Security researchers at Positive Technologies recently observed a threat actor attempting to exploit a recent vulnerability in Roundcube Webmail against a governmental organization in a Commonwealth of Independent States (CIS) country.  Tracked as CVE-2024-37383 and described as a cross-site scripting (XSS) issue affecting the way Roundcube was handling SVG animate attributes, the bug was patched on May 19 in Roundcube Webmail versions 1.5.7 and 1.6.7.

Cisco recently confirmed that some of its files have been stolen after a hacker offered to sell information allegedly belonging to the company.  The hacker known as IntelBroker on October 14 announced a “Cisco breach” on a popular cybercrime forum.  IntelBroker claimed to have obtained GitHub and SonarQube projects, source code, hardcoded credentials, certificates, confidential documents, Jira tickets, API tokens, AWS private buckets, encryption keys, and other types of information.

Since its discovery in June 2024, the "Cicada3301" ransomware group has targeted critical sectors in the US and UK. In three months, the group has exposed data stolen from 30 companies on their leak sites. Group-IB recently revealed that Cicada3301's ransomware is written in Rust, thus enabling it to run on Windows, Linux, ESXi, and less common architectures such as PowerPC. The Cicada3301 ransomware uses advanced encryption techniques involving ChaCha20 and RSA encryption with configurable modes, welcoming different levels of encryption.

Security experts urge caution regarding Chinese researchers' recently reported work in cracking military-grade encryption using quantum computing technology. In a study titled "Quantum Annealing Public Key Cryptographic Attack Algorithm Based on D-Wave Advantage," Shanghai University researchers claimed to have used a D-Wave Advantage quantum computer to target Substitution-Permutation Network (SPN) algorithms that are foundational to Advanced Encryption Standard (AES) cryptography.

Microsoft warned that a recently patched macOS vulnerability could be used in adware attacks. The flaw enables attackers to bypass the operating system's Transparency, Consent, and Control (TCC) technology and access user data. Apple addressed the bug in macOS Sequoia 15 by removing the vulnerable code. The company also emphasized that only MDM-managed devices are affected. According to Microsoft, the flaw's exploitation involves removing the TCC protection for the Safari browser directory and modifying a configuration file in the directory.

Nidec Corporation recently announced that hackers behind a ransomware attack it suffered earlier this year stole data and leaked it on the dark web.  The company says the threat actors tried to extort the company and decided to leak the information after their demands were not met.  Nidec noted that the attack did not encrypt files, and the incident is considered fully remediated at this time.

Abu Barkat Ullah, Associate Professor at the University of Canberra, discusses the Australian government's first standalone cybersecurity act, which includes mandatory minimum cybersecurity standards for smart devices such as smartphones, laptops, tablets, smart TVs, and more. The emphasis is on securing connected devices to keep users safe from Internet-based threats, vulnerabilities, and risks. This article continues to discuss insights on Australia's first standalone cybersecurity act.

The latest generations of Intel processors and AMD's older microarchitectures on Linux are vulnerable to new speculative execution attacks capable of bypassing current "Spectre" mitigations. The new attacks disclosed by ETH Zurich researchers undermine the Indirect Branch Predictor Barrier (IBPB) on x86 processors, which is a critical defense mechanism against speculative execution attacks. This article continues to discuss the new speculative execution attacks that bypass existing Spectre mitigations.

According to the Department of Justice (DoJ), a man has been arrested on charges related to hacking the US Securities and Exchange Commission's (SEC) X account in January 2024, resulting in a Bitcoin price spike.  The DoJ noted that the individual, Eric Council Jr, aged 25, from Alabama, allegedly conspired with others to take unauthorized control of the SEC's X account, posting a fake announcement that the agency had approved Bitcoin Exchange Traded Funds.

Microsoft has recently uncovered a macOS vulnerability that can enable attackers to gain access to users' protected data and warned active exploitation may be taking place.  Microsoft dubbed the flaw "HM Surf," which allows attackers to bypass the operating system's Transparency, Consent, and Control (TCC) technology to access sensitive user data, including browsed pages and the device's camera, microphone, and location.  The vulnerability is identified as CVE-2024-44133, with a medium severity rating.