"ResumeLooters Target Job Search Sites in Extensive Data Heist"

"ResumeLooters Target Job Search Sites in Extensive Data Heist"

Group-IB researchers have discovered a malicious campaign aimed primarily at job search and retail websites of companies in the Asia-Pacific region. Between November and December 2023, the group called ResumeLooters successfully infected at least 65 websites using SQL injection and XSS attacks. Most victims were in India, Taiwan, Thailand, Vietnam, China, and Australia. The group has stolen several databases containing over 2 million different emails and other sensitive records. ResumeLooters then offered the stolen data for sale on Telegram channels.

Submitted by Gregory Rigby on

"Google Contributes $1 Million to Rust, Says It Prevented Hundreds of Android Vulnerabilities"

"Google Contributes $1 Million to Rust, Says It Prevented Hundreds of Android Vulnerabilities"

Google recently announced a grant of $1 million to the Rust Foundation, meant to help improve the interoperability between Rust and C++ code.  Google joined the Rust Foundation in 2021 for the same reason and has adopted the memory-safe programming language across Android and other Google products due to its benefits for addressing memory safety vulnerabilities.  Based on historical vulnerability density statistics, Google noted that Rust has proactively prevented hundreds of vulnerabilities from impacting the Android ecosystem.

Submitted by Adam Ekwall on

"Iran-Linked Hackers Claim Attack on Albania's Institute of Statistics"

"Iran-Linked Hackers Claim Attack on Albania's Institute of Statistics"

Homeland Justice, an Iran-linked hacking group that has previously targeted Albanian state agencies and businesses, has claimed responsibility for an attack on the country's Institute of Statistics (INSTAT). This institute is responsible for census data and other official statistics. The cyber incident affected INSTAT's official website and email service, forcing the agency to delay official statistics. INSTAT announced that the hackers did not access recent census data because it is stored in other systems dedicated to this purpose.

Submitted by Gregory Rigby on

"Canon Patches 7 Critical Vulnerabilities in Small Office Printers"

"Canon Patches 7 Critical Vulnerabilities in Small Office Printers"

Japanese electronics maker Canon recently announced software updates that patch seven critical-severity vulnerabilities impacting several small office printer models.  The issues, described as buffer overflow bugs, can be exploited over the network for remote code execution (RCE) or to cause the vulnerable product to become unresponsive.  The flaws are tracked as CVE-2023-6229 through CVE-2023-6234 and CVE-2024-0244.  According to Japan’s vulnerability information portal JVN, they have a CVSS score of 9.8.

Submitted by Adam Ekwall on

"Critical Remote Code Execution Vulnerability Patched in Android"

"Critical Remote Code Execution Vulnerability Patched in Android"

Google recently announced patches for 46 vulnerabilities in Android, including a critical severity bug leading to remote code execution.  The flaw tracked as CVE-2024-0031 and impacting Android Open Source Project (AOSP) versions 11, 12, 12L, 13, and 14 was identified in the platform’s System component.  Google noted that the most severe of these issues is a critical security vulnerability in the System component that could lead to remote code execution with no additional execution privileges needed.

Submitted by Adam Ekwall on

"Security in the Cyber City - Methods of Anomaly Detection for the Prevention and Detection of Cyberattacks"

"Security in the Cyber City - Methods of Anomaly Detection for the Prevention and Detection of Cyberattacks"

Researchers at the Thanthai Periyar Government Arts and Science College have proposed using system behavioral modeling as well as unattended or semi-supervised Machine Learning (ML) to help solve the cybersecurity problem in smart cities. According to the team, by training ML models on relevant datasets, security systems can better identify and mitigate cyber threats. An ongoing challenge is ensuring the reliability and completeness of those datasets so that anomalies can be detected confidently.

Submitted by Gregory Rigby on

"Audio-Jacking: Using Generative AI to Distort Live Audio Transactions"

"Audio-Jacking: Using Generative AI to Distort Live Audio Transactions"

The emergence of generative Artificial Intelligence (AI), such as text-to-image, text-to-speech, and Large Language Models (LLMs), has created new security challenges and risks. Threat actors are increasingly attempting to exploit LLMs to compose phishing emails and use generative AI, including fake voices, to scam victims. IBM researchers have presented a successful attempt to intercept and hijack a live conversation. They used LLMs to understand the conversation in order to manipulate the audio output. This attack would allow the adversary to manipulate an audio call's outcomes silently.

Submitted by Gregory Rigby on

"MIT Student Claims to Hack Apple Vision Pro on Launch Day"

"MIT Student Claims to Hack Apple Vision Pro on Launch Day"

Joseph Ravichandran, a Ph.D. student at the Massachusetts Institute of Technology (MIT) and an Apple Vision Pro user, says they have discovered vulnerabilities in the popular Augmented Reality (AR) headset. Ravichandran posted an image on X, formerly Twitter, showing what appears to be a Kernel exploit for Vision Pro. A Kernel exploit targets an operating system's core component that manages system resources and provides critical services to other system parts and user applications.

Submitted by Gregory Rigby on

"Google Supply Chain Bug Patched in Code-Testing Tool Bazel"

"Google Supply Chain Bug Patched in Code-Testing Tool Bazel"

A critical supply chain bug in Bazel, Google's open-source software development tool, allowed hackers to insert malicious code. The command injection vulnerability compromised the security of millions of Bazel-dependent projects, including Kubernetes, Angular, Uber, LinkedIn, Databricks, DropBox, Nvidia, and Google. Researchers at Cycode discovered the flaw in November 2023, and Google fixed it within seven days.

Submitted by Gregory Rigby on

"HopSkipDrive Says Personal Data of 155,000 Drivers Stolen in Data Breach"

"HopSkipDrive Says Personal Data of 155,000 Drivers Stolen in Data Breach"

Student rideshare startup HopSkipDrive has recently confirmed a data breach involving the personal data of more than 155,000 drivers.  Los Angeles-based HopSkipDrive offers an Uber-style rideshare service for children and teenagers.  HopSkipDrive said the stolen data included names, email and postal addresses, driver's license numbers, and other non-driver identification card numbers.  The company noted those affected include "people who drive on their platform or who applied to drive on their platform." Millum added that no customer data was accessed in the breach.

Submitted by Adam Ekwall on
Subscribe to