked ransomware takes in $107 million in ransoms: Report
A ransomware campaign linked to the ostensibly defunct Conti malware group has targeted mostly US businesses, in a costly series of attacks.
HACKRead
Apple Issues Urgent Security Patches for Zero-Day Vulnerabilities
Apple has recently released security updates to tackle two zero-day vulnerabilities (CVE-2023-42916 and CVE-2023-42917) that hackers are actively exploiting.
The Record
XDSpy hackers attack military-industrial companies in Russia
A cyberespionage group known as XDSpy recently targeted Russian military-industrial enterprises, according to new research.
The Record
IoT vulnerability reporting obligations set to apply in EU from 2027
The new Cyber Resilience Act is intended to increase security standards for the Internet of Things. Manufacturers would face penalties for not properly reporting actively exploited vulnerabilities.
The Record
US sanctions North Korean ‘Kimsuky’ hackers after surveillance satellite launch
The U.S. partnered with several nations in the Pacific to hand down sanctions on North Korea — particularly the country’s Kimsuky cyber espionage group — after the country launched a surveillance satellite last week.
The Record
HHS warns of ‘Citrix Bleed’ attacks after hospital outages
The U.S. Department of Health and Human Services is warning hospitals and healthcare facilities across the country to patch a vulnerability known as “Citrix Bleed” that is being used in attacks by ransomware gangs.
The Record
Cyber Command, NSA nominee now double-blocked
Air Force Lt. Gen. Timothy Haugh was already subject to a long-running blockade of nominations in the Senate. Now Sen. Ron Wyden is holding it up as leverage to get more information about the NSA's potential connections with the data broker industry.
The Record
Russian developer of Trickbot malware pleads guilty, faces 35-year sentence
According to court documents, Vladimir Dunaev, 40, was a member of a cybercriminal organization that deployed Trickbot to steal money and install ransomware on victims’ computers.
The Record
EU Council president proposes ‘European cyber force’ with ‘offensive capabilities’
There should be “a European cyber force … equipped with offensive capabilities,” according to the president of the European Council, which sets the EU's political priorities.
The Record
Ukraine appoints new cyber chief following ouster of top officials
The Ukrainian government has appointed Yury Myronenko, a decorated serviceman and air defense commander, as head of one of its main cybersecurity agencies amid a corruption probe.
Trend Micro
Opening Critical Infrastructure: The Current State of Open RAN Security
The Open Radio Access Network (ORAN) architecture provides standardized interfaces and protocols to previously closed systems. However, our research on ORAN demonstrates the potential threat posed by malicious xApps that are capable of compromising the entire Ran Intelligent Controller (RIC) subsystem.
The Record
60 credit unions facing outages due to ransomware attack on popular tech provider
The ransomware attack targeted the cloud services provider Ongoing Operations, a company owned by credit union technology firm Trellance.
The Record
iPhones and Macs get patches for two vulnerabilities
The bugs affect iPhone XS and later; several models of iPads; and Macs running macOS Monterey, Ventura or Sonoma.
CyberScoop
Anti-Israel hacking campaign highlights danger of internet-connected devices
The Iran-linked Cyber Av3ngers hacking crew has targeted water facilities in Pennsylvania and elsewhere in the United States.
Security Affairs
Apple addressed 2 new iOS zero-day vulnerabilities
Apple released emergency security updates to fix two actively exploited zero-day flaws impacting iPhone, iPad, and Mac devices.
Bleeping Computer
US govt sanctions North Korea’s Kimsuky hacking group
The Treasury Department's Office of Foreign Assets Control (OFAC) has sanctioned the North Korean-backed Kimsuky hacking group for stealing intelligence in support of the country's strategic goals.
SC Magazine
Zoom flaw enabled hijacking of accounts with access to meetings, team chat
Ethical hackers at AppOmni claimed a $5,000 bug bounty for discovering the Zoom Rooms vulnerability, disclosed at a conference last summer.
Bleeping Computer
WhatsApp's new Secret Code feature hides your locked chats
WhatsApp has introduced a new Secret Code feature that allows users to hide their locked chats by setting a custom password.
