TP-Link faces possible US ban as hijacked routers fuel Chinese attacks
US government authorities are reportedly investigating whether to ban TP-Link wireless routers, which have been targeted in some high-profile attacks linked to the Chinese government. TP-Link, which was founded in China in 1996 and said it relocated its headquarters to the US in October this year, has racked up significant market share in US homes and businesses. Members of Congress recently urged Commerce Secretary Gina Raimondo to investigate TP-Link. READ MORE...
CISA Releases Mobile Security Guidance After Chinese Telecom Hacking
The US cybersecurity agency CISA on Wednesday released guidance for highly targeted individuals to protect their mobile communications against exploitation from threat actors. The document was published as reaction to a recent telecom hacking campaign that targeted large wireless carriers in the US, including Verizon, AT&T, Lumen Technologies, and T-Mobile, and which has been attributed to a China-linked cyberespionage group tracked as Salt Typhoon. READ MORE...
Don't fall for a mail asking for rapid Docusign action - it may be an Azure account hijack phish
Unknown criminals went on a phishing expedition that targeted about 20,000 users across the automotive, chemical and industrial compound manufacturing sectors in Europe, and tried to steal account credentials and then hijack the victims' Microsoft Azure cloud infrastructure. After taking over victims' accounts, the miscreants signed into new devices using stolen creds so they could maintain access to the cloud environment - and sensitive data therein. READ MORE...
Russian hackers use RDP proxies to steal data in MiTM attacks
The Russian hacking group tracked as APT29 (aka "Midnight Blizzard") is using a network of 193 remote desktop protocol proxy servers to perform man-in-the-middle (MiTM) attacks to steal data and credentials and to install malicious payloads. The MiTM attacks utilized the PyRDP red team proxy tool to scan the victims' filesystems, steal data in the background, and remotely execute rogue applications on the breached environment. READ MORE...
Juniper Warns of Mirai Botnet Targeting Session Smart Routers
Juniper Networks routers using default passwords have been targeted in a botnet infection campaign, the networking products manufacturer warns. According to the company, multiple customers reported a week ago suspicious behavior on their session smart routers (SSR), which was determined to be an infection with Mirai malware. All the impacted systems were using default credentials, were ensnared in a botnet, and were used to launch DDoS attacks against other systems. READ MORE...
Raccoon Stealer malware operator gets 5 years in prison after guilty plea
??Ukrainian national Mark Sokolovsky was sentenced today to five years in prison for his involvement in the Raccoon Stealer malware cybercrime operation. According to unsealed court documents, Sokolovsky (also known as raccoon-stealer, Photix, and black21jack77777) and his conspirators rented the malware to other threat actors under a MaaS (malware-as-a-service) model for $75 per week or $200 monthly. READ MORE...
Interpol: Can We Drop the Term 'Pig Butchering'?
Victims of online scams are being deterred from coming forward for fear of being associated with language like "pig butchering," a phrase used to describe long-con romance fraud schemes, according to Interpol, which has released an awareness campaign advocating for the use of "romance baiting" in its place. Run by sprawling international cybercrime operations, pig butchering scams cost victims billions every year. READ MORE...
Boffins trick AI model into giving up its secrets
Computer scientists from North Carolina State University have devised a way to copy AI models running on Google Edge Tensor Processing Units (TPUs), as used in Google Pixel phones and third-party machine learning accelerators. The technique, developed by NC State researchers Ashley Kurian, Anuj Dubey, Ferhat Yaman and Aydin Aysu, is a side-channel attack that measures the electromagnetic intensity of AI model use (inference) when running on TPUs. READ MORE...
- ...in 1776, Thomas Paine publishes the first of a series of pamphlets entitled "The American Crisis", opening with the famous words: "These are the times that try men's souls."
- ...in 1843, Charles Dickens' classic novella "A Christmas Carol" is published. The first edition sells out by Christmas Eve.
- ...in 1918, New Orleans blues singer and pianist Professor Longhair (born Henry Roeland Byrd), is born in Bogalusa, LA.
- ...in 1942, pro wrestling announcer "Mean" Gene Okerlund is born in South Dakota.
- ...in 1998, President Bill Clinton is impeached by the US House of Representatives, becoming the nation's second Chief Executive to be charged with misconduct while in office.
