Pulse of Truth
- Sources: in early 2023, a hacker breached OpenAI's internal messaging systems and accessed product details; OpenAI told its staff, but not the public or the FBI (Cade Metz/New York Times)www.techmeme.com Sources: in early 2023, a hacker breached OpenAI's internal messaging systems and accessed product details; OpenAI told its staff, but not the public or the FBI
By Cade Metz / New York Times. View the full context on Techmeme.
Cade Metz / New York Times: Sources: in early 2023, a hacker breached OpenAI's internal messaging systems and accessed product details; OpenAI told its staff, but not the public or the FBI — A security breach at the maker of ChatGPT last year revealed internal discussions among researchers and other employees, but not the code behind OpenAI's systems.
- Hackers attack HFS servers to drop malware and Monero minerswww.bleepingcomputer.com Hackers attack HFS servers to drop malware and Monero miners
Hackers are targeting older versions of the HTTP File Server (HFS) from Rejetto to drop malware and cryptocurrency mining software.
Hackers are targeting older versions of the HTTP File Server (HFS) from Rejetto to drop malware and cryptocurrency mining software. [...]
- Ransomware scum who hit Indonesian government apologizes, hands over encryption keygo.theregister.com Hackers of Indonesian government apologize and give key
Brain Cipher was never getting the $8 million it demanded anyway
Brain Cipher was never getting the $8 million it demanded anyway Brain Cipher, the group responsible for hacking into Indonesia's Temporary National Data Center (PDNS) and disrupting the country's services, has seemingly apologized for its actions and released an encryption key to the government.…
- Researchers say GPS spoofing has impacted 60K+ commercial flights so far in 2024; GPS could become a relic as Chinese, Russian, and European systems modernize (New York Times)www.techmeme.com Researchers say GPS spoofing has impacted 60K+ commercial flights so far in 2024; GPS could become a relic as Chinese, Russian, and European systems modernize
From New York Times. View the full context on Techmeme.
New York Times: Researchers say GPS spoofing has impacted 60K+ commercial flights so far in 2024; GPS could become a relic as Chinese, Russian, and European systems modernize — The Global Positioning System runs the modern world. — But it is under daily attack. — This year alone, researchers say …
- Hackers abused API to verify millions of Authy MFA phone numberswww.bleepingcomputer.com Hackers abused API to verify millions of Authy MFA phone numbers
Twilio has confirmed that an unsecured API endpoint allowed threat actors to verify the phone numbers of millions of Authy multi-factor authentication users, potentially making them vulnerable to SMS phishing and SIM swapping attacks.
Twilio has confirmed that an unsecured API endpoint allowed threat actors to verify the phone numbers of millions of Authy multi-factor authentication users, potentially making them vulnerable to SMS phishing and SIM swapping attacks. [...]
- Linux Defense Evasion Techniques Detected by AhnLab EDR (2)asec.ahnlab.com Linux Defense Evasion Techniques Detected by AhnLab EDR (2) - ASEC BLOG
The blog post “Linux Defense Evasion Techniques Detected by AhnLab EDR (1)” [1] covered methods where the threat actors and malware strains attacked Linux servers before incapacitating security services such as firewalls and security modules and then concealing the installed malware. This post will ...
The blog post “Linux Defense Evasion Techniques Detected by AhnLab EDR (1)” [1] covered methods where the threat actors and malware strains attacked Linux servers before incapacitating security services such as firewalls and security modules and then concealing the installed malware. This post will cover additional defense evasion techniques against Linux systems not covered in the past post. For example, methods of concealing malware include having the running malware delete itself to not be noticed by an administrator, or deleting... The post Linux Defense Evasion Techniques Detected by AhnLab EDR (2) appeared first on ASEC BLOG.
- Children's Hospital Notifies 800,000 of Data Theft in Attackwww.bankinfosecurity.com Children's Hospital Notifies 800,000 of Data Theft in Attack
A Chicago pediatrics hospital is notifying nearly 800,000 people that their information was compromised in a ransomware attack earlier this year. Cybercrime group
Chicago Pediatrics Center Refused to Pay Ransom to Rhysida Cybercrime GroupA Chicago pediatrics hospital is notifying nearly 800,000 people that their information was compromised in a ransomware attack earlier this year. Cybercrime group Rhysida had demanded a $3.4 million ransom for data it claims to have stolen in the incident. The hospital said it did not pay.
