June 25, 2024 at 08:48AM CoinStats, a cryptocurrency portfolio manager, was back online after hackers drained over $2 million from 1,590 hosted wallets. The platform assured that only 1.3% of CoinStats Wallets were affected. CoinStats requires read-only access to connected wallets, mitigating the risk to users’ funds. The CEO revealed the attack was likely orchestrated … Read more
June 23, 2024 at 03:08PM Hackers are exploiting a flaw in the pkfacebook module for PrestaShop to deploy a card skimmer and steal credit card details from vulnerable e-commerce sites. The flaw, tracked as CVE-2024-36680, allows for SQL injection vulnerabilities. Promokit claims the flaw was fixed, but Friends-Of-Presta warns of active exploitation and recommends specific … Read more
June 16, 2024 at 10:14PM The TIKTAG attack exploits ARM’s Memory Tagging Extension (MTE) to leak data with over 95% success. Researchers from Samsung, Seoul National University, and Georgia Tech demonstrated the attack against Google Chrome and the Linux kernel. MTE, designed to prevent memory corruption, is susceptible to TIKTAG-v1 and TIKTAG-v2 gadgets. Mitigations are … Read more
May 27, 2024 at 02:08AM Hackers are using a Python clone of Minesweeper to conceal malicious scripts in attacks on US and European financial organizations, as reported by Ukraine’s CSIRT-NBU and CERT-UA. The attacks involve the installation of SuperOps RMM, granting unauthorized access. The email-based attack disguises the malicious code within the Minesweeper game, bypassing … Read more
May 24, 2024 at 09:24AM Thousands of computers are at risk of complete takeover due to a backdoor injected into the Justice AV Solutions (JAVS) Viewer v8.3.7 installer distributed from official servers. The backdoor, discovered by Rapid7, provides attackers with full control over affected systems. Rapid7 recommends updating to version 8.3.8 and re-imaging affected endpoints … Read more
May 23, 2024 at 10:17AM MITRE detailed a recent cyberattack where state-sponsored hackers exploited zero-day vulnerabilities to access its NERVE environment. The attackers abused VMware systems for persistence and detection evasion, deploying backdoors and web shells. MITRE identified the threat actor and shared mitigation scripts for other organizations to safeguard their VMware environments. Key takeaways … Read more
May 9, 2024 at 09:57AM The LockBit cybercrime group has claimed responsibility for the ransomware attack on the City of Wichita, Kansas, causing system shutdowns and disrupting services including water utilities, municipal court, and public transportation payments. An investigation is ongoing to determine if any information was compromised. The mastermind behind LockBit, Dimitry Yuryevich Khoroshev, … Read more
April 25, 2024 at 10:29AM Hackers are targeting WP Automatic plugin for WordPress, exploiting the CVE-2024-27956 vulnerability. The issue allows the creation of admin accounts and backdoors. Over 5.5 million attack attempts have been recorded, prompting the recommendation to update to version 3.92.1 and frequently backup websites to mitigate the risk. After reviewing the meeting … Read more
April 19, 2024 at 02:09PM A sophisticated phishing campaign targeting LastPass users successfully stole master passwords using a hands-on approach. The attackers posed as customer service representatives, guiding victims to a fake website to reset their account access. LastPass has taken action to protect its customers and is urging awareness and caution against spoofed communication … Read more
March 22, 2024 at 06:30AM Participants at Pwn2Own Vancouver 2024 earned over $1.1 million, finding 29 zero-day vulnerabilities in Tesla cars, Windows, Ubuntu, Oracle VirtualBox, VMware Workstation, Chrome, Edge, and Adobe Reader. Notably, a team won $200,000 and a Tesla Model 3 for hacking a Tesla car’s electronic control unit. In total, nearly $3.5 million … Read more