Bleeping Computer
Get 20% off Emsisoft's Enterprise Security EDR solution for the holidays
Emsisoft is having a holiday deal where you can get 20% off 1-year licenses of the Emsisoft Enterprise Security EDR solution through December 17th, 2023, with no license limits.
PCMag
Apple: Hackers Might Be Exploiting This WebKit Flaw to Attack iPhones
Apple releases a patch to fix two actively exploited bugs in WebKit, the browser engine for Safari.
SC Magazine
What can you get for $200? Several megabytes of ChatGPT training data
The DeepMind researchers it was possible to launch a “Prompt Injection Attack” to extract more training data by spending more money querying the model.
Bleeping Computer
Apple fixes two new iOS zero-days in emergency updates
Apple released emergency security updates to fix two zero-day vulnerabilities exploited in attacks and impacting iPhone, iPad, and Mac devices, reaching 20 zero-days patched since the start of the year.
SecurityWeek
Apple Patches WebKit Flaws Exploited on Older iPhones
Cupertino's security response team said it was aware of a report the flaws were already exploited against versions of iOS before iOS 16.7.1.
Bleeping Computer
Capital Health Hospitals hit by cyberattack causing IT outages
Capital Health hospitals and physician offices across New Jersey are experiencing IT outages after a cyberattack hit the non-profit organization's network earlier this week.
Security Affairs
Critical Zoom Room bug allowed to gain access to Zoom Tenants
A critical vulnerability in Zoom Room allowed threat actors to take over meetings and steal sensitive data.
HACKRead
Android Banking Malware FjordPhantom Steals Funds Via Virtualization
Currently, the FjordPhantom malware appears to be active in Southeast Asia, covering countries including Malaysia, Thailand, Indonesia, Singapore, and Vietnam.
PCMag
Staples Hit by Cyberattack, Temporarily Halts Online Order Processing
The incident disrupts Staples' customer service and the company's ability to fulfill online orders.
SC Magazine
Fewer cybersecurity professionals losing their jobs in breach ‘blame’ game
Cybersecurity job security, vendor loyalty and board support after a breach were covered in a survey of 500 CISOs.
Bleeping Computer
Cactus ransomware exploiting Qlik Sense flaws to breach networks
Cactus ransomware has been exploiting critical vulnerabilities in the Qlik Sense data analytics solution to get initial access on corporate networks.
Bleeping Computer
Staples confirms cyberattack behind service outages, delivery issues
American office supply retailer Staples took down some of its systems earlier this week after a cyberattack to contain the breach's impact and protect customer data.
SC Magazine
Google 0-day browser bug under attack, patch available
One of the seven security updates Google released Nov. 28 for its Chrome browser is under active exploitation in the wild.
Ars Technica
ChatGPT is one year old. Here’s how it changed the tech world.
Examining 365 days with OpenAI's bot: The good, the bad, the ugly—and the productive?
HACKRead
68% of US Websites Exposed to Bot Attacks
The conclusion was reached after researchers evaluated over 9,500 of the largest transactional websites in terms of traffic, encompassing sectors such as banking, e-commerce, and ticketing businesses.
SecurityWeek
Major Security Flaws in Zyxel Firewalls, Access Points, NAS Devices
Zyxel patches at least 15 security flaws that expose users to authentication bypass, command injection and denial-of-service attacks.
Infosecurity News
North Korean Hackers Amass $3bn in Cryptocurrency Heists
Stolen cryptocurrency is converted into fiat currency using stolen identities and manipulated photos
Cyber Security News
SSNDOB Marketplace Admin Jailed for Selling millions of Americans Data
Law enforcement executed decisive seizure orders against SSNDOB Marketplace's domain names, extinguishing its malevolent presence.
Infosecurity News
Manufacturing Top Targeted Industry in Record-Breaking Cyber Extortion
Orange Cyberdefense’s Security Navigator listed the manufacturing sector as number one for both detected cyber incidents and confirmed cyber-attacks
CyberNews
Hacktivism and its impacts on mental health
Hacktivism and its lesser-known impacts on mental health
Bleeping Computer
Zyxel warns of multiple critical vulnerabilities in NAS devices
Zyxel has addressed multiple security issues, including three critical ones that could allow an unauthenticated attacker to execute operating system commands on vulnerable network-attached storage (NAS) devices.
