July 23, 2024 at 06:42PM Threat actors are exploiting the popularity of Hamster Kombat, a clicker mobile game, by distributing fake Android and Windows software to install spyware and malware. Players should obtain the game from its official Telegram channel or website to avoid scams. Additionally, caution is advised due to security concerns and potential … Read more
July 18, 2024 at 05:17PM A judge has mostly dismissed a lawsuit by America’s financial watchdog against SolarWinds and its CISO for misleading investors about computer security practices and the backdooring of its Orion product after the SUNBURST attack. The judge ruled in favor of SolarWinds on post-SUNBURST claims but sustained the SEC’s securities fraud … Read more
July 18, 2024 at 12:33PM Kaspersky proposes independent verification following US government ban on its products. The antivirus maker pledges to comply with Department of Commerce rulings but maintains the ban is politically motivated. The company offers a comprehensive assessment framework and will cease sales of new contracts in the US. Updates will be halted … Read more
July 18, 2024 at 06:27AM Cybersecurity researchers discovered five vulnerabilities in SAP AI Core platform, making unauthorized access and data theft possible. With responsible disclosure, SAP addressed the weaknesses, preventing potential misuse. The findings coincide with increased enterprise use of generative AI and the emergence of a new cybercriminal threat group, NullBulge, targeting AI and … Read more
July 14, 2024 at 10:10PM Commercial spyware maker mSpy has been breached, exposing millions of customers’ data including email addresses, IP addresses, and photos. The company, previously breached in 2015 and 2018, is involved in stalkerware applications. Additionally, critical vulnerabilities, plaintext data transmission by Linksys routers, and the targeting of Latin American airlines by Akira … Read more
July 9, 2024 at 07:21AM The US, UK, Canada, Germany, Japan, New Zealand, and South Korea support Australia’s accusation of Chinese state-sponsored hacking into government networks. APT40, also known as Bronze Mohawk, is highlighted for targeting Australian and regional networks with advanced tradecraft, exploiting vulnerabilities in widely used software and leveraging tactics shared by other … Read more
July 8, 2024 at 10:37PM Law enforcement agencies, led by Australia, have issued an advisory detailing the tradecraft of APT40, a state-sponsored cyber group aligned with China. Known for rapidly exploiting new vulnerabilities, APT40 targets unpatched networks and uses compromised devices to launch attacks. The advisory provides mitigation tactics and highlights APT40’s use of web … Read more
July 5, 2024 at 08:41AM Infosec experts are discussing a vulnerability in Ghostscript, which may lead to significant breaches. The format string bug, designated as CVE-2024-29510, allows remote code execution (RCE) on systems running Ghostscript. It poses a serious threat to web applications and services utilizing Ghostscript for document conversion and preview functionality. The severity … Read more
July 5, 2024 at 08:35AM While serving on the Commission on Enhancing National Cybersecurity, Joe Sullivan, a former Uber CSO, faced legal challenges for mishandling a data breach. The government’s effort to enforce good corporate behavior has led to an increase in legal actions against security leaders. To avoid trouble, it’s recommended that security leaders … Read more
July 1, 2024 at 10:08AM Glibc-based Linux systems should upgrade OpenSSH’s server due to a new bug (CVE-2024-6387) revealed by Qualys researchers. They discovered a race condition vulnerability that could lead to remote code execution, affecting potentially hundreds of thousands of instances. Systems running on OpenBSD are exempt, and Qualys recommends specific patches and network-based … Read more