- Europol takes down 593 Cobalt Strike servers used by cybercriminalswww.bleepingcomputer.com Europol takes down 593 Cobalt Strike servers used by cybercriminals
Europol coordinated a joint law enforcement action known as Operation Morpheus, which led to the takedown of almost 600 Cobalt Strike servers used by cybercriminals to infiltrate victims' networks.
Europol coordinated a joint law enforcement action known as Operation Morpheus, which led to the takedown of almost 600 Cobalt Strike servers used by cybercriminals to infiltrate victims' networks. [...]
- Ransomware attack on Patelco Credit Union causes confusion ahead of holiday weekendtherecord.media Ransomware attack on Patelco Credit Union causes confusion ahead of holiday weekend
California-based Patelco Credit Union, one of the largest in the U.S., says members can expect intermittent outages at ATMs and other disruptions.
- Fear and Silence: 50% of Employees Hesitant to Report Security Errorswww.itsecurityguru.org Fear and Silence: 50% of Employees Hesitant to Report Security Errors
Despite the growing implementation of security awareness training, recent research indicates that over half of cybersecurity professionals are concerned about s
Despite the growing implementation of security awareness training, recent research indicates that over half of cybersecurity professionals are concerned about security behaviours within their organisations. Key Findings from the Survey A survey conducted by ThinkCyber has revealed significant insights into attitudes towards security awareness training. Participants were asked to identify the security behaviours that posed […] The post Fear and Silence: 50% of Employees Hesitant to Report Security Errors first appeared on IT Security Guru. The post Fear and Silence: 50% of Employees Hesitant to Report Security Errors appeared first on IT Security Guru.
- Record Breaking DDoS Attack 840 Mpps Attack Spotted
The DDoS attacks have evolved tremendously since 2016, with Mirai-like botnets setting new records. Attack frequency and intensity increased notably in 2023, with 1+ Tbps attacks almost becoming daily by 2024. Cybersecurity researchers at OVHcloud spotted record-breaking DDoS attacks of 840 Mpps and asserted that peaks of ~2.5 Tbps were also observed. Record-Breaking DDoS Attack […] The post Record Breaking DDoS Attack 840 Mpps Attack Spotted appeared first on Cyber Security News.
- OVHcloud blames record-breaking DDoS attack on MikroTik botnetwww.bleepingcomputer.com OVHcloud blames record-breaking DDoS attack on MikroTik botnet
OVHcloud, a global cloud services provider and one of the largest of its kind in Europe, says it mitigated a record-breaking distributed denial of service (DDoS) attack earlier this year that reached an unprecedented packet rate of 840 million packets per second (Mpps).
OVHcloud, a global cloud services provider and one of the largest of its kind in Europe, says it mitigated a record-breaking distributed denial of service (DDoS) attack earlier this year that reached an unprecedented packet rate of 840 million packets per second (Mpps). [...]
- Almost Every Apple Device Vulnerable To CocoaPods Supply Chain Attackpacketstormsecurity.com 'Almost every Apple device' vulnerable to CocoaPods
Dependency manager used in millions of apps leaves a bitter taste
- Feds Hit Health Entity With $950K Fine in Ransomware Attackwww.bankinfosecurity.com Feds Hit Health Entity With $950K Fine in Ransomware Attack
The U.S. Department of Health and Human Services has hit a Pennsylvania-based healthcare system with a $950,000 settlement for potential HIPAA violations found
Settlement Is Another Signal of HHS OCR's Latest Enforcement PriorityThe U.S. Department of Health and Human Services has hit a Pennsylvania-based healthcare system with a $950,000 settlement for potential HIPAA violations found during an investigation into a 2017 ransomware attack. It's HHS' third HIPAA enforcement action in a ransomware case so far.
- Verizon slapped with $847m patent paymentwww.datacenterdynamics.com Verizon slapped with $847m patent payment
Texas jury found the carrier guilty of 5G and hotspot infringements
Texas jury found the carrier guilty of 5G and hotspot infringements
- Meta’s ‘Pay or Consent’ Data Model Breaches EU Lawwww.infosecurity-magazine.com Meta’s ‘Pay or Consent’ Data Model Breaches EU Law
The EU Commission said Meta’s pay or consent model means users cannot freely consent to their personal data being collected for advertising purposes
The EU Commission said Meta’s pay or consent model means users cannot freely consent to their personal data being collected for advertising purposes
- Companies spend more on cybersecurity but struggle to track expenseswww.helpnetsecurity.com Companies spend more on cybersecurity but struggle to track expenses - Help Net Security
Despite increasing budgets, only 36% of organizations have a formal approach to determining cybersecurity budgets.
