Socia media giant Meta is resuming its controversial plans to use Facebook and Instagram user posts to train generative AI (GenAI). The practice is effectively banned in the EU at present after the Irish Data Protection Commission (DPC) requested the firm pause its project, in a move Meta branded as “a step backwards for European
Month: September 2024
Sep 16, 2024Ravie LakshmananSpyware / Threat Intelligence Apple has filed a motion to “voluntarily” dismiss its lawsuit against commercial spyware vendor NSO Group, citing a shifting risk landscape that could lead to exposure of critical “threat intelligence” information. The development was first reported by The Washington Post on Friday. The iPhone maker said its efforts,
A case involving a medical record hack affecting hundreds of patients and employees at a Pennsylvania healthcare company has been settled for a record-breaking $65m. Filed in March 2023, the case involved nearly 135,000 patients and employees of Lehigh Valley Health Network (LVHN), an independent healthcare network based in Pennsylvania. The plaintiffs, represented by class-action
Sep 13, 2024Ravie LakshmananVirtual Reality / Vulnerability Details have emerged about a now-patched security flaw impacting Apple’s Vision Pro mixed reality headset that, if successfully exploited, could allow malicious attackers to infer data entered on the device’s virtual keyboard. The attack, dubbed GAZEploit, has been assigned the CVE identifier CVE-2024-40865. “A novel attack that can
Read more about disinformation campaigns targeting the US Presidential Elections Malicious actors are spreading false claims that US voter registration databases have been breached, according to a new alert issued by the FBI and the Cybersecurity and Infrastructure Security Agency (CISA). The agencies said the claims are designed to manipulate public opinion and undermine confidence
Video, Ransomware ESET research also finds that CosmicBeetle attempts to exploit the notoriety of the LockBit ransomware gang to advance its own ends 13 Sep 2024 This week, ESET researchers published a deep dive into the recent activities of the CosmicBeetle cybercrime group. Among other notable things, CosmicBeetle was found to abuse the infamy of
Sep 14, 2024Ravie LakshmananEnterprise Security / Threat Intelligence Ivanti has revealed that a newly patched security flaw in its Cloud Service Appliance (CSA) has come under active exploitation in the wild. The high-severity vulnerability in question is CVE-2024-8190 (CVSS score: 7.2), which allows remote code execution under certain circumstances. “An OS command injection vulnerability in
Ireland’s data protection authorities have launched a probe into Google’s AI model, and whether it complies with GDPR. The Irish Data Protection Commission (DPC), An Coimisiún um Chosaint Sonraí, is the EU’s lead privacy regulator for Google. The DPC has opened a cross-border statutory inquiry into Google Ireland, under Section 110 of the Data Protection
Scams Learn about the main tactics used by scammers impersonating Best Buy’s tech support arm and how to avoid falling for their tricks Phil Muncaster 11 Sep 2024 • , 5 min. read For three decades, Geek Squad has been a trusted name in tech for anyone needing IT support. The Best Buy subsidiary dispenses
Sep 13, 2024Ravie LakshmananEnterprise Security / Vulnerability Cybersecurity researchers have uncovered a new malware campaign targeting Linux environments to conduct illicit cryptocurrency mining. The activity, which specifically singles out the Oracle Weblogic server, is designed to deliver malware dubbed Hadooken, according to cloud security firm Aqua. “When Hadooken is executed, it drops a Tsunami malware
Nearly all (95%) version upgrades of open source software contain at least one breaking change that causes other components to fail, with patches having a 75% chance of causing a break, according to Endor Labs. The security vendor revealed the findings in its third annual Dependency Management Report, which is based on Endor Labs vulnerability
ESET researchers have mapped the recent activities of the CosmicBeetle threat actor, documenting its new ScRansom ransomware and highlighting connections to other well-established ransomware gangs. CosmicBeetle actively deploys ScRansom to SMBs in various parts of the world. While not being top notch, the threat actor is able to compromise interesting targets. CosmicBeetle replaced its previously
Sep 12, 2024Ravie LakshmananWeb Security / Content Management WordPress.org has announced a new account security measure that will require accounts with capabilities to update plugins and themes to activate two-factor authentication (2FA) mandatorily. The enforcement is expected to come into effect starting October 1, 2024. “Accounts with commit access can push updates and changes to
Microsoft heaped more work onto sysadmins this week after fixing four zero-day vulnerabilities being actively exploited in the wild. First on the list is CVE-2024-43491 – a CVSS 9.8 remote code execution (RCE) bug in Microsoft Windows Update which requires no privileges or user interaction, and of low attack complexity. “This vulnerability emerged due to a
Sep 11, 2024Ravie LakshmananWindows Security / Vulnerability Microsoft on Tuesday disclosed that three new security flaws impacting the Windows platform have come under active exploitation as part of its Patch Tuesday update for September 2024. The monthly security release addresses a total of 79 vulnerabilities, of which seven are rated Critical, 71 are rated Important,
