SEC hits four companies with fines for misleading disclosures around SolarWinds hack
The Securities and Exchange Commission said it has reached a settlement with four companies for making materially misleading statements about the impact of the 2020 SolarWinds Orion software breach on their business. The regulator on Tuesday charged the four companies - Unisys Corp., Avaya Holdings Corp., Check Point Software Technologies and Mimecast Limited - with minimizing the compromise despite knowing substantial amounts of information was stolen. READ MORE...
AI chatbots can be tricked by hackers into stealing your data
Security researchers have uncovered a new flaw in some AI chatbots that could have allowed hackers to steal personal information from users. A group of researchers from the University of California, San Diego (UCSD) and Nanyang Technological University in Singapore discovered the flaw, which they have nameed "Imprompter", which uses a clever trick to hide malicious instructions within seemingly-random text. READ MORE...
White Hat Hackers Earn $500,000 on First Day of Pwn2Own Ireland 2024
White hat hackers taking part in the Pwn2Own Ireland 2024 contest organized by Trend Micro's Zero Day Initiative (ZDI) have earned half a million dollars on the first day of the event, for exploits targeting NAS devices, cameras, printers and smart speakers. The highest single reward, $100,000, was earned by Sina Kheirkhah of Summoning Team, who chained a total of nine vulnerabilities for an attack that went from a QNAP QHora-322 router to a TrueNAS Mini X storage device. READ MORE...
Avast Releases Free Decryptor for Mallox Ransomware
Anti-malware vendor Avast on Tuesday published a free decryption tool to help victims to recover from the Mallox ransomware attacks. First observed in 2021 and also known as Fargo, TargetCompany, and Tohnichi, Mallox has been operating under the ransomware-as-a-service (RaaS) business model and is known for targeting Microsoft SQL servers for initial compromise. READ MORE...
Swarms of Fake WordPress Plug-ins Infect Sites With Infostealers
Threat actors have taken a campaign that uses fake browser updates to spread malware to a new level, weaponizing scores of WordPress plug-ins to deliver malicious infostealing payloads, after using stolen credentials to log in to and infect thousands of websites. Domain registrar GoDaddy is warning that a new variant of malware disguised as a fake browser update known as ClickFix infected more than 6,000 WordPress sites in a one-day period from Sept. 2 to Sept. 3. READ MORE...
Tricky CAPTCHA Caught Dropping Lumma Stealer Malware
Lumma Stealer stars in a new campaign that uses malicious CAPTCHA pages to scam targets into clicking through the "verification" process - triggering the initial malware download. Malware-as-a-service (MaaS) Lumma Stealer is commonly used by threat actors to steal sensitive information like passwords and crypto-wallet data, researchers at Qualys, who recently detailed the latest attack chain, explained. READ MORE...
Akira ransomware is encrypting victims again following pure extortion fling
Experts believe the Akira ransomware operation is up to its old tricks again, encrypting victims' files after a break from the typical double extortion tactics. That's according to James Nutland and Michael Szeliga, security researchers at Cisco Talos, who noted that the decision to revert to old ways is a sign the group is looking for greater stability and efficiency from its affiliate program. READ MORE...
FortiGate admins report active exploitation 0-day. Vendor isn't talking.
Fortinet, a maker of network security software, has kept a critical vulnerability under wraps for more than a week amid reports that attackers are using it to execute malicious code on servers used by sensitive customer organizations. Fortinet representatives didn't respond to emailed questions and have yet to release any sort of public advisory detailing the vulnerability or the specific software that's affected. READ MORE...
AWS, Azure auth keys found in Android and iOS apps used by millions
Multiple popular mobile applications for iOS and Android come with hardcoded, unencrypted credentials for cloud services like Amazon Web Services (AWS) and Microsoft Azure Blob Storage, exposing user data and source code to security breaches. Exposing this type of credentials can easily lead to unauthorized access to storage buckets and databases with sensitive user data. Apart from this, an attacker could use them to manipulate or steal data. READ MORE...
Critical Veeam CVE actively exploited in ransomware attacks
Threat groups are actively exploiting a critical vulnerability in Veeam Backup and Replication for ransomware attacks, researchers and federal cyber authorities said. Veeam disclosed the vulnerability, which has a CVSS score of 9.8, in a Sept. 4 security bulletin along with five other vulnerabilities in the enterprise backup software. CISA added CVE-2024-40711 to its known exploited vulnerabilities catalog on Thursday and said it's known to be used in ransomware attacks. READ MORE...
- ...in 1861, President Abraham Lincoln suspends the writ of habeas corpus in Washington, D.C. for all military-related cases.
- ...in 1929, The first transcontinental air service begins from New York to Los Angeles.
- ...in 1959, musical parodist and accordion virtuoso Alfred "Weird Al" Yankovic ("Eat It," "UHF") is born in Downey, CA.
- ...in 1988, the classic 8-bit video game Super Mario Bros. 3 is released by Nintendo.
