In a move likely fueled by intensifying antitrust scrutiny, Microsoft is exiting OpenAI and stepping down from its non-voting observer seat of the AI company's board of directors. This comes just days after reports suggested Apple might take a similar observer role, but now the Cupertino giant has also opted out. show more ...
A threat actor known as "ghostr" on the XSS forum has claimed responsibility for a significant data breach targeting the Arabian Travel Agency, a prominent travel company based in the UAE. The Arabian Travel Agency data breach, which allegedly occurred in June 2024, compromised a substantial amount of show more ...
A new security vulnerability has been discovered within select versions of the OpenSSH secure networking suite, potentially exposing systems to remote code execution (RCE) risks. Tracked under CVE-2024-6409 with a CVSS score of 7.0, this OpenSSH vulnerability affects versions 8.7p1 and 8.8p1 of OpenSSH, specifically show more ...
Nokia Corporation, a prominent Finnish telecommunications and technology company, reportedly fell victim to a data breach. According to reports on BreachForums, a threat actor identified as 888 disclosed that over 7,622 records containing personally identifiable information (PII) of Nokia employees were compromised. show more ...
A threat actor has claimed responsibility for orchestrating a cyberattack on Neiman Marcus, the luxury retailer in the U.S. The Neiman Marcus data breach claims come just days after the group issued a notification to its customers regarding a massive leak that occurred in May 2024, potentially exposing sensitive show more ...
On the second Tuesday of July 2024, Microsoft Corporation issued its latest round of security updates, marking another Patch Tuesday update. This month's release addresses a total of 139 vulnerabilities across various Microsoft products, including Windows operating systems and other software. Among these show more ...
A Threat Actor (TA) has claimed to have orchestrated a data breach from Microsoft which allegedly compromises sensitive data of over 2,000 employees. The notorious TA, operating under the pseudonym, 888, shared that the data was allegedly compromised in an undisclosed third-party breach in July 2024, but the data has show more ...
In a significant move to thwart cyberattacks, Microsoft China has mandated that its employees transition from using Android smartphones to iPhones. This decision highlights the increasing importance of cybersecurity and data protection in corporate operations, especially in regions where geopolitical dynamics can show more ...
The U.S. Federal Bureau of Investigation (FBI), along with the domestic Cyber National Mission Force and several international intelligence agencies, have uncovered a sophisticated Russian-backed operation that used an artificial intelligence-powered bot farm to spread disinformation on social media platforms. The show more ...
CISA has added two zero-day vulnerabilities from the cluster of vulnerabilities fixed in this month’s patch Tuesday. In its latest patch Tuesday release for July 2024, Microsoft has addressed a total of 138 vulnerabilities, including two zero-day exploits that have been actively exploited in the wild. These show more ...
Cybersecurity researchers observed an Android surveillance campaign active since October 2019 that has targeted the military personnel of various countries in the Middle East. The researchers believe the operation has ties to a Houthi-aligned threat actor. Referred to as "GuardZoo," the spyware has infected show more ...
Google has introduced a significant enhancement to its Advanced Protection Program (APP), catering specifically to high-risk users with the introduction of passkeys. The Google passkey aims to upgrade account security by offering an alternative to traditional physical security keys. Until now, users looking to enroll show more ...
Fujitsu, the renowned Japanese tech giant, has confirmed a data breach that compromised personal and business information of some individuals and customers. The Fujitsu data breach, discovered earlier this year, did not involve ransomware but utilized sophisticated mechanisms to evade detection while exfiltrating show more ...
Evolve Bank & Trust, a financial institution with both traditional banking and open banking services, disclosed a data breach impacting a staggering 7.64 million individuals. The Arkansas-based bank initially believed a "hardware failure" caused system disruptions in late May, but an investigation revealed show more ...
The City of Philadelphia has disclosed about data breach that occurred in May 2023, impacting the personal information of 35,881 individuals. This revelation came through a filing with the Office of Maine's Attorney General. On July 8, 2024, the City of Philadelphia sent out written notifications to those show more ...
