Author: Admin
November 9, 2024Ravi LakshmananVulnerability / Network Security Palo Alto Networks on Friday issued an advisory urging customers to ensure that access to the PAN-OS management interface is secured due to a potential remote code execution vulnerability. Palo Alto Networks is aware of a remote code execution vulnerability through the PAN-OS management interface. said. “At the moment, we do not know the specifics of the reported vulnerability. We are actively monitoring for signs of any exploitation.” Meanwhile, the network security vendor advised users to properly configure the management interface according to best practices and ensure that it can only be accessed…
November 9, 2024Ravi LakshmananCryptocurrency / Cybercrime The 36-year-old founder of cryptocurrency mixer Bitcoin Fog was sentenced to 12 years and six months in prison for aiding and abetting money laundering between 2011 and 2021. Roman Sterlingov, citizen of Russia and Sweden, pleaded guilty on charges of money laundering and operating an unlicensed money transfer business earlier this March. The US Department of Justice (DoJ) has described Bitcoin Fog as the longest running darknet cryptocurrency mixerallowing cybercriminals to hide the source of their cryptocurrency income. “During its ten years of operation, Bitcoin Fog has gained notoriety as a money-laundering service for…
Friday’s Squid Blog: Squid-A-Rama in Des Moines Squid-A-Rama will be in Des Moines at the end of the month. Visitors will be able to dissect a squid, learn interesting facts about the species and witness a live squid release by local divers. How do they release live squid? Simple: It’s Des Moines, Washington; not Des Moines, Iowa. Blog Moderation Policy. tags: squid Posted on November 8, 2024 at 5:04 pm • Bruce Schneier sidebar photo by Joe McInnis. Source link
November 8, 2024Hacker newsCyber Resilience / Compliance We’ve all heard it a million times: the growing demand for robust cybersecurity in the face of growing cyber threats is undeniable. Around the world, small and medium-sized businesses (SMBs) are increasingly being targeted by cyberattacks, but they often lack the resources for dedicated chief information security officers (CISOs). This gap is fueling the growth of the virtual CISO (vCISO) model, which offers a cost-effective solution and gives SMBs access to strategic security leadership. For MSPs and MSSPs, this shift represents both a challenge and an opportunity. More than 94% of service providers…
November 8, 2024Ravi LakshmananIoT Security / Vulnerability The threat actors behind the AndroxGh0st malware are now exploiting a wider set of security flaws affecting various Internet applications, as well as deploying the Mozi botnet malware. “This botnet uses remote code execution and credential theft techniques to maintain constant access, using unpatched vulnerabilities to infiltrate critical infrastructures.” – CloudSEK said in a new report. AndroxGh0st is the name given to a Python-based cloud attack tool known for targeting Laravel applications in order to obtain sensitive data from services such as Amazon Web Services (AWS), SendGrid, and Twilio. Active since at least…
November 8, 2024Ravi LakshmananOpen source / malware The new campaign targeted an npm package repository with malicious JavaScript libraries designed to infect Roblox users with open source malware such as Indebtedness and Blank-grabber. “This incident highlights the alarming ease with which threat actors can attack supply chains by exploiting trust and human error in the open source ecosystem and using readily available malware, public platforms such as GitHub to host malicious executables, and communication channels such as Discord and Telegram for C2 operations to bypass traditional security measures.” — Socket security researcher Kirill Boichenko said in a report shared with…
November 8, 2024Ravi LakshmananCyber espionage / threat intelligence High-profile organizations in India have been targeted by malicious campaigns organized by Pakistan Transparent tribe threat actor and previously unknown cyber espionage group with China Nexus called IcePeony. The intrusions linked to Transparent Tribe include the use of malware called ElizaRAT and a new stealth payload called ApoloStealer on specific victims of interest, Check Point said in a white paper published this week. “The ElizaRAT samples point to the systematic abuse of cloud services, including Telegram, Google Drive and Slack, to facilitate command-and-control communication,” the Israeli company said. said. ElizaRAT is a…
The AI industry is trying to undermine the definition of “open source AI” The Open Source Initiative has published (article in the news here) their definition of “open source AI” and that terrible. It enables secret training data and mechanisms. This allows development to be done in secret. Since the training data for neural networks there is the source code is how the model is programmed – the definition doesn’t make sense. And it’s confusing; most open source AI models, such as LLAMA, are open source in name only. But OSI appears to have been co-opted by industry players who…
November 8, 2024Hacker newsCyber Security Awareness / Webinar Let’s face it: traditional security training can be just as exciting as reading the fine print on software updates. It’s routine, predictable, and, let’s be honest, often forgotten about once it’s over. Now imagine cyber security training as memorable as your favorite show. Remember how “Hamilton” brought history to life, or how “The Office” taught us CPR (stay alive, anyone?)? That’s the transformative power of storytelling—and that’s exactly what Huntress Managed Security Awareness Training (SAT) brings to cybersecurity. Why storytelling is the secret weapon in safety education: The human brain is made…
November 8, 2024Ravi LakshmananMalware / Virtualization Cybersecurity researchers have identified a new malware campaign that infects Windows systems with a virtual instance of Linux that contains a backdoor capable of establishing remote access to compromised hosts. An “intriguing” campaign under a code name CROWN#TRAPstarts with a malicious Windows Shortcut (LNK) file, which is likely distributed as a ZIP archive via a phishing email. “What makes the CRON#TRAP campaign of particular concern is that the emulated Linux instance comes with a preconfigured backdoor that automatically connects to the attacker’s command and control (C2) server,” Securonix researchers Dan Yuzwick and Tim Peck…