MITRE revealed on Friday that one of its R&D networks was hacked a few months ago by a foreign state-sponsored threat actor leveraging zero-day vulnerabilities in an Ivanti product. The attack occurred in early January, but it was only discovered this month. It targeted MITRE's Networked Experimentation, Research, and Virtualization Environment (NERVE), an unclassified collaborative network that is used for research, development, and prototyping. READ MORE...
You rarely root for a cybercriminal, but a new malware campaign targeting child exploiters doesn't make you feel bad for the victims. Since 2012, threat actors have been creating a variety of malware and ransomware that pretend to be government agencies warning infected Windows users that they were viewing CSAM. The malware tells victims they must pay a "penalty" to prevent their information from being sent to law enforcement. READ MORE...
CrushFTP on Friday released patches for a zero-day vulnerability in the file transfer server, warning customers of its in-the-wild exploitation. Impacting CrushFTP versions 9, 10, and 11, the security defect allows an unauthenticated attacker to escape their virtual file system (VFS) and retrieve system files, potentially opening the door to further exploitation. In its advisory, CrushFTP points out that customers using a DMZ server are protected against attacks. READ MORE...
An operator of the HelloKitty ransomware operation announced they changed the name to 'HelloGookie,' releasing passwords for previously leaked CD Projekt source code, Cisco network information, and decryption keys from old attacks. The threat actor who made the announcement goes by the name 'Gookee/kapuchin0' and claims to be the original creator of the now-defunct HelloKitty ransomware. READ MORE...
Researchers at US/Israeli infosec outfit SafeBreach last Friday discussed flaws in Microsoft and Kaspersky security products that can potentially allow the remote deletion of files. Speaking at the Black Hat Asia conference in Singapore, researchers explained that Microsoft Defender and Kaspersky's Endpoint Detection and Response (EDR) can be made to detect false positive indicators of malicious files - and then to delete them. READ MORE...
An executive producer of the Netflix hit What Jennifer Did has responded to accusations that the true crime documentary used AI images when depicting Jennifer Pan, a woman currently imprisoned in Canada for orchestrating a murder-for-hire scheme targeting her parents. What Jennifer Did shot to the top spot in Netflix's global top 10 when it debuted in early April, attracting swarms of true crime fans who wanted to know more about why Pan paid hitmen $10,000 to murder her parents. READ MORE...