Feds find 'broad and significant' China espionage campaign in US telecom networks
A string of China-linked attacks on U.S. telecom networks are part of a "broad and significant cyber espionage campaign," federal officials said Wednesday. The China-affiliated attackers compromised multiple telecommunications networks to steal call records and court-ordered information related to U.S. law enforcement requests. The widespread compromise included "private communications of a limited number of individuals who are primarily involved in government or political activity." READ MORE...
122 million people's business contact info leaked by data broker
A data broker has confirmed a business contact information database containing 132.8 million records has been leaked online. In February, 2024, a cybercriminal offered the records for sale on a data breach forum claiming the information came from pureincubation[.]com. Pure Incubation was founded in 2012, and the company later rebranded to DemandScience. DemandScience describes itself as "a leading global B2B demand generation company accelerating global growth for clients." READ MORE...
Iranian Hackers Target Aerospace Industry in 'Dream Job' Campaign
Iranian hackers have been observed targeting the aerospace industry with fake job offers with the goal of infecting victims with malware, a new report from cybersecurity firm ClearSky shows. The attacks, attributed to TA455, also known as Smoke Sandstorm and Bohrium and believed to be a subgroup of the Iran-linked APT actor Charming Kitten (APT35), resemble the 'dream job' campaigns previously attributed to the North Korean APT Lazarus. READ MORE...
Krebs: An Interview With the Target & Home Depot Hacker
In December 2023, KrebsOnSecurity revealed the real-life identity of Rescator, the nickname used by a Russian cybercriminal who sold more than 100 million payment cards stolen from Target and Home Depot between 2013 and 2014. Moscow resident Mikhail Shefel, who confirmed using the Rescator identity in a recent interview, also admitted reaching out because he is broke and seeking publicity for several new money making schemes. READ MORE...
Fortinet patches VPN app flaw that could give rogue users, malware a privilege boost
A now-patched, high-severity bug in Fortinet's FortiClient VPN application potentially allows a low-privilege rogue user or malware on a vulnerable Windows system to gain higher privileges from another user, execute code and possibly take over the box, and delete log files. The bug is tracked as CVE-2024-47574, and it earned a 7.8 out of 10 CVSS severity rating. It affects FortiClientWindows version 7.4.0, 7.2.4 through 7.2.0, 7.0.12 through 7.0.0, and 6.4.10 through 6.4.0. READ MORE...
Varonis Warns of Bug Discovered in PostgreSQL PL/Perl
Researchers at Varonis discovered a vulnerability within Postgres language extension PL/Perl, allowing a user to set arbitrary environment variables in PostgreSQL session processes. The vulnerability was given a CVSS 8.8 score for severity and could lead to severe security issues, depending on the scenario where it's exploited. Tracked as CVE-2024-10979, the flaw allows a threat actor to modify a sensitive environment. READ MORE...
Glove Stealer Malware Bypasses Chrome's App-Bound Encryption
A newly identified information stealer can bypass the App-Bound Encryption mechanism in Chromium-based browsers, cybersecurity software provider Gen Digital reports. Written in .NET and dubbed Glove Stealer, the malware targets multiple browsers and extensions to exfiltrate sensitive information such as cookies and credentials, along with data from cryptocurrency wallets, authenticators, password managers, email clients, and other applications. READ MORE...
Microsoft Power Pages misconfigurations exposing sensitive data
Private businesses and public-sector organizations are unwittingly exposing millions of people's sensitive information to the public internet because they misconfigure Microsoft's Power Pages website creation problem. So says Aaron Costello, chief of SaaS security research at security-for- SaaS vendor AppOmni, who uncovered the issue in September. It's a big deal because more than 250 million users use Power Pages - a Microsoft website design service - each month. READ MORE...
Cybercriminals hijack DNS to build stealth attack networks
Hijacking domains using a 'Sitting Ducks attack' remains an underrecognized topic in the cybersecurity community. Few threat researchers are familiar with this attack vector, and knowledge is scarce. However, the prevalence of these attacks and the risk to organizations are significant. Infoblox researchers estimate that over 1 million registered domains could be vulnerable daily. READ MORE...
Palo Alto Networks warns of critical RCE zero-day exploited in attacks
Palo Alto Networks is warning that a critical zero-day vulnerability on Next-Generation Firewalls (NGFW) management interfaces, currently tracked as 'PAN-SA-2024-0015,' is actively being exploited in attacks. The flaw was originally disclosed on November 8, 2024, with Palo Alto Networks warning customers to restrict access to their next-generation firewalls because of a "potential" remote code execution (RCE) vulnerability impacting them. READ MORE...
- ...in 1916, "Peanuts" animator Jose "Bill" Melendez, who also voiced Snoopy and Woodstock, is born in Sonora, Mexico.
- ...in 1926, The NBC radio network opens across 24 stations nationwide.
- ...in 1929, actor Ed Asner ("The Mary Tyler Moore Show", "Elf") is born in Kansas City, MO.
- ...in 1971, Intel releases the first commercially-available single-chip microprocessor, the 4004.