Most companies do not know how effectively they are investing money to fight the cybersecurity threat, according to Optiv. Cybersecurity budgets are increasing and cyber incidents are rampant, and yet only a small percentage of respondents have a formal approach to determining cybersecurity budgets, which can lead to inefficiencies and missed opportunities to address critical security gaps. Lack of formal approach to cybersecurity budgets Based on an independent Ponemon Institute survey, the report reveals a … More → The post Companies spend more on cybersecurity but struggle to track expenses appeared first on Help Net Security.
- USN-6862-1: Firefox vulnerabilitiesubuntu.com USN-6862-1: Firefox vulnerabilities | Ubuntu security notices | Ubuntu
Ubuntu is an open source software operating system that runs from the desktop, to the cloud, to all your internet connected things.
Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-5689, CVE-2024-5690, CVE-2024-5691, CVE-2024-5693, CVE-2024-5697, CVE-2024-5698, CVE-2024-5699, CVE-2024-5700, CVE-2024-5701)
Lukas Bernhard discovered that Firefox did not properly manage memory during garbage collection. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. (CVE-2024-5688)
Lukas Bernhard discovered that Firefox did not properly manage memory in the JavaScript engine. An attacker could potentially exploit this issue to obtain sensitive information. (CVE-2024-5694)
Irvan Kurniawan discovered that Firefox did not properly handle certain allocations in the probabilistic heap checker. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-5695)
Irvan Kurniawan discovered that Firefox did not properly handle certain text fragments in input tags. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2024-5696)
- Wise confirms impact from Evolve Bank breachwww.scmagazine.com Wise confirms impact from Evolve Bank breach
Global fintech and money transfer company Wise has confirmed the compromise of some of its customers' data as a result of the LockBit ransomware attack against U.S. banking-as-a-service provider Evolve Bank & Trust, with which it has shared USD account information between 2020 and 2023, TechCrunch r...
Global fintech and money transfer company Wise has confirmed the compromise of some of its customers' data as a result of the LockBit ransomware attack against U.S. banking-as-a-service provider Evolve Bank & Trust, with which it has shared USD account information between 2020 and 2023, TechCrunch reports.
- Splunk Patches High-Severity Vulnerabilities In Enterprise Productpacketstormsecurity.com Splunk Patches High-Severity Vulnerabilities in Enterprise Product
Splunk has patched multiple vulnerabilities in Splunk Enterprise, including high-severity remote code execution bugs.
- New InnoSetup Malware posing As MS Office Crack To Evade detection
A new malware strain disguised as cracks and commercial tools utilizes a just-in-time generation tactic, and upon a download request, a unique malware variant with the same functionalities is created for the user, which allows the malware to evade detection based on pre-compiled hashes.   The malware leverages an installer UI to delay malicious actions until […] The post New InnoSetup Malware posing As MS Office Crack To Evade detection appeared first on Cyber Security News.
- Now The EU Council Should Finally Understand: No One Wants “Chat Control”www.eff.org Now The EU Council Should Finally Understand: No One Wants “Chat Control”
The EU Council has now passed a 4th term without passing its controversial message-scanning proposal. The just-concluded Belgian Presidency failed to broker a deal that would push forward this regulation, which has now been debated in the EU for more than two years. For all those who have reached...
The EU Council has now passed a 4th term without passing its controversial message-scanning proposal. The just-concluded Belgian Presidency failed to broker a deal that would push forward this regulation, which has now been debated in the EU for more than two years. For all those who have reached out to sign the “Don’t Scan Me” petition, thank you—your voice is being heard. News reports indicate the sponsors of this flawed proposal withdrew it because they couldn’t get a majority of member states to support it. Now, it’s time to stop attempting to compromise encryption in the name of public safety. EFF has opposed this legislation from the start. Today, we’ve published a statement, along with EU civil society groups, explaining why this flawed proposal should be withdrawn. The scanning proposal would create “detection orders” that allow for messages, files, and photos from hundreds of millions of users around the world to be compared to government databases of child abuse images. At some points during the debate, EU officials even suggested using AI to scan text conversations and predict who would engage in child abuse. That’s one of the reasons why some opponents have labeled the proposal “chat control.” There’s scant public support for government file-scanning systems that break encryption. Nor is there support in EU law. People who need secure communications the most—lawyers, journalists, human rights workers, political[...]
