Xynik

Over 2,000 Palo Alto firewalls hacked using recently patched bugs

by

November 21, 2024 at 02:47PM Hackers have compromised thousands of Palo Alto Networks firewalls by exploiting two recently patched zero-day vulnerabilities. **Meeting Takeaways:** 1. **Security Breach**: A significant number of Palo Alto Networks firewalls have been compromised by hackers. 2. **Exploited Vulnerabilities**: The attacks are utilizing two recently patched zero-day vulnerabilities. 3. **Urgency for Action**: … Read more

DARPA-backed voting system for soldiers abroad savaged

by

November 21, 2024 at 02:35PM DARPA’s electronic voting project, CACvote, aims to enhance absentee voting for military personnel abroad, with a cryptographic protocol for securing ballots. Critics argue it’s impractical due to legal and logistical challenges, asserting that internet voting lacks security. VotingWorks defends the project, emphasizing its commitment to maintaining a verifiable paper ballot … Read more

Microsoft pulls WinAppSDK update breaking Windows 10 app uninstalls

by

November 21, 2024 at 02:01PM Microsoft has acknowledged issues affecting Windows 10 users unable to update or uninstall packaged apps, including Microsoft Teams, due to the WinAppSDK 1.6.2 package. A fix is forthcoming, and the problematic update has been pulled. Users can access workarounds via PowerShell or Command Prompt until the resolution is deployed. **Meeting … Read more

Scattered Spider Cybercrime Members Face Prison Time

by

November 21, 2024 at 01:56PM The Department of Justice has charged five members of the hacking group “Scattered Spider” with various crimes related to cyberattacks on companies like MGM Resorts and Caesar’s Palace. Allegations include phishing and stealing sensitive data, cryptocurrencies, and identity information. They face significant prison sentences if convicted. ### Meeting Takeaways: 1. … Read more

CISA says BianLian ransomware now focuses only on data theft

by

November 21, 2024 at 01:39PM The BianLian ransomware group has transitioned to primarily data theft extortion techniques, as noted in a U.S. and Australian advisory. Since January 2024, they focus exclusively on this method, employing new tactics like exploiting Windows vulnerabilities and using RDP for access. Recent attacks include breaches of notable organizations. ### Meeting … Read more

Chinese ship casts shadow over Baltic subsea cable snipfest

by

November 21, 2024 at 12:30PM The Danish military is monitoring the Chinese ship Yi Peng 3, linked to the sabotage of two undersea internet cables in the Baltic Sea. German Defense Minister Boris Pistorius and Swedish police are investigating, while China denies involvement. Repairs are scheduled, with concerns over the security of critical infrastructure. ### … Read more

Microsoft disrupts ONNX phishing-as-a-service infrastructure

by

November 21, 2024 at 12:08PM Microsoft and the Justice Department seized over 240 domains linked to ONNX, a phishing-as-a-service platform targeting thousands of victims globally since 2017. ONNX was the leading provider of phishing kits in 2024, enabling sophisticated attacks that bypassed security measures. Operations ceased after the owner’s identity was revealed. ### Meeting Takeaways … Read more

Warning: Over 2,000 Palo Alto Networks Devices Hacked in Ongoing Attack Campaign

by

November 21, 2024 at 11:57AM Approximately 2,000 Palo Alto Networks devices have reportedly been compromised due to recently disclosed security vulnerabilities. The flaws, CVE-2024-0012 and CVE-2024-9474, could enable malicious actions. Palo Alto warns that cyber attacks exploiting these weaknesses may rise and urges users to implement security measures and apply updates promptly. ### Meeting Takeaways … Read more

Chinese APT Gelsemium Targets Linux Systems with New WolfsBane Backdoor

by

November 21, 2024 at 11:57AM China-aligned APT actor Gelsemium is using a new Linux backdoor, WolfsBane, targeting East and Southeast Asia for cyber espionage. Recent findings by ESET reveal WolfsBane and another implant, FireWood, aiming to gather sensitive data. This marks a shift towards Linux malware amidst enhanced security measures in the APT ecosystem. ### … Read more

2,000 Palo Alto Firewalls Compromised via New Vulnerabilities

by

November 21, 2024 at 11:20AM Palo Alto Networks reported a drop in internet-exposed firewalls, yet around 2,000 devices remain compromised due to critical vulnerabilities CVE-2024-0012 and CVE-2024-9474. Patches were released in mid-November following confirmed exploitation, with attacks primarily affecting devices in the U.S. and India. Key security recommendations include limiting access to trusted IPs. **Meeting … Read more