"Government Security Vulnerabilities Surge By 151%, Report Finds"

"Government Security Vulnerabilities Surge By 151%, Report Finds"

According to security researchers at Bugcrowd, the government sector has witnessed the most significant growth in crowdsourced security in 2023, marking a 151% increase in vulnerability submissions and a substantial 58% rise in Priority 1 (P1) rewards for critical vulnerabilities.  The researchers noted that there was a noteworthy increase in vulnerability submissions also observed in the retail (+34%), corporate services (+20%), and computer software (+12%) sectors.

Submitted by Adam Ekwall on

"Blackwood APT Delivers Malware by Hijacking Legitimate Software Update Requests"

"Blackwood APT Delivers Malware by Hijacking Legitimate Software Update Requests"

ESET researchers have uncovered NSPX30, an implant used by the China-aligned Advanced Persistent Threat (APT) group called Blackwood. Blackwood has conducted cyber espionage operations against individuals and organizations in China, Japan, and the UK. It uses Adversary-in-the-Middle (AitM) techniques to take over update requests from legitimate software in order to deliver the NSPX30 implant. According to ESET, based on the NSPX30's evolution mapping, the sophisticated implant's earlier ancestor is Project Wood, a simple backdoor. The oldest sample was compiled in 2005.

Submitted by Gregory Rigby on

"Atlassian Tightens API After Hacker Scrapes 15M Trello Profiles"

"Atlassian Tightens API After Hacker Scrapes 15M Trello Profiles"

Millions of names, usernames, and emails associated with public Trello boards have been made available for sale on the dark web, potentially leading to Account Takeover (ATO) and spear-phishing attacks. Atlassian, Trello's parent company, now says it has made changes to a critical Application Programming Interface (API) to prevent scraping attacks. Trello, a project management and collaboration platform, allows users to make their "boards" or workspaces publicly findable, facilitating collaboration between different companies and stakeholders.

Submitted by Gregory Rigby on

"HPE Says Russian Government Hackers Had Access to Emails for 6 Months"

"HPE Says Russian Government Hackers Had Access to Emails for 6 Months"

In a recent SEC filing, Hewlett Packard Enterprise (HPE) revealed that its cloud email environment was targeted by hackers believed to be sponsored by the Russian government.  The company said it was notified on December 12 that a threat group identified as Midnight Blizzard and Cozy Bear had hacked into its cloud-based email environment.   HPE says that it kicked out the attackers, but its investigation revealed that the threat actor gained access to its systems and started exfiltrating data in May 2023.

Submitted by Adam Ekwall on

"Firefox 122 Patches 15 Vulnerabilities"

"Firefox 122 Patches 15 Vulnerabilities"

Mozilla recently announced security updates for both Firefox and Thunderbird to patch 15 vulnerabilities, including five rated "high severity." The first high-severity flaw is an out-of-bounds write in ANGLE (Almost Native Graphics Layer Engine), the open-source graphics engine used as the default WebGL backend in both Firefox and Chrome.  Tracked as CVE-2024-0741, Mozilla noted that the issue could be exploited to corrupt memory and cause a crash that could potentially lead to denial of service or arbitrary code execution.

Submitted by Adam Ekwall on

"Offshore Wind Farms Are Vulnerable to Cyberattacks, New Concordia Study Shows"

"Offshore Wind Farms Are Vulnerable to Cyberattacks, New Concordia Study Shows"

A team of researchers from Concordia and Hydro-Quebec conducted a study on the risks of cyberattacks faced by offshore wind farms. The researchers focused on wind farms that use Voltage-Source Converter High-Voltage Direct-Current (VSC-HVDC) connections, which are quickly becoming the most cost-effective solution for harvesting offshore wind energy. Offshore wind farms rely on complex, hybrid communication architecture, thus providing multiple entry points for cyberattacks.

Submitted by Gregory Rigby on

"Lassonde Researcher Examining Privacy Concerns in Virtual Reality Environment"

"Lassonde Researcher Examining Privacy Concerns in Virtual Reality Environment"

Some Virtual Reality (VR) technologies pose significant privacy risks by improperly collecting and sharing users' data. Yan Shvartzshnaider, an assistant professor in the Electrical Engineering and Computer Science Department at York University's Lassonde School of Engineering, is working to address virtual privacy concerns and develop cybersecurity solutions.

Submitted by Gregory Rigby on

"UAH Leads NATO Program Partners in Project to Address Impact of Quantum Technology on Global Security"

"UAH Leads NATO Program Partners in Project to Address Impact of Quantum Technology on Global Security"

Researchers at the University of Alabama in Huntsville (UAH) are leading a NATO collaboration to address emerging security challenges posed by quantum technologies. Quantum computers use quantum phenomena to solve mathematical problems that conventional computers find difficult or intractable. Researchers have stressed that quantum computers will eventually be able to break many of today's public-key cryptosystems, thus putting digital communications at risk.

Submitted by Gregory Rigby on

"5,379 Gitlab Servers Vulnerable to Zero-Click Account Takeover Attacks"

"5,379 Gitlab Servers Vulnerable to Zero-Click Account Takeover Attacks"

Thousands of GitLab servers are vulnerable to zero-click Account Takeover (ATO) attacks involving the exploitation of a critical vulnerability. GitLab recently released security updates to address two critical vulnerabilities that affect both the Community and Enterprise Edition. The most critical vulnerability, tracked as CVE-2023-7028 with a CVSS score of 10, enables ATO via Password Reset. Threat actors can use the flaw to hijack an account without user interaction. Most of the vulnerable servers are in the US (964), Germany (730), and Russia (721).

Submitted by Gregory Rigby on

"SEC Blames SIM Swap Hack for Twitter Account Hijack"

"SEC Blames SIM Swap Hack for Twitter Account Hijack"

The US Securities and Exchange Commission (SEC) confirmed that a SIM swapping hack resulted in its X (Twitter) account getting hijacked. On January 9, hackers took control of the account and posted a false announcement claiming that the commission had approved Bitcoin futures Exchange-Traded Funds (ETFs). Due to the post, Bitcoin surged to a 19-month high before falling nearly 6 percent after SEC staff used Chair Gary Gensler's X account to reveal that the ETF announcement was false.

Submitted by Gregory Rigby on
Subscribe to