A large-scale fraud campaign with over 700 domain names is likely targeting Russian-speaking users looking to purchase tickets for the Summer Olympics in Paris. The operation offers fake tickets to the Olympic Games and appears to take advantage of other major sports and music events. Researchers analyzing the campaign are calling it Ticket Heist and found that some of the domains were created in 2022 and the threat actor kept registering an average of 20 new ones every month. READ MORE...
Advance Auto Parts' CISO just revealed for the first time the number of individuals affected when criminals broke into its Snowflake instance - a hefty 2.3 million. Ethan Steiger notified Maine's Attorney General on Wednesday of the extent of the damage - numbering this at 2,316,591 exactly - and the letter sent to victims confirms that the data potentially stolen includes names, dates of birth, social security numbers, and driver's license or other ID document numbers. READ MORE...
The US Justice Department, working in coordination with Canadian and Dutch authorities, has seized two domain names which it claims were being used by Russian-backed hackers to spread disinformation on social media. The FBI has issued a joint cybersecurity advisory with its international partners, detailing the make-up of an AI-enhanced social media bot farm that was used to spread propaganda around the world. READ MORE...
Broadcom-owned VMWare on Wednesday pushed out patches for a high-risk SQL-injection vulnerability in its Aria Automation product and warned that an authenticated malicious user could target the flaw to manipulate databases. The vulnerability, tracked as CVE-2024-22280, allows for unauthorized read and write operations in the database through specially crafted SQL queries, VMWare said in an advisory with a "high-severity" rating READ MORE...
Palo Alto Networks on Wednesday released patches for multiple vulnerabilities, including a critical-severity bug in its Expedition migration tool. Tracked as CVE-2024-5910 (CVSS score of 9.3), the security defect is described as a missing authentication for a critical function, which could allow attackers to take over administrative accounts. On Wednesday, the cybersecurity giant also resolved a high-severity issue in Panorama software. READ MORE...
The Japanese Space Exploration Agency (JAXA) discovered it was under attack using zero-day exploits while working with Microsoft to probe a 2023 cyberattack on its systems. JAXA's systems came under in attack in late 2023, with its Active Directory implementation taking the brunt of it. An investigation ensued, and saw networks taken offline to verify that no classified data on rockets, satellites, or national security was compromised. READ MORE...
CISA and the FBI on Wednesday issued a joint alert on exploitation of OS command injection vulnerabilities in network edge devices. Published in response to recent intrusions exploiting CVE-2024-20399 (Cisco NX-OS), CVE-2024-3400 (Palo Alto Networks PAN-OS), and CVE-2024-21887 (Ivanti Connect Secure), CISA and the FBI are urging business leaders and device manufacturers to eliminate OS command injection vulnerabilities at the source. READ MORE...