A suspicious NuGet package designed to harvest data from industrial systems appears to be targeting developers who use technology from Chinese company Bozhon, ReversingLabs reports. Named SqzrFramework480 and published on the NuGet repository in January 2024, the package is a .NET library responsible for calibrating robotic movement settings, managing and creating GUIs, initializing and … [Read more...]
ZenHammer Attack Targets DRAM on Systems With AMD CPUs
Researchers at the ETH Zürich university in Switzerland have demonstrated that Rowhammer attacks can be conducted against dynamic random-access memory (DRAM) on systems powered by AMD Zen 2 and Zen 3 CPUs. First discussed in 2014, Rowhammer attacks involve repeatedly accessing a row of memory in an effort to cause bit flips in adjacent rows. An attacker could use this technique to bypass … [Read more...]
Greylock Makes $10M Bet on Bedrock Security
Silicon Valley startup Bedrock Security has deposited $10 million in seed-stage funding to work on technology to help companies manage risk introduced by cloud and generative-AI products. The company said the funding round was led by Greylock Partners. Bedrock is building technology to help corporate defenders to continuously discover, manage, and protect sensitive data. The Menlo Park company … [Read more...]
Apple Patches Code Execution Vulnerability in iOS, macOS
Apple has released fresh security updates for iOS and macOS devices to resolve an arbitrary code execution vulnerability. The issue, tracked as CVE-2024-1580 and described as an integer overflow leading to out-of-bounds write, impacts the CoreMedia and WebRTC components of both iOS and macOS and could be triggered during image processing. The security defect is not specific to Apple’s products, … [Read more...]
US Government Urges Software Makers to Eliminate SQL Injection Vulnerabilities
The US cybersecurity agency CISA and the FBI on Monday published a ‘secure-by-design’ alert urging organizations to review their software products to eliminate SQL injection vulnerabilities. Also referred to as SQLi, SQL injection flaws represent a persistent class of security defects in commercial software, despite extensive documentation and the existence of effective mitigations. Products … [Read more...]
Recent Fortinet FortiClient EMS Vulnerability Exploited in Attacks
The US cybersecurity agency CISA is warning organizations that a recently disclosed Fortinet FortiClient Enterprise Management Server (EMS) vulnerability tracked as CVE-2023-48788 is being exploited in attacks. The vulnerability affecting the enterprise endpoint management solution has been described as a critical SQL injection bug that can be exploited by an unauthenticated attacker to execute … [Read more...]
UK, New Zealand Accuse China of Cyberattacks on Government Entities
After the UK called out Chinese hackers for targeting parliamentarians’ emails and the country’s Electoral Commission, New Zealand said it had also linked cyberattacks on its parliament to Chinese state-sponsored threat actors. On the same day that the US slapped fresh sanctions against two Chinese hackers and a China-based technology company serving as a front for malicious cyber … [Read more...]
US Treasury Slaps Sanctions on China-Linked APT31 Hackers
The US government on Monday announced a fresh round of sanctions against a pair of Chinese hackers it says are responsible for “malicious cyber operations targeting U.S. entities that operate within U.S. critical infrastructure sectors.” The Department of the Treasury’s Office of Foreign Assets Control (OFAC) said the sanctions also extend to a Wuhan, China-based technology company serving as a … [Read more...]
Leen Banks Early Stage Funding for Data Security Technology
Leen Security, a new company building technology to help reduce chaos in the data security space, has banked a $2.8 million pre-seed funding and outlined plans to create a unified data API for cybersecurity. The early stage startup said the financing was provided by 11.2 Capital, Inner Loop Capital and Preface Ventures. The company cited data showing that cybersecurity defenders use more than … [Read more...]
The OODA Loop: The Military Model That Speeds Up Cybersecurity Response
Time is a precious commodity especially in cybersecurity. Cybercriminals can be in and out of victim environments in less than 24 hours of initial access. Professional cybercriminals and advanced persistent threats (APTs) leverage zero-day vulnerabilities, easily rendering software developers clueless. When a cyberattack strikes, defenders have only minutes to detect and respond. The faster the … [Read more...]
