Security News

2024-12-31

Claude uses AI to identify new security threats by leveraging advanced natural language processing to analyze patterns and anomalies in real-time, providing proactive threat detection.

Read more

Chinese APT exploited a BeyondTrust API key to gain unauthorized access to U.S. Treasury systems, extracting sensitive documents in a significant cybersecurity breach.

Read more

New HIPAA rules mandate healthcare providers to restore critical data within 72 hours and conduct annual compliance audits to enhance patient data protection.

Read more

North Korean threat actors deployed OtterCookie malware in the Contagious Interview campaign. This JavaScript malware uses Socket.IO to communicate with a C2 server, enabling shell commands for data theft, including files, clipboard data, and cryptocurrency wallet keys.

Read more

2024-12-11

Russia has pioneered a new model of drug trafficking using darknet markets and cryptocurrency for payment, with physical 'dead drops' for delivery. Russian platforms like Kraken and Mega now dominate 93% of global darknet markets, generating $1.5 billion in revenue in 2023.

Read more

Attackers are distributing corrupted Word documents that bypass security scans, only to show QR codes leading to credential theft sites after user or automated recovery processes assemble the malware.

Read more

UPenn researchers demonstrated how language model-powered robots could be manipulated into dangerous behaviors using automated jailbreak prompts, such as planning explosions and driving off bridges.

Read more

President Yoon Suk Yeol of South Korea has declared emergency martial law, citing opposition-controlled parliament and alleged North Korean sympathies.

Read more

Attackers compromised a GitHub account to publish backdoored versions of Solana's Web3.js library, which could steal private keys from decentralized apps.

Read more

Threat actors are abusing Cloudflare's pages.dev and workers.dev domains for phishing campaigns, leveraging their trusted reputation and built-in SSL.

Read more

iVerify's new spyware detection tool uncovered Pegasus infections in 7 out of 2,500 customer device scans, targeting not just activists but also business leaders and government officials.

Read more

The FBI reports criminals are increasingly using AI to enhance scams, creating realistic text, images, and videos for romance, investment, and job fraud.

Read more

Russian agents planted spyware on a programmer's Android phone during a forced detention in Moscow, using a trojanized version of Cube Call Recorder with surveillance capabilities.

Read more

OpenAI is collaborating with Anduril to develop AI-powered anti-drone systems for the U.S. military, building on Anduril's recent defense contract win.

Read more

US Special Forces have ordered 10 NERVA-LG robotic systems for tactical missions, marking their first major investment in unmanned ground vehicles.

Read more

Apple secured a patent for a system capable of identifying individuals without visible facial features, using data such as walking style and clothing.

Read more

Russia's Gamaredon hacking group is using Cloudflare Tunnels to conceal infrastructure while deploying GammaDrop malware against Ukrainian targets.

Read more

SailPoint found a critical directory traversal vulnerability (CVE-2024-10905) in their IdentityIQ platform that scores 10/10 CVSS and allows unauthorized file access.

Read more

Matt Johansen has launched Vulnerable Media, a technical marketing agency specializing in cybersecurity content and campaigns, after taking Vulnerable U full-time.

Read more

Cybersecurity journalist Brian Krebs continues investigating cybercrime despite years of threats and harassment, including swatting attempts and malicious mail.

Read more

Russian courts sentenced 15 members of the Hydra dark web marketplace, including a life sentence for its creator, after the site facilitated $5 billion in cryptocurrency transactions.

Read more

2024-12-07

China has deeply compromised thousands of US telco networks according to Senator Mark Warner. The attack, carried out by "Salt Typhoon," involves persistent access requiring device replacements and may include wiretapping capabilities.

Read more

Volexity uncovered Russian APT28 hackers targeting neighboring organizations to exploit WiFi networks. Using password spraying and lateral movement, the group bypassed MFA-less systems to infiltrate high-value targets.

Read more

Apple issued urgent patches for iOS, iPadOS, macOS, visionOS, and Safari to fix two zero-day vulnerabilities, CVE-2024-44308 and CVE-2024-44309, addressing potential code execution and XSS risks.

Read more

The Danish Navy detained the Chinese bulk carrier Yi Peng 3 for allegedly damaging undersea telecom cables in the Baltic Sea, affecting connections between Finland, Germany, Sweden, and Lithuania.

Read more

Crowdstrike reported that China-linked group Liminal Panda has targeted telecom networks in South Asia and Africa since 2020, exploiting protocols like SIGTRAN and GSM for intelligence collection.

