cybersecurity

Pro-Iran Attackers Access Multiple Water Facility Controllers

by

December 4, 2023 at 01:05PM Iran-linked CyberAv3ngers hacked US infrastructure, compromising logic controllers in multiple states. The FBI-led interagency alert followed a Pennsylvania water authority breach, indicating potential control disruptions in critical utilities. The attackers exploited weak security, with a 10-day undetected access, prompting urgent system evaluations. Meeting Takeaways: 1. **Attack on U.S. Infrastructure by … Read more

Fake WordPress security advisory pushes backdoor plugin

by

December 4, 2023 at 12:19PM WordPress security experts are warning of phishing emails with fake security advisories asking admins to install a malicious plugin, which creates a hidden user and downloads a backdoor to the site, potentially for injecting ads, stealing data, or blackmail. Users are urged to be cautious. **Key Takeaways from Meeting Notes … Read more

Russian Pleads Guilty to Role in Developing TrickBot Malware

by

December 4, 2023 at 10:07AM Vladimir Dunaev, a Russian citizen, admitted guilt in creating and deploying the TrickBot malware, which resulted in substantial financial losses. Takeaways from the Meeting Notes: 1. Acknowledgment of Guilty Plea: Vladimir Dunaev, a Russian national, has admitted guilt in his association with the TrickBot malware’s development and deployment. 2. Impact … Read more

North Korean Hackers Have Stolen Over $3 Billion in Cryptocurrency: Report

by

December 4, 2023 at 10:07AM North Korean state-sponsored hackers reportedly stole over $3 billion in cryptocurrency, according to Recorded Future. SecurityWeek reported on the theft. Clear Takeaway from Meeting Notes: North Korean state-sponsored hackers have been reported to have acquired over $3 billion through cryptocurrency theft, as per findings published by Recorded Future. This significant … Read more

Exposed Hugging Face API tokens offered full access to Meta’s Llama 2

by

December 4, 2023 at 09:06AM Lasso Security researchers found over 1,500 API tokens, including those of Meta and Google, exposed on Hugging Face, risking supply chain attacks and allowing access to 723 organizations. Exposed tokens with write permissions could alter files, steal private models, or poison data, affecting over a million users. All affected parties … Read more

New BLUFFS Bluetooth Attack Expose Devices to Adversary-in-the-Middle Attacks

by

December 4, 2023 at 08:36AM New BLUFFS vulnerabilities, detailed in CVE-2023-24023 with a 6.8 CVSS score, compromise Bluetooth Classic’s forward and future secrecy by enabling adversaries to impersonate devices and intercept communications between paired devices. Researchers suggest mitigation by using secure connection modes and sufficient key entropy. Key Takeaways from the Meeting on Bluetooth Vulnerability … Read more

ICS at Multiple US Water Facilities Targeted by Hackers Affiliated With Iranian Government

by

December 4, 2023 at 08:12AM Cyber Av3ngers, a group linked to the Iranian government, is attacking industrial control systems (ICS) at several US water facilities, reports SecurityWeek. Clear Takeaways from Meeting Notes: 1. The Cyber Av3ngers group is actively targeting industrial control systems (ICS) at various water facilities. 2. There is an affiliation between the … Read more

New Relic Says Hackers Accessed Internal Environment Using Stolen Credentials

by

December 4, 2023 at 08:12AM New Relic reported a security breach in which hackers accessed their internal environment through social engineering and using credentials stolen from an employee account. Meeting Key Takeaway: – It has been reported that New Relic experienced a security breach in which hackers accessed an internal environment. This incident was a … Read more

New P2PInfect Botnet MIPS Variant Targeting Routers and IoT Devices

by

December 4, 2023 at 06:54AM Cybersecurity experts have uncovered a new version of the P2PInfect botnet targeting routers and IoT devices, now able to infect devices using MIPS architecture. First identified in 2023 exploiting a critical Redis vulnerability, P2PInfect has evolved with evasion tactics and now includes a Windows DLL module, indicating a sophisticated threat … Read more

Microsoft Warns of Malvertising Scheme Spreading CACTUS Ransomware

by

December 4, 2023 at 12:00AM Microsoft alerts of a CACTUS ransomware spread through malvertising, deploying DanaBot for initial access, leading to attacks by the Storm-0216 group. DanaBot’s usage follows law enforcement disrupting QakBot. Recent attacks also exploit Qlik Sense vulnerabilities and a new macOS ransomware called Turtle has emerged. Clear Takeaways from Meeting Notes on … Read more