Ars Technica
Sam Altman officially back as OpenAI CEO: “We didn’t lose a single employee”
Altman forgives Sutskever; Microsoft will serve observer role on new OpenAI board.
Ars Technica
How Huawei made a cutting-edge chip in China and surprised the US
China's flagship smartphone maker pulled off the feat despite sanctions.
Infosecurity News
FjordPhantom Android Malware Targets Banks With Virtualization
Promon said one FjordPhantom attack resulted in a substantial loss of approximately $280,000
Bleeping Computer
FjordPhantom Android malware uses virtualization to evade detection
A new Android malware named FjordPhantom has been discovered using virtualization to run malicious code in a container and evade detection.
SecurityWeek
Meta Takes Action Against Multiple Foreign Influence Campaigns
Meta removed three foreign influence operations from the Facebook platform during Q3, 2023: Two were Chinese in origin, and one was Russian.
Infosecurity News
RedLine Stealer Malware Deployed Via ScrubCrypt Evasion Tool
The new ScrubCrypt obfuscation tool is designed to avoid antivirus protections
The Hacker News
Google Unveils RETVec - Gmail's New Defense Against Spam and Malicious Emails
Google introduces RETVec, a powerful text vectorizer, to bolster Gmail's defense against spam and malicious emails.
SecurityWeek
Qlik Sense Vulnerabilities Exploited in Ransomware Attacks
Qlik Sense vulnerabilities CVE-2023-41266, CVE-2023-41265 and CVE-2023-48365 exploited for initial access in Cactus ransomware attacks.
SecurityWeek
Black Basta Ransomware Group Received Over $100 Million From 90 Victims
The Black Basta ransomware group has infected over 300 victims and received more than $100 million in ransom payments.
Cyber Security News
Is Your Online Store Hacked in a Carding Attack? Here's an Action Plan to Protect
Carding attacks primarily target information embedded in payment cards, such as credit or debit cards,The attackers, known as carders.
Cyber Security News
Google Researchers Find Out How ChatGPT Queries Can Collect Personal Data
Recently, cybersecurity researchers at Google discovered how threat actors can exploit ChatGPT queries to collect personal data.
SecurityWeek
US Sanctions Cryptocurrency Mixer Sinbad for Aiding North Korean Hackers
US Treasury sanctions Sinbad, saying the cryptocurrency mixer is laundering funds for North Korean hacking group Lazarus.
Infosecurity News
Booking.com Customers Scammed in Novel Social Engineering Campaign
The sophisticated campaign has led to customers having their money stolen by cybercriminals
The Cyber Wire
Ukraine at D+684: A hacktivist auxiliary is actively recruiting.
NATO conducts its annual cyber exercise against a background of hybrid war, heightened cyber espionage, and increased activity on the part of hacktivist auxiliaries.
SecurityWeek
Palo Alto Networks Unveils New Rugged Firewall for Industrial Environments
Palo Alto Networks has launched a new rugged firewall for industrial environments and announced several OT security improvements.
CyberNews
Fortune-telling website exposes 13M+ user records
WeMystic data leak expose platform's users.
The Hacker News
North Korea's Lazarus Group Rakes in $3 Billion from Cryptocurrency Hacks
DPRK threat actors have stolen an estimated $3 billion in crypto assets, with $1.7 billion taken in 2022 alone.
The Hacker News
This Free Solution Provides Essential Third-Party Risk Management for SaaS
Wing Security offers FREE third-party risk assessment for SaaS, enhancing cybersecurity in the digital era. Learn more in this article.
SecurityWeek
Dollar Tree Impacted by ZeroedIn Data Breach Affecting 2 Million Individuals
ZeroedIn says personal information of 2 million individuals was compromised in an August 2023 data breach that impacts Dollar Tree.
The Hacker News
7 Uses for Generative AI to Enhance Security Operations
Generative AI is transforming cybersecurity! Discover how it detects and prevents threats like malware and phishing in real-time.
The Hacker News
CACTUS Ransomware Exploits Qlik Sense Vulnerabilities in Targeted Attacks
A CACTUS ransomware campaign has been observed exploiting vulnerabilities in the Qlik Sense cloud analytics and business intelligence platform.
