A London court has heard that two British teens hacked and blackmailed a series of companies, causing millions of dollars worth of damage. As Reuters reports, Arion Kurtaj - now 18 years old - is accused of hacking Uber, fintech firm Revolut, and Grand Theft Auto videogame developer Rockstar Games last September. The Rockstar hack resulted in the leak of more than 90 videos of footage from the as-yet-unreleased "Grand Theft Auto 6". READ MORE...
The Russia-backed group behind the infamous SolarWinds attack is targeting "an astonishing number" of foreign diplomats working at embassies in the Ukraine with lures that are a bit more personal than the traditional political fare normally used to entice them to click on malicious links. Researchers from Palo Alto Networks' Unit 42 observed the group - which they track as Cloaked Ursa but which is better known as Nobelium/APT29 - a vehicle to get around in. READ MORE...
Since at least May 2021, stealthy Linux malware called AVrecon was used to infect over 70,000 Linux-based small office/home office (SOHO) routers and add them to a botnet designed to steal bandwidth and provide a hidden residential proxy service. This allows its operators to hide a wide spectrum of malicious activities, from digital advertising fraud to password spraying. READ MORE...
Researchers from Ruhr University Bochum and the CISPA Helmholtz Center for Information Security in Saarbrücken have assessed the security mechanisms of satellites currently orbiting the Earth from an IT perspective. They analyzed three current low-earth orbit satellites and found that, from a technical point of view, only some modern security concepts were implemented. Various security mechanisms that are standard in modern mobile phones and laptops were not to be found. READ MORE...
It was to be expected: As the buzz around Meta's new microblogging platform Threads gained momentum, some individuals have stepped in to take advantage of the fact that the app still can't formally serve users in the European Union (or China, or Russia). Threads - whose full name is "Threads, an Instagram app" - is an app created by Meta's Instagram team and to use it you have to have an Instagram account. READ MORE...
All-In-One Security, a WordPress security plugin installed on more than 1 million websites, has issued a security update after being caught three weeks ago logging plaintext passwords and storing them in a database accessible to website admins. The passwords were logged when users of a site using the plugin, typically abbreviated as AIOS, logged in, the developer of AIOS said Thursday. READ MORE...
Zimbra urged admins today to manually fix a zero-day vulnerability actively exploited to target and compromise Zimbra Collaboration Suite (ZCS) email servers. This widely adopted email and collaboration platform is currently employed by over 200,000 businesses spanning 140 countries, including more than 1,000 government and financial organizations worldwide. READ MORE...
Two vulnerabilities in industrial programmable logic controllers (PLCs) from Rockwell Automation threaten critical infrastructure and industrial environments with disruption. Both of these vulnerabilities are located in the communication modules of the PLCs that are used to physically control operational technology equipment, and are capable of being triggered through malicious common industrial protocol (CIP) messages. READ MORE...
Cybersecurity company Armis has identified several vulnerabilities in Honeywell distributed control system (DCS) products that could be exploited in attacks aimed at industrial organizations. Armis researchers