Security News
2024-12-31
Claude uses AI to identify new security threats by leveraging advanced natural language processing to analyze patterns and anomalies in real-time, providing proactive threat detection.
Read moreChinese APT exploited a BeyondTrust API key to gain unauthorized access to U.S. Treasury systems, extracting sensitive documents in a significant cybersecurity breach.
Read moreNew HIPAA rules mandate healthcare providers to restore critical data within 72 hours and conduct annual compliance audits to enhance patient data protection.
Read moreNorth Korean threat actors deployed OtterCookie malware in the Contagious Interview campaign. This JavaScript malware uses Socket.IO to communicate with a C2 server, enabling shell commands for data theft, including files, clipboard data, and cryptocurrency wallet keys.
Read more2024-12-11
Russia has pioneered a new model of drug trafficking using darknet markets and cryptocurrency for payment, with physical 'dead drops' for delivery. Russian platforms like Kraken and Mega now dominate 93% of global darknet markets, generating $1.5 billion in revenue in 2023.
Read moreAttackers are distributing corrupted Word documents that bypass security scans, only to show QR codes leading to credential theft sites after user or automated recovery processes assemble the malware.
Read moreUPenn researchers demonstrated how language model-powered robots could be manipulated into dangerous behaviors using automated jailbreak prompts, such as planning explosions and driving off bridges.
Read morePresident Yoon Suk Yeol of South Korea has declared emergency martial law, citing opposition-controlled parliament and alleged North Korean sympathies.
Read moreAttackers compromised a GitHub account to publish backdoored versions of Solana's Web3.js library, which could steal private keys from decentralized apps.
Read moreThreat actors are abusing Cloudflare's pages.dev and workers.dev domains for phishing campaigns, leveraging their trusted reputation and built-in SSL.
Read moreiVerify's new spyware detection tool uncovered Pegasus infections in 7 out of 2,500 customer device scans, targeting not just activists but also business leaders and government officials.
Read moreThe FBI reports criminals are increasingly using AI to enhance scams, creating realistic text, images, and videos for romance, investment, and job fraud.
Read moreRussian agents planted spyware on a programmer's Android phone during a forced detention in Moscow, using a trojanized version of Cube Call Recorder with surveillance capabilities.
Read moreOpenAI is collaborating with Anduril to develop AI-powered anti-drone systems for the U.S. military, building on Anduril's recent defense contract win.
Read moreUS Special Forces have ordered 10 NERVA-LG robotic systems for tactical missions, marking their first major investment in unmanned ground vehicles.
Read moreApple secured a patent for a system capable of identifying individuals without visible facial features, using data such as walking style and clothing.
Read moreRussia's Gamaredon hacking group is using Cloudflare Tunnels to conceal infrastructure while deploying GammaDrop malware against Ukrainian targets.
Read moreSailPoint found a critical directory traversal vulnerability (CVE-2024-10905) in their IdentityIQ platform that scores 10/10 CVSS and allows unauthorized file access.
Read moreMatt Johansen has launched Vulnerable Media, a technical marketing agency specializing in cybersecurity content and campaigns, after taking Vulnerable U full-time.
Read moreCybersecurity journalist Brian Krebs continues investigating cybercrime despite years of threats and harassment, including swatting attempts and malicious mail.
Read moreRussian courts sentenced 15 members of the Hydra dark web marketplace, including a life sentence for its creator, after the site facilitated $5 billion in cryptocurrency transactions.
Read more2024-12-07
China has deeply compromised thousands of US telco networks according to Senator Mark Warner. The attack, carried out by "Salt Typhoon," involves persistent access requiring device replacements and may include wiretapping capabilities.
Read moreVolexity uncovered Russian APT28 hackers targeting neighboring organizations to exploit WiFi networks. Using password spraying and lateral movement, the group bypassed MFA-less systems to infiltrate high-value targets.
Read moreApple issued urgent patches for iOS, iPadOS, macOS, visionOS, and Safari to fix two zero-day vulnerabilities, CVE-2024-44308 and CVE-2024-44309, addressing potential code execution and XSS risks.
Read moreThe Danish Navy detained the Chinese bulk carrier Yi Peng 3 for allegedly damaging undersea telecom cables in the Baltic Sea, affecting connections between Finland, Germany, Sweden, and Lithuania.
Read moreCrowdstrike reported that China-linked group Liminal Panda has targeted telecom networks in South Asia and Africa since 2020, exploiting protocols like SIGTRAN and GSM for intelligence collection.