Over 100 Organizations Targeted in Recent ‘StrelaStealer’ Attacks
Over 100 organizations in the US and EU have been targeted in recent large-scale phishing campaigns distributing the information stealer malware known as StrelaStealer, Palo Alto Networks reports. First documented in November 2022, StrelaStealer harvests credentials from the well-known email clients and sends them to an attacker-controlled command-and-control (C&C) server specified in the … [Read more...]
Top Python Developers Hacked in Sophisticated Supply Chain Attack
Multiple Python developers, including a maintainer of Top.gg, were infected with information-stealing malware after downloading a malicious clone of a highly popular tool, Checkmarx reports. Called Colorama, the utility makes ANSI escape character sequences work on Windows and has more than 150 million monthly downloads. To mount their supply chain attack, the hackers cloned the tool, inserted … [Read more...]
Mozilla Patches Firefox Zero-Days Exploited at Pwn2Own
Mozilla has released Firefox browser updates to patch two zero-day vulnerabilities that were exploited at the Pwn2Own Vancouver 2024 hacking contest last week. The issues, discovered by security researcher Manfred Paul, were chained together to escape the browser’s sandbox and execute code on the system. Tracked as CVE-2024-29943, the first vulnerability is described as an out-of-bounds access … [Read more...]
White House Nominates First Assistant Secretary of Defense for Cyber Policy
The White House has nominated Michael Sulmeyer as the first assistant secretary of defense for cyber policy at the Department of Defense. Sulmeyer has been the principal cyber advisor to the chief of staff and the secretary of the US Army since March 2022, providing advice on capabilities, readiness, strategy and other cyber-related matters. Prior to his role at the Army, Sulmeyer served … [Read more...]
Finite State Raises $20 Million to Grow Software Supply Chain Security Business
Software risk management firm Finite State announced on Friday that it has raised $20 million in growth funding in a round led by Energy Impact Partners (EIP). Founded in 2017, the Columbus, Ohio-based company provides cybersecurity controls at the firmware layer, in an attempt to secure the device supply chain and mitigate risks to OT and IT environments. The company’s platform provides SBOM … [Read more...]
German Authorities Shut Down Online Marketplace for Drugs, Data and Cybercrime Services
German authorities said Thursday they have taken down a major online marketplace for drugs, cybercrime services and fraudulently obtained credit card data. Investigators seized the Nemesis Market platform’s server infrastructure in Germany and Lithuania on Wednesday, as well as cryptocurrency worth 94,000 euros ($102,000), Germany’s Federal Criminal Police Office said in a joint statement with … [Read more...]
Russian APT29 Hackers Caught Targeting German Political Parties
Security researchers at Mandiant on Friday raised an alarm after discovering Russia’s APT29 hacking group targeting political parties in Germany, indicating a possible new operational focus beyond typical attacks on diplomatic figures. According to new documentation from Mandiant, hackers linked to Russia’s foreign intelligence service (SVR) have expanded their target base to hit German political … [Read more...]
UN Adopts Resolution Backing Efforts to Ensure Artificial Intelligence is Safe
The General Assembly approved the first United Nations resolution on artificial intelligence Thursday, giving global support to an international effort to ensure the powerful new technology benefits all nations, respects human rights and is “safe, secure and trustworthy.” The resolution, sponsored by the United States and co-sponsored by 123 countries, including China, was adopted by consensus … [Read more...]
Ransomware Group Takes Credit for Attack on Boat Dealer MarineMax
The Rhysida ransomware group has taken credit for the recent cyberattack on boat dealer MarineMax and is offering to sell data allegedly stolen from the company for a significant amount of money. MarineMax is one of the world’s largest retailers of recreational boats and yachts. The company has over 125 locations worldwide and nearly 4,000 employees, and it reported a revenue of more than $500 … [Read more...]
‘Brain Weasels’: Impostor Syndrome in Cybersecurity
I’ve spent a significant amount of time at cybersecurity conferences and networking events, in different Slack groups, and in both the go-to-market and more technical communities. There are several attributes that tie us together – namely our collective passion for solving complex problems in order to reduce harm – but one has stood out most prominently over the years: impostor syndrome. There are … [Read more...]