Read more

Crum & Forster launched a new liability insurance policy for CISOs, covering consulting work and even pro bono IT security activities, protecting against personal liability.

Read more

Google blocked over 1,000 pro-China propaganda websites operated by "Glassbridge," a network of four Chinese firms masquerading as legitimate news outlets.

Read more

Researchers uncovered Russia scaling up disinformation campaigns using AI-generated Western personas. Techniques include fake profile pictures and coordinated posts to disseminate anti-Ukraine narratives more effectively.

Read more

2024-11-19

Palo Alto Networks has released Indicators of Compromise (IoCs) for a new zero-day vulnerability affecting their firewalls.

Read more

VMware confirmed that threat actors are exploiting two vCenter Server vulnerabilities, CVE-2024-38812 and CVE-2024-38813, which were first disclosed at the 2024 Matrix Cup hacking competition.

Read more

Cybersecurity researchers have disclosed a high-severity security flaw in the PostgreSQL open-source database system. Tracked as CVE-2024-10979 with a CVSS score of 8.8, the flaw could allow unprivileged users to alter environment variables, potentially leading to code execution or information disclosure.

Read more

2024-11-12

Six critical flaws have been found in the Ollama AI framework, potentially allowing denial-of-service, model theft, and poisoning attacks.

Read more

The FBI is warning about a rise in hacked police emails being used to send fake subpoenas and emergency data requests (EDRs) to U.S. tech companies. Attackers target low-security organizations with high trust, compromising them to gain access to data, permissions, and restricted authorization.

Read more

Google's AI security assessment tool, Big Sleep, found a zero-day vulnerability in the SQLite database engine, marking the first instance where AI uncovered a flaw missed by traditional testing.

Read more

The FBI is asking the public for help in identifying Chinese hackers in groups like APT31 and APT41.

Read more

CrowdStrike has launched new AI Red Team Services to identify vulnerabilities in AI systems and provide guidance on how to fix them.

Read more

Synology is telling users to patch a critical zero-click RCE bug, CVE-2024-10443, affecting millions of DiskStation and BeePhotos NAS devices. Synology advises caution about exposing NAS devices to the internet.

Read more

Nokia is investigating a potential breach after a hacker, IntelBroker, claimed to have stolen their source code from a third-party vendor. The data includes SSH keys, source code, and RSA keys, accessed via default credentials on a SonarQube server.

Read more

Canada has ordered TikTok Technology Canada to shut down, citing national security risks. This decision closes the company’s Canadian operations but does not restrict Canadians from using TikTok.

Read more

Researchers from George Mason University have introduced Mantis, a framework using prompt injections to counterattack against prompt injection attacks, potentially misdirecting or compromising attackers' systems.

Read more

The U.S. is tightening rules on foreign real estate deals near military bases, adding 60 installations to the CFIUS scrutiny list. This follows the forced closure of a Chinese-owned crypto mine near F.E. Warren Air Force Base.

Read more

2024-11-04

An investigation by French newspaper Le Monde revealed that bodyguards of leaders such as Joe Biden and Donald Trump have used the Strava fitness app, inadvertently disclosing sensitive locations. For instance, the app revealed a San Francisco hotel where President Biden met with Chinese President Xi Jinping.

Read more

Password manager LastPass has alerted users to scammers promoting a fraudulent support number, 805-206-2892, through 5-star reviews on its Chrome extension. Calling this number directs users to download a remote support program that is actually malware.

Read more

Researchers have successfully created voice-based financial scams, like unauthorized bank transfers and credential theft, using the new real-time API in ChatGPT-4o. The scams showed success rates ranging from 20-60%.

Read more

Cisco Talos discovered five out-of-bounds vulnerabilities in NVIDIA's shader processing technology and eleven separate issues affecting LevelOne routers.

Read more

Okta has patched a critical issue allowing logins without a password if a username exceeded 52 characters. How this passed through extensive testing remains baffling.

Read more

The US has charged Russian national Maxim Rudometov for creating the RedLine infostealer, following access to the malware's source code and infrastructure.

Read more

The U.S. military has confirmed its first purchase of OpenAI products for AFRICOM, signifying a step towards integrating AI into national security operations.

Read more

Bellingcat identified the location where Hamas leader Yahya Sinwar was killed in southern Gaza's Tal as-Sutlan area, using IDF footage and distinct visual markers such as a gazebo and residential tower.

Read more