Cisco has disabled public access to one of its DevHub environments after threat actors downloaded some customer data from the site and put it up for sale on a cybercrime forum. The compromised data included source code, API tokens, hardcoded credentials, certificates, and other secrets belonging to some large companies, including Microsoft, Verizon, T-Mobile, AT&T, Barclays, and SAP. READ MORE...
WordPress sites are being hacked to install malicious plugins that display fake software updates and errors to push information-stealing malware. Over the past couple of years, information-stealing malware has become a scourge to security defenders worldwide as stolen credentials are used to breach networks and steal data. Since 2023, a malicious campaign called ClearFake has been used to display fake web browser update banners on compromised websites that distribute information-stealing malware. READ MORE...
Two Russian hacking groups leveled distributed denial-of-service (DDoS) attacks at Japanese logistics and shipbuilding firms - as well as government and political organizations - in what experts believe are attempts to pressure the Japanese government. The attacks came after lawmakers boosted the nation's defense budget, and its military conducted exercises with regional allies. READ MORE...
Broadcom has released new patches for previously fixed vulnerabilities (CVE-2024-38812, CVE-2024-38813) in vCenter Server, one of which hasn't been fully addressed the first time and could allow attackers to achieve remote code execution. The vulnerabilities were privately reported by zbl & srs of team TZL - researchers who participated in the 2024 Matrix Cup in June 2024. Broadcom maintains that they are not currently aware of exploitation "in the wild." READ MORE...
After rumors swirled that TikTok owner ByteDance had lost tens of millions after an intern sabotaged its AI models, ByteDance issued a statement this weekend hoping to silence all the social media chatter in China. In a social media post translated and reviewed by Ars, ByteDance clarified "facts" about "interns destroying large model training" and confirmed that one intern was fired in August. READ MORE...
The Ghostpulse malware strain now retrieves its main payload via a PNG image file's pixels. This development, security experts say, is "one of the most significant changes" made by the crooks behind it since launching in 2023. The image file format is popularly used for web graphics and is often picked in preference to a lossy compression JPG file because it is a lossless format and retains key details such as smooth text outlines. READ MORE...
The Bumblebee malware loader has been spotted in new attacks recently, more than four months after Europol disrupted it during 'Operation Endgame' in May. Believed to be the creation of TrickBot developers, the malware emerged in 2022 as a replacement for the BazarLoader backdoor to provide ransomware threat actors access to victim networks. Bumblebee typically achieves infection via phishing, malvertising, and SEO poisoning that promoted various software. READ MORE...
A zero-day vulnerability in Samsung's mobile processors has been leveraged as part of an exploit chain for arbitrary code execution, Google's Threat Analysis Group (TAG) warns. Tracked as CVE-2024-44068 (CVSS score of 8.1) and patched as part of Samsung's October 2024 set of security fixes, the issue is described as a use-after-free bug that could be abused to escalate privileges on a vulnerable Android device. READ MORE...
Recent headlines have proclaimed that Chinese scientists have hacked "military-grade encryption" using quantum computers, sparking concern and speculation about the future of cybersecurity. The claims, largely stemming from a recent South China Morning Post article about a Chinese academic paper published in May, were picked up by many more serious publications. However, while Chinese researchers have made incremental advances in quantum computing, the news reports are a huge overstatement. READ MORE...