July 2, 2024 at 02:54PM CISA and PTC reported a critical flaw in an industrial computer-aided design software server (CVE-2024-6071), exposing systems to unauthorized remote access. A patch has been issued for affected Creo Elements/Direct License Servers, urging immediate update. PTC stated no evidence of exploitation in the wild and emphasized no impact on the … Read more
June 26, 2024 at 03:11PM The domain polyfill[.]io, used by over 100,000 websites for JavaScript code, has been compromised, serving malicious code like dynamic payloads and leading users to porn and betting sites. The sale of the domain to a Chinese organization has raised security concerns. Website owners are urged to remove references to the … Read more
June 25, 2024 at 10:18AM The FBI warns of cybercriminals masquerading as law firms and lawyers offering cryptocurrency recovery services to scam victims. They deceitfully claim collaboration with government agencies and real financial institutions to gain trust. Scammers ask for personal information, upfront fees, and taxes, resulting in victims losing over $9 million to secondary … Read more
June 11, 2024 at 03:02PM JetBrains has issued a security warning concerning a critical vulnerability in its IntelliJ integrated development environment (IDE) apps, CVE-2024-37051. The flaw, affecting versions 2023.1 onwards with the GitHub plugin, exposes access tokens. Security updates have been released for affected IDEs, and customers are advised to update and revoke GitHub tokens. … Read more
June 5, 2024 at 08:00AM Taiwan-based networking device manufacturer Zyxel warned of three critical-severity vulnerabilities in discontinued NAS products, allowing command injection and arbitrary code execution without authentication. Despite reaching the end of vulnerability support, patches were made available for impacted products NAS326 and NAS542. Exploitation could lead to persistent root access, requiring immediate firmware … Read more
June 4, 2024 at 04:39PM The FBI warned that scammers are using fake remote job ads to steal cryptocurrency from job seekers, posing as recruiters for legitimate companies. The scammers create work-from-home scams with confusing compensation structures and use fake portals. The FBI advises caution, not sending money to alleged employers, and reporting suspicious activities … Read more
May 29, 2024 at 07:25PM Cybercriminals have been using Stack Overflow to spread malware, posing as helpful contributors answering users’ questions about a PyPi package named ‘pytoileur’ which actually installs Windows information-stealing malware. This malicious package is part of the ‘Cool package’ campaign and was promoted through typo-squatting and Stack Overflow answers. Developers are urged … Read more
April 29, 2024 at 04:46PM Credential-stuffing attacks on online services are rising, leading to Okta advising its users. Okta’s researchers noticed a surge in attacks on Okta accounts from April 19 to 26. Attacks use anonymous devices like Tor and residential proxies such as NSOCKS, Luminati, and Datalmpulse. Okta introduced a feature to block such … Read more
April 25, 2024 at 10:15AM Netcraft warns of threat actors using compromised email accounts to send phishing emails with links to malicious PDF files on Autodesk Drive. Attackers tailor their emails with legitimate senders’ information to appear credible. Recipients are directed to phishing pages and prompted to provide Microsoft account credentials. The attacks are highly … Read more
April 22, 2024 at 06:34PM Microsoft warned that the Russian APT28 threat group exploits a Windows Print Spooler vulnerability using a new hacking tool called GooseEgg. APT28 has used GooseEgg since June 2020, potentially earlier, to launch malicious payloads, escalate privileges, and attack government and non-governmental organizations. APT28 has a history of high-profile cyber attacks. … Read more