Author: Admin
A new study found more than 145,000 industrial control systems (ICS) in 175 countries worldwide, with the US alone accounting for more than a third of the total number of infections. The analysiswhich comes from attack surface management company Censys, found that 38% of devices are located in North America, 35.4% in Europe, 22.9% in Asia, 1.7% in Oceania, 1.2% in South America and 0.5% in Africa. Countries with the highest number of ICS services: USA (over 48,000), Turkey, South Korea, Italy, Canada, Spain, China, Germany, France, UK, Japan, Sweden, Taiwan, Poland and Lithuania. The metrics are derived from the…
November 21, 2024Ravi LakshmananCryptocurrency / Identity Theft Five alleged members of the infamous Scattered Spider cybercriminal group were accused in the US for attacking company employees across the country using social engineering techniques to obtain credentials and use them to gain unauthorized access to sensitive data and hack crypto accounts to steal millions of dollars in digital assets. All defendants are charged with one count of conspiracy to commit wire fraud, one count of conspiracy and one count of aggravated identity theft. They include – Ahmed Hosam Eldin Elbadawy, 23, aka AD, of College Station, Texas Noah Michael Urban, 20,…
November 21, 2024Ravi LakshmananArtificial Intelligence / Software Security Google revealed that its AI-based fuzzing tool OSS-Fuzz was used to detect 26 vulnerabilities in various open-source repositories, including a medium-severity flaw in the OpenSSL cryptographic library. “These specific vulnerabilities represent a major milestone for automated vulnerability discovery: each one was found using artificial intelligence using AI-generated and enhanced fuzz targets,” Google’s Open Source Security Team said in a blog post shared with The Hacker News. OpenSSL vulnerability addressed CVE-2024-9143 (CVSS Score: 4.3), an out-of-memory write error that could cause an application or remote code execution to crash. There was a problem…
Threat hunters warn of an updated Python-based version NodeStealer it is now equipped to extract more information from victims’ Facebook Ads Manager accounts and collect credit card data stored in web browsers. “They collect detailed information about the budget of their victims’ Facebook Ads Manager accounts, which can be a gateway to malicious Facebook advertising,” Ian Michael Alcantara, researcher at Netskope Threat Labs. said in a report shared with The Hacker News. “New techniques used by NodeStealer include using Windows Restart Manager to unlock browser database files, add unnecessary code, and use batch scripting to dynamically generate and execute a…
Steve Bellovino’s Retirement Talk Steve Belavin is retiring. Here his retirement speech, reflecting on his career and what the cybersecurity industry needs next. tags: cyber security, security history Posted on November 20, 2024 at 11:22 • 0 comments Bruce Schneier sidebar photo by Joe McInnis. Source link
November 20, 2024Ravi LakshmananPayment Security / Cybercrime Threat actors are increasingly banking on a new technique that uses near-field communication (NFC) to capture a victim’s funds at scale. Technique under the code name Ghost faucet by ThreatFabric, allows cybercriminals to cash out stolen credit cards linked to mobile payment services such as Google Pay or Apple Pay and relay NFC traffic. “Criminals can now abuse Google Pay and Apple Pay to transmit your click-to-pay information worldwide in seconds,” Dutch security firm The Hacker News said in a statement. “This means that even without your physical card or phone, they can…
November 20, 2024Ravi LakshmananEndpoint Security / Artificial Intelligence Research Microsoft has announced a new Windows Sustainability Initiative as a way to improve security and reliability and to ensure that the integrity of the system is not compromised. The idea, the tech giant said, is to avoid incidents like CrowdStrike earlier this July, allow more applications and users to run without administrator privileges, add controls over the use of dangerous programs and drivers, and offer options for encrypting personal data. One of the most important features is Fast recovery of the machine It is expected to be available to the Windows…
November 20, 2024Hacker newsIdentity Security / Cyber Defense Today’s cyber attacks are increasing in frequency and sophistication, making it increasingly difficult for organizations to protect sensitive data and critical infrastructure. When attackers compromise a non-human identity (NHI), they can quickly use it to move across systems, discovering weaknesses and compromising additional NHIs in minutes. While organizations often need months to detect and contain such breaches, quick detection and response can stop an attack in its tracks. The rise of non-human entities in cyber security By 2025 non-human identities will become the primary attack vector in cyber security. As businesses increasingly…
November 20, 2024Ravi LakshmananLinux / Vulnerability The needrestart package installed by default in Ubuntu Server (starting with version 21.04) discovered a number of ten-year-old security vulnerabilities that could allow a local attacker to gain root privileges without the need for user interaction. Qualys Threat Research Unit (TRU) which detected and reported flaws early last month, said they are trivial to use, requiring users to move quickly to apply fixes. The vulnerabilities are believed to have existed since the introduction of translator support in the need to restart 0.8which was released on April 27, 2014. “These needrestart exploits allow local privilege…
November 20, 2024Ravi LakshmananCyber Espionage / Telecom Security A new cyberespionage group linked to China has been blamed for a series of targeted cyberattacks targeting telecommunications organizations in South Asia and Africa since at least 2020 to ensure intelligence gathering. Cybersecurity company CrowdStrike tracks the adversary by name Liminal pandadescribing him as having an in-depth knowledge of telecommunications networks, the protocols that support telecommunications, and the various interconnections between providers. A threat actor’s malware portfolio includes specialized tools that facilitate covert access, command and control (C2), and data extortion. “Liminal Panda used compromised telecommunications servers to initiate intrusions into other…