- Affirm says cardholders impacted by Evolve Bank data breachwww.bleepingcomputer.com Affirm says cardholders impacted by Evolve Bank data breach
Buy now, pay later loan company Affirm is warning that holders of its payment cards had their personal information exposed due to a data breach at its third-party issuer, Evolve Bank & Trust (Evolve).
Buy now, pay later loan company Affirm is warning that holders of its payment cards had their personal information exposed due to a data breach at its third-party issuer, Evolve Bank & Trust (Evolve). [...]
- Traeger Grill D2 Wi-Fi Controller, Version 2.02.04bishopfox.com Traeger Grill D2 Wi-Fi Controller, Version 2.02.04 Advisory
Discover critical vulnerabilities in the Traeger Grill D2 Wi-Fi Controller that could impact your grill's security. Read our advisory.
Discover critical vulnerabilities in the Traeger Grill D2 Wi-Fi Controller that could impact your grill's security. Read our advisory to learn about the issues identified.
- A look at a US State Department program to train diplomats in cybersecurity, privacy, and other tech issues, allowing them to spot threats and advance US policy (Eric Geller/Wired)www.techmeme.com A look at a US State Department program to train diplomats in cybersecurity, privacy, and other tech issues, to help spot threats and advance US policy abroad
By Eric Geller / Wired. View the full context on Techmeme.
Eric Geller / Wired: A look at a US State Department program to train diplomats in cybersecurity, privacy, and other tech issues, allowing them to spot threats and advance US policy — The US State Department is training diplomats in cybersecurity, privacy, telecommunications, and other technology issues, allowing them to advance US policy abroad.
- Baddies hijack Korean ERP vendor's update systems to spew malwarego.theregister.com Korean ERP vendor's update systems subverted to spew malware
Notorious 'Andariel' crew takes a bite of HotCroissant backdoor for fresh attack
Notorious 'Andariel' crew takes a bite of HotCroissant backdoor for fresh attack A South Korean ERP vendor's product update server has been attacked and used to deliver malware instead of product updates, according to local infosec outfit AhnLab.…
- Brain Cipher Released Decryption Keys for Free, Apologies to Indonesia
The notorious hacking group Brain Cipher has released decryption keys for free, allowing victims to recover their encrypted data without paying a ransom. This unexpected move has left cybersecurity experts and affected organizations scrambling to understand the implications. "Is Your System Under Attack? Try Cynet XDR: Automated Detection & Response for Endpoints, Networks, & Users!"- Free […] The post Brain Cipher Released Decryption Keys for Free, Apologies to Indonesia appeared first on Cyber Security News.
- Do you still need to pay for antivirus software in 2024?www.zdnet.com Do you still need to pay for antivirus software in 2024?
Landlines. Checkbooks. AM radio. Let's add third-party antivirus software to the list of things you can stop using.
Landlines. Checkbooks. AM radio. Let's add third-party antivirus software to the list of things you can stop using.
- Nasty regreSSHion bug in OpenSSH puts around 700K Linux boxes at riskgo.theregister.com Nasty regreSSHion bug affects around 700K Linux systems
Full system takeovers on the cards, for those with enough patience to pull it off
Full system takeovers on the cards, for those with enough patience to pull it off Glibc-based Linux systems are vulnerable to a new bug (CVE-2024-6387) in OpenSSH's server (sshd) and should upgrade to the latest version.…
- OpenSSH 9.8p1
This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.
- New Skimmer Malware Attacking E-commerce WebSites To Steal Credit Card Data
Researchers identified a new variant of credit card skimming attack, the Caesar Cipher Skimmer, targeting multiple content management systems (CMS), including WordPress, Magento, and OpenCart.  The skimmer specifically targets the checkout process, injecting malicious code into the checkout PHP file, as the attack leverages obfuscated strings and a Caesar Cipher technique to hide its malicious […] The post New Skimmer Malware Attacking E-commerce WebSites To Steal Credit Card Data appeared first on Cyber Security News.
- Quantum is unimportant to post-quantumblog.trailofbits.com Quantum is unimportant to post-quantum
By Opal Wright You might be hearing a lot about post-quantum (PQ) cryptography lately, and it’s easy to wonder why it’s such a big deal when nobody has actually seen a quantum computer.…
Comments
- SEC tries to expand crypto jurisdiction with Consensys lawsuitprotos.com SEC tries to expand crypto jurisdiction with Consensys lawsuit
The SEC has filed a lawsuit against Consensys alleging its MetaMask swaps service makes it an unregistered broker.
