Security researchers at Barracuda Networks have discovered a new sophisticated phishing attack featuring a stealthy infostealer malware that exfiltrates a wide range of sensitive data.  The researchers noted that the infostealer is engineered to collect comprehensive browser information and files. It extracts MasterKeys from browsers such as Chrome, Edge, Yandex, and Brave and captures session cookies, saved passwords, credit card information, and browser histories.

The "Gcore Radar Report" for the first half of 2024 details Distributed Denial-of-Service (DDoS) attack data, showing attack patterns and cyber threats. According to the report, DDoS attacks increased 46 percent in the first half of 2024 to 445K. Peak attack power rose as the most powerful DDoS attack was 1.7 Tbps compared to 2023's 1.6 Tbps attack. Although the increase in power is only 0.1 Tbps in a year, it is still a significant threat. This article continues to discuss key takeaways from the Gcore Radar Report.

In a study, researchers from Stanford University and the CISPA Helmholtz Center for Information Security highlighted that over the past three years, 280 million Chrome extension installs contained malware. Many of these malicious extensions have been available in the Chrome store for a long time. Extensions with malware have lasted over a year (380 days), and those with vulnerable code have lasted over 1,248 days. Such extensions can steal plain-text passwords, drain bank accounts, and more. This article continues to discuss the threat of browser backdoors.

According to a new report from Palo Alto Networks' Unit 42, organizations are introducing over 300 new services monthly, making up about 32 percent of high or critical cloud exposures. The company warned that the rapid expansion of digital services is making the cybersecurity landscape increasingly complex. It is becoming more difficult for businesses and government entities to keep an accurate inventory of their Information Technology (IT) assets, which attackers gravitate toward.

Tenable researchers found vulnerabilities in Microsoft's Azure Health Bot Service that threat actors could have used to access sensitive data. Healthcare organizations can build and deploy Artificial Intelligence (AI)-powered virtual health assistants using the Azure Health Bot Service. Some of these chatbots may need access to sensitive patient information to do their jobs. Tenable discovered a data connection feature that lets bots interact with external data sources.

The Computer Emergency Response Team of Ukraine (CERT-UA) recently announced that more than 100 Ukrainian government computers have been compromised following a mass phishing campaign.  It was noted that the attackers impersonated the Security Service of Ukraine in the emails to lure targets into clicking on a malicious link that leads to ANONVNC malware being downloaded onto the device.

A team of researchers from Germany's CISPA Helmholtz Center for Information Security discovered an architectural flaw, codenamed "GhostWrite," affecting the Chinese chip company T-Head's XuanTie C910 and C920 RISC-V CPUs. Attackers could exploit the bug to gain unrestricted access to vulnerable devices. The GhostWrite vulnerability is a direct CPU bug embedded in the hardware instead of a side-channel or transient execution attack.

The most successful team in DEF CON's Capture-the-Flag (CTF) competition history, Carnegie Mellon University's (CMU) "Plaid Parliament of Pwning" (PPP), won its third consecutive title, earning its eighth victory. DEF CON's flagship competition gathers cybersecurity professionals, researchers, and students to break each other's systems, steal virtual flags, and accumulate points while protecting their own systems. As cyberattacks rise worldwide, such events allow top cybersecurity engineers to compete and learn new techniques.

The company Nightfall AI found that secrets such as passwords and Application Programming Interface (API) keys were most often found in GitHub. Every year, about 350 total secrets are exposed per 100 employees. Thirty-five percent of the discovered API keys were still active, increasing vulnerability to privilege escalation attacks, data leaks, and breaches.

Nearly 2.7 billion records of personal information for people in the US were leaked on a popular hacking forum. The records include names, Social Security numbers (SSNs), known physical addresses, and more. The leaked data is alleged to have come from National Public Data, a company that collects and sells access to personal data for background checks, criminal record searches, and private investigations. This article continues to discuss the leak of 2.7 billion data records by hackers.