"Swiss Govt Websites Hit by Pro-Russia Hackers After Zelensky Visit"

"Swiss Govt Websites Hit by Pro-Russia Hackers After Zelensky Visit"

Switzerland recently announced that a cyberattack claimed by a pro-Russian group temporarily disrupted access to a number of government websites following Ukrainian President Volodymyr Zelensky's visit to Davos.  The government said that the Russian-linked hacker group "NoName" claimed responsibility for the attack, citing Ukrainian President Zelensky's attendance at the WEF annual meeting.

Submitted by Adam Ekwall on

"PAX PoS Terminal Flaw Could Allow Attackers to Tamper with Transactions"

"PAX PoS Terminal Flaw Could Allow Attackers to Tamper with Transactions"

PAX Technology's Point-of-Sale (PoS) terminals are vulnerable to attacks due to a set of high-severity flaws that threat actors can exploit to execute arbitrary code. The STM Cyber R&D team, who reverse-engineered the company's Android-based devices, discovered half a dozen flaws that enable privilege escalation and local code execution from the bootloader. The successful exploitation of the discovered vulnerabilities could allow an attacker to elevate their privileges to root and evade sandboxing protections, granting them access to conduct any operation.

Submitted by Gregory Rigby on

"Sophisticated macOS Infostealers Get Past Apple's Built-In Detection"

"Sophisticated macOS Infostealers Get Past Apple's Built-In Detection"

As attackers gain more knowledge about how to crack static signature-detection engines, increasingly sophisticated infostealers are targeting macOS with the ability to evade Apple's built-in malware protection. According to SentinelOne researchers, three active infostealers named KeySteal, Atomic Infostealer, and CherryPie can bypass various detection engines, with variants of the first two evading XProtect. XProtect is the macOS built-in antivirus (AV) technology that scans downloaded files and apps for known malware signatures as well as removes any infected files.

Submitted by Gregory Rigby on

"ChatGPT Creator Pairing With Pentagon on Suicide Prevention and Cybersecurity, Executive Says"

"ChatGPT Creator Pairing With Pentagon on Suicide Prevention and Cybersecurity, Executive Says"

The artificial intelligence company behind the popular chatbot ChatGPT has recently teamed up with the Defense Department to explore ways of using its technology to prevent veteran suicide.  According to the company’s vice president of global affairs, Anna Makanju, it’s one of several ongoing initiatives by OpenAI and the Pentagon.  Makanju also stated that OpenAI has been doing work with the Department of Defense on cybersecurity tools for open-source software that secures critical infrastructure.

Submitted by Adam Ekwall on

"Release Cybersecurity Guidance on Chinese-Manufactured UAS for Critical Infrastructure Owners and Operators"

"Release Cybersecurity Guidance on Chinese-Manufactured UAS for Critical Infrastructure Owners and Operators"

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have released "Cybersecurity Guidance: Chinese-Manufactured Unmanned Aircraft Systems (UAS)." The guidance aims to raise awareness of threats posed by Chinese-manufactured UAS as well as provide critical infrastructure and State, Local, Tribal, and Territorial (SLTT) partners with suggested cybersecurity protections for networks and sensitive information.

Submitted by Gregory Rigby on

"Nearly 7K WordPress Sites Compromised by Balada Injector"

"Nearly 7K WordPress Sites Compromised by Balada Injector"

According to security researchers at Jscrambler, about 6,700 WordPress websites have been infected with the Balada Injector malware after using a Popup Builder plug-in with a cross-site scripting (XSS) vulnerability tracked as CVE-2023-6000.  The researchers noted that the Balada Injector campaign is long-running (since 2017) and is an operation that has compromised more than 1 million WordPress sites in the past six years.

Submitted by Adam Ekwall on

"PixieFail Flaws Impact PXE Network Boot in Enterprise Systems"

"PixieFail Flaws Impact PXE Network Boot in Enterprise Systems"

Quarkslab researchers discovered a set of vulnerabilities called PixieFail affecting the IPv6 network protocol stack of TianoCore's EDK II, an open-source reference implementation of the Unified Extensible Firmware Interface (UEFI) specification that is widely used in enterprise computers and servers. The flaws are in the PXE network boot process, which is critical for provisioning operating systems in data centers and high-performance computing environments. It is a standard procedure for loading operating system images from the network during boot.

Submitted by Gregory Rigby on

"Majorca Tourist Hotspot Hit With $11m Ransom Demand"

"Majorca Tourist Hotspot Hit With $11m Ransom Demand"

A major Spanish holiday destination became the victim of ransomware last weekend, with reports claiming digital extortionists are demanding €10m ($11m).  The municipality of Calvià in the southwest of Majorca includes the popular tourist hotspot of Magaluf and attracts over one million visitors to its shores a year.  A crisis committee has been assembled to assess the attack's impact on local services, and an IT team is working through forensic analysis and recovery processes.  The Guardia Civil has reportedly also been contacted for assistance.

Submitted by Adam Ekwall on

"OpenAI Announces Plans to Combat Misinformation Amid 2024 Elections"

"OpenAI Announces Plans to Combat Misinformation Amid 2024 Elections"

OpenAI, the developer of the AI chatbot ChatGPT and the image generator DALL-E has recently announced new measures to prevent abuse and misinformation ahead of big elections this year.  The firm announced that it was collaborating with the National Association of Secretaries of State (NASS), the oldest non-partisan professional organization for public officials in the US, to prevent the use of ChatGPT for misinformation ahead of the US Presidential Election in November.

Submitted by Adam Ekwall on

"A Flaw in Millions of Apple, AMD, and Qualcomm GPUs Could Expose AI Data"

"A Flaw in Millions of Apple, AMD, and Qualcomm GPUs Could Expose AI Data"

According to new research, a vulnerability called LeftoverLocals exists in multiple brands and models of mainstream GPUs, including Apple, Qualcomm, and AMD chips, and can allow an attacker to steal large amounts of data from a GPU's memory. To exploit the vulnerability, attackers must first establish some level of operating system access on a target's device. Modern computers and servers are designed to silo data, allowing multiple users to share the same processing resources while not being able to access each other's data.

Submitted by Gregory Rigby on
Subscribe to