Three high-risk vulnerabilities have been uncovered in Microsoft Azure's big-data analytics service HDInsight. Four and a half months after disclosing eight cross-site scripting (XSS) vulnerabilities in the cloud data tool, Orca Security has published new findings involving one denial-of-service (DoS) and two privilege escalation bugs afflicting the same service. This new trio opens the door to performance issues and unauthorized administrative access, and all that comes with it. READ MORE...
Linux developers are in the process of patching a high-severity vulnerability that, in certain cases, allows the installation of malware that runs at the firmware level, giving infections access to the deepest parts of a device where they're hard to detect or remove. The vulnerability resides in shim, which in the context of Linux is a small component that runs in the firmware early in the boot process before the operating system has started. READ MORE...
A Chicago children's hospital has been forced to take its networks offline after an unspecified cyberattack, limiting access to medical records and hampering communication by phone or email since the middle of last week. The situation at Lurie Children's Hospital had all the hallmarks of a ransomware attack, although hospital officials would not confirm or deny the cause Monday. READ MORE...
Between November and December 2023, a threat actor successfully stole more than two million email addresses and other personal information from at least 65 websites, threat intelligence firm Group-IB reports. Mainly relying on SQL injection attacks, the hacking group, tracked as ResumeLooters, has been active since early 2023, selling the stolen information on Chinese-speaking hacking-themed Telegram groups. READ MORE...
Verizon is notifying more than 63,000 people, mostly current employees, that an insider, accidentally or otherwise, had inappropriate access to their personal data. The privacy blunder happened in September, and the American telco giant attributed it to "inadvertent disclosure" and "insider wrongdoing" in documents submitted to the Maine Attorney General. The Pine Tree state's strict data loss rules require security snafu disclosures. READ MORE...
Chinese Volt Typhoon state hackers failed to revive a botnet recently taken down by the FBI, which was previously used in attacks targeting critical infrastructure across the United States. Before KV-botnet's takedown, it allowed the Volt Typhoon threat group (aka Bronze Silhouette) to proxy malicious activity through hundreds of compromised small office/home offices (SOHO) across the U.S. to evade detection. READ MORE...
Global securities finance tech company EquiLend's systems are now back online after announcing a disruptive ransomware attack nearly two weeks ago. EquiLend was founded in 2001 by some of Wall Street's biggest players - its board of directors includes BlackRock, Goldman Sachs, JP Morgan, Morgan Stanley and more - and is primarily known for its Next Generation Trading (NGT) platform, which underpins a large chunk of the sector's securities lending. READ MORE...
A publicly exposed API of social media platform Spoutible may have allowed threat actors to scrape information that can be used to hijack user accounts. Security consultant Troy Hunt has been tipped off about the API by an individual who shared a file with 207,000 Spoutible user records - supposedly scraped via the API - and an URL that would allow Hunt to do the same with his own account. READ MORE...
Canon has patched seven critical buffer-overflow bugs affecting its small office multifunction printers and laser printers. Tracked as CVE-2023-6229 through CVE-2023-6234 (plus CVE-2024-0244), they affect different processes common across Canon's product lines - the username or password process involved with authenticating mobile devices, for example, the Service Location Protocol (SLP) attribute request process, and more. READ MORE...