A critical vulnerability in the widely used RADIUS authentication protocol could allow attackers to gain unauthorized access to networks and devices, researchers have discovered. The flaw, dubbed "Blast-RADIUS," affects a protocol that has functioned as a cornerstone of modern network infrastructure. RADIUS, show more ...
The Russia-based cybercrime group dubbed “Fin7,” known for phishing and malware attacks that have cost victim organizations an estimated $3 billion in losses since 2013, was declared dead last year by U.S. authorities. But experts say Fin7 has roared back to life in 2024 — setting up thousands of show more ...
Simple malware and simple TTPs play against a backdrop of complex geopolitical conflict in the Arab world.
The case alleges a third-party marketer for the exercise giant improperly used customer chat data to train its AI models.
Software-as-a-service company Command Zero launches with a platform for investigating cybersecurity incidents that aims to minimize the grunt work.
The bot farm was created using AI-enhanced software that was able to create a host of different false personas to spread disinformation in convincing and unsettling ways.
_Federico_Caputo_Alamy.jpg)
Businesses need to find a balance between harnessing the benefits of AI assistants and safeguarding sensitive information — maintaining trust with employees and clients.
The more sensitive data an organization collects, the more at risk it is to a cyberattack. Here's how to limit the damage.
The novel malware targets Spanish-speaking users via malicious Google Drive links, and taps a popular C++ library to evade detection.
Likely two separate threat actors are using the just-patched CVE-2024-38112 in targeted, concurrent infostealer campaigns.
Even the NSA leaves bugs in its software. In this case, it's the kind of cross-site issue that regularly slips past developers.
_ArtemisDiana_Alamy.jpg)
The tech giant has rolled out passkey support for account authentication within its Advanced Protection Program to complement existing compatibility with FIDO2 hardware keys.
As part of Microsoft's July 2024 Patch Tuesday, 142 flaws were addressed, including two zero-days actively exploited and two publicly disclosed. Five critical vulnerabilities were fixed, all related to remote code execution.
Cryptocurrency exchange hacks and exploits are on the rise, with $1.38bn stolen in the first half of 2024, double the amount stolen in 2023. While it is lower than the record-breaking $2bn stolen in 2022, the surge may be due to higher token prices.
This vulnerability, known as Blast RADIUS and rated 7.5 out of 10 on the severity scale, affects the RADIUS networking protocol, potentially granting unauthorized access to network devices and services without credentials.
Monocle is an open-source tool powered by an LLM for searching natural language in compiled binaries. It can analyze binaries based on criteria like authentication code or password strings, using Ghidra headless for decompilation.
A vulnerability in certain versions of the OpenSSH secure networking suite may allow for remote code execution. The vulnerability, identified as CVE-2024-6409 with a CVSS score of 7.0, affects specific versions of OpenSSH such as 8.7p1 and 8.8p1.
The CISA is developing a new framework to assess the trustworthiness of open-source software projects. The agency's open-source software security roadmap aims to increase visibility into OSS use and risks across the federal government.
Hackers are targeting a vulnerability in the Modern Events Calendar WordPress plugin found on over 150,000 websites to upload files and execute code remotely. The plugin by Webnus is used to manage events.
The cybersecurity arm of the UK government, RITICS, has released a new guide to assist companies in enhancing the security of their operational technology (OT) and industrial control system (ICS) hardware.
Approximately 68 malicious packages were created between May 26 and June 23, 2024, with deceptive names like cdnjquery and jquertyi. These packages were manually crafted, unlike automated attacks, allowing the threat actor to steal website form data.
A recent Next DLP poll revealed that 73% of cybersecurity professionals used unauthorized apps, including AI, last year. Top concerns were data loss, lack of control, and breaches, with 10% admitting to a breach due to these tools.
The Department of Justice investigated around 1,000 accounts on social media platform X, previously Twitter, which were used by the Kremlin to spread pro-Moscow propaganda created by the AI-driven Meliorator software.
Phishing messages impersonating the Regional Transport Office have been circulating since 2024, claiming traffic violations and prompting users to download a malicious APK named "VAHAN PARIVAHAN.apk".