CyberNews
Russia-linked Black Basta ransomware has extorted at least $100 million
Black Basta, which is believed to be a faction of the notorious Russian Conti ransomware gang, has raked in at least $107 million in ransom payments.
SecurityWeek
Google's RETVec Open Source Text Vectorizer Bolsters Malicious Email Detection
Google shows how RETVec, a new and open source text vectorizer, can improve the detection of phishing attacks and spam.
Cyber Security News
New Android Malware Employs Various Tactics to Deceive Malware Analyst
cybercriminals employ ever more sophisticated forms of malware, with code obfuscation standing out as a deceptive technique.
Infosecurity News
Thousands of Dollar Tree Staff Hit by Supplier Breach
Incident at Zeroed-In Technologies happened in August
SecurityWeek
CISA Debuts 'Secure by Design' Alert Series
New CISA alerts shed light on the harm occurring when software vendors fail to implement secure by design principles.
CyberNews
Japan’s JAXA space agency admits cyberattack
Japan’s space agency says it was targeted by a cyberattack, local media and government officials report.
Infosecurity News
Okta Admits All Customer Support Users Impacted by Breach
Exposure is limited to names and emails for most
SecurityWeek
Hundreds of Malicious Android Apps Target Iranian Mobile Banking Users
Zimperium has identified over 200 information-stealing Android applications targeting mobile banking users in Iran.
Cyber Security News
DJvu Ransomware Mimic as Cracked Software to Compromise Computers
A recent campaign has been observed to be delivering DJvu ransomware through a loader that pretends to be freeware or cracked software.
Infosecurity News
Black Basta Ransomware Group Makes $100m Since 2022
Researchers identify scores of cryptocurrency payments
The Cyber Express
NoEscape Ransomware Group Strikes Again, Claims Science History Institute Data Breach
NoEscape ransomware group has listed Science History Institute on its dark web portal. Science History Institute shares stories of significant
CyberNews
Crypto Mixer Sinbad hit with OFAC sanctions for helping DPRK hackers
Sinbad operated on the Bitcoin blockchain and was a preferred mixing service for North Korea’s threat actors.
The Cyber Express
US Treasury Sanctions Sinbad.io for Alleged Role in Lazarus Group’s Money Laundering
In a significant move to combat cyber-enabled criminal activities, the U.S. Department of the Treasury's Office of Foreign Assets Control
Cyber Security News
Okta Hack: Threat Actors Downloaded all Customer Support System Users' Data
Okta Security has unearthed additional intricacies surrounding the unauthorized intrusion into its customer support system.
The Cyber Express
Honey Birdette Data Breach Linked to 8Base Hacker Group, Lingerie Brand Yet to Confirm
Luxury lingerie brand Honey Birdette seems to have become the latest target of the notorious 8Base ransomware group. The hacker
CyberNews
US car dealer admits data breach
Berglund Management Group has disclosed a data breach that may have affected more than 50,000 people in the US.
Cyber Security News
Defend Ransomware Attacks With Top Effective Proactive Measures in 2024
We’re currently living in an age where digital threats loom large. Among these, ransomware has emerged as a formidable adversary, disrupting businesses and individuals alike. This malicious software, designed to encrypt data and demand payment for its release, poses significant challenges in terms of security and data integrity. Understanding and implementing a proactive ransomware protection […]
CSO
Okta confirms recent hack affected all customers within the affected system
Contrary to its earlier analysis, Okta has confirmed that all of its customer support system users are affected by the recent security incident.
CyberNews
DARPA $20M AI challenge kick off delayed until Dec 11th
The kick-off for Open Track registration for DARPA’s first-ever AI Cyber Challenge (AIxCC) is rescheduled until December 11.
The Hacker News
U.S. Treasury Sanctions Sinbad Cryptocurrency Mixer Used by North Korean Hackers
The U.S. Treasury Department has imposed sanctions against a virtual currency mixer called Sinbad.
Security Affairs
Rhysida ransomware group hacked King Edward VII’s Hospital
The Rhysida ransomware group claimed to have hacked King Edward VII’s Hospital in London.....................
CyberNews
Elon Musk says "Go F**k Yourself" to advertisers who left X over antisemitic content
Billionaire Elon Musk told advertisers that have fled his social media platform X over antisemitic content to "Go fuck yourself" in a fiery Wednesday interview.
