"Ukrainian Hackers Claim Attack on Russian Scientific Research Center"

"Ukrainian Hackers Claim Attack on Russian Scientific Research Center"

According to Ukraine's defense intelligence directorate (GUR), the pro-Ukraine hacker group called BO Team infiltrated the Russian State Research Center on Space Hydrometeorology, destroying its database and valuable equipment. The hackers claimed to have destroyed 280 servers and two petabytes of data, which included weather and satellite information, as well as unique research. GUR estimates that the lost data could cost Russia at least $10 million.

Submitted by Gregory Rigby on

"Browser Phishing Threats Grew 198% Last Year"

"Browser Phishing Threats Grew 198% Last Year"

Security researchers at Menlo Security have observed a 198% increase in browser-based phishing attacks during the latter half of 2023 compared to the first half, with a 206% rise in evasive attacks.  Evasive attacks, designed to circumvent traditional security controls, now constitute 30% of all browser-based phishing assaults, according to the researchers.  These sophisticated tactics include SMS phishing, Adversary in the Middle (AITM) frameworks, image-based phishing, brand impersonation, and Multi-Factor Authentication (MFA) bypass.

Submitted by Adam Ekwall on

"Medical Lab Database Exposed 1.3M Records, COVID Test Info"

"Medical Lab Database Exposed 1.3M Records, COVID Test Info"

An unsecured database exposed 1.3 million records, including COVID test results and other Personally Identifiable Information (PII). According to a researcher at vpnMentor, the database had documents bearing the name and logo of Coronalab.eu, which is owned by Microbe & Lab, an Amsterdam-based medical laboratory. The 1.3 million exposed records include 118,441 certificates, 506,663 appointments, 660,173 testing samples, and more.

Submitted by Gregory Rigby on

"PoC for Easily Exploitable Fortra GoAnywhere MFT Vulnerability Released"

"PoC for Easily Exploitable Fortra GoAnywhere MFT Vulnerability Released"

Proof-of-Concept (PoC) exploit code for a critical vulnerability, tracked as CVE-2024-0204, in Fortra's GoAnywhere Managed File Transfer (MFT) solution has been made public, raising concerns that attackers will soon exploit it. Organizations of various sizes widely use Fortra's GoAnywhere MFT solution. In early 2023, the Cl0P ransomware gang used a zero-day vulnerability, tracked as CVE-2023-0669, in the same solution to exfiltrate data from more than 130 victim organizations. Following the exfiltration, the group threatened to publish the data unless they were paid not to.

Submitted by Gregory Rigby on

AI in Automotive Cybersecurity USA 2024 Conference

"As the application of AI in automotive gains momentum, and threat actors become more intelligent, it’s never been more important to prepare for emerging cybersecurity threats as well as understand the risks and opportunities that AI presents.   We have industry professionals from across automotive cybersecurity, artificial intelligence, machine learning, quantum computing, R&D, LLM, innovation and other domains to AI for Automotive Cybersecurity USA 2024 and giving them the opportunity to understand the impact of and prepare for AI in cybersecurity."

"Google Kubernetes Misconfig Lets Any Gmail Account Control Your Clusters"

"Google Kubernetes Misconfig Lets Any Gmail Account Control Your Clusters"

Threat actors with a Google account could exploit a loophole impacting Google Kubernetes Engine (GKE) to take over a Kubernetes cluster. The flaw has been dubbed "Sys:All" by the cloud security company Orca. About 250,000 active GKE clusters in the wild are said to be vulnerable to the attack vector. According to security researcher Ofir Yakobi, there is a common misconception that the system:authenticated group in GKE only includes verified and deterministic identities. However, it includes any Google-authenticated account, even those from outside the organization.

Submitted by Gregory Rigby on

"UK Says AI Will Empower Ransomware Over the Next Two Years"

"UK Says AI Will Empower Ransomware Over the Next Two Years"

According to the UK's National Cyber Security Centre (NCSC), Artificial Intelligence (AI) tools will negatively impact cybersecurity in the near future, contributing to the rise of the ransomware threat. Cybercriminals are already using AI for various purposes, and the trend is expected to worsen over the next two years, increasing the volume and severity of attacks. AI will allow inexperienced threat actors, hackers-for-hire, and low-skilled hacktivists to carry out more effective, targeted attacks.

Submitted by Gregory Rigby on

"Magecart Adds Middle East Retailers to Long List of Victims"

"Magecart Adds Middle East Retailers to Long List of Victims"

Retailers in the Middle East and Africa are more vulnerable to web-skimming attacks, but they make up a small fraction of all consumer victims. An independent researcher recently discovered web-skimming code on the staging server of the clothing retail website Khaadi, which is based in Pakistan and the United Arab Emirates. The code was discovered during an investigation into a web-skimming attack on a German football team's website, and an Internet-wide search revealed 1,800 other potentially compromised websites.

Submitted by Gregory Rigby on

"Tesla Hacked, 24 Zero-Days Demoed at Pwn2Own Automotive 2024"

"Tesla Hacked, 24 Zero-Days Demoed at Pwn2Own Automotive 2024"

Security researchers hacked a Tesla Modem and collected awards of $722,500 on the first day of Pwn2Own Automotive 2024 for three bug collisions and 24 unique zero-day exploits.  Synacktiv Team took home $100,000 after successfully chaining three zero-day bugs to get root permissions on a Tesla Modem.  The team also used two unique two-bug chains to hack a Ubiquiti Connect EV Station and a JuiceBox 40 Smart EV Charging Station, earning an additional $120,000.

Submitted by Adam Ekwall on
Subscribe to