Security researchers at Security Research (SR) Labs have warned online shoppers to be on their guard after revealing news of an extensive network of fake e-commerce stores designed to steal victims’ card details and cash. Operated primarily from China, the researchers noted that the BogusBazaar network has processed over one million orders since 2021. The researchers estimated that over 850,000 shoppers have already fallen victim, mostly from Western Europe and the US.

Several vulnerabilities in cellular modem technology impact millions of Internet of Things (IoT) devices in financial services, telecommunications, healthcare, and other sectors. Telit Cinterion modems have Remote Code Execution (RCE) flaws. The most severe is a memory heap overflow vulnerability that lets remote attackers execute arbitrary code via SMS on affected devices. This article continues to discuss the vulnerabilities found in widely deployed Telit Cinterion modems.

A well-known threat actor is starting to sell what they claim to be a legitimate trove of highly sensitive internal data stolen from Europol this month. "IntelBroker" recently took to the hacking site BreachForums to advertise their wares. IntelBroker claimed that in May 2024, Europol suffered a data breach that led to the exposure of FOUO and classified data.

According to a Joint Cybersecurity Advisory (CSA) issued by the Cybersecurity and Infrastructure Security Agency (CISA), the Department of Health and Human Services (HHS), and the Multi-State Information Sharing and Analysis Center (MS-ISAC), the Black Basta ransomware group and its affiliates compromised hundreds of organizations worldwide between April 2022 and May 2024. The advisory claims that Black Basta attacks have impacted more than 500 organizations in North America, Europe, and Australia.

Researchers from North Carolina State University have demonstrated a new tool called "VFCFinder" that analyzes open source software updates to determine which sections of code are being modified to address recently identified security vulnerabilities. VFCFinder should help programmers quickly and easily identify security updates needed to prevent vulnerabilities without making unnecessary changes. This article continues to discuss the research and benefits behind the VFCFinder tool.

Attackers can manipulate routing tables to bypass traffic meant for a Virtual Private Network (VPN) and redirect it to an untrusted local network using a technique called "TunnelVision." It involves the exploitation of a Dynamic Host Configuration Protocol (DHCP) design flaw. According to researchers at the Leviathan Security Group, this technique does not rely on exploiting VPN technologies or underlying protocols. Instead, it works entirely independently of the VPN provider or implementation.

As more children use Virtual Reality (VR) apps, new research suggests that few parents understand VR technologies' security and privacy risks. According to the study, few parents actively address security and privacy issues. North Carolina State University researchers interviewed 20 parents with children under 18 who use VR apps.

Cornell Tech's Security, Trust, and Safety (SETS) Initiative will guide new teaching, research, engagement, and entrepreneurial activities aimed at addressing critical problems posed by unsafe digital technologies to societies globally. SETS will delve into topics, including foundational theory on computer security and privacy, as well as emerging threats to online safety. Industry practitioners must understand generative Artificial Intelligence (AI) as a vector for abuse and a way to mitigate it.

The Sysdig Threat Research Team (TRT) has discovered "LLMjacking," a new cyberattack that targets cloud-hosted Large Language Model (LLM) services using stolen cloud credentials. Attackers used a vulnerable version of Laravel to access these credentials. Previous discussions regarding LLM-based Artificial Intelligence (AI) systems have focused on prompt abuse and altering training data. The LLMjacking attack sought to sell LLM access to other cybercriminals, with the legitimate cloud account owner bearing the costs.

The US Cybersecurity and Infrastructure Security Agency (CISA) has announced a new project aimed at adding important information to CVE records in order to help organizations improve vulnerability management. The "Vulnrichment" project enriches public CVE records with Common Platform Enumeration (CPE), Common Vulnerability Scoring System (CVSS), Common Weakness Enumeration (CWE), and Known Exploited Vulnerabilities (KEV) data. CISA has already enriched 1,300 CVEs, especially new and recent ones.