November 16, 2024 at 12:53PM T-Mobile confirmed it was hacked amid a series of telecom breaches by Chinese state-sponsored group Salt Typhoon, targeting private communications and call records. Although T-Mobile stated that its systems were not significantly impacted, the U.S. government noted that customer data was stolen across multiple telecommunications companies. This marks T-Mobile’s ninth … Read more
November 16, 2024 at 02:16AM Switzerland’s NCSC warned citizens about malware spread through fake letters from the Federal Office of Meteorology, promoting a dangerous “Severe Weather Warning App.” The app, a malicious imitation of Alertswiss, contains the Coper trojan, targeting banking credentials. This method of delivery via postal service is unprecedented, indicating targeted spear-phishing efforts. … Read more
November 15, 2024 at 06:51AM A Vietnamese-speaking threat actor is using a new malware, PXA Stealer, to target government and educational institutions in Europe and Asia, stealing sensitive information, including credentials and financial data. The malware is delivered via phishing emails and is associated with a Telegram group selling compromised account credentials. ### Meeting Takeaways … Read more
November 15, 2024 at 05:35AM A critical vulnerability in the Really Simple Security plugin affected over 4 million WordPress websites, allowing for full administrative access. This flaw poses significant security risks, potentially enabling unauthorized takeovers of affected sites. The incident highlights the importance of timely security updates and monitoring for vulnerabilities. **Meeting Takeaways:** 1. **Incident … Read more
November 14, 2024 at 05:47PM A Chinese threat actor known as “SilkSpecter” is exploiting thousands of fraudulent online stores to siphon payment card information from online shoppers in the U.S. and Europe, driven by financial motives. **Meeting Notes Takeaways:** 1. **Threat Actor Identification**: A financially motivated Chinese threat actor known as “SilkSpecter” has been identified. … Read more
November 14, 2024 at 05:07PM A vulnerability in the PL/Perl extension of PostgreSQL (CVE-2024-10979) allows users to set arbitrary environment variables, scoring a CVSS 8.8. It can lead to severe security issues such as arbitrary code execution. Affected versions require updates to mitigate risks and should prompt users to review function creation logs. ### Meeting … Read more
November 14, 2024 at 04:05PM The new Glove Stealer malware can bypass Google Chrome’s App-Bound encryption to steal cookies and sensitive information from various browsers and applications. It employs social engineering tactics similar to ClickFix infections and requires local admin privileges to operate. Analysts note its basic methods indicate it remains in early development. ### … Read more
November 14, 2024 at 03:29PM Robert Purbeck, 45, was sentenced to ten years in prison for cybercrimes targeting medical facilities and other organizations across the U.S. He extorted at least $1 million from 19 victims, including threatening their personal safety. Purbeck also faces three years of supervised release following his prison term. ### Meeting Takeaways: … Read more
November 14, 2024 at 12:02PM Robert Purbeck, 45, from Idaho, has received a ten-year prison sentence for hacking 19 organizations, stealing personal data from over 132,000 individuals, and extorting victims. He pleaded guilty to unauthorized access charges and must pay over $1 million in restitution after an FBI raid revealed the extensive data theft. **Meeting … Read more
November 14, 2024 at 11:10AM A security researcher found misconfigurations in several Microsoft Power Pages installations, leading to unintentional access to confidential data. This investigation highlights a risk associated with low-code platforms, exposing millions of records due to improper setup. The findings were reported by SecurityWeek. **Meeting Takeaways:** 1. **Investigation Findings:** A security researcher conducted … Read more