The Securities and Exchange Commission said it has reached a settlement with four companies for making materially misleading statements about the impact of the 2020 SolarWinds Orion software breach on their business. The regulator on Tuesday charged the four companies - Unisys Corp., Avaya Holdings Corp., Check Point Software Technologies and Mimecast Limited - with minimizing the compromise despite knowing substantial amounts of information was stolen. READ MORE...
Security researchers have uncovered a new flaw in some AI chatbots that could have allowed hackers to steal personal information from users. A group of researchers from the University of California, San Diego (UCSD) and Nanyang Technological University in Singapore discovered the flaw, which they have nameed "Imprompter", which uses a clever trick to hide malicious instructions within seemingly-random text. READ MORE...
White hat hackers taking part in the Pwn2Own Ireland 2024 contest organized by Trend Micro's Zero Day Initiative (ZDI) have earned half a million dollars on the first day of the event, for exploits targeting NAS devices, cameras, printers and smart speakers. The highest single reward, $100,000, was earned by Sina Kheirkhah of Summoning Team, who chained a total of nine vulnerabilities for an attack that went from a QNAP QHora-322 router to a TrueNAS Mini X storage device. READ MORE...
Anti-malware vendor Avast on Tuesday published a free decryption tool to help victims to recover from the Mallox ransomware attacks. First observed in 2021 and also known as Fargo, TargetCompany, and Tohnichi, Mallox has been operating under the ransomware-as-a-service (RaaS) business model and is known for targeting Microsoft SQL servers for initial compromise. READ MORE...
Threat actors have taken a campaign that uses fake browser updates to spread malware to a new level, weaponizing scores of WordPress plug-ins to deliver malicious infostealing payloads, after using stolen credentials to log in to and infect thousands of websites. Domain registrar GoDaddy is warning that a new variant of malware disguised as a fake browser update known as ClickFix infected more than 6,000 WordPress sites in a one-day period from Sept. 2 to Sept. 3. READ MORE...
Lumma Stealer stars in a new campaign that uses malicious CAPTCHA pages to scam targets into clicking through the "verification" process - triggering the initial malware download. Malware-as-a-service (MaaS) Lumma Stealer is commonly used by threat actors to steal sensitive information like passwords and crypto-wallet data, researchers at Qualys, who recently detailed the latest attack chain, explained. READ MORE...
Experts believe the Akira ransomware operation is up to its old tricks again, encrypting victims' files after a break from the typical double extortion tactics. That's according to James Nutland and Michael Szeliga, security researchers at Cisco Talos, who noted that the decision to revert to old ways is a sign the group is looking for greater stability and efficiency from its affiliate program. READ MORE...
Fortinet, a maker of network security software, has kept a critical vulnerability under wraps for more than a week amid reports that attackers are using it to execute malicious code on servers used by sensitive customer organizations. Fortinet representatives didn't respond to emailed questions and have yet to release any sort of public advisory detailing the vulnerability or the specific software that's affected. READ MORE...
Multiple popular mobile applications for iOS and Android come with hardcoded, unencrypted credentials for cloud services like Amazon Web Services (AWS) and Microsoft Azure Blob Storage, exposing user data and source code to security breaches. Exposing this type of credentials can easily lead to unauthorized access to storage buckets and databases with sensitive user data. Apart from this, an attacker could use them to manipulate or steal data. READ MORE...
Threat groups are actively exploiting a critical vulnerability in Veeam Backup and Replication for ransomware attacks, researchers and federal cyber authorities said. Veeam disclosed the vulnerability, which has a CVSS score of 9.8, in a Sept. 4 security bulletin along with five other vulnerabilities in the enterprise backup software. CISA added CVE-2024-40711 to its known exploited vulnerabilities catalog on Thursday and said it's known to be used in ransomware attacks. READ MORE...