Stanford University has started notifying 27,000 individuals that their personal information was stolen in a ransomware attack on its Department of Public Safety (DPS). The incident was discovered on September 27, 2023, but the attackers had access to the Stanford DPS network beginning May 12. The hackers were evicted from the environment and the network was secured shortly after the attack was discovered, the university says. READ MORE...
Iranian hacktivists executed a supply chain attack on Israeli universities by initially breaching systems of a local technology provider to the academic sector. The self-styled Lord Nemesis group boasted online that it used credentials snatched from Rashim Software to break into the systems of the vendor's clients, universities, and colleges in Israel. The hack-and-leak operation began on or around November 2023 according to Op Innovate, an incident response firm that assisted one of the victim universities. READ MORE...
Apple and Microsoft recently released software updates to fix dozens of security holes in their operating systems. Microsoft today patched at least 60 vulnerabilities in its Windows OS. Meanwhile, Apple's new macOS Sonoma addresses at least 68 security weaknesses, and its latest update for iOS fixes two zero-day flaws. Last week, Apple pushed out an urgent software update to its flagship iOS platform, warning that there were at least two zero-day exploits for vulnerabilities being used in the wild. READ MORE...
Software maker Adobe on Tuesday released a hefty batch of security updates to fix critical-severity vulnerabilities in multiple enterprise-facing products. The Patch Tuesday rollout contains fixes for code execution flaws in the oft-targeted Adobe ColdFusion, Adobe Premiere Pro, Adobe Bridge and Adobe Lightroom. The San Jose, Calif. company called urgent attention to a mega-update for its Adobe Experience Manager software. READ MORE...
February was a particularly busy month for search-based malvertising with the number of incidents we documented almost doubling. We saw similar payloads being dropped but also a few new ones that were particularly good at evading detection. One malware family we have been tracking on this blog is FakeBat. It is very unique in that the threat actor uses MSI installers packaged with heavily obfuscated PowerShell code. READ MORE...
JetBrains said its customers are reporting a range of exploitation activity linked to critical vulnerabilities in the on-premises version of TeamCity, as it defends its disclosure policies in a blog released Monday. JetBrains earlier this month notified customers about the two authentication bypass vulnerabilities, listed as CVE-2024-27198 and CVE-2024-27199, which threat actors are exploiting. READ MORE...
Three security vulnerabilities unearthed in the extension functions ChatGPT employs open the door to unauthorized, zero-click access to users' accounts and services, including sensitive repositories on platforms like GitHub. ChatGPT plug-ins and custom versions of ChatGPT published by developers extend the capabilities of the AI model, enabling interactions with external services by granting OpenAI's popular generative AI chatbot access and permissions to execute tasks on various third-party websites, including GitHub and Google Drive. READ MORE...