CSO
Amazon debuts biometric security device, updates Detective and GuardDuty
Amazon’s latest security offerings, announced at its re:Invent conference, cover everything from advanced biometrics to new tools for defeating runtime and cloud threats, including identity and access management (IAM) capabilities.
CSO
Almost all developers are using AI despite security concerns, survey suggests
About 96% of developers are using AI tools and nearly eight out of 10 coders are bypassing security policies to use them, while placing unfounded trust into AI’s competence and security, according to the report by Snyk.
Ars Technica
2 municipal water facilities report falling to hackers in separate breaches
The facilities, in Pennsylvania and Texas, serve more than 2 million residents.
The Record
More than $100 million in ransom paid to Black Basta gang over nearly 2 years
Research from blockchain security company Elliptic and Corvus Insurance tracks payments made to the Black Basta group since its apparent inception in early 2022.
The Record
Russian and Chinese interference networks are ‘building audiences’ ahead of 2024, warns Meta
Influence operations from Russia and China are ramping up on social media in the run-up to several key elections that will take place in 2024, Meta said in a new report.
The Record
Thanksgiving hack on North Carolina city caused leak of employee data
A city in North Carolina is warning government employees that data from its systems may have been accessed in a pre-Thanksgiving holiday incident.
The Record
Russian region launches chatbot to report ‘extremist’ neighbors
Named “The Agent is Writing,” the chatbot is available on Telegram. It was created by the anti-terrorism commission in Primorsky Krai, located in Russia's far east.
The Record
Suspected China-based hackers target Uzbekistan gov’t, South Koreans, Cisco says
Hackers believed to be based in China are targeting the Uzbekistan Ministry of Foreign Affairs, as well as people in South Korea, with a strain of malware called SugarGh0st, according to a new report.
The Record
Meta sues FTC, seeking to block new rules for children’s data
Meta filed a lawsuit challenging the constitutionality of the Federal Trade Commission’s structure Wednesday, two days after a federal judge refused to block the commission from prohibiting the tech giant from monetizing all youth data and limiting its use of facial recognition technology.
The Record
Judge: FTC can move forward with plans to impose tough new privacy restrictions on Meta
A federal judge will not stop the Federal Trade Commission (FTC) from intensifying restrictions it previously imposed on Meta as part of a record-breaking $5 billion privacy settlement.
The Record
Latest severe Chrome bug prompts CISA warning
A severe vulnerability that led Google to issue an emergency update of the Chrome browser has been exploited on the open internet, the Cybersecurity and Infrastructure Security Agency (CISA) confirmed Thursday.
PCMag
US Warns of Iranian Hackers Targeting Water Facilities
The US Cybersecurity and Infrastructure Security Agency issues the warning after Iranian hackers reportedly breached a water supplier in Pennsylvania.
Bleeping Computer
Dollar Tree hit by third-party data breach impacting 2 million people
Discount store chain Dollar Tree was impacted by a third-party data breach affecting 1,977,486 people after the hack of service provider Zeroed-In Technologies.
Bleeping Computer
Dollar Tree hit by third-party data breach impacting 2 million customers
Discount store chain Dollar Tree was impacted by a third-party data breach affecting 1,977,486 customers after the hack of service provider Zeroed-In Technologies.
Ars Technica
Stable Diffusion Turbo XL can generate AI images as fast as you can type
Even at home, SDXL Turbo can create detailed images with startling speed.
SC Magazine
Critical ownCloud bug ‘actively exploited’ after disclosure
No confirmed hacking incidents tied to the ownCloud vulnerability has highest severity CVSS score of 10, publicly disclosed Nov. 21.
HACKRead
Zoom Vulnerability Allowed Hackers to Take Over Meetings, Steal Data
The Zoom vulnerability was originally discovered in June 2023. Despite the discovery being made earlier, the details were only publicly disclosed on November 28, 2023.
HACKRead
US Seizes Bitcoin Mixer Sinbad.io Used by Lazarus Group
According to the US government, Sinbad.io provided its services to the Lazarus group to launder money stolen from numerous data breaches, including those affecting Horizon Bridge, Axie Infinity, and Atomic Wallet.
