Aug 16, 2024Ravie LakshmananCloud Security / Application Security A large-scale extortion campaign has compromised various organizations by taking advantage of publicly accessible environment variable files (.env) that contain credentials associated with cloud and social media applications. "Multiple security missteps were present in the course of this campaign, including the … [Read more...] about Attackers Exploit Public .env Files to Breach Cloud and Social Media Accounts
network security
Russian Hacker Jailed 3+ Years for Selling Stolen Credentials on Dark Web
Aug 16, 2024Ravie LakshmananDark Web / Data Breach A 27-year-old Russian national has been sentenced to over three years in prison in the U.S. for peddling financial information, login credentials, and other personally identifying information (PII) on a now-defunct dark web marketplace called Slilpp. Georgy Kavzharadze, 27, of Moscow, Russia, pleaded guilty to one count of … [Read more...] about Russian Hacker Jailed 3+ Years for Selling Stolen Credentials on Dark Web
SolarWinds Releases Patch for Critical Flaw in Web Help Desk Software
Aug 15, 2024Ravie LakshmananEnterprise Security / Vulnerability SolarWinds has released patches to address a critical security vulnerability in its Web Help Desk software that could be exploited to execute arbitrary code on susceptible instances. The flaw, tracked as CVE-2024-28986 (CVSS score: 9.8), has been described as a deserialization bug. "SolarWinds Web Help Desk was … [Read more...] about SolarWinds Releases Patch for Critical Flaw in Web Help Desk Software
Black Basta-Linked Attackers Target Users with SystemBC Malware
Aug 14, 2024Ravie LakshmananMalware / Network Security An ongoing social engineering campaign with alleged links to the Black Basta ransomware group has been linked to "multiple intrusion attempts" with the goal of conducting credential theft and deploying a malware dropper called SystemBC. "The initial lure being utilized by the threat actors remains the same: an email bomb … [Read more...] about Black Basta-Linked Attackers Target Users with SystemBC Malware
New T-Head CPU Bugs Expose Devices to Unrestricted Attacks
Aug 13, 2024Ravie LakshmananVulnerability / Hardware Security A team of researchers from the CISPA Helmholtz Center for Information Security in Germany has disclosed an architectural bug impacting Chinese chip company T-Head's XuanTie C910 and C920 RISC-V CPUs that could allow attackers to gain unrestricted access to susceptible devices. The vulnerability has been codenamed … [Read more...] about New T-Head CPU Bugs Expose Devices to Unrestricted Attacks
How Phishing Attacks Adapt Quickly to Capitalize on Current Events
In 2023, no fewer than 94 percent of businesses were impacted by phishing attacks, a 40 percent increase compared to the previous year, according to research from Egress. What's behind the surge in phishing? One popular answer is AI – particularly generative AI, which has made it trivially easier for threat actors to craft content that they can use in phishing campaigns, like … [Read more...] about How Phishing Attacks Adapt Quickly to Capitalize on Current Events
Rogue PyPI Library Solana Users, Steals Blockchain Wallet Keys
Aug 11, 2024Ravie LakshmananSupply Chain / Software Security Cybersecurity researchers have discovered a new malicious package on the Python Package Index (PyPI) repository that masquerades as a library from the Solana blockchain platform but is actually designed to steal victims' secrets. "The legitimate Solana Python API project is known as 'solana-py' on GitHub, but simply … [Read more...] about Rogue PyPI Library Solana Users, Steals Blockchain Wallet Keys
New Malware Hits 300,000 Users with Rogue Chrome and Edge Extensions
Aug 10, 2024Ravie LakshmananBrowser Security / Online Fraud An ongoing, widespread malware campaign has been observed installing rogue Google Chrome and Microsoft Edge extensions via a trojan distributed via fake websites masquerading as popular software. "The trojan malware contains different deliverables ranging from simple adware extensions that hijack searches to more … [Read more...] about New Malware Hits 300,000 Users with Rogue Chrome and Edge Extensions
Microsoft Reveals Four OpenVPN Flaws Leading to Potential RCE and LPE
Aug 09, 2024Ravie LakshmananVulnerability / Network Security Microsoft on Thursday disclosed four medium-severity security flaws in the open-source OpenVPN software that could be chained to achieve remote code execution (RCE) and local privilege escalation (LPE). "This attack chain could enable attackers to gain full control over targeted endpoints, potentially resulting in … [Read more...] about Microsoft Reveals Four OpenVPN Flaws Leading to Potential RCE and LPE
University Professors Targeted by North Korean Cyber Espionage Group
Aug 08, 2024Ravie LakshmananCyber Attack / Cyber Espionage The North Korea-linked threat actor known as Kimsuky has been linked to a new set of attacks targeting university staff, researchers, and professors for intelligence gathering purposes. Cybersecurity firm Resilience said it identified the activity in late July 2024 after it observed an operation security (OPSEC) error … [Read more...] about University Professors Targeted by North Korean Cyber Espionage Group