Author: Admin
October 25, 2024Hacker newsArtificial Intelligence / Identity Security Artificial Intelligence (AI) has quickly turned from a futuristic concept into a powerful weapon in the hands of bad actors. Today, AI-based attacks aren’t just theoretical threats – they’re happening across industries and outpacing traditional defense mechanisms. The solution, however, is not futuristic. It turns out that a properly designed identity security platform can provide fraud protection using artificial intelligence. Learn more about how a secure identity platform can eliminate AI deepfakes and serve as a critical component of this new era of cyber defense. The threat of AI impersonation fraud is…
October 25, 2024Ravi LakshmananDigital Advertising / Privacy Ireland’s data protection authority fined LinkedIn 310 million euros ($335 million) on Thursday for violating the privacy of its users by conducting behavioral analysis of personal data to target advertising. “The investigation examined LinkedIn’s processing of personal data for the purposes of behavioral analysis and targeted advertising of users who have created LinkedIn profiles (members),” Data Protection Commission (DPC) said. “The decision (…) concerns the legality, fairness and transparency of this processing.” The fine was imposed in accordance with the European Union (EU) General Data Protection Regulation (GDPR), an information privacy law that…
October 24, 2024Ravi LakshmananRansomware / Cybercrime Cybersecurity researchers have discovered an advanced version of the Qilin ransomware that features increased sophistication and evasive tactics. The new variant is tracked by cyber security company Halcyon under the alias Qilin.B. “Notably, Qilin.B now supports AES-256-CTR encryption for AESNI-capable systems, while retaining Chacha20 for systems without such support,” Halcyon Research Team said in a report shared with The Hacker News. “Additionally, RSA-4096 with OAEP padding is used to protect the encryption keys, making it impossible to decrypt the files without the attacker’s private key or derived seed values.” Tilin, also known as Agendafirst…
Cybersecurity researchers have discovered a security flaw affecting the Amazon Web Services (AWS) Cloud Development Kit (CDK) that could lead to account hijacking under certain circumstances. “The impact of this issue could, in certain scenarios, allow an attacker to gain administrative access to a target AWS account, leading to full account takeover,” Aqua said in the report shared with The Hacker News. After responsible disclosure on June 27, 2024, the issue was reviewed by project support specialists at CDK version 2.149.0 released in July. AWS CDK is an open source software development framework for defining cloud application resources using Python,…
October 24, 2024Ravi LakshmananVulnerability / Network Security Cisco said on Wednesday that it has released updates to address a widely used security flaw in the Adaptive Security Appliance (ASA) that could lead to a denial-of-service (DoS) condition. Vulnerability, tracked as CVE-2024-20481 (CVSS score: 5.8), affects the Remote Access VPN (RAVPN) service of Cisco ASA software and Cisco Firepower Threat Defense (FTD). A security issue caused by resource exhaustion can be exploited by unauthenticated remote attackers to cause a DoS of the RAVPN service. “An attacker could exploit this vulnerability by sending a large number of VPN authentication requests to an…
Sometimes it turns out that the answers we’ve been looking for so hard have been sitting in front of us for so long that we somehow didn’t notice them. When the Department of Homeland Security, through the Cybersecurity and Infrastructure Security Agency (CISA), in coordination with the FBI, issues a cybersecurity alert and prescribes specific actions, it would be a good idea to at least read the joint advisory. In their AA24-242A advisory, DHS/CISA and the FBI told the cybercriminal-stopping world that to stop ransomware attacks, organizations need to implement phishing-resistant MFA and move away from SMS-based MFA OTP. Best…
A North Korean threat actor known as the Lazarus Group has been credited with exploiting a zero-day patched security flaw in Google Chrome to seize control of infected devices. Cyber security provider Kaspersky said that in May 2024, it discovered a new chain of attacks that targeted the personal computer of an unnamed Russian citizen using Manuscript backdoor This entails running a zero-day exploit simply by visiting a fake gaming website (“detankzone(.)com”) that was targeted at people in the cryptocurrency sector. The campaign is estimated to launch in February 2024. “On the surface, this website resembled a professionally designed product…
October 24, 2024Ravi LakshmananVulnerability / Network Security Fortinet has confirmed details of a critical security flaw affecting FortiManager that is actively exploited in the wild. Tracked as CVE-2024-47575 (CVSS Score: 9.8), the vulnerability is also known as FortiJump and is rooted in FortiGate for FortiManager (FGFM) protocol. “Lack of Authentication for Critical Feature Vulnerability (CWE-306) in the FortiManager fgfmd daemon could allow a remote, unauthenticated attacker to execute arbitrary code or commands via specially crafted requests,” the company said in a statement. said in consultation on Wednesday. The vulnerability affects FortiManager versions 7.x, 6.x, FortiManager Cloud 7.x, and 6.x. This…
New versions of the banking malware called Grandoreira have been found to be using new tactics in an attempt to circumvent anti-fraud measures, indicating that the malware continues to be actively developed despite efforts by law enforcement to shut down the operation. “Only part of this gang has been arrested: the remaining operators behind Grandoreiro continue to attack users around the world, developing new malware and building new infrastructure,” Kaspersky said. said in an analysis published on Tuesday. Some of the other newly incorporated techniques include the use of Domain Generation Algorithm (DGA) for command-control (C2) communication, ciphertext theft (CTS)…
October 23, 2024Ravi LakshmananVulnerability / Threat Intelligence A fatal error has been detected in Microsoft SharePoint added to known exploits (KEV) catalog of the US Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday, citing evidence of active use. The vulnerability, tracked as CVE-2024-38094 (CVSS score: 7.2), has been described as a deserialization vulnerability that affects SharePoint and could lead to remote code execution. “An authenticated attacker with permission from the site owner could use the vulnerability to inject arbitrary code and execute that code in the context of SharePoint Server,” Microsoft said. said in the notice of deficiency. There were…