Bleeping Computer
SIM swapper gets 8 years in prison for account hacks, crypto theft
Amir Hossein Golshan, 25, was sentenced to eight years in prison by a Los Angeles District Court and ordered to pay $1.2 million in restitution for crimes involving SIM swapping, merchant fraud, support fraud, account hacking, and cryptocurrency theft.
Bleeping Computer
Microsoft starts testing new Windows 11 Energy Saver feature
Microsoft has started testing a new Windows 11 Energy Saver feature that helps customers extend their portable computers' battery life.
Security Affairs
Google addressed a new Chrome Zero-Day vulnerability
Google released security updates to address a new actively exploited zero-day vulnerability, tracked as CVE-2023-6345, in the Chrome browser.
SC Magazine
All Okta customer support users exposed in October breach, company discloses
While Okta did not report how many customers were affected, the company’s website says more than 18,000 customers use its platform.
Bleeping Computer
Black Basta ransomware made over $100 million from extortion
Russia-linked ransomware gang Black Basta has raked in at least $100 million in ransom payments from more than 90 victims since it first surfaced in April 2022, according to joint research from Corvus Insurance and Elliptic.
Bleeping Computer
Hackers breach US water facility via exposed Unitronics PLCs
CISA (Cybersecurity & Infrastructure Security Agency) is warning that threat actors breached a U.S. water facility by hacking into Unitronics programmable logic controllers (PLCs) exposed online.
HACKRead
Cybercriminals Exploit ActiveMQ Flaw to Spread GoTitan Botnet, PrCtrl Rat
The recently discovered GoTitan botnet is built on the Golang programming language, whereas PrCtrl Rat is a .NET program.
Ars Technica
Amazon unleashes Q, an AI assistant for the workplace
Aimed at the office, Amazon Q can summarize docs and assist with programming tasks.
Bleeping Computer
Japanese Space Agency JAXA hacked in summer cyberattack
The Japan Aerospace Exploration Agency (JAXA) was hacked in a cyberattack over the summer, potentially compromising sensitive space-related technology and data.
Infosecurity News
GoTitan Botnet and PrCtrl RAT Exploit Apache Vulnerability
Fortiguard Labs identified multiple threat actors leveraging CVE-2023-46604, despite patches
Bleeping Computer
US seizes Sinbad crypto mixer used by North Korean Lazarus hackers
The U.S. Department of the Treasury has sanctioned the Sinbad cryptocurrency mixing service for its use as a money-laundering tool by the North Korean Lazarus hacking group.
Ars Technica
Report: Apple and Goldman Sachs are breaking up over money-losing Apple Card
Goldman Sachs has lost billions of dollars on its consumer-focused businesses.
Infosecurity News
DeleFriend Weakness Puts Google Workspace Security at Risk
Hunters’ Team Axon said the flaw could lead to the unauthorized access of emails in Gmail and more
SecurityWeek
Keyless Goes Independent, Raises $6M for Biometric Authentication
British startup building biometric authentication technology has snagged $6 million in a new round of funding led by Rialto Ventures.
PCMag
Okta: October Breach Actually Affected All Customer Support Users
The breach was originally believed to have only hit 134 corporate clients, but Okta now says it involved the 'names and email addresses of all Okta customer support system users.'
CyberNews
Digital wallets and the rise of the identity trojan
Identity trojans in the age of digital wallets and decentralized identity
Bleeping Computer
How Continuous Pen Testing Protects Web Apps from Emerging Threats
The nature and ubiquity of modern web apps make them rife for targeting by hackers. Learn more from Outpost24 about the value of continuous monitoring to secure modern web apps.
CyberNews
Okta breach impacts all of its customers
Okta data breach impacted all of its users.
SecurityWeek
Okta Broadens Scope of Data Breach: All Customer Support Users Affected
Okta expands scope of October breach, saying hackers stole names and email addresses of all its customer support system users.
Cyber Security News
GoTitan Botnet Actively Exploiting Apache ActiveMQ Vulnerability
Attackers are exploiting the recently discovered critical security vulnerability tracked as (CVE-2023-46604) affecting Apache ActiveMQ.
The Cyber Wire
Ukraine at D+683: Disinformation operations.
