Author: Admin
January 6, 2025Ravi LakshmananBlockchain / Malware Cybersecurity researchers discovered several malicious packages in the npm registry that were found to mimic the Hardhat Nomic Foundation tool in order to steal sensitive data from developer systems. “By exploiting trust in open source plugins, attackers infiltrated these platforms via malicious npm packages, stealing important data such as private keys, mnemonics, and configuration details,” Socket Research Group said in the analysis. today is an Ethereum software development environment that contains various components for editing, compiling, debugging, and deploying smart contracts and decentralized applications (dApps). The list of detected fake packages is as follows…
January 4, 2025Ravi LakshmananSoftware Vulnerability / Security A serious security flaw has been discovered in ProjectDiscovery Nucleia widely distributed open source vulnerability scanner that, if successfully exploited, can allow attackers to bypass signature verification and potentially execute malicious code. Tracked as CVE-2024-43405it has a CVSS score of 7.4 out of a maximum of 10.0. This affects all versions of Nuclei later than 3.0.0. “The vulnerability results from a mismatch between the way the signature validation process and the YAML parser handle newline characters, combined with the way multiple signatures are handled,” it said. description vulnerabilities. “This allows an attacker to…
January 4, 2025Ravi LakshmananMalware / VPN Security Cyber security researchers have identified a new malware called A FUNNY GHOST which comes with a wide range of information gathering features such as keyboard, screen capture, audio capture, remote shell and file transfer/execution. Backdoor, according to Google’s managed protection team, shares features with a well-known remote administration tool called Gh0st RATwhose source code was published in 2008. PLAYFULGHOST’s initial access routes include using behavior-related phishing emails or search engine optimization (SEO) poisoning techniques to distribute trojanized versions of legitimate VPN programs such as LetsVPN. “In one phishing case, the infection begins by…
January 4, 2025Ravi LakshmananCyber espionage / IoT botnet On Friday, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) imposed sanctions on a Beijing-based cybersecurity company known as Integrity Technology Group, Incorporated for orchestrating several cyberattacks against U.S.-based victims. These attacks were publicly attributed to the Chinese state threat actor being tracked Linen typhoon (aka Ethereal Panda or Red Juliet), which was published last year under the name Internet of Things (IoT) botnets. Raptor train. The hacking team has been active since at least mid-2021, targeting various organizations in North America, Europe, Africa and Asia. Attacks carried out by…
About Bruce SchneierI a public interest technologistwho work at the intersection of security, technology and people. I wrote about security issues on mine blog since 2004 and in my periodical newsletter since 1998. I am a staff member and faculty member at Harvard Kennedy Schoolmember of the board of EFFand head of the security architecture department at Inrupt, Inc. This personal site does not represent the views of any of these organizations. Source link
January 3, 2025Ravi LakshmananMachine Learning / Vulnerability Cybersecurity researchers have shed light on a new jailbreak technique that can be used to bypass large language model (LLM) fences and generate potentially harmful or malicious responses. The strategy of a multi-path attack (aka multiple) has received a code name Bad Judge Likert Palo Alto Networks Unit 42 researchers Yunzhe Huang, Yang Ji, Wenjun Hu, Jay Chen, Akshata Rao, and Danny Tsechansky. “The method requires the target LLM to act as a judge, assessing the harmfulness of a given response using Likert scalerating scale that measures the respondent’s agreement or disagreement with…
January 3, 2025Ravi LakshmananWindows Server / Threat Mitigation The proof-of-concept (PoC) exploit was released for a fixed security flaw affecting Windows Lightweight Directory Access Protocol (LDAP) that could cause a denial of service (DoS) condition. An out-of-bounds read vulnerability is tracked as CVE-2024-49113 (CVSS score: 7.5). This was addressed by Microsoft as part of the December 2024 Patch Tuesday updates CVE-2024-49112 (CVSS score: 9.8), a critical integer overflow bug in the same component that could lead to remote code execution. The discovery and reporting of both vulnerabilities is attributed to independent security researcher Yuki Chen (@guhe120). CVE-2024-49113 PoC came up…
January 3, 2025Ravi LakshmananDevOps / Software Development Microsoft has announced that it is making “unexpected changes” to the way it distributes .NET installers and archives, requiring developers to update their production and DevOps infrastructure. “We expect that most users will not be directly affected, but it is important that you confirm whether you are affected and monitor for downtime or other types of outages,” said Richard Lander, program manager on the .NET team. said in a statement last week. This move is a result of some .NET binaries and installers being hosted on Azure Content Delivery Network (CDN) domains ending…
January 3, 2025Ravi LakshmananTechnology / Data Privacy Apple has agreed will pay $95 million to settle a proposed class-action lawsuit that accused the iPhone maker of invading users’ privacy with its Siri voice assistant. There was development reported for the first time Reuters agency. The agreement applies to individuals residing in the United States and current or former owners or purchasers of a Siri-enabled device whose confidential voice communications with the Assistant were obtained by Apple and/or disclosed to third parties as a result of inadvertent activation of Siri” between September 17, 2014 year until December 31, 2024. Eligible individuals…
January 2, 2025Ravi LakshmananVulnerability / Data Protection Details have emerged about three fixed security vulnerabilities in Dynamics 365 and Power Apps Web API that could lead to data disclosure. Disadvantages revealed by Melbourne-based cyber security company Stratus Security, were eliminated as of May 2024. Two of the three weaknesses are in Power Platform OData Web API Filterand the third vulnerability is rooted in the FetchXML API. The root cause of the first vulnerability is the lack of access control for the OData web API filter, which allows access to table of contacts that holds confidential information for example, full names,…