Hackers Exploit Misconfigured YARN, Docker, Confluence, Redis Servers for Crypto Mining
Threat actors are targeting misconfigured and vulnerable servers running Apache Hadoop YARN, Docker, Atlassian Confluence, and Redis services as part of an emerging malware campaign designed to deliver a cryptocurrency miner and spawn a reverse shell for persistent...
Microsoft engineer who raised concerns about Copilot image creator pens letter to the FTC
Microsoft engineer who raised concerns about Copilot image creator pens letter to the FTC Go to Source Microsoft engineer Shane Jones raised concerns about the safety of OpenAI’s DALL-E 3 back in January, suggesting the product has...
Linux Malware Campaign Targets Misconfigured Cloud Servers
A new malware campaign has been observed targeting misconfigured Apache Hadoop, Confluence, Docker, and Redis instances. The post Linux Malware Campaign Targets Misconfigured Cloud Servers appeared first on SecurityWeek.
Cyber Security Today, March 6, 2024 – VMware and Apple rush out security updates, a new ScreenConnect malware is found, and more
VMware and Apple rush out security updates, a new ScreenConnect malware is found, and more. Welcome to Cyber Security Today. It’s Wednesday, March 6th, 2024. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com and TechNewsday.com in the...
Android’s March 2024 Update Patches Critical Vulnerabilities
Android’s March 2024 security update resolves 38 vulnerabilities, including two critical flaws in the System component. The post Android’s March 2024 Update Patches Critical Vulnerabilities appeared first on SecurityWeek.
CISA Warns of Pixel Phone Vulnerability Exploitation
CISA adds Pixel Android phone (CVE-2023-21237) and Sunhillo SureLine (CVE-2021-36380) flaws to its known exploited vulnerabilities catalog. The post CISA Warns of Pixel Phone Vulnerability Exploitation appeared first on SecurityWeek.
Hackers Exploit ConnectWise ScreenConnect Flaws to Deploy TODDLERSHARK Malware
North Korean threat actors have exploited the recently disclosed security flaws in ConnectWise ScreenConnect to deploy a new malware called TODDLERSHARK. According to a report shared by Kroll with The Hacker News, TODDLERSHARK overlaps with known Kimsuky malware such...
Launch HN: Greptile (YC W24) – RAG on codebases that actually works
Launch HN: Greptile (YC W24) - RAG on codebases that actually works Go to Source Hi HN, we're the co-founders of Greptile, a tool that can accurately answer questions about complex codebases. Developers use us to spend less time...
75+ Tech Checklists to Improve Efficiency
From malware response to cloud storage, every organization can benefit from a checklist to ensure effective and smooth operations.
Remote Stuxnet-Style Attack Possible With Web-Based PLC Malware: Researchers
Researchers demonstrate that remote Stuxnet-style attacks are possible against many modern PLCs using web-based malware. The post Remote Stuxnet-Style Attack Possible With Web-Based PLC Malware: Researchers appeared first on SecurityWeek.
Phobos Ransomware Aggressively Targeting U.S. Critical Infrastructure
U.S. cybersecurity and intelligence agencies have warned of Phobos ransomware attacks targeting government and critical infrastructure entities, outlining the various tactics and techniques the threat actors have adopted to deploy the file-encrypting malware....
Bug in std:shared_mutex on Windows
Bug in std:shared_mutex on Windows Go to Source Article URL: https://old.reddit.com/r/cpp/comments/1b55686/maybe_possible_bug_in_stdshared_mutex_on_windows/ Comments URL: https://news.ycombinator.com/item?id=39581664 Points: 18 #...
Bug in reader/writer locks in Windows API
Bug in reader/writer locks in Windows API Go to Source Article URL: https://old.reddit.com/r/cpp/comments/1b55686/maybe_possible_bug_in_stdshared_mutex_on_windows/ Comments URL: https://news.ycombinator.com/item?id=39581664 Points:...
Mr. Green Gaming – 27,176 breached accounts
In March 2024, the online games community Mr. Green Gaming suffered a data breach that exposed 27k user records. Acknowledged on their Discord server, the incident exposed email and IP addresses, usernames, geographic locations and dates of birth.
Ask HN: What laptop are you using to daily drive Linux?
I am an idiot, and bought a Dell XPS 15 with an Nvidia graphics card, and getting the graphics card to work without excessive patching is not worth it to me. I'd rather just get an AMD laptop instead for daily driving Linux.What laptop are you using for Linux?...
