Evidence suggests that a Chinese cyberespionage group had been exploiting a recent VMware vCenter Server vulnerability as a zero-day since 2021, Mandiant reports. The flaw, tracked as CVE-2023-34048 (CVSS score of 9.8), is an out-of-bounds write bug in VMware’s implementation of the DCERPC protocol that could allow an attacker with network access to execute arbitrary code remotely. VMware released … [Read more...]
France Fines Yahoo 10 Mn Euros Over Cookie Abuses
France’s data protection watchdog said Thursday that it had fined Yahoo 10 million euros for not respecting users’ refusals of internet-tracking “cookies” or implying they would lose access to email accounts if they did. The fine imposed in December, equivalent to $10.9 million, came after the CNIL authority received complaints and carried out investigations in October 2020 and June 2021. It found … [Read more...]
In Other News: WhatsApp Privacy Issue, Spying via Ambient Light Sensor, Bigpanzi Botnet
SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar. We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape. Each week, we will curate and present a collection of noteworthy … [Read more...]
Microsoft Says Russian Gov Hackers Stole Email Data from Senior Execs
A Russian government-backed hacking team successfully hacked into Microsoft’s corporate network and stole emails and attachments from senior executives and targets in the cybersecurity and legal departments, the company disclosed late Friday. The Redmond, Wash. software giant said the APT group, known as Midnight Blizzard/Nobelium, used a password spray attack to compromise a legacy non-production … [Read more...]
CISA Issues Emergency Directive on Ivanti Zero-Days
The US government’s cybersecurity agency CISA is ramping up the pressure on organizations to urgently mitigate a pair of critical vulnerabilities in Ivanti Connect Secure VPN devices. The CISA missive sets strict deadlines for Federal Civilian Executive Branch (FCEB) agencies running Ivanti Connect Secure and Ivanti Policy Secure to apply available mitigations, hunt for infections and share … [Read more...]
Critical Vulnerabilities Found in Open Source AI/ML Platforms
Over the past month, members of the Huntr bug bounty platform for artificial intelligence (AI) and machine learning (ML) have identified multiple severe vulnerabilities in popular solutions such as MLflow, ClearML, and Hugging Face. With a CVSS score of 10, the most severe of the identified issues are four critical issues in MLflow, a platform for streamlining ML development that offers a set of … [Read more...]
US Charges Russian Involved in 2013 Hacking of Neiman Marcus, Michaels
The US Justice Department this week announced separate charges against two Russian nationals accused of being involved in cybercriminal activities, including a man allegedly involved in the 2013 hacking of retailers Michaels and Neiman Marcus. One of the indicted individuals is Aleksey Timofeyevich Stroganov, also known as Aleksei Stroganov, Flint, Flint24, Gursky Oleg, and Oleg Gurskiy. He and … [Read more...]
VF Corp Says Data Breach Resulting From Ransomware Attack Impacts 35 Million
The personal information of 35.5 million customers was stolen in a ransomware attack in December 2023, apparel and footwear brands owner and operator VF Corporation revealed on Thursday. In mid-December, the Denver, Colorado-based company, which owns brands such as Dickies, The North Face, Smartwool, Timberland, and Vans, announced that it took certain systems offline in response to a ransomware … [Read more...]
US Gov Publishes Cybersecurity Guidance for Water and Wastewater Utilities
The US government on Thursday published new guidance aimed at helping organizations in the water and wastewater (WWS) sector improve their cyber resilience and incident response capabilities. Released in response to an increased interest by financially and politically motivated threat actors in the United States’ WWS sector, the guide outlines how water utility owners and operators can interact … [Read more...]
Ivanti EPMM Vulnerability Targeted in Attacks as Exploitation of VPN Flaws Increases
The number of Ivanti Connect Secure VPN appliances compromised through the exploitation of two recently disclosed vulnerabilities is increasing, and the US security agency CISA warns that another Ivanti product flaw is being exploited. Threat intelligence and incident response firm Volexity reported on January 10 that a cyberespionage group linked to China (UTA0178) had been spotted exploiting two … [Read more...]
