Author: Admin
October 11, 2024Ravi LakshmananCybercrime / Dark Web Police in the Netherlands have announced the takedown of Bohemia and Cannabia, which has been described as the world’s largest and longest-running dark web marketplace for illegal goods, drugs and cybercriminal services. The liquidation was the result of a joint investigation with Ireland, Great Britain and the United States that began in late 2022, Politie reported. The market ceased operations at the end of 2023 following reports of service outages and exit fraud after one of the developers was allegedly duped into what was characterized by one of the administrators as a “shameful…
October 10, 2024Ravi LakshmananCybercrime / Misinformation OpenAI said on Wednesday that since the beginning of the year, it has disrupted more than 20 operations and fraud networks around the world that tried to use its platform for malicious purposes. These activities included debugging malware, writing articles for websites, creating bios for social media accounts, and creating AI-generated profile images for fake X accounts. “Threat actors continue to evolve and experiment with our models, but we have seen no evidence that this has led to significant breakthroughs in their ability to create significantly new malware or build viral audiences,” the artificial…
October 10, 2024Ravi LakshmananVulnerability / Enterprise Security Cybersecurity security researchers have warned of an unpatched vulnerability in Nice Linear eMerge E3 access controller systems that could allow the execution of arbitrary operating system (OS) commands. The vulnerability has been assigned a CVE ID CVE-2024-9441has a CVSS score of 9.8 out of a maximum of 10.0, according to VulnCheck. “Vulnerability in the Nortek Linear eMerge E3 allows remote, unauthenticated attackers to cause the device to execute an arbitrary command,” SSD disclosed. said a flaw advisory issued late last month says the vendor has yet to provide a fix or workaround. The…
The current SOC model relies on a scarce resource: human analysts. These professionals are expensive, in high demand, and increasingly difficult to retain. Their work is not only very technical and high-risk, but also soul-crushingly repetitive, dealing with a constant stream of alerts and incidents. As a result, SOC analysts often leave in search of better pay, opportunities to move outside of the SOC into more rewarding roles, or simply to take much-needed breaks. This high attrition rate puts the SOC in a vulnerable position, jeopardizing the overall effectiveness of cybersecurity operations. In order to keep your team resilient and…
October 10, 2024Ravi LakshmananCybercrime / Malware Cybersecurity researchers have shed light on a new digital skimmer campaign that uses Unicode obfuscation techniques to hide a skimmer called the Mongolian Skimmer. “At first glance, what caught my eye was the obfuscation of the script, which seemed a bit odd because of all the accented characters,” Jscrambler researchers said in the analysis. “The heavy use of Unicode characters, many of them invisible, makes the code very difficult for humans to read.” The script, at its core, was set to leverage JavaScript enabled use any Unicode character in the identifier to hide the…
October 10, 2024Ravi LakshmananVulnerability / Network Security The US Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added critical security flaw affecting Fortinet products prior to their known vulnerabilities (KEV) catalog with reference to evidence of active operation. Vulnerability, tracked as CVE-2024-23113 (CVSS Score: 9.8), refers to cases of remote code execution affecting FortiOS, FortiPAM, FortiProxy, and FortiWeb. “Exploitation of an externally controlled format string vulnerability (CWE-134) in the FortiOS fgfmd daemon could allow a remote, unauthenticated attacker to execute arbitrary code or commands via specially crafted requests,” Fortinet. noted in a deficiency advisory as early as February 2024. As…
October 10, 2024Ravi LakshmananBrowser Vulnerability / Security Mozilla has discovered that a critical security flaw affecting Firefox and Firefox Extended Support Release (ESR) is being actively exploited in the wild. The vulnerability, tracked as CVE-2024-9680, was described as a use-after-free bug in the animation timeline component. “An attacker was able to cause code execution in the content process by exploiting ‘use-after-free’ in animation timelines”, Mozilla said in consultation on Wednesday. “We have had reports of this vulnerability being exploited in the wild.” Security researcher Damien Schaeffer of Slovakian company ESET is credited with discovering and reporting the vulnerability. The issue…
October 9, 2024Ravi LakshmananCybercrime / Threat Detection Google on Wednesday announced a new partnership with the Global Anti-Scam Alliance (COMPETITION) and the DNS Research Federation (DNS of the Russian Federation) to fight online fraud. The initiative, codenamed Global Signal Exchange (GSE), is designed to generate real-time insights into fraud, fraud and other forms of cybercrime by combining threat signals from multiple data sources to create greater visibility into cybercriminals. “By joining forces and creating a centralized platform, the GSE aims to improve the sharing of abuse alerts, enabling faster identification and stopping of fraudulent activities across sectors, platforms and services,”…
October 9, 2024Ravi LakshmananIndustrial Security / Critical Infrastructure Details have emerged of multiple security vulnerabilities in two implementations of the Production Notification Specification (MMS) a protocol that, if successfully used, can have serious consequences in an industrial setting. “These vulnerabilities could allow an attacker to disable an industrial device or, in some cases, allow remote code execution,” Claroty researchers Mashaev Sapir and Vera Mens said in a new analysis. MMS is OSI application layer messaging protocol which provides remote control and monitoring of industrial devices by exchanging dispatch control information in an application-independent manner. In particular, it allows communication between…
October 9, 2024Ravi LakshmananPhishing attack / malware Attackers linked to North Korea have been seen targeting job seekers in the tech industry to deliver updated versions of popular malware families tracked as BeaverTail and InvisibleFerret. The cluster of activity tracked as CL-STA-0240 is part of a duplicate campaign Contagious interview that Palo Alto Networks Unit 42 disclosed for the first time in November 2023. “The threat actor behind CL-STA-0240 is contacting software developers through job search platforms, posing as potential employers,” – Unit 42 said in a new report. “The attackers invite the victim to participate in an online interview…