Author: Admin
November 6, 2024Ravi LakshmananCyber Threat / Cyber Crime On Tuesday, INTERPOL said it had taken down more than 22,000 malicious servers linked to various cyber threats in a global operation. The coordinated effort, dubbed Operation Synergia II, ran from April 1 to August 31, 2024, and targeted phishing, ransomware and information-stealing infrastructure. “Of the approximately 30,000 suspicious IP addresses identified, 76 percent were eliminated and 59 servers were seized,” Interpol said. said. “In addition, 43 electronic devices were seized, including laptops, mobile phones and hard drives.” The actions also led to the arrest of 41 people, with another 65 people…
South Korea fines Meta $15.67 million for illegally sharing sensitive user data with advertisers
November 6, 2024Ravi LakshmananData Privacy / Technical Regulation Meta has been fined 21.62 billion won ($15.67 million) by South Korea’s privacy watchdog for illegally collecting Facebook users’ sensitive personal information, including information about their political views and sexual orientation, and sharing it with advertisers without their consent. The country’s Personal Information Protection Commission (PIPC) said Meta collected information such as religious affiliation, political views and same-sex marital status on about 980,000 local Facebook users and shared it with 4,000 advertisers. “Specifically, it was found that behavioral information, such as the pages users ‘like’ on Facebook and the ads they clicked…
November 6, 2024Ravi LakshmananCloud Security / Phishing Protection Google’s cloud division has announced that it will make multi-factor authentication (MFA) mandatory for all users by the end of 2025 as part of efforts to improve account security. “We will be phasing in mandatory MFA for Google Cloud, rolling out to all users worldwide throughout 2025,” Mayank Upadhyay, VP of Development and Principal Engineer, Google Cloud. said in the statement. “To ensure a smooth transition, Google Cloud will provide advance notice to businesses and users along the way to help plan for MFA deployment.” The deployment process is planned to take…
The US Federal Bureau of Investigation (FBI) is asking for the public’s help in its investigation into the hacking of edge devices and computer networks belonging to companies and government organizations. “The Advanced Persistent Threat group allegedly created and deployed malware (CVE-2020-12271) as part of a widespread series of indiscriminate computer intrusions designed to steal sensitive data from firewalls around the world,” the agency said. said. “The FBI is seeking information on the individuals responsible for these cyber intrusions.” Development occurs after a a series of reports published by cybersecurity vendor Sophos, which describes a number of campaigns from 2018…
November 5, 2024Ravi LakshmananMobile Security / Cyber Attack More than 1,500 Android devices have been infected with a new strain of Android banking malware called ToxicPanda, which allows threat actors to conduct fraudulent banking transactions. “ToxicPanda’s main goal is to initiate money transfers from compromised devices via account takeover (ATO) using a well-known technique called device fraud (ODF),” Cleafy researchers Michele Raviello, Alessandro Strina and Federico Valentini said in Monday’s analysis. “It aims to bypass banking countermeasures used to enforce identity verification and user authentication, combined with behavioral detection techniques used by banks to detect suspicious money transfers.” ToxicPanda is…
AI detects vulnerabilities I was write about the ability for artificial intelligence to automatically detect code vulnerabilities since at least 2018. This is an ongoing area of research: AI scanning source code, AI finding zero days in the wild, and everything in between. AI isn’t very good at this yet, but it’s getting better. Here are some anecdotal information from this summer: From July 2024, ZeroPath takes a new approach, combining deep program analysis with competitive AI agents for verification. Our methodology identified many critical vulnerabilities in production systems, including several that traditional static application security testing (SAST) tools were…
Zero Trust security changes the way organizations handle security by eliminating conditional trust with continuous analysis and validation of access requests. Unlike perimeter-based security, users in an environment are not automatically trusted after gaining access. Zero Trust security encourages continuous monitoring of each device and user, providing persistent protection after successful user authentication. Why companies use Zero Trust security Companies use Zero Trust security to protect against sophisticated and increasingly sophisticated cyber threats. This addresses the limitations of traditional perimeter-based security models, which include a lack of east-west traffic security, implicit insider trust, and a lack of visibility. Traditional Security…
Synology requires a patch for the critical Zero-Click RCE flaw affecting millions of NAS devices
November 5, 2024Ravi LakshmananVulnerability / Data Security Taiwanese network attached storage (NAS) manufacturer Synology has fixed a critical security flaw that affects DiskStation and BeePhotos and could lead to remote code execution. Tracked as CVE-2024-10443 and duplicated RISK: STATION by Midnight Blue, the zero-day flaw was demonstrated at the Pwn2Own Ireland 2024 hacking competition by security researcher Rick de Jager. RISK:STATION is “an unauthenticated zero-click vulnerability that allows attackers to gain root-level code execution on popular Synology DiskStation and BeeStation NAS devices, affecting millions of devices,” a Dutch company said. The zero-click nature of the vulnerability means that it does…
November 5, 2024Ravi LakshmananData Leak / Cybercrime Canadian law enforcement agencies arrested a person suspected of committing a a series of hacks in the wake of the Snowflake cloud storage platform breach earlier this year. The individual in question, Alexander “Conor” Movka (aka Judische and Waifu), was detained on October 30, 2024, on a preliminary arrest warrant requested by the US There was development reported for the first time Bloomberg and confirmed 404 mass media. The exact nature of the charges against Movka is still unknown. In June 2024 Snow White opened that a “limited number” of his customers were…
November 5, 2024Ravi LakshmananMalware / Blockchain An ongoing campaign is targeting npm developers with hundreds of typosquat versions of their legitimate counterparts in an attempt to force them to run cross-platform malware. According to independent findings, the attack is characterized by the use of Ethereum smart contracts to distribute the addresses of command and control (C2) servers. Checkmarx, Typeand Socket published in the last few days. This activity was first noted on October 31, 2024, although it is said to have occurred at least a week ago. At least 287 typosquat packages have been published in the npm package registry.…