Author: Admin
As modern software development has evolved, managing CI/CD pipelines has become critical to maintaining agility and compliance. As we enter the age of artificial intelligence (AI), the importance of reliable pipeline management only increases. With that said, we’ll explore the concept of CI/CD pipeline management and why it’s vital, especially as artificial intelligence becomes more prevalent in our software pipelines. What is CI/CD Pipeline Management? CI/CD pipeline management refers to the framework of policies, practices, and controls that oversee the entire software delivery process. This ensures that every step, from code generation to production deployment, meets organizational standards, security protocols,…
December 16, 2024Ravi LakshmananCryptocurrency / Phishing Attack Cybersecurity researchers are drawing attention to a new type of investment fraud that uses a combination of malicious social media advertising, company-branded messages, and artificial intelligence (AI)-based video recommendations featuring celebrities, ultimately leading to financial and data loss. . “The main goal of fraudsters is to lead victims to phishing websites and forms that collect their personal information,” ESET noted in its Threat report for the second half of 2024 shared with The Hacker News. A Slovak cyber security company is tracking a threat called Nomania play on the phrase “no money”. It…
December 16, 2024Ravi LakshmananCyber attack / Cyber espionage The Security Service of Ukraine (SBU or SBU) has exposed a new espionage campaign, suspected of being part of Russia’s Federal Security Service (FSB), which involved the recruitment of Ukrainian minors for criminal activities under the guise of “quest games”. Law enforcement officers said that they detained two FSB agent groups after a special operation in Kharkiv. These groups, according to the agency, consisted exclusively of 15- and 16-year-old children. “Minors performed hostile tasks of conducting reconnaissance, adjusting strikes and arson,” the SBU reports. said in a statement released Friday. “To mask…
December 14, 2024Ravi LakshmananBotnet / Ad Fraud Germany’s Federal Office for Information Security (BSI) has announced that it has foiled a malware operation called BADBOX that was pre-installed on at least 30,000 internet-connected devices sold across the country. In a statement released earlier this week, authorities said they had severed communications between the devices and their command-and-control (C2) servers by seizing the relevant domains. Affected devices include digital photo frames, media players and streamers, and likely phones and tablets. “What all these devices have in common is that they have outdated versions of Android and come with malware pre-installed,” the…
December 14, 2024Ravi LakshmananMalware/cyber threats Thai government officials have been targeted by a new company using a technique called Sideloading DLL put a previously undocumented backdoor duplicated Yokai. “Based on the nature of the lures, the threat actors targeted Thai officials,” Nikhil Hegde, a senior engineer at Netskope’s security team, told The Hacker News. “The Yokai backdoor itself is unlimited and can be used against any potential target.” The the starting point of the attack chain is a RAR archive containing two Windows shortcut files with titles in Thai that translate to “United States Department of Justice.pdf” and “United States…
December 13, 2024Ravi LakshmananCyber attack / malware It is estimated that a remote GitHub repository that advertised WordPress’ online content management system (CMS) tool allowed more than 390,000 credentials to be stolen. The malicious activity is part of a larger attack campaign launched by a threat actor dubbed MUT-1244 (where MUT refers to “Mysterious Unattributed Threat”) by Datadog Security Labs, which includes phishing and several trojanized GitHub repositories that post proof of concept. (PoC) code to exploit known security flaws. “Victims are believed to be attackers, including pentesters and security researchers, as well as malicious threat actors, and had their…
December 13, 2024Hacker newsLinux / Vulnerability A security flaw was discovered OpenWrtVisited by Sysupgrade (ADU) feature that, if successfully exploited, could be used to distribute malicious software packages. Vulnerability, tracked as CVE-2024-54143has a CVSS score of 9.3 out of a maximum of 10, indicating critical severity. Flatt Security researcher RyotaK is credited with discovering and reporting the flaw on December 4, 2024. The problem was fixed in ASU version 920c8a1. “By combining command injection into the image builder image and the truncated SHA-256 hash included in the build request hash, an attacker can taint a legitimate image by providing a…
The US Department of Justice (DoJ) has charged 14 nationals of the Democratic People’s Republic of Korea (DPRK or North Korea) for their alleged involvement in an ongoing conspiracy to violate sanctions and commit fraud, money laundering and identity theft. by illegally seeking employment in American companies and non-profit organizations. “The conspirators, who worked for the DPRK-controlled companies Yanbian Silverstar and Volasys Silverstar, located in the People’s Republic of China (PRC) and the Russian Federation (Russia), respectively, conspired to use false, stolen, and borrowed identities from the United States and others to conceal their North Korean identities and foreign locate…
Managed by the Tines orchestration, AI and automation platform team, the Tines library contains pre-built workflows used by real security professionals from across the community, all of which are free to import and deploy via Community edition platform. Their twice-yearly “You Did What with Tines?!” the competition highlights some of the most interesting workflows submitted by their users, many of which demonstrate the practical application of large-scale language models (LLM) to solve complex problems in security operations. One recent winner is a workflow designed to automate CrowdStrike RFM reports. Developed by Tom Power, a security analyst at the University of…
December 13, 2024Hacker newsIoT Security / Operational Technology Iran-linked threat actors have been linked to new custom malware targeting IoT and operational technology (OT) environments in Israel and the US. The malware received a code name IOCONTROL from cybersecurity company OT Claroty, highlighting its ability to attack IoT and SCADA devices such as IP cameras, routers, programmable logic controllers (PLCs), human machine interfaces (HMIs), firewalls, and other Linux-based based on IoT/OT platforms. “Although the malware is believed to be custom-built by the threat actor, it appears that the malware is generic enough to run on different platforms from different vendors…