Author: Admin
September 30, 2024Ravi LakshmananGDPR / data privacy Ireland’s Data Protection Commission (DPC) fined Meta €91 million ($101.56 million) as part of an investigation into a security breach in March 2019, when the company revealed it had mistakenly stored user passwords in clear text on its systems. investigation, DPC is started next month found that the social media giant violated four different articles of the European Union’s General Data Protection Regulation (GDPR). To that end, the DPC accused Meta of failing to notify the DPC of the data breach in a timely manner, to document the breach of personal data relating…
September 28, 2024Ravi LakshmananCryptocurrency / Mobile Security Cybersecurity researchers discovered a malicious Android app in the Google Play Store that allowed threat actors to steal approximately $70,000 in cryptocurrency from victims over a period of nearly five months. The malicious program identified by Check Point appeared to be legitimate WalletConnect open source protocol to force unsuspecting users to download it. “Fake reviews and consistent branding have helped the app get over 10,000 downloads, ranking high in search results,” the cybersecurity firm said. said in the analysis, adding that this is the first time a cryptocurrency drain program has targeted mobile…
The US federal prosecutor’s office on Friday dropped criminal charges against three Iranian citizens who are believed to be working with the Islamic Revolutionary Guard Corps (IRGC) to target current and former officials in order to steal sensitive data. The Department of Justice (DoJ) charged 36-year-old Masoud Jalili, 34-year-old Seyed Ali Aghamiri, and 37-year-old Yasser (Yasser) Balaghi in a conspiracy with other known and unknown figures undermine the US electoral process. Supposedly they have hacked in accounts current and former US officials, members of the media, non-governmental organizations and individuals associated with political campaigns in the US. None of the…
September 27, 2024Ravi LakshmananSoftware Security / Vulnerability Progress Software has released another round of updates to address six security flaws in WhatsUp Gold, including two critical vulnerabilities. Problems, company saidwere resolved in version 24.0.1, released on September 20, 2024. The company has not yet released any details about the flaws, other than listing their CVE IDs – CVE-2024-46905 (CVSS score: 8.8) CVE-2024-46906 (CVSS score: 8.8) CVE-2024-46907 (CVSS score: 8.8) CVE-2024-46908 (CVSS score: 8.8) CVE-2024-46909 (CVSS score: 9.8) and CVE-2024-8785 (CVSS score: 9.8) Security researcher Sina Heirkach of the Summoning Team is credited with discovering and reporting the first four flaws.…
September 27, 2024Ravi LakshmananGenAI / Cybercrime Russian-speaking users have become the target of a new campaign to distribute a commercial Trojan named DCRat (aka DarkCrystal RAT) using a technique known as Contraband HTML. This development marks the first time malware has been deployed using this method, a departure from previously observed delivery vectors such as compromised or spoofed websites or phishing emails with PDF attachments or Microsoft Excel documents with macro firmware. “HTML smuggling is primarily a payload delivery mechanism,” – Nikhil Hegde, researcher at Netskope said in an analysis published Thursday. “The payload can be embedded in the HTML…
September 27, 2024Ravi LakshmananLinux / Vulnerability A new set of security vulnerabilities has been discovered in the OpenPrinting Common Unix Printing System (CUPS) on Linux systems that may allow remote command execution under certain conditions. “A remote, unauthenticated attacker can silently replace the IPP URL of existing printers (or install new ones) with a malicious one, causing an arbitrary command to be executed (on a computer) when a print job (from that computer) is initiated,” – Security Researcher Simone. Margaritelli said. CUPS is a standards-based, open-source printing system for Linux and other Unix-like operating systems, including ArchLinux, Debian, Fedora, Red…
The threat actor known as Storm-0501 has targeted the government, manufacturing, transportation and law enforcement sectors in the US to launch ransomware attacks. The multi-stage attack campaign is designed to breach hybrid cloud environments and perform lateral migration from on-premises to cloud environments, ultimately leading to data theft, credential theft, spoofing, persistent backdoor access and ransomware deployment, Microsoft said. “Storm-0501 is a financially motivated cybercriminal group that uses open source products and tools to conduct ransomware operations,” respectively to the tech giant’s threat intelligence team. The threat actor, which has been active since 2021, already had a history of attacking…
September 27, 2024Hacker newsCyber security certificates In today’s rapidly evolving digital landscape, cybersecurity has become a cornerstone of organizational resilience. As cyber threats become more sophisticated, the demand for skilled cyber security professionals has never been higher. Whether you are a seasoned cyber professional or just starting outby subscribing to the GIAC newsletter ensures that you are always informed and prepared for the changing landscape of cyber security. One of the most effective ways to demonstrate your knowledge in this critical area is through cybersecurity certifications. These credentials serve as a benchmark for skills and knowledge, setting candidates apart in…
The US government on Thursday imposed sanctions on two cryptocurrency exchanges and indicted a Russian national for his alleged involvement in a series of money laundering services offered to cybercriminals. Cryptocurrency exchanges Cryptex and PM2BTC are believed to facilitate the laundering of cryptocurrencies that may have been obtained through cybercrimes. The coordinated action was carried out in cooperation with the Dutch police and the Fiscal Intelligence and Investigation Service of the Netherlands (FIOD) as part of repression by law enforcement agencies continues is called Operation Endgame.. According to the results of the exercises, sites connected however, both exchanges were confiscated…
September 27, 2024Ravi LakshmananContainer Security / Cloud Computing A critical security flaw has been discovered in the NVIDIA Container Toolkit that, if successfully exploited, could allow threat actors to break out of the container and gain full access to the underlying host. Vulnerability, tracked as CVE-2024-0132has a CVSS score of 9.0 out of a maximum of 10.0. It was addressed in NVIDIA Container Toolkit v1.16.2 and NVIDIA GPU Operator v24.6.2. “NVIDIA Container Toolkit 1.16.1 or earlier contains a time-of-use check (TACT) vulnerability when used with default configuration where a specially crafted container image could access the host’s file system,” NVIDIA…