"Experts Analyzed Attacks Against Poorly Managed Linux SSH Servers"

"Experts Analyzed Attacks Against Poorly Managed Linux SSH Servers"

AhnLab Security Emergency Response Center (ASEC) researchers are warning about attacks on poorly managed Linux SSH servers in which Distributed Denial-of-Service (DDoS) bots and CoinMiners are installed. During the reconnaissance phase, threat actors scan IP addresses for servers with the SSH service or port 22 activated, then carry out a brute force or dictionary attack to get the ID and password. They can sell compromised IP addresses and account credentials on the dark web.

Submitted by Gregory Rigby on

"Cyberattack Targets Albanian Parliament’s Data System, Halting Its Work"

"Cyberattack Targets Albanian Parliament’s Data System, Halting Its Work"

Albania’s Parliament recently announced that it had suffered a cyberattack with hackers trying to get into its data system, resulting in a temporary halt in its services.  A statement said Monday’s cyberattack had not “touched the data of the system,” adding that experts were working to discover what consequences the attack could have.  It said the system’s services would resume at a later time.

Submitted by Adam Ekwall on

"Lockbit Ransomware Disrupts Emergency Care at German Hospitals"

"Lockbit Ransomware Disrupts Emergency Care at German Hospitals"

German hospital network Katholische Hospitalvereinigung Ostwestfalen (KHO) has recently confirmed that service disruptions at three hospitals were caused by a Lockbit ransomware attack.  The attack began in the early morning of December 24, 2023.  It severely impacted the systems that support the operations of three hospitals in Bielefeld, Rheda-Wiedenbrück, and Herford, Germany.

Submitted by Adam Ekwall on

"Panasonic Discloses Data Breach After December 2022 Cyberattack"

"Panasonic Discloses Data Breach After December 2022 Cyberattack"

Panasonic Avionics Corporation, a leading supplier of in-flight communications and entertainment systems, recently disclosed a data breach affecting an undisclosed number of individuals after its corporate network was breached more than one year ago, in December 2022.  The company stated that on December 30, 2022, it identified evidence of an issue potentially impacting certain systems in its corporate network environment that occurred on or around December 14, 2022.

Submitted by Adam Ekwall on

"Blockchain Dev's Wallet Emptied in 'Job Interview' Using npm Package"

"Blockchain Dev's Wallet Emptied in 'Job Interview' Using npm Package"

A "recruiter" approached a blockchain developer on LinkedIn for a web development job and asked him to download npm packages from a GitHub repository, which led to the developer's MetaMask wallet emptying. It is not uncommon for legitimate technology interviews to include some kind of take-home exercise or proof-of-concept (PoC) assignment involving writing code or debugging, thus making the lure convincing even to technically savvy individuals like developers.

Submitted by Gregory Rigby on

"Ohio Lottery Hit by Ransomware, Hackers Claim Theft of Employee and Player Data"

"Ohio Lottery Hit by Ransomware, Hackers Claim Theft of Employee and Player Data"

The Ohio Lottery has recently confirmed that it was targeted in a cyberattack, and a ransomware group claims to have stolen a significant amount of information from the organization’s systems.  The Ohio State Lottery informed customers on its website that it had experienced a “cybersecurity event” but assured the public that its gaming system was fully operational.  However, it said it decided to shut down some critical systems to contain the incident.

Submitted by Adam Ekwall on

"LoanCare Notifying 1.3 Million of Data Breach Following Cyberattack on Parent Company"

"LoanCare Notifying 1.3 Million of Data Breach Following Cyberattack on Parent Company"

Mortgage servicing firm LoanCare recently started informing more than 1.3 million individuals of a data breach impacting their personal information.  A subsidiary of Fidelity National Financial (FNF), LoanCare provides loan subservicing for mortgage loaners, including banks, credit unions, and mortgage firms.  According to LoanCare, the data breach resulted from a cyberattack on FNF’s internal systems.  The incident was identified on November 19, resulting in business disruptions.  The company noted that the incident was contained on November 26, 2023.

Submitted by Adam Ekwall on

"Major Security Flaws in Java Applications – European Researchers Warn"

"Major Security Flaws in Java Applications – European Researchers Warn"

A team of researchers from Umeå University, Paderborn University, Université du Luxembourg, and INRIA analyzed vulnerabilities in software written in Java, one of most widely used programming languages, in a study titled "An In-Depth Study of Java Deserialization Remote-Code Execution Exploits and Vulnerabilities." They examined Java products that use deserialization, which is the process of restoring packaged information to its last state, such as user settings, game functions, shopping carts, or banking applications, and conducted a thorough analysis of vulnerabilities and attacks.

Submitted by Gregory Rigby on

"New Study Links OpenAI's GPT-3.5 Turbo To Alarming Privacy Threats"

"New Study Links OpenAI's GPT-3.5 Turbo To Alarming Privacy Threats"

A recent study conducted by Rui Zhu, a Ph.D. candidate at Indiana University Bloomington, discovered a potential privacy threat posed by OpenAI's Large Language Model (LLM), GPT-3.5 Turbo.  As part of the experiment, Zhu used a GPT-3.5 Turbo feature that allows the model to recall personal data and successfully avoided the model's privacy safeguards. Although there were flaws, the model correctly provided the work addresses of 80 percent of Times employees tested.

Submitted by Gregory Rigby on

"This Clever New Idea Could Fix AirTag Stalking While Maximizing Privacy"

"This Clever New Idea Could Fix AirTag Stalking While Maximizing Privacy"

Apple's AirTags help users find their keys or track their luggage, but AirTag features have also allowed them to be used as a tracking tool for domestic abusers and criminals in stalking targets. Apple has implemented measures to notify iPhone and Android users if an AirTag is in their vicinity for an extended period without the presence of its owner's iPhone, which could mean that an AirTag has been planted to track their location secretly.

Submitted by Gregory Rigby on
Subscribe to