SonicWall customers have been urged to patch a critical vulnerability in their firewalls after security researchers warned it is being actively exploited in ransomware attacks. The CVSS 9.3-rated vulnerability (CVE-2024-40766) was originally published on August 22 by the security vendor, before an update on September 6 claimed it was being actively exploited. “An improper access
Sep 09, 2024Ravie LakshmananVulnerability / Hardware Security A novel side-channel attack has been found to leverage radio signals emanated by a device’s random access memory (RAM) as a data exfiltration mechanism, posing a threat to air-gapped networks. The technique has been codenamed RAMBO by Dr. Mordechai Guri, the head of the Offensive Cyber Research Lab
London’s transport authority has confirmed that several services are temporarily suspended, as it scrambles to respond to a cyber-attack that occurred a week ago. Transport for London (TfL) first revealed news of the incident on the evening of September 2 but played down its impact on transport services in the capital. However, an update on
Sep 09, 2024Ravie LakshmananCyber Attack / Threat Intelligence A previously undocumented threat actor with likely ties to Chinese-speaking groups has predominantly singled out drone manufacturers in Taiwan as part of a cyber attack campaign that commenced in 2024. Trend Micro is tracking the adversary under the moniker TIDRONE, stating the activity is espionage-driven given the
The US, UK and seven other governments have accused the Russian military of launching cyber-attacks targeting critical infrastructure for espionage and sabotage purposes. The joint advisory, published on September 5, highlighted the cyber activities of Unit 29155, which the agencies assess to be affiliated with the Main Directorate of the General Staff of the Armed
Video The schemes disproportionately victimize senior citizens, as those aged 60 or over were more than three times as likely as younger adults to fall prey to the scams 06 Sep 2024 Consumers in the United States lost more than $114 million to scams involving Bitcoin ATMs (BTMs) last year, with the figure soaring ten-fold
Sep 07, 2024Ravie LakshmananCybercrime / Dark Web Two men have been indicted in the U.S. for their alleged involvement in managing a dark web marketplace called WWH Club that specializes in the sale of sensitive personal and financial information. Alex Khodyrev, a 35-year-old Kazakhstan national, and Pavel Kublitskii, a 37-year-old Russian national, have been charged
Read more about the international crackdown on spyware US Moves to Ban “Anti-Democratic” Spyware US Cracks Down on Spyware with Visa Restrictions Governments and Tech Giants Unite Against Commercial Spyware Global scrutiny on hack-for-hire services and spyware tools has heightened over the past few months, with many countries strengthening their legal response to human rights
Business Security Would a more robust cybersecurity posture impact premium costs? Does the policy offer legal cover? These are some of the questions organizations should consider when reviewing their cyber insurance options Tony Anscombe 04 Sep 2024 • , 3 min. read There must be a consideration of the ethical question of contributing to the
Sep 07, 2024Ravie LakshmananCyber Security / Malware Threat actors affiliated with North Korea have been observed leveraging LinkedIn as a way to target developers as part of a fake job recruiting operation. These attacks employ coding tests as a common initial infection vector, Google-owned Mandiant said in a new report about threats faced by the
A new software supply chain attack is being exploited in the wild, according to security researchers. The technique targets Python applications distributed via the Python Package Index, or PyPI. Researchers at software supply chain security firm JFrog believe that the attack, dubbed “Revival Hijack,” could affect 22,000 existing Python packages. That, in turn, could lead
ESET Research ESET researchers discuss HotPage, a recently discovered adware armed with a highest-privilege, yet vulnerable, Microsoft-signed driver ESET Research 05 Sep 2024 • , 1 min. read Usually when someone mentions adware, people think of low-quality half-baked malicious code used to spam victims with sketchy ads. But as we explain in this episode of
Sep 06, 2024Ravie LakshmananWordPress / Webinar Security Cybersecurity researchers have discovered yet another critical security flaw in the LiteSpeed Cache plugin for WordPress that could allow unauthenticated users to take control of arbitrary accounts. The vulnerability, tracked as CVE-2024-44000 (CVSS score: 7.5), impacts versions before and including 6.4.1. It has been addressed in version 6.5.0.1.
The US government has set out measures to improve the security for a key part of the internet. The Office of the National Cyber Director (ONCD) has released a roadmap to improve internet routing security, by tackling weaknesses associated with the Border Gateway Protocol (BGP). The ONCD’s roadmap calls for wider adoption of Resource Public
Malware Sometimes there’s more than just an enticing product offer hiding behind an ad Márk Szabó 03 Sep 2024 • , 3 min. read One thing is true: Malware developers are deeply invested in improving their malware and exploring different ways to compromise end users. Malware spreading through ads is nothing new; for a long