Research shows that 75% of CISOs are considering a job change due to various challenges and pressures. CISOs often face accountability for cyber incidents and compliance failures, leading to discontent.
The vulnerabilities added include CVE-2024-23692 affecting Rejetto HTTP File Server, CVE-2024-38080 impacting Windows Hyper-V, and CVE-2024-38112 targeting Windows MSHTML Platform.
QuoIntelligence discovered the operation called Ticket Heist, with convincing websites selling fake Olympic tickets. The prices on these websites are much higher than the official ones.
The Senate Armed Services Committee presented the NDAA for fiscal year 2025, totaling $923.3 billion for defense funding. This includes $878.4 billion for the Pentagon and $33.4 billion for national security programs under the Department of Energy.
Ubuntu Security Notice 6890-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. It was discovered that show more ...
Gentoo Linux Security Advisory 202407-25 - Multiple vulnerabilities have been discovered in Buildah, the worst of which could lead to privilege escalation. Versions greater than or equal to 1.35.3 are affected.
Ubuntu Security Notice 6889-1 - It was discovered that .NET did not properly handle object deserialization. An attacker could possibly use this issue to cause a denial of service. Radek Zikmund discovered that .NET did not properly manage memory. An attacker could use this issue to cause a denial of service or show more ...
Gentoo Linux Security Advisory 202407-24 - A vulnerability has been discovered in HarfBuzz, which can lead to a denial of service. Versions greater than or equal to 7.1.0 are affected.
Ubuntu Security Notice 6881-1 - It was discovered that Exim did not enforce STARTTLS sync point on client side. An attacker could possibly use this issue to perform response injection during MTA SMTP sending.
Ubuntu Security Notice 6888-1 - Elias Myllymäki discovered that Django incorrectly handled certain inputs with a large number of brackets. A remote attacker could possibly use this issue to cause Django to consume resources or stop responding, resulting in a denial of service. It was discovered that Django show more ...
Ubuntu Security Notice 6887-1 - Philippos Giavridis, Jacky Wei En Kung, Daniel Hugenroth, and Alastair Beresford discovered that the OpenSSH ObscureKeystrokeTiming feature did not work as expected. A remote attacker could possibly use this issue to determine timing information about keystrokes.
Red Hat Security Advisory 2024-4451-03 - An update for dotnet8.0 is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2024-4450-03 - An update for dotnet8.0 is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2024-4447-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Issues addressed include code execution, null pointer, and use-after-free vulnerabilities.
Red Hat Security Advisory 2024-4443-03 - An update for toolbox is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
Red Hat Security Advisory 2024-4439-03 - An update for dotnet6.0 is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2024-4438-03 - An update for dotnet6.0 is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2024-4432-03 - An update for libvirt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2024-4431-03 - An update for libreswan is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
Red Hat Security Advisory 2024-4430-03 - An update for perl-HTTP-Tiny is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
Red Hat Security Advisory 2024-4429-03 - An update for containernetworking-plugins is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
Red Hat Security Advisory 2024-4427-03 - An update for fence-agents is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
Red Hat Security Advisory 2024-4425-03 - An update for openstack-cinder, openstack-glance, and openstack-nova is now available for Red Hat OpenStack Platform 16.1.
Red Hat Security Advisory 2024-4422-03 - An update for fence-agents is now available for Red Hat Enterprise Linux 9.
Red Hat Security Advisory 2024-4421-03 - An update for the python39:3.9 is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2024-4420-03 - An update for the virt:rhel and virt-devel:rhel modules is now available for Red Hat Enterprise Linux 8.10.
Red Hat Security Advisory 2024-4316-03 - Red Hat OpenShift Container Platform release 4.16.2 is now available with updates to packages and images that fix several bugs and add enhancements.
This archive contains three proof of concepts exploit for multiple Microsoft SharePoint remote code execution vulnerabilities.