The SEC has filed a lawsuit against Consensys alleging its MetaMask swaps service makes it an unregistered broker. The post SEC tries to expand crypto jurisdiction with Consensys lawsuit appeared first on Protos.
- IBM Consulting partners with Microsoft to help clients modernize security operationswww.helpnetsecurity.com IBM Consulting partners with Microsoft to help clients modernize security operations - Help Net Security
IBM Consulting and Microsoft collaborate to help clients modernize security operations and protect against cloud identity threats.
IBM Consulting and Microsoft announce strengthened cybersecurity collaboration to help clients simplify and modernize their security operations, and manage and protect their hybrid cloud identities. As organizations embrace hybrid cloud and AI to drive innovation, they require advanced security capabilities to protect their most valuable data. By combining IBM Consulting’s cybersecurity services with Microsoft’s comprehensive security technology portfolio, the two companies are providing clients the tools and expertise needed to help them simplify and modernize … More → The post IBM Consulting partners with Microsoft to help clients modernize security operations appeared first on Help Net Security.
- The US finalizes rules requiring custodial crypto platforms to report user transaction info to the IRS; DeFi platforms are exempt amid fierce crypto lobbying (Paul Kiernan/Wall Street Journal)www.techmeme.com The US finalizes rules requiring custodial crypto platforms to report user transaction info to the IRS; DeFi platforms are exempt amid fierce crypto lobbying
By Paul Kiernan / Wall Street Journal. View the full context on Techmeme.
Paul Kiernan / Wall Street Journal: The US finalizes rules requiring custodial crypto platforms to report user transaction info to the IRS; DeFi platforms are exempt amid fierce crypto lobbying — Treasury finalizes rules to deter crypto tax evasion—but softens them after industry lobbying push
- Hackers exploit critical D-Link DIR-859 router flaw to steal passwordswww.bleepingcomputer.com Hackers exploit critical D-Link DIR-859 router flaw to steal passwords
Hackers are exploiting a critical vulnerability that affects all D-Link DIR-859 WiFi routers to collect account information from the device, including passwords.
Hackers are exploiting a critical vulnerability that affects all D-Link DIR-859 WiFi routers to collect account information from the device, including passwords. [...]
- Interpol Arrests Thousands in Crackdown on International Online Scamsgizmodo.com Interpol Arrests Thousands in Crackdown on International Online Scams
Americans lost $10 billion to fraud in 2023, with $1.4 billion worth starting on social media, according to the FTC.
Police around the world have arrested 3,950 people and seized assets totaling $257 million in a coordinated effort to crack down on online scams, according to a news release Thursday from Interpol. Dubbed Operation First Light 2024, the scammers engaged in a variety of online crimes, including phishing, investment…Read more...
- Microsoft hits snooze again on security certificate renewalgo.theregister.com Microsoft hits snooze again on security certificate renewal
Seeing weird warnings in Microsoft 365 and Office Online? That'll be why
Seeing weird warnings in Microsoft 365 and Office Online? That'll be why Microsoft has expiration issues with its TLS certificates, resulting in unwanted security warnings.…
- Microsoft’s AI boss thinks it’s perfectly OK to steal content if it’s on the open webwww.theverge.com Microsoft’s AI boss thinks it’s perfectly OK to steal content if it’s on the open web
That is not how fair use works.
Photo by Riccardo Savi/Getty Images for Concordia Summit
Microsoft AI boss Mustafa Suleyman incorrectly believes that the moment you publish anything on the open web, it becomes “freeware” that anyone can freely copy and use. When CNBC’s Andrew Ross Sorkin asked him whether “AI companies have effectively stolen the world’s IP,” he said: I think that with respect to content that’s already on the open web, the social contract of that content since the ‘90s has been that it is fair use. Anyone can copy it, recreate with it, reproduce with it. That has been “freeware,” if you like, that’s been the understanding.
Microsoft AI CEO Mustafa Suleyman: the social contract for content that is on the open web is that it's "freeware" for training AI models pic.twitter.com/FN1xrqnJC0— Tsarathustra...
Continue reading…
- Microsoft Tells Texas Agencies They Were Exposed in Russian Hackwww.bloomberg.com Microsoft Tells Texas Agencies They Were Exposed in Russian Hack
Microsoft Corp. has told more than a dozen state agencies and public universities in Texas that Russian state-sponsored hackers accessed emails between them and the software giant.
Microsoft Corp. has told more than a dozen state agencies and public universities in Texas that Russian state-sponsored hackers accessed emails between them and the software giant.