Author: Admin
Zero Trust security changes the way organizations handle security by eliminating conditional trust with continuous analysis and validation of access requests. Unlike perimeter-based security, users in an environment are not automatically trusted after gaining access. Zero Trust security encourages continuous monitoring of each device and user, providing persistent protection after successful user authentication. Why companies use Zero Trust security Companies use Zero Trust security to protect against sophisticated and increasingly sophisticated cyber threats. This addresses the limitations of traditional perimeter-based security models, which include a lack of east-west traffic security, implicit insider trust, and a lack of visibility. Traditional Security…
November 5, 2024Ravi LakshmananVulnerability / Data Security Taiwanese network attached storage (NAS) manufacturer Synology has fixed a critical security flaw that affects DiskStation and BeePhotos and could lead to remote code execution. Tracked as CVE-2024-10443 and duplicated RISK: STATION by Midnight Blue, the zero-day flaw was demonstrated at the Pwn2Own Ireland 2024 hacking competition by security researcher Rick de Jager. RISK:STATION is “an unauthenticated zero-click vulnerability that allows attackers to gain root-level code execution on popular Synology DiskStation and BeeStation NAS devices, affecting millions of devices,” a Dutch company said. The zero-click nature of the vulnerability means that it does…
November 5, 2024Ravi LakshmananData Leak / Cybercrime Canadian law enforcement agencies arrested a person suspected of committing a a series of hacks in the wake of the Snowflake cloud storage platform breach earlier this year. The individual in question, Alexander “Conor” Movka (aka Judische and Waifu), was detained on October 30, 2024, on a preliminary arrest warrant requested by the US There was development reported for the first time Bloomberg and confirmed 404 mass media. The exact nature of the charges against Movka is still unknown. In June 2024 Snow White opened that a “limited number” of his customers were…
November 5, 2024Ravi LakshmananMalware / Blockchain An ongoing campaign is targeting npm developers with hundreds of typosquat versions of their legitimate counterparts in an attempt to force them to run cross-platform malware. According to independent findings, the attack is characterized by the use of Ethereum smart contracts to distribute the addresses of command and control (C2) servers. Checkmarx, Typeand Socket published in the last few days. This activity was first noted on October 31, 2024, although it is said to have occurred at least a week ago. At least 287 typosquat packages have been published in the npm package registry.…
November 5, 2024Ravi LakshmananMobile Security / Vulnerability Google warns that a security flaw affecting its Android operating system is being exploited in the wild. The vulnerability, tracked as CVE-2024-43093, was described as a privilege escalation flaw in the Android Framework component that could lead to unauthorized access to the “Android/data”, “Android/obb”, and “Android/sandbox” directories. and its subdirectories, according to a code commit message. There are currently no details on how this vulnerability is used in actual attacks, but Google admitted in its monthly newsletter that there are indications that it “may be under limited, targeted exploitation”. The tech giant also…
November 4, 2024Ravi LakshmananVulnerability / Cyber threat Cybersecurity researchers discovered six security flaws in Ollama’s artificial intelligence (AI) framework that could be exploited by an attacker to perform a variety of actions, including denial of service, model poisoning, and model theft. “Combined, these vulnerabilities could allow an attacker to perform a wide variety of malicious activities with a single HTTP request, including Denial of Service (DoS) attacks, model poisoning, model theft, and more,” Avi, researcher at Oligo Security. Lumelsky said in a report published last week. Ollama is an open source program that allows users to locally deploy and manage…
November 4, 2024Ravi LakshmananArtificial Intelligence / Vulnerability Google said it discovered a zero-day vulnerability in the open-source SQLite database engine using a Large Language Model (LLM)-enabled framework called Big dream (formerly Project Naptime). The tech giant described the development as the “first real-world vulnerability” discovered using an artificial intelligence (AI) agent. “We believe this is the first public example of an AI agent detecting a previously unknown memory security issue in widely used real-world software,” Big Sleep Team said in a blog post shared with The Hacker News. The vulnerability it’s about stack buffer underfilling in SQLite, which happens when…
November 4, 2024Mohit KumarDDoS attack / Cybercrime German law enforcement announced a flaw in a criminal service called dstat(.)cc that allowed other threat actors to easily mount distributed denial-of-service (DDoS) attacks. “The platform has made such DDoS attacks accessible to a wide range of users, even those without deep technical skills of their own,” notes the Federal Criminal Police Office (aka Bundeskriminalamt or BKA). said. “In the context of police investigations, the use of stressor services to carry out DDoS attacks has recently become increasingly known.” The BKA described dstat(.)cc as a platform that offers recommendations and assessments of stress…
As the holiday season approaches, retailers are bracing for the annual surge in online (and in-store) traffic. Unfortunately, this increase in activity also attracts cybercriminals who want to exploit vulnerabilities to their advantage. Imperva, a Thales company, recently published its annual release Guide to Cyber Security Holiday Shopping. Data from Imperva Threat Research’s six-month analysis (April 2024 – September 2024) showed that retailers should be mindful of AI-driven threats this year. As generative artificial intelligence tools and large language models (LLMs) become more common and sophisticated, cybercriminals are increasingly using these technologies to scale and refine their attacks on e-commerce…
November 4, 2024Ravi LakshmananMobile Security / Financial Fraud Cybersecurity researchers have discovered a new version of a well-known Android malware family called FakeCall which uses voice phishing techniques (aka vishing) to trick users into parting with personal information. “FakeCall is an extremely sophisticated Vishing attack that uses malware to gain almost complete control over a mobile device, including intercepting incoming and outgoing calls,” said Zimperium researcher Fernando Ortega. said in a report published last week. “Victims are tricked into calling fake phone numbers controlled by the attacker and mimicking the normal user experience on the device.” FakeCall, which is also…