The sophisticated malware known as ViperSoftX has been observed being distributed as eBooks over torrents. "A notable aspect of the current variant of ViperSoftX is that it uses the Common Language Runtime (CLR) to dynamically load and run PowerShell commands, thereby creating a PowerShell environment within AutoIt for operations," Trellix security researchers Mathanraj Thangaraju and Sijo Jacob
Select versions of the OpenSSH secure networking suite are susceptible to a new vulnerability that can trigger remote code execution (RCE). The vulnerability, tracked as CVE-2024-6409 (CVSS score: 7.0), is distinct from CVE-2024-6387 (aka RegreSSHion) and relates to a case of code execution in the privsep child process due to a race condition in signal handling. It only impacts versions 8.7p1
Cryptocurrency analysts have shed light on an online marketplace called HuiOne Guarantee that's widely used by cybercriminals in Southeast Asia, particularly those linked to pig butchering scams. "Merchants on the platform offer technology, data, and money laundering services, and have engaged in transactions totaling at least $11 billion," Elliptic said in a report shared with The Hacker News.
The Problem The “2024 Attack Intelligence Report” from the staff at Rapid7 [1] is a well-researched, well-written report that is worthy of careful study. Some key takeaways are: 53% of the over 30 new vulnerabilities that were widely exploited in 2023 and at the start of 2024 were zero-days. More mass compromise events arose from zero-day vulnerabilities than from n-day vulnerabilities.
Microsoft has released patches to address a total of 143 security flaws as part of its monthly security updates, two of which have come under active exploitation in the wild. Five out of the 143 flaws are rated Critical, 136 are rated Important, and four are rated Moderate in severity. The fixes are in addition to 33 vulnerabilities that have been addressed in the Chromium-based Edge browser
It’s the age of identity security. The explosion of driven ransomware attacks has made CISOs and security teams realize that identity protection lags 20 years behind their endpoints and networks. This realization is mainly due to the transformation of lateral movement from fine art, found in APT and top cybercrime groups only, to a commodity skill used in almost every ransomware attack. The
Google on Wednesday announced that it's making available passkeys for high-risk users to enroll in its Advanced Protection Program (APP). "Users traditionally needed a physical security key for APP — now they can choose a passkey to secure their account," Shuvo Chatterjee, product lead of APP, said. Passkeys are considered a more secure and phishing-resistant alternative to passwords. Based on
A now-patched security flaw in Veeam Backup & Replication software is being exploited by a nascent ransomware operation known as EstateRansomware. Singapore-headquartered Group-IB, which discovered the threat actor in early April 2024, said the modus operandi involved the exploitation of CVE-2023-27532 (CVSS score: 7.5) to carry out the malicious activities. Initial access to the target
As security challenges loom large on the IoT landscape, how can we effectively counter the risks of integrating our physical and digital worlds?
Source: www.databreachtoday.com – Author: 1 Finance & Banking , Fraud Management & Cybercrime , Incident & Breach Response Stolen Data Includes Names, Social Security and Bank Account Numbers, Contact Info David Perera (@daveperera) • July 9, 2024 LockBit hackers stole the information of show more ...
Source: www.databreachtoday.com – Author: 1 AI-Based Attacks , Artificial Intelligence & Machine Learning , Fraud Management & Cybercrime Military Omnibus Bill Includes Focus on Cybersecurity, Countering Drone Technology Chris Riotta (@chrisriotta) • July 9, 2024 The nearly $1 trillion bill show more ...
Source: www.databreachtoday.com – Author: 1 Breach Notification , Cybercrime , Fraud Management & Cybercrime Stolen Data Includes Patient Medical Information, According to Breach Notification Marianne Kolbasuk McGee (HealthInfoSec) • July 9, 2024 Image: FBCS A Pennsylvania-based debt collector show more ...
Source: www.databreachtoday.com – Author: 1 Artificial Intelligence & Machine Learning , Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime Meliorator Software Generates Social Media Bots David Perera (@daveperera) • July 9, 2024 Affiliates of the Russian propaganda network RT show more ...
Source: www.databreachtoday.com – Author: 1 Recruitment & Reskilling Strategy , Training & Security Leadership CISO Sam Curry, CMO Red Curry on Out-of-the-Box Thinkers, Alliance Builders, Rebels Steve King • July 9, 2024 77 Minutes Red Curry, CMO, Tautuk – formerly vFortified; Sam show more ...