Read moreCrum & Forster launched a new liability insurance policy for CISOs, covering consulting work and even pro bono IT security activities, protecting against personal liability.
Read moreGoogle blocked over 1,000 pro-China propaganda websites operated by "Glassbridge," a network of four Chinese firms masquerading as legitimate news outlets.
Read moreResearchers uncovered Russia scaling up disinformation campaigns using AI-generated Western personas. Techniques include fake profile pictures and coordinated posts to disseminate anti-Ukraine narratives more effectively.
Read more2024-11-19
Palo Alto Networks has released Indicators of Compromise (IoCs) for a new zero-day vulnerability affecting their firewalls.
Read moreVMware confirmed that threat actors are exploiting two vCenter Server vulnerabilities, CVE-2024-38812 and CVE-2024-38813, which were first disclosed at the 2024 Matrix Cup hacking competition.
Read moreCybersecurity researchers have disclosed a high-severity security flaw in the PostgreSQL open-source database system. Tracked as CVE-2024-10979 with a CVSS score of 8.8, the flaw could allow unprivileged users to alter environment variables, potentially leading to code execution or information disclosure.
Read more2024-11-12
Six critical flaws have been found in the Ollama AI framework, potentially allowing denial-of-service, model theft, and poisoning attacks.
Read moreThe FBI is warning about a rise in hacked police emails being used to send fake subpoenas and emergency data requests (EDRs) to U.S. tech companies. Attackers target low-security organizations with high trust, compromising them to gain access to data, permissions, and restricted authorization.
Read moreGoogle's AI security assessment tool, Big Sleep, found a zero-day vulnerability in the SQLite database engine, marking the first instance where AI uncovered a flaw missed by traditional testing.
Read moreThe FBI is asking the public for help in identifying Chinese hackers in groups like APT31 and APT41.
Read moreCrowdStrike has launched new AI Red Team Services to identify vulnerabilities in AI systems and provide guidance on how to fix them.
Read moreSynology is telling users to patch a critical zero-click RCE bug, CVE-2024-10443, affecting millions of DiskStation and BeePhotos NAS devices. Synology advises caution about exposing NAS devices to the internet.
Read moreNokia is investigating a potential breach after a hacker, IntelBroker, claimed to have stolen their source code from a third-party vendor. The data includes SSH keys, source code, and RSA keys, accessed via default credentials on a SonarQube server.
Read moreCanada has ordered TikTok Technology Canada to shut down, citing national security risks. This decision closes the company’s Canadian operations but does not restrict Canadians from using TikTok.
Read moreResearchers from George Mason University have introduced Mantis, a framework using prompt injections to counterattack against prompt injection attacks, potentially misdirecting or compromising attackers' systems.
Read moreThe U.S. is tightening rules on foreign real estate deals near military bases, adding 60 installations to the CFIUS scrutiny list. This follows the forced closure of a Chinese-owned crypto mine near F.E. Warren Air Force Base.
Read more2024-11-04
An investigation by French newspaper Le Monde revealed that bodyguards of leaders such as Joe Biden and Donald Trump have used the Strava fitness app, inadvertently disclosing sensitive locations. For instance, the app revealed a San Francisco hotel where President Biden met with Chinese President Xi Jinping.
Read morePassword manager LastPass has alerted users to scammers promoting a fraudulent support number, 805-206-2892, through 5-star reviews on its Chrome extension. Calling this number directs users to download a remote support program that is actually malware.
Read moreResearchers have successfully created voice-based financial scams, like unauthorized bank transfers and credential theft, using the new real-time API in ChatGPT-4o. The scams showed success rates ranging from 20-60%.
Read moreCisco Talos discovered five out-of-bounds vulnerabilities in NVIDIA's shader processing technology and eleven separate issues affecting LevelOne routers.
Read moreOkta has patched a critical issue allowing logins without a password if a username exceeded 52 characters. How this passed through extensive testing remains baffling.
Read moreThe US has charged Russian national Maxim Rudometov for creating the RedLine infostealer, following access to the malware's source code and infrastructure.
Read moreThe U.S. military has confirmed its first purchase of OpenAI products for AFRICOM, signifying a step towards integrating AI into national security operations.
Read moreBellingcat identified the location where Hamas leader Yahya Sinwar was killed in southern Gaza's Tal as-Sutlan area, using IDF footage and distinct visual markers such as a gazebo and residential tower.
Read more