Xynik December 9, 2024 at 01:29PM The OpenWrt Project has released a critical patch addressing a vulnerability (CVE-2024-54143) that could allow attackers to inject malicious firmware through its sysupgrade server. Issues include command injection in the image builder and truncated SHA-256 hash collisions, compromising firmware integrity. Users are urged to upgrade to mitigate risks. ### Meeting … Read more
December 9, 2024 at 01:28PM Genetec Inc. released its “2025 State of the Physical Security Report,” highlighting trends in hybrid cloud adoption, IT department involvement, and AI integration in physical security. The report indicates 43% of end users favor hybrid solutions, while 77% of organizations have IT and physical security collaborating on systems. **Meeting Takeaways … Read more
December 9, 2024 at 01:18PM Black Basta ransomware is evolving its tactics, utilizing social engineering and various malware like Zbot and DarkGate since October 2024. The group employs email bombing, impersonation on Microsoft Teams, and QR codes to target users. Their ultimate aim includes credential harvesting and VPN file theft for further breaches. ### Meeting … Read more
December 9, 2024 at 11:56AM Eight members of an international cybercrime network were arrested in Belgium and the Netherlands for stealing millions of Euros from victims and establishing fraudulent Airbnb centers. **Meeting Takeaways:** 1. **Arrests Made**: Eight members of an international cybercrime network have been apprehended. 2. **Scope of Crime**: The network was involved in … Read more
December 9, 2024 at 11:42AM Electrica Group is investigating an ongoing ransomware attack while ensuring that its critical systems remain unaffected. The company, which serves over 3.8 million customers, is collaborating with cybersecurity authorities to maintain electricity supply and protect data. Recent events include scrutiny of election vulnerabilities amidst widespread cyberattacks in Romania. **Meeting Takeaways: … Read more
December 9, 2024 at 11:20AM Security researchers report an ongoing massive online heist targeting AWS customers, exploiting public website misconfigurations to steal source codes, credentials, and secrets. The criminal operation, linked to the Nemesis and ShinyHunters gangs, remains active. Misconfigurations allowing these breaches are attributed to customer oversight, not AWS itself. ### Meeting Takeaways 1. … Read more
December 9, 2024 at 10:04AM Cybersecurity defenders face increasing vulnerabilities due to a growing IT environment. Recent reports indicate that 14% of breaches exploit vulnerabilities, emphasizing the need for clear prioritization strategies. Learning from past incidents like MOVEit and Log4j can guide effective vulnerability evaluation and management, including the adoption of secure-by-design principles. ### Meeting … Read more
December 9, 2024 at 09:07AM OpenWrt users are urged to upgrade to the same version due to a reported supply chain attack affecting the attended sysupgrade server. Vulnerabilities allow attackers to serve compromised firmware through command injection and weak hash issues. While risks are low, users should update immediately or apply specific commits to secure … Read more
December 9, 2024 at 09:06AM Artivion disclosed a ransomware attack on November 21, disrupting order and shipping processes. The company, which manufactures aortic-centric medical devices, took systems offline for investigation and remediation. While it believes the attack won’t materially affect finances, some remediation costs may not be insured. Details on the threat actor remain undisclosed. … Read more
December 9, 2024 at 08:29AM QNAP Systems announced security patches for vulnerabilities discovered at Pwn2Own Ireland 2024, including a severe command injection flaw (CVE-2024-50393) and a CRLF injection bug (CVE-2024-48868), both with CVSS scores of 8.7. Users are urged to update their systems to protect against potential attacks. ### Meeting Takeaways 1. **Vulnerability Patches Released**: … Read more