April 23, 2024   12:56 PM   0 The National Police Agency in South Korea issued an urgent warning today about North Korean hacking groups targeting defense industry entities to steal valuable technology information. The police discovered several instances of successful breaches of defense companies in South Korea involving the hacking groups Lazarus, Andariel, and Kimsuky, all part of the North Korean hacking apparatus. According to the announcement, the...

April 24, 2024   10:31 AM   0 The Federal Trade Commission is sending $5.6 million in refunds to Ring users whose private video feeds were accessed without consent by Amazon employees and contractors, or had their accounts and devices hacked because of insufficient security protections. The action is part of a settlement following a complaint from May 2023 alleging that Ring failed to implement adequate security measures to protect the devices...

April 24, 2024   01:07 PM   0 ​Cisco warned today that a state-backed hacking group has been exploiting two zero-day vulnerabilities in Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) firewalls since November 2023 to breach government networks worldwide. The hackers, identified as UAT4356 by Cisco Talos and STORM-1849 by Microsoft, began infiltrating vulnerable edge devices in early November 2023 in a cyber-espionage campaign tracked as...

April 16, 2024   02:36 PM   0 Exploit code is now available for a maximum severity and actively exploited vulnerability in Palo Alto Networks' PAN-OS firewall software. Tracked as CVE-2024-3400, this security flaw can let unauthenticated threat actors execute arbitrary code as root via command injection in low-complexity attacks on vulnerable PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 firewalls if the device telemetry and GlobalProtect (gateway or portal)...

April 16, 2024   07:01 PM   0 Criminals are now texting T-Mobile and Verizon employees on their personal and work phones, trying to tempt them with cash to perform SIM swaps. The targeted employees have shared screenshots of messages offering $300 to those willing to aid the senders in their criminal endeavors. According to many reports, this is part of a campaign targeted at current and former mobile carrier workers who could have access to the...

April 13, 2024   10:00 AM   0 Canadian retail chain Giant Tiger disclosed a data breach in March 2024. A threat actor has now publicly claimed responsibility for the data breach and leaked 2.8 million records on a hacker forum that they claim are of Giant Tiger customers. Data breach monitoring service HaveIBeenPwned has added the leaked database to its website to make it easy for users to check if their information was compromised. The...

April 13, 2024   10:17 AM   0 A joint police operation between the Australian Federal Police (AFP) and the FBI has led to the arrest and charging of two individuals who are believed to be behind the development and distribution of the "Firebird" remote access trojan (RAT), later rebranded as "Hive." Firebird/Hive aren't among the most widely recognized and deployed RATs out there, but they could still have impacted users' securitys worldwide. Firebird used to...

April 11, 2024   06:00 PM   0 LastPass revealed this week that threat actors targeted one of its employees in a voice phishing attack, using deepfake audio to impersonate Karim Toubba, the company's Chief Executive Officer. However, while 25% of people have been on the receiving end of an AI voice impersonation scam or know someone who has, according to a recent global study, the LastPass employee didn't fall for it because the attacker used WhatsApp,...

April 12, 2024   11:05 AM   0 Roku warns that 576,000 accounts were hacked in new credential stuffing attacks after disclosing another incident that compromised 15,000 accounts in early March. The company said the attackers used login information stolen from other online platforms to breach as many active Roku accounts as possible in credential stuffing attacks. In such attacks, the threat actors leverage automated tools to attempt millions of logins using a...

April 11, 2024   10:16 AM   1 Apple has been notifying iPhone users in 92 countries about a "mercenary spyware attack" attempting to remotely compromise their device. In a sample notification the company shared with BleepingComputer, Apple says that it has high confidence in the warning and urges the recipient to take seriously. "Apple detected that you are being targeted by a mercenary spyware attack that is trying to remotely compromise the iPhone...

April 10, 2024   07:00 AM   0 Threat actors are abusing GitHub automation features and malicious Visual Studio projects to push a new variant of the "Keyzetsu" clipboard-hijacking malware and steal cryptocurrency payments. The attackers create GitHub repositories with names that have a higher chance of ranking well in search results and use various methods to artificially boost their popularity and visibility on the platform. Users downloading files...

April 10, 2024   10:18 AM   0 AT&T is notifying 51 million former and current customers, warning them of a data breach that exposed their personal information on a hacking forum. However, the company has still not disclosed how the data was obtained. These notifications are related to the recent leak of a massive amount of AT&T customer data on the Breach hacking forums that was offered for sale for $1 million in 2021. When threat actor...

April 9, 2024   09:00 AM   0 Security researchers at Bitdefender have discovered four vulnerabilities impacting multiple versions of WebOS, the operating system used in LG smart TVs. The flaws enable varying degrees of unauthorized access and control over affected models, including authorization bypasses, privilege escalation, and command injection. The potential attacks hinge on the ability to create arbitrary accounts on the device using a service that runs...

April 9, 2024   09:00 AM   0 Researchers have discovered two techniques that could enable attackers to bypass audit logs or generate less severe entries when downloading files from SharePoint. Microsoft SharePoint is a web-based collaborative platform that integrates with Microsoft Office and 365, primarily as a document management and data storage system. Many companies use it for document management and collaboration, creating websites and corporate...

April 9, 2024   11:30 AM   0 Image: Midjourney A Romanian botnet group named 'RUBYCARP' is leveraging known vulnerabilities and performing brute force attacks to breach corporate networks and compromise servers for financial gain. According to a new report by Sysdig, RUBYCARP currently operates a botnet managed via private IRC channels comprising over 600 compromised servers. Sysdig has found 39 variants of the RUBYCARP botnet's Perl-based payload...