Author: Admin
US telecommunications giant T-Mobile confirmed that it was also among the companies targeted by Chinese threats to gain access to valuable information. Opponents tracked as Salt typhoonbreached the campaign as part of a “month-long campaign” designed to collect the mobile communications of “high-profile intelligence targets.” It is unclear what, if any, information was obtained during the malicious activity. “T-Mobile is closely monitoring this industry-wide attack, and at this time T-Mobile’s systems and data have not been significantly impacted, and we have no evidence of impact to customer information,” a company spokesperson said. was is quoted as The Wall Street Journal…
November 19, 2024Ravi LakshmananVulnerability / Data Security Patched security flaws affecting Progress Kemp LoadMaster and VMware vCenter Server have been found to be actively exploited in the wild. The US Cybersecurity and Infrastructure Security Agency (CISA) on Monday added CVE-2024-1212 (CVSS Score: 10.0), the highest level security vulnerability in Progress Kemp LoadMaster to known vulnerabilities that exploit (KEV) directory. It was addressed by Progress Software back to February 2024. “Progress Kemp LoadMaster contains an OS command injection vulnerability that allows an unauthenticated remote attacker to gain access to the system via the LoadMaster management interface, allowing arbitrary system commands to…
According to research by GitGuardian and CyberArk, 79% of IT leaders reported that they have experienced a secret leakcompared to 75% in the previous year’s report. At the same time, the number of credential leaks has never been greater than There are 12.7 million hard-coded credentials in public GitHub repositories alone. One of the most disturbing aspects of this report is that over 90% of the real secrets found and reported remained valid for more than 5 days. According to studies take an average of 27 days for organizations to fix a credential leak. Combine this with that non-human identities…
November 18, 2024Ravi LakshmananThreat Intelligence / Ransomware Cyber security researchers have shed light on a new stealthy malware loader called BabbleLoader that has been spotted in the wild delivering families of information stealers such as WhiteSnake and Medusa. BabbleLoader is “an extremely evasive bootloader packed with defense mechanisms that is designed to bypass antivirus and sandbox environments to deliver memory theft,” said Intezer security researcher Ryan Robinson said in a report published on Sunday. Evidence shows that the downloader is being used by several companies targeting both English- and Russian-speaking people, primarily targeting users looking for general hacked software, as…
November 18, 2024Ravi LakshmananPrivacy / Email Security Google appears to be preparing a new feature called Shielded Email that will allow users to create email aliases when signing up for online services and better fight spam. There was a feature reported for the first time Android Authority last week after tearing down the latest version Google Play Services for Android. The idea is to create unique, disposable email addresses that forward messages to the associated primary account, thereby eliminating the need to provide a valid email address when filling out forms or signing up for new online services. The idea…
According to research by GitGuardian and CyberArk, 79% of IT leaders reported that they have experienced a secret leakcompared to 75% in the previous year’s report. At the same time, the number of credential leaks has never been greater than There are 12.7 million hard-coded credentials in public GitHub repositories alone. One of the most disturbing aspects of this report is that over 90% of the real secrets found and reported remained valid for more than 5 days. According to studies take an average of 27 days for organizations to fix a credential leak. Combine this with that non-human identities…
November 18, 2024Hacker newsPenetration Testing / Network Security IT leaders know the drill – regulators and cyber insurers demand regular maintenance network penetration test to keep the bad guys out. But here’s the thing: Hackers don’t wait for schedules to run. Most companies conduct penetration testing on a set schedule, with twice a year (29%) being the most common, followed by three to four times a year (23%) and once a year (20%), according to Kaseya 2024 Cyber Security Research Report. Compliance-oriented testing can detect vulnerabilities that exist at the exact time of testing, but it’s not enough to significantly…
A new phishing campaign is targeting e-commerce shoppers in Europe and the United States with fake pages impersonating legitimate brands to steal their personal information ahead of the Black Friday shopping season. “The company took advantage of increased online shopping activity in November, during the peak Black Friday discount season. The threat actor used counterfeit discounted products as phishing lures to trick victims into providing Cardholder Data (CHD) and Sensitive Authentication Data (SAD) and Personally Identifiable Information (PII),” EclecticIQ said. The activity, first seen in early October 2024, is attributed with high confidence to a Chinese financially motivated threat actor…
November 18, 2024Ravi LakshmananMobile Security / Spyware Legal documents released As part of the ongoing litigation between WhatsApp Meta and NSO Group, it was discovered that the Israeli spyware maker used several exploits targeting the messaging app to deliver Pegasus, including one even after Meta sued for it. They also show that NSO Group repeatedly found ways to install an invasive tracking tool on targeted devices as WhatsApp built new defenses to counter the threat. In May 2019, WhatsApp said it had blocked a sophisticated cyberattack that used its video calling system to secretly deliver the Pegasus malware. The attack…
November 18, 2024Ravi LakshmananWebsite Vulnerability / Security A critical authentication bypass vulnerability has been discovered in the Really Simple Security (formerly Really Simple SSL) WordPress plugin that, if successfully exploited, could give an attacker remote full administrative access to a vulnerable site. The vulnerability, identified as CVE-2024-10924 (CVSS score: 9.8), affects both the free and premium versions of the plugin. The software is installed on over 4 million WordPress sites. “The vulnerability is scriptable, meaning it can be turned into a large-scale automated attack targeting WordPress websites,” said István Martan, security researcher at Wordfence. said. After a responsible disclosure on…