Genetic testing provider 23andMe confirmed that hackers stole health reports and raw genotype data of customers affected by a credential stuffing attack that went unnoticed for five months, from April 29 to September 27. The credentials used by the attackers to breach the customers' accounts were stolen in other data breaches or used on previously compromised online platforms. READ MORE...
Hewlett Packard Enterprise (HPE) said Wednesday that Kremlin-backed actors hacked into the email accounts of its security personnel and other employees last May-and maintained surreptitious access until December. The disclosure was the second revelation of a major corporate network breach by the hacking group in five days. The hacking group that hit HPE is the same one that Microsoft said Friday broke into its corporate network in November and monitored email accounts of senior executives. READ MORE...
The first edition of Pwn2Own Automotive has ended with competitors earning $1,323,750 for hacking Tesla twice and demoing 49 zero-day bugs in multiple electric car systems between January 24 and January 26. Throughout the contest organized by Trend Micro's Zero Day Initiative (ZDI) in Tokyo, Japan, during the Automotive World auto conference, hackers targeted fully patched electric vehicle (EV) chargers, infotainment systems, and car operating systems. READ MORE...
The report found that 31.1 million breached passwords had over 16 characters, showing longer passwords aren't safe from being cracked. 40,000 admin portal accounts were found to be using 'admin' as a password, and only 50% of organizations scan for compromised passwords more than once a month. 123456 was the most common compromised password in KrakenLab's new list of breached cloud application credentials. READ MORE...
The authentication mechanism within the Google Kubernetes Engine (GKE) has a loophole that could allow an external attacker with any Google account to access organizations' private Kubernetes container clusters, researchers have found. This could lead to serious cloud security incidents, such as cryptomining, denial-of-service (DoS), and the theft of sensitive data, Orca Security warned. READ MORE...
A critical security vulnerability in Cisco Unified Communications and Contact Center Solutions (UC/CC) could allow unauthenticated remote code execution (RCE). The bug (CVE-2024-20253, 9.9 CVSS) arises thanks to "improper processing of user-provided data that is being read into memory," according to Cisco's advisory, issued yesterday. Remote attackers who are not logged onto the system can simply send specially crafted messages to a vulnerable device's listening port in order to achieve RCE. READ MORE...
A critical vulnerability in the built-in command line interface (CLI) of Jenkins allows attackers to obtain cryptographic keys that can be used to execute arbitrary code remotely. The issue, tracked as CVE-2024-23897, impacts Jenkins 2.441 and earlier and LTS 2.426.2 and earlier, because the command parser (the args4j library) has a feature where an '@' character followed by a file path in an argument is replaced with the file's content. READ MORE...
The US security agency CISA this week informed organizations that some Westermo Lynx industrial switches are affected by several vulnerabilities, and the researchers who found the flaws said they can be exploited to tamper with a device. According to CISA's advisory, Lynx 206-F2G industrial Ethernet switches are affected by eight vulnerabilities, including two high-severity and six medium-severity issues. READ MORE...