April 12, 2024 at 04:55PM The US Cybersecurity and Infrastructure Security Agency (CISA) has publicly released its Malware Next-Gen Analysis platform. The platform allows users to analyze suspicious files, URLs, and IP addresses for potential threats. CISA aims to enhance threat intelligence with dynamic and static analysis tools. Users can submit artifacts for analysis, with … Read more
April 1, 2024 at 12:30PM Security researchers have disclosed a new vulnerability, named CVE-2024-28085 or ‘WallEscape’, affecting the ‘wall’ command in the util-linux package on Linux systems. Exploiting this flaw could potentially leak user passwords and manipulate the clipboard. This security defect impacts Ubuntu 22.04 and Debian Bookworm, with potential for account takeover, but does … Read more
March 20, 2024 at 09:52AM The makers of Flipper Zero oppose Canada’s plan to ban the device, denying its involvement in car thefts. They argue that its capabilities are overestimated and point out that similar functionality exists in other devices not targeted by the ban. They stress that the focus should be on addressing outdated … Read more
March 15, 2024 at 02:03PM A group of researchers has discovered a new data leakage attack called GhostRace (CVE-2024-2193), a variation of the spectre v1 vulnerability, impacting modern CPU architectures. This exploit allows unauthenticated attackers to extract sensitive data from the processor by accessing speculative executable code paths. Both AMD and Xen have provided solutions … Read more
March 11, 2024 at 03:19PM Security researchers have launched Misconfiguration Manager, a resource aimed at identifying and addressing attack techniques based on misconfigurations of Microsoft’s Configuration Manager (MCM)/System Center Configuration Manager (SCCM). The repository provides insights and defense strategies, highlighting 22 attack methods along with prevention, detection, and deception-based defense actions. Administrators are urged to … Read more
March 11, 2024 at 02:45AM A critical security flaw (CVE-2024-1403) in Progress Software OpenEdge Authentication Gateway and AdminServer allows unauthorized access via bypassing authentication protections. Exploit specifics and technical details disclosed, with severity rating of 10.0. Addressed in versions OpenEdge LTS Update 11.7.19, 12.2.14, and 12.8.1. Horizon3.ai released a proof-of-concept, identifying potential remote code execution … Read more
March 6, 2024 at 11:27AM BlackCat ransomware operators have shut down their darknet website in an apparent exit scam, following a fake law enforcement seizure banner. The group allegedly received a $22 million ransom payment, refused to share proceeds, and may rebrand in the future. Cybersecurity experts speculate the motives, citing possible internal concerns and … Read more
March 4, 2024 at 04:54AM Security researchers have discovered around 100 malicious AI/ML models on the Hugging Face platform. These models pose a significant security threat, potentially allowing attackers to gain control over machines, leading to data breaches and corporate espionage. Furthermore, researchers have developed techniques to manipulate large-language models (LLMs) for harmful purposes, demonstrating … Read more
February 28, 2024 at 10:08AM JPCERT/CC warns of North Korean hacker group Lazarus uploading four malicious PyPI packages to infect developers with malware. These packages allow access to developer networks, enabling financial fraud and supply chain attacks. The malware, named “Comebacker,” connects to the attacker’s server and executes further Windows malware. Previous attacks by Lazarus … Read more
February 27, 2024 at 03:27PM The US government is urging software manufacturers to release timely, comprehensive documentation of security vulnerabilities to enhance efforts in measuring code quality and safety. The White House emphasizes the need for long-term investment incentives and the adoption of memory-safe programming languages to improve cybersecurity across the digital ecosystem. This industry-wide … Read more