Recent Security News
-
House Passes Reauthorization of Key US Surveillance Program After Days of Upheaval Over Changes
April 13, 2024 at 09:54AM The House approved a bill to reauthorize the U.S. government surveillance program by a bipartisan vote of 273-147. Speaker Johnson faced criticism from conservatives, with the bill being amended to extend the program for two years. The legislation faced opposition and will require an additional vote. The program is set…
-
Palo Alto Networks zero-day exploited since March to backdoor firewalls
April 13, 2024 at 09:01AM Suspected state-sponsored hackers have exploited an unpatched zero-day in Palo Alto Networks firewalls (CVE-2024-3400) since March 26, breaching internal networks to steal data and credentials. Palo Alto Networks released mitigations until the patches were complete. Volexity tracked the malicious activity (UTA0218) and detected the backdoor ‘Upstyle,’ with detailed exploitation methods…
-
Telegram fixes Windows app zero-day used to launch Python scripts
April 13, 2024 at 07:43AM Telegram addressed a zero-day vulnerability in its Windows desktop app, allowing the automatic launch of Python scripts. Initially disputed, it was confirmed that a typo in the source code allowed bypassing security warnings when clicking on Python .pyzw files disguised as videos. Telegram fixed the issue with a server-side fix,…
-
UK flooded with forged stamps despite using barcodes — to prevent just that
April 13, 2024 at 05:35AM Royal Mail switched to barcoded stamps for added security and efficiency, offering an exchange program until July 2023. However, multiple senders faced fines for “counterfeit stamps” despite purchasing them from legitimate sources. Investigations revealed Chinese suppliers offering forged stamps, leading to a diplomatic dispute and blame game. The transition to…
-
Hackers Deploy Python Backdoor in Palo Alto Zero-Day Attack
April 13, 2024 at 05:27AM Threat actors have been actively exploiting a critical zero-day flaw (CVE-2024-3400) in Palo Alto Networks PAN-OS software, allowing unauthorized code execution. Dubbed Operation MidnightEclipse, the attack involves creating cron jobs to run commands from an external server, triggering a Python-based backdoor. The actor UTA0218 displays advanced capabilities and likely state-backing.…