Latest action by the US Supreme Court has inched social media giant TikTok towards an outright ban in the US unless the platform is sold to a US firm. On January 17, the US Supreme Court rejected a free speech challenge filed by ByteDance, the Chinese owner of TikTok, over a bill requiring ByteDance
Jan 17, 2025Ravie LakshmananFirmware Security / Vulnerability Cybersecurity researchers have disclosed three security flaws in Planet Technology’s WGS-804HPT industrial switches that could be chained to achieve pre-authentication remote code execution on susceptible devices. “These switches are widely used in building and home automation systems for a variety of networking applications,” Claroty’s Tomer Goldschmidt said in
Real estate scams have been rising across the Middle East as scammers exploit the trust associated with online listings and the urgency often felt when securing a property. With the increasing use of digital platforms for property searches, many users skip essential verification steps, leaving them vulnerable to fraudsters. Group-IB’s latest analysis, published today, highlights
Jan 16, 2025Ravie LakshmananSpear Phishing / Threat Intelligence The Russian threat actor known as Star Blizzard has been linked to a new spear-phishing campaign that targets victims’ WhatsApp accounts, signaling a departure from its longstanding tradecraft in a likely attempt to evade detection. “Star Blizzard’s targets are most commonly related to government or diplomacy (both
A new initiative aimed at improving collaboration on artificial intelligence (AI) cybersecurity across critical infrastructure has been introduced by the Cybersecurity and Infrastructure Security Agency (CISA) in the US. The JCDC AI Cybersecurity Collaboration Playbook provides detailed guidance for AI developers, providers and adopters on voluntarily sharing cybersecurity information with CISA and its Joint Cyber
Jan 15, 2025Ravie LakshmananMalvertising / Malware Cybersecurity researchers have alerted to a new malvertising campaign that’s targeting individuals and businesses advertising via Google Ads by attempting to phish for their credentials via fraudulent ads on Google. “The scheme consists of stealing as many advertiser accounts as possible by impersonating Google Ads and redirecting victims to
The Biden-Harris Administration has introduced a new Interim Final Rule on Artificial Intelligence Diffusion aimed at enhancing US national security and preventing the misuse of advanced US technology by countries of concern. The rule strengthens protections against misuse of advanced AI technologies by countries of concern. Measures defined in the new rule include: Continuing restrictions on
Jan 14, 2025Ravie LakshmananEndpoint Security / Vulnerability Microsoft has shed light on a now-patched security flaw impacting Apple macOS that, if successfully exploited, could have allowed an attacker running as “root” to bypass the operating system’s System Integrity Protection (SIP) and install malicious kernel drivers by loading third-party kernel extensions. The vulnerability in question is
A cyber-espionage campaign targeting diplomatic entities in Kazakhstan and Central Asia has been linked to the Russia-aligned intrusion setUAC-0063. According to recent findings by cybersecurity firm Sekoia, the campaign involved weaponized Microsoft Word documents designed to deliver HatVibe and CherrySpy malware, collecting strategic intelligence on Kazakhstan’s diplomatic and economic relations. Infection Chain and Malware Analysis Sekoia’s
Jan 13, 2025Ravie LakshmananVulnerability / Cloud Security A recently disclosed critical security flaw impacting the Aviatrix Controller cloud networking platform has come under active exploitation in the wild to deploy backdoors and cryptocurrency miners. Cloud security firm Wiz said it’s currently responding to “multiple incidents” involving the weaponization of CVE-2024-50603 (CVSS score: 10.0), a maximum
US dental and medical billing firm Medusind is notifying over 360,000 customers that their personal, financial and medical data may have been accessed by a cybercriminal actor. The breach relates to a cyber incident that took place back on December 29, 2023, and was discovered later the same day. After taking affected systems offline, Medusind
Jan 11, 2025Ravie LakshmananFinancial Crime / Cryptocurrency The U.S. Department of Justice (DoJ) on Friday indicted three Russian nationals for their alleged involvement in operating the cryptocurrency mixing services Blender.io and Sinbad.io. Roman Vitalyevich Ostapenko and Alexander Evgenievich Oleynik were arrested on December 1, 2024, in coordination with the Netherlands’ Financial Intelligence and Investigative Service,
A large-scale cyber-attack originating from outside Slovakia’s borders has hit the information system of the Office of Geodesy, Cartography and Cadastre of the Slovak Republic (UGKK). The UGKK is used by the cadastral departments to record and manage information about land and property. All systems have been shut down as a response to the incident.
