Sep 23, 2024Ravie LakshmananCybersecurity / Cyber Threat Hold on tight, folks, because last week's cybersecurity landscape was a rollercoaster! We witnessed everything from North Korean hackers dangling "dream jobs" to expose a new malware, to a surprising twist in the Apple vs. NSO Group saga. Even the seemingly mundane world of domain names and cloud configurations had its … [Read more...] about Last Week’s Top Threats and Trends (September 16-22)
software vulnerability
Hacktivist Group Twelve Targets Russian Entities with Destructive Cyber Attacks
A hacktivist group known as Twelve has been observed using an arsenal of publicly available tools to conduct destructive cyber attacks against Russian targets. "Rather than demand a ransom for decrypting data, Twelve prefers to encrypt victims' data and then destroy their infrastructure with a wiper to prevent recovery," Kaspersky said in a Friday analysis. "The approach is … [Read more...] about Hacktivist Group Twelve Targets Russian Entities with Destructive Cyber Attacks
LinkedIn Halts AI Data Processing in U.K. Amid Privacy Concerns Raised by ICO
Sep 21, 2024Ravie LakshmananPrivacy / Artificial Intelligence The U.K. Information Commissioner's Office (ICO) has confirmed that professional social networking platform LinkedIn has suspended processing users' data in the country to train its artificial intelligence (AI) models. "We are pleased that LinkedIn has reflected on the concerns we raised about its approach to … [Read more...] about LinkedIn Halts AI Data Processing in U.K. Amid Privacy Concerns Raised by ICO
Europol Shuts Down Major Phishing Scheme Targeting Mobile Phone Credentials
Law enforcement authorities have announced the takedown of an international criminal network that leveraged a phishing platform to unlock stolen or lost mobile phones. The phishing-as-a-service (PhaaS) platform, called iServer, is estimated to have claimed more than 483,000 victims globally, led by Chile (77,000), Colombia (70,000), Ecuador (42,000), Peru (41,500), Spain … [Read more...] about Europol Shuts Down Major Phishing Scheme Targeting Mobile Phone Credentials
Wherever There’s Ransomware, There’s Service Account Compromise. Are You Protected?
Until just a couple of years ago, only a handful of IAM pros knew what service accounts are. In the last years, these silent Non-Human-Identities (NHI) accounts have become one of the most targeted and compromised attack surfaces. Assessments report that compromised service accounts play a key role in lateral movement in over 70% of ransomware attacks. However, there's an … [Read more...] about Wherever There’s Ransomware, There’s Service Account Compromise. Are You Protected?
New “Raptor Train” IoT Botnet Compromises Over 200,000 Devices Worldwide
Cybersecurity researchers have uncovered a never-before-seen botnet comprising an army of small office/home office (SOHO) and IoT devices that are likely operated by a Chinese nation-state threat actor called Flax Typhoon (aka Ethereal Panda or RedJuliett). The sophisticated botnet, dubbed Raptor Train by Lumen's Black Lotus Labs, is believed to have been operational since at … [Read more...] about New “Raptor Train” IoT Botnet Compromises Over 200,000 Devices Worldwide
Google Chrome Switches to ML-KEM for Post-Quantum Cryptography Defense
Sep 17, 2024Ravie LakshmananBrowser Security / Quantum Computing Google has announced that it will be switching from KYBER to ML-KEM in its Chrome web browser as part of its ongoing efforts to defend against the risk posed by cryptographically relevant quantum computers (CRQCs). "Chrome will offer a key share prediction for hybrid ML-KEM (codepoint 0x11EC)," David Adrian, … [Read more...] about Google Chrome Switches to ML-KEM for Post-Quantum Cryptography Defense
Google Fixes GCP Composer Flaw That Could’ve Led to Remote Code Execution
Sep 16, 2024Ravie LakshmananCloud Security / Vulnerability A now-patched critical security flaw impacting Google Cloud Platform (GCP) Composer could have been exploited to achieve remote code execution on cloud servers by means of a supply chain attack technique called dependency confusion. The vulnerability has been codenamed CloudImposer by Tenable Research. "The … [Read more...] about Google Fixes GCP Composer Flaw That Could’ve Led to Remote Code Execution
Ivanti Warns of Active Exploitation of Newly Patched Cloud Appliance Vulnerability
Sep 14, 2024Ravie LakshmananEnterprise Security / Threat Intelligence Ivanti has revealed that a newly patched security flaw in its Cloud Service Appliance (CSA) has come under active exploitation in the wild. The high-severity vulnerability in question is CVE-2024-8190 (CVSS score: 7.2), which allows remote code execution under certain circumstances. "An OS command injection … [Read more...] about Ivanti Warns of Active Exploitation of Newly Patched Cloud Appliance Vulnerability
Apple Vision Pro Vulnerability Exposed Virtual Keyboard Inputs to Attackers
Sep 13, 2024Ravie LakshmananVirtual Reality / Vulnerability Details have emerged about a now-patched security flaw impacting Apple's Vision Pro mixed reality headset that, if successfully exploited, could allow malicious attackers to infer data entered on the device's virtual keyboard. The attack, dubbed GAZEploit, has been assigned the CVE identifier CVE-2024-40865. "A novel … [Read more...] about Apple Vision Pro Vulnerability Exposed Virtual Keyboard Inputs to Attackers