VMware vCenter Server Vulnerability Exploited in Wild
VMware is warning customers that CVE-2023-34048, a critical vCenter Server vulnerability patched in October 2023, is being exploited in the wild. CVE-2023-34048 has been described as an out-of-bounds write issue related to the implementation of the DCERPC protocol. It can allow an attacker who has network access to vCenter Server to remotely execute arbitrary code. The issue, discovered by Grigory … [Read more...]
Top Official Says Kansas Courts Need at Least $2.6 Million to Recover From Cyberattack
The Kansas court system needs at least $2.6 million in additional funds to recover from an October cyberattack that prevented the electronic filing of documents and blocked online access to records for weeks, the state’s top judicial official told legislators Tuesday. State Supreme Court Chief Justice Marla Luckert included the figure in a written statement ahead of her testimony before a joint … [Read more...]
Unpatched Rapid SCADA Vulnerabilities Expose Industrial Organizations to Attacks
The Rapid SCADA open source industrial automation platform is affected by several vulnerabilities that could allow hackers to gain access to sensitive industrial systems, but the flaws remain unpatched. The US cybersecurity agency CISA published an advisory last week to inform industrial organizations about seven vulnerabilities discovered by Claroty researchers in Rapid SCADA. Rapid SCADA … [Read more...]
Software Supply Chain Security Startup Kusari Raises $8 Million
Software supply chain security startup Kusari today announced that it has raised $8 million in combined pre-seed and seed funding. The seed funding round was led by J2 Ventures and co-led by Glasswing Ventures, with participation from previous investor Unusual Ventures. The Ridgefield, Connecticut-based firm was founded in 2022 by members of the Open Source Security Foundation (OpenSSF) and CNCF, … [Read more...]
Russian APT Known for Phishing Attacks Is Also Developing Malware, Google Warns
A Russian threat group named ColdRiver, which is known for its phishing attacks, has also been developing custom malware, Google warned on Thursday. The internet giant has shared indicators of compromise (IoCs) and YARA rules to help defenders detect and analyze the threat. ColdRiver is tracked by other companies as Star Blizzard, Callisto Group, BlueCharlie, TA446, and Dancing Salome. The … [Read more...]
Energy Department to Invest $30 Million in Clean Energy Cybersecurity Solutions
The US Department of Energy (DoE) on Wednesday announced plans to invest $30 million in projects aimed at securing the clean energy infrastructure against cyber threats. Meant to support the research, development, and demonstration (RD&D) of innovative cybersecurity tools, the federal funding is provided as part of the Biden-Harris administration’s efforts to improve the country’s energy and … [Read more...]
Oleria Secures $33M Investment to Grow ID Authentication Business
Seattle identity and authentication startup Oleria has attracted renewed interest from venture capital investors. The company, which was founded by former Salesforce CISO Jim Alkove, has scored a $33 million Series A round to continue work on technology in the adaptive and autonomous identity security space. Oleria said the newest financing was led by Evolution Equity Partners. Previous … [Read more...]
List Containing Millions of Credentials Distributed on Hacking Forum, but Passwords Old
A credential stuffing list containing more than 70 million unique email addresses was found on a popular hacking forum, reveals Australian researcher Troy Hunt, who runs the Have I Been Pwned data breach notification service. The list, named Naz.API, is 104 gigabytes in size, being composed of 319 files containing email addresses and associated passwords, along with the websites they are used … [Read more...]
Customer Information of Toyota Insurance Company Exposed Due to Misconfigurations
A series of misconfigurations and security vulnerabilities allowed a researcher to access customer information stored in an email account at Toyota Tsusho Insurance Broker India (TTIBI). The unauthorized access, US-based researcher Eaton Zveare explains, was possible because the TTIBI site had a dedicated Eicher Motors subdomain, with a premium calculator. TTIBI is an insurance broker under the … [Read more...]
Outsmarting Ransomware’s New Playbook
The cybersecurity landscape of 2024 presents an evolving challenge for professionals, particularly in the realm of ransomware. The emerging threats demand not only a strategic realignment in defense mechanisms but also an understanding of the legal implications of these cyberattacks. Ransomware operations continue to transform, beginning to move away from traditional encryption-based “denial of … [Read more...]
- « Previous Page
- 1
- …
- 34
- 35
- 36
- 37
- 38
- …
- 141
- Next Page »