Author: Admin
January 3, 2025Ravi LakshmananTechnology / Data Privacy Apple has agreed will pay $95 million to settle a proposed class-action lawsuit that accused the iPhone maker of invading users’ privacy with its Siri voice assistant. There was development reported for the first time Reuters agency. The agreement applies to individuals residing in the United States and current or former owners or purchasers of a Siri-enabled device whose confidential voice communications with the Assistant were obtained by Apple and/or disclosed to third parties as a result of inadvertent activation of Siri” between September 17, 2014 year until December 31, 2024. Eligible individuals…
January 2, 2025Ravi LakshmananVulnerability / Data Protection Details have emerged about three fixed security vulnerabilities in Dynamics 365 and Power Apps Web API that could lead to data disclosure. Disadvantages revealed by Melbourne-based cyber security company Stratus Security, were eliminated as of May 2024. Two of the three weaknesses are in Power Platform OData Web API Filterand the third vulnerability is rooted in the FetchXML API. The root cause of the first vulnerability is the lack of access control for the OData web API filter, which allows access to table of contacts that holds confidential information for example, full names,…
January 2, 2025Ravi LakshmananCyber espionage / hacking The German prosecutor’s office has is charged three Russian-German citizens for acting as agents of the Russian special services. Persons named Dieter S., Alexander J. and Alex D., were accused of working for a foreign intelligence service. Dieter S. also allegedly participated in sabotage operations, as well as in photographing military facilities with the aim of endangering national security. Dieter S. was originally arrested The Federal Criminal Police Office (aka Bundeskriminalamt or BKA) together with Alexander J. on charges of espionage. At the end of October 2024. so was Dieter S is charged…
January 2, 2025Hacker newsCloud Security / Threat Intelligence last year, cross-domain attacks gained notoriety as a new tactic among opponents. These operations exploit weaknesses in multiple domains, including endpoints, identity systems, and cloud environments, to allow an adversary to penetrate organizations, move sideways, and avoid detection. eCrime groups like SCATTERED SPIDER and adversaries of the North Korea-Nexus such as THE FAMOUS CHOLIMA exemplifies the use of cross-domain tactics, using advanced techniques to exploit security gaps in interconnected environments. The basis of these attacks is built around the use of legitimate entities. Today’s adversaries no longer “break in”; they “log in”…
Cybersecurity researchers discovered a malicious package in the npm package registry that pretends to be a library for detecting vulnerabilities in Ethereum smart contracts, but actually drops an open-source remote access trojan called Quasar RAT onto developer systems. A highly confusing package called ethereumvulncontracthandlerwas published to npm on Dec 18, 2024. by a user named “solidit-dev-416”. At the time of writing, it is still available for download. It was downloaded 66 times to date. “Once installed, it retrieves a malicious script from a remote server, executing it silently to deploy the RAT on Windows systems,” Socket security researcher Kirill Boichenko…
January 1, 2025Ravi LakshmananInternet Security / Vulnerability Threat Hunters have disclosed a new “widespread class of time-based vulnerability” that exploits double click sequence to facilitate clickjacking attacks and account hijacking on almost all major sites. The equipment received a code name DoubleClickjacking security researcher Pavlos Ibela. “Instead of relying on a single click, it uses a double-click sequence,” Yibelo said. “While this may seem like a small change, it opens the door to new UI manipulation attacks that bypass all known click defenses, including the X-Frame-Options header or SameSite: Lax/Strict cookies.” Clickjackingalso called UI masking, refers to an attack method…
January 1, 2025Ravi LakshmananGenerative AI / Intervention in choice The US Treasury Department’s Office of Foreign Assets Control (OFAC) on Tuesday imposed sanctions on two organizations in Iran and Russia for their efforts to interfere in the November 2024 presidential election. The feds said the organizations – an affiliate of Iran’s Islamic Revolutionary Guard Corps and the Moscow branch of Russia’s General Intelligence Directorate (GRU) – sought to influence the election and divide the American people through targeted disinformation campaigns. “As affiliates of KIEV and the GRU, these entities aimed to inflame socio-political tensions and influence the American electorate during…
December 31, 2024Ravi LakshmananData Security / Privacy The US Department of Justice (DoJ) has issued a final rule implementing Executive Order (EO) 14117, which prevents the bulk transfer of personal data of citizens to countries such as China (including Hong Kong and Macau), Cuba, Iran, North Korea, Russia and Venezuela . “This final rule is an important step forward in combating the extreme threat to national security posed by our adversaries who are exploiting Americans’ most sensitive personal data,” said Assistant Attorney General Matthew G. Olsen of the Department of Justice’s National Security Division. “This powerful new national security program…
December 31, 2025Ravi LakshmananVulnerability / Incident Response The United States Treasury Department said it suffered a “major cybersecurity incident” that allowed suspected Chinese threat actors to gain remote access to some computers and unclassified documents. “December 8, 2024 third-party software services provider, BeyondTrust, notified the Treasury Department that an attacker gained access to a key used by the provider to secure a cloud service used to remotely provide technical support to the Treasury. Departmental Office (DO) end-users,” the department said in a letter to the Senate Banking, Housing and Urban Affairs Committee. “By gaining access to the stolen key, the…
Cybersecurity researchers have discovered three vulnerabilities in Microsoft’s Azure Data Factory Apache Airflow an integration that, if successfully exploited, could allow an attacker to perform a variety of covert activities, including data theft and malware deployment. “Exploitation of these flaws could allow attackers to gain permanent access as shadow administrators to an entire Airflow Azure Kubernetes Service (AKS) cluster,” Palo Alto Networks Unit 42 said in an analysis published earlier this month. The vulnerabilities, though classified as low severity by Microsoft, are listed below – Incorrectly configured Kubernetes RBAC in Airflow cluster Incorrect configuration of Azure Azure internal service secret…