Lazarus Group observed exploiting an admin-to-kernel Windows zero-day
Lazarus Group observed exploiting an admin-to-kernel Windows zero-day Go to Source Article URL: https://www.scmagazine.com/news/lazarus-group-observed-exploiting-an-admin-to-kernel-windows-zero-day Comments URL:...
I accidentally made my link shortener into a malware honeypot
Article URL: https://app.y.gy/blog/honeypot Comments URL: https://news.ycombinator.com/item?id=39564678 Points: 17 # Comments: 4
This Week in Security: Forksquatting, RustDesk, and M&Ms
Github is struggling to keep up with a malware campaign that’s a new twist on typosquatting. The play is straightforward: Clone popular repositories, add malware, and advertise the forks as the original. Some developers mistake the forks for the real projects, and...
CISA Warns of Windows Streaming Service Vulnerability Exploitation
CISA Warns of Windows Streaming Service Vulnerability Exploitation Go to Source CISA says a high-severity elevation of privilege vulnerability in Microsoft Streaming Service is actively exploited in the wild. The post CISA Warns of...
ThinkPad X1 Carbon Turned USB Device Through Relentless Digging
In what’s perhaps one of the most impressive laptop reverse engineering posts in recent memory, [Andrey Konovalov] brings us an incredibly detailed story of how he’s discovered and successfully enabled a USB device controller in a ThinkPad X1 Carbon equipped with a...
New BIFROSE Linux Malware Variant Using Deceptive VMware Domain for Evasion
Cybersecurity researchers have discovered a new Linux variant of a remote access trojan (RAT) called BIFROSE (aka Bifrost) that uses a deceptive domain mimicking VMware. "This latest version of Bifrost aims to bypass security measures and compromise targeted systems,"...
MWC Barcelona 2024 news roundup: Telecom, AI, security and more
MWC Barcelona 2024 comes to a close today. Here’s a look at some of the announcements that the event brought to light, from industry leaders like Cisco, Google, Intel and others, spanning artificial intelligence, telecom, security and sustainability. Telecom Cisco has...
GitHub struggles to keep up with automated malicious forks
Cloned then compromised, bad repos are forked faster than they can be removed A malware distribution campaign that began last May with a handful of malicious software packages uploaded to the Python Package Index (PyPI) has spread to GitHub and expanded to reach at...
Here Are the Google and Microsoft Security Updates You Need Right Now
Here Are the Google and Microsoft Security Updates You Need Right Now Go to Source Plus: Mozilla patches 12 flaws in Firefox, Zoom fixes seven vulnerabilities, and more critical updates from February.
Ransomware gangs are paying attention to infostealers, so why aren’t you?
Analysts warn of big leap in cred-harvesting malware activity last year There appears to be an uptick in interest among cybercriminals in infostealers – malware designed to swipe online account passwords, financial info, and other sensitive data from infected PCs – as...
X enables live video broadcasts in Spacesye
X's audio chat rooms called Spaces can now broadcast live video, but only for those hosting the session. As The Verge reports, a Dogecoin designer posted an official walkthrough of the feature on the platform formerly known as Twitter. Hosts will now be able to choose...
Cisco Patches High-Severity Vulnerabilities in Data Center OS
Cisco’s semiannual FXOS and NX-OS security advisory bundle resolves two high- and two medium-severity vulnerabilities. The post Cisco Patches High-Severity Vulnerabilities in Data Center OS appeared first on SecurityWeek.
GTPDOOR Linux Malware Targets Telecoms, Exploiting GPRS Roaming Networks
Threat hunters have discovered a new Linux malware called GTPDOOR that’s designed to be deployed in telecom networks that are adjacent to GPRS roaming exchanges (GRX) The malware is novel in the fact that it leverages the GPRS Tunnelling Protocol (GTP) for...
Windows Zero-Day Exploited by North Korean Hackers in Rootkit Attack
Windows Zero-Day Exploited by North Korean Hackers in Rootkit Attack Go to Source North Korean group Lazarus exploited AppLocker driver zero-day CVE-2024-21338 for privilege escalation in attacks involving FudModule rootkit. The post...
Lazarus Exploits Typos to Sneak PyPI Malware into Dev Systems
The notorious North Korean state-backed hacking group Lazarus uploaded four packages to the Python Package Index (PyPI) repository with the goal of infecting developer systems with malware. The packages, now taken down, are pycryptoenv, pycryptoconf, quasarlib,...