Russian leaders advance an expansive and ethnocentric narrative of the Russian world to justify Russian expansion.
Cyber Security News
Cybercriminals are Showing Hesitation to Utilize AI When Executing Cyber Attacks
Media reports highlight the sale of LLMs like WormGPT and FraudGPT on underground forums for cyberattacks.
Infosecurity News
AI Boosts Malware Detection Rates by 70%
New research has found that AI is significantly more accurate than traditional techniques at detecting malicious malware
Cyber Security News
Vigil: Open-source Security Scanner for LLM Models Like ChatGPT
To analyze the LLM model like ChatGPT open-source, introduced the ‘Vigil’ is a Python module and REST API for security scanner.
CyberNews
Texas water utility claimed by ransom gang
Supplier to nearly two million residents of the Lone Star state has been claimed as a victim by the ransomware gang Daixin.
SecurityWeek
New BLUFFS Bluetooth Attack Methods Can Have Large-Scale Impact: Researcher
An academic researcher demonstrates BLUFFS, six novel attacks targeting Bluetooth sessions’ forward and future secrecy.
Cyber Security News
Slovenia’s Biggest Power Provider has Suffered a Cyberattack
HSE one of the biggest power providers in Slovenia was targeted by a serious cyberattack and control system as well as fire alarms.
Bleeping Computer
Okta: October data breach affects all customer support system users
Okta's investigation into the breach of its Help Center environment last month revealed that the hackers obtained data belonging to all customer support system users.
The Hacker News
Iranian Hackers Exploit PLCs in Attack on Water Authority in U.S.
Iranian-backed hacktivist group Cyber Av3ngers exploited Unitronics PLCs to target the Municipal Water Authority of Aliquippa in Western Pennsylvania.
CyberNews
KidSecurity’s user data compromised after app failed to set password
KidSecurity tracking app exposed sensitive data.
SecurityWeek
CISA Warns of Unitronics PLC Exploitation Following Water Utility Hack
After hackers compromised ICS at a US water utility, CISA issued a warning over the exploitation of the targeted Unitronics PLC.
CyberNews
China's ride-hailing giant Didi offers coupons to apologize for app glitch
China's Didi Global is offering millions of its customers coupons worth 10 yuan ($1.40) as part of an apology for a glitch that hit its ride-hailing app this week.
The Cyber Express
General Electric Data Breach: Hacker Claims Sale of Leaked GE Information
The notorious hacker, operating under the alias IntelBroker, has purportedly claimed to have successfully sold a collection of allegedly stolen
SecurityWeek
Google Patches Seventh Chrome Zero-Day of 2023
The latest Chrome security update addresses the seventh exploited zero-day vulnerability documented in the browser in 2023.
SecurityWeek
Five Cybersecurity Predictions for 2024
Cybersecurity predictions for 2024 to help security professionals in prioritizing efforts to navigate the ever-changing threat landscape.
CyberNews
In the age of AI, “authentic” is Merriam-Webster’s word of 2023
Merriam-Webster, a publishing company known for its dictionaries, has chosen “authentic” as its word of the year, highlighting the impact of the rise of AI.
CyberNews
Google Drive files mysteriously disappearing, users report
Google said that it was investigating after users reported that months’ worth of files had suddenly disappeared from their Drive storage.
The Cyber Express
First American Title Insurance Settles $1M Breach Case with NY Authorities
The NY State Department of Financial Services has reached a $1 million settlement with First American Title Insurance Co. for
Security Affairs
Okta reveals additional attackers' activities in October 2023 Breach
Cloud identity and access management solutions provider Okta revealed additional threat actor activity linked to the October 2023 breach.
Cyber Security News
Genesis Market Technique: Hackers Exploited Node.js and EV Certificates
Trend Micro Managed XDR team has uncovered a malevolent symphony echoing the tactics employed by the infamous Genesis Market.
CyberSecurity Dive
CISA warns of threat groups exploiting Unitronics PLCs in water treatment hacks
The Unitronics warning follows an Iran-linked hack of a Pennsylvania water treatment facility.
SecurityWeek
Google Will Start Deleting ‘Inactive’ Accounts in December. Here’s What You Need to Know
Under Google’s updated inactive-account policy, accounts that haven’t been used in at least two years can be deleted.