Jan 11, 2025Ravie LakshmananAI Security / Cybersecurity Microsoft has revealed that it’s pursuing legal action against a “foreign-based threat–actor group” for operating a hacking-as-a-service infrastructure to intentionally get around the safety controls of its generative artificial intelligence (AI) services and produce offensive and harmful content. The tech giant’s Digital Crimes Unit (DCU) said it has
Cybercriminals are impersonating CrowdStrike recruiters to distribute a cryptominer on victim devices. CrowdStrike said it identified phishing campaign exploiting its recruitment branding on January 7. The campaign starts with a phishing email, which purports to part of the cybersecurity firm’s recruitment process. The email invites the target to schedule an interview for a junior developer
Jan 10, 2025Ravie LakshmananCybersecurity / Android Cybersecurity researchers have detailed a now-patched security flaw impacting Monkey’s Audio (APE) decoder on Samsung smartphones that could lead to code execution. The high-severity vulnerability, tracked as CVE-2024-49415 (CVSS score: 8.1), affects Samsung devices running Android versions 12, 13, and 14. “Out-of-bounds write in libsaped.so prior to SMR Dec-2024
Two significant security vulnerabilities have been identified in the Fancy Product Designer premium plugin, which allows the customization of WooCommerce products. The issues remain unpatched in the latest version, 6.4.3, affecting WordPress websites using the plugin. The plugin, developed by Radykal, has over 20,000 sales and enables extensive product customization. However, Patchstack researchers discovered two
Jan 09, 2025Ravie LakshmananVulnerability / Endpoint Security Palo Alto Networks has released software patches to address several security flaws in its Expedition migration tool, including a high-severity bug that an authenticated attacker could exploit to access sensitive data. “Multiple vulnerabilities in the Palo Alto Networks Expedition migration tool enable an attacker to read Expedition database
The US has launched a Cyber Trust Mark for Internet of Things (IoT) devices, enabling consumers to easily assess the cybersecurity standards of such products when making purchasing decisions. Consumer smart device manufacturers that qualify for the Cyber Trust Mark will soon able to display a trademarked, distinct shield logo on their products. This will
Cybersecurity researchers have found that bad actors are continuing to have success by spoofing sender email addresses as part of various malspam campaigns. Faking the sender address of an email is widely seen as an attempt to make the digital missive more legitimate and get past security mechanisms that could otherwise flag it as malicious.
Security researchers have identified multiple attack scenarios targeting MLOps platforms like Azure Machine Learning (Azure ML), BigML and Google Cloud Vertex AI, among others. According to a new research article by Security Intelligence, Azure ML can be compromised through device code phishing, where attackers steal access tokens and exfiltrate models stored in the platform. This
Jan 07, 2025Ravie LakshmananFirmware Security / Malware Cybersecurity researchers have uncovered firmware security vulnerabilities in the Illumina iSeq 100 DNA sequencing instrument that, if successfully exploited, could permit attackers to brick or plant persistent malware on susceptible devices. “The Illumina iSeq 100 used a very outdated implementation of BIOS firmware using CSM [Compatibility Support Mode]
A supply chain attack targeting key components of the Ethereum development ecosystem has affected the Nomic Foundation and Hardhat platforms. The attackers infiltrated the ecosystem using malicious npm packages, exfiltrating sensitive data such as private keys, mnemonics and configuration files. Attack Details and Methodology This attack, discovered by Socket, involves the distribution of 20 malicious
Jan 06, 2025Ravie LakshmananRegulatory Compliance / Data Privacy The Indian government has published a draft version of the Digital Personal Data Protection (DPDP) Rules for public consultation. “Data fiduciaries must provide clear and accessible information about how personal data is processed, enabling informed consent,” India’s Press Information Bureau (PIB) said in a statement released Sunday.
The co-founder and former CEO of a cryptocurrency business has been extradited to the US to face fraud charges. South Korean national Do Hyeong Kwon, 33, appeared in a Manhattan court on Thursday after being extradited from Montenegro on Tuesday. Between 2018 and 2022, he is accused of defrauding investors in Terraform cryptocurrencies, resulting in
Jan 04, 2025Ravie LakshmananMalware / VPN Security Cybersecurity researchers have flagged a new malware called PLAYFULGHOST that comes with a wide range of information-gathering features like keylogging, screen capture, audio capture, remote shell, and file transfer/execution. The backdoor, according to Google’s Managed Defense team, shares functional overlaps with a known remote administration tool referred to
Atos Group has refuted a recent claim by ransomware group Space Bears that the firm’s database had been compromised by the threat actors. In a statement issued on January 3, the French IT giant said that the allegations made by Space Bears were unfounded. “No infrastructure managed by Atos was breached, no source code accessed,
Jan 04, 2025Ravie LakshmananVulnerability / Software Security A high-severity security flaw has been disclosed in ProjectDiscovery’s Nuclei, a widely-used open-source vulnerability scanner that, if successfully exploited, could allow attackers to bypass signature checks and potentially execute malicious code. Tracked as CVE-2024-43405, it carries a CVSS score of 7.4 out of a maximum of 10.0. It
The US government has issued sanctions against a China-based cybersecurity company for its involvement in a large-scale botnet targeting American organizations, including critical infrastructure. Beijing-based Integrity Technology Group has been accused of playing a role in multiple computer intrusion incidents that have been attributed to Flax Typhoon, a Chinese malicious state-sponsored cyber group that has
Jan 03, 2025Ravie LakshmananMachine Learning / Vulnerability Cybersecurity researchers have shed light on a new jailbreak technique that could be used to get past a large language model’s (LLM) safety guardrails and produce potentially harmful or malicious responses. The multi-turn (aka many-shot) attack strategy has been codenamed Bad Likert Judge by Palo Alto Networks Unit
- 1
- 2
- 3
- …
- 120
- Next Page »