Author: Admin
November 15, 2024Ravi LakshmananCyber espionage / malware Cybersecurity researchers have shed light on a new remote access Trojan and information stealer used by Iranian state-sponsored entities to conduct reconnaissance on compromised endpoints and execute malicious commands. Cyber security company Check Point codenamed the malware WezRatstating that it has been detected in the wild since at least September 1, 2023, based on artifacts uploaded to the VirusTotal platform. “WezRat can execute commands, take screenshots, download files, execute keyloggers, and steal clipboard contents and cookies.” said in the technical report. “Some functions are performed by separate modules obtained from the command and…
November 15, 2024Hacker newsWebinar / Cyber security In a fast-paced digital world, trust is everything, but what happens when that trust is broken? Certificate revocations, while rare, can send shock waves through your operations, impacting security, customer trust, and business continuity. Are you ready to act quickly when the unexpected happens? Join DigiCert’s exclusive webinar, “When the Shift Happens: Are You Ready to Quickly Replace Your Certificate?”and learn how automation, cryptographic agility, and best practices can turn recall challenges into opportunities for growth and sustainability. Here’s what you’ll learn: Recalls Identified: Understand why they happen, their ripple effects, and the…
November 15, 2024Ravi LakshmananArtificial Intelligence / Vulnerability Cybersecurity researchers have discovered two security flaws in Google’s Vertex machine learning (ML) platform that, if successfully exploited, could allow attackers to elevate privileges and delete models from the cloud. “Using user permissions to work, we were able to elevate our privileges and gain unauthorized access to all data services in the project,” Palo Alto Networks Division 42 researchers Ofir Balasiana and Ofir Shati said in an analysis published earlier this week. “The deployment of the poisoned model in Vertex AI led to the exfiltration of all other fine-tuned models, creating a serious…
November 15, 2024Ravi LakshmananMalware / credential theft A Vietnamese-speaking threat actor has been linked to an information theft campaign targeting government and educational organizations in Europe and Asia with a new Python-based malware called PXA hijacker. Cisco Talos researchers Joey Chen, Alex Carkins, and Chetan Raghuprasad said the malware “targets victims’ sensitive information, including credentials for various online accounts, VPN and FTP clients, financial information, browser cookies, and game software data.” . said. “PXA Stealer has the ability to decrypt the victim’s browser master password and use it to steal saved credentials of various online accounts” The link to Vietnam…
In recent years, artificial intelligence (AI) has started a revolution in identity access management (IAM), changing the approach to cybersecurity in this important area. The use of artificial intelligence in IAM is to use its analytical capabilities to monitor access patterns and detect anomalies that may indicate a potential security breach. The focus has expanded beyond simple human identity management—autonomous systems, APIs, and connected devices now also enter the realm of AI-powered IAM, creating a dynamic security ecosystem that adapts and evolves in response to complex cyber threats. The role of artificial intelligence and machine learning in IAM Artificial intelligence…
November 15, 2024Ravi LakshmananVulnerability / Database Security Cybersecurity researchers have discovered a serious security flaw in the open-source PostgreSQL database system that could allow unprivileged users to modify environment variables and potentially lead to code execution or information disclosure. Vulnerability, tracked as CVE-2024-10979has a CVSS score of 8.8. Environment variables are user-defined values that can allow a program to dynamically retrieve various kinds of information, such as access keys and software installation paths, at runtime without having to hardcode them. In some operating systems, they are initialized at startup. “Improper handling of environment variables in PostgreSQL PL/Perl allows an unprivileged…
Ilya Lichtenstein, who pleaded guilty was sentenced to five years in prison for hacking the Bitfinex cryptocurrency exchange in 2016, the US Department of Justice announced on Thursday. Liechtenstein that is charged for him attraction in a money laundering scheme this led to the theft of nearly 120,000 bitcoins (valued at over $10.5 billion at current prices) from the crypto exchange. Heather Rhiannon Morgan, his wife, also pleaded guilty to the same offenses last year. They both were arrested in February 2022 Morgan is scheduled to be sentenced on November 18. “The 35-year-old Lichtenstein hacked the Bitfinex network in 2016…
November 15, 2024Ravi LakshmananNetwork Security / Vulnerability The US Cybersecurity and Infrastructure Security Agency (CISA) warned on Thursday that two more flaws affecting Palo Alto Networks Expedition have been actively exploited in the wild. Before that there is added vulnerabilities of its known vulnerabilities used (KEV) directory that requires Federal Civilian Executive Branch (FCEB) agencies to apply required updates by December 5, 2024. The security flaws are listed below – CVE-2024-9463 (CVSS Score: 9.9) – Palo Alto Networks Expedition OS command implementation vulnerability CVE-2024-9465 (CVSS Score: 9.3) – SQL injection vulnerability in Palo Alto Networks Expedition Successful exploitation of the…
Several threat actors have been found to use a named attack method Ducks are sitting to hijack legitimate domains for use in phishing attacks and investment fraud schemes for years. The findings Infoblox said that in the past three months, nearly 800,000 vulnerable registered domains were identified, of which approximately 9% (70,000) were compromised. “Cybercriminals have used this vector since 2018 to hijack tens of thousands of domain names,” the cybersecurity company said in a report published on The Hacker News. “Affected domains include well-known brands, nonprofits, and government organizations.” However, the attack vector is little known originally documented by…
November 14, 2024Ravi LakshmananArtificial Intelligence / Cryptocurrency Google has discovered that attackers are using techniques such as landing page cloaking to spoof, pretending to be legitimate sites. “Masking is specifically designed to prevent systems and moderation teams from viewing content that violates policy, allowing them to deploy scams directly to users,” Laurie Richardson, vice president and head of trust and security at Google. said. “Landing pages often mimic well-known sites and create a sense of need to manipulate users into purchasing fake or unreal products.” Masking refers to practice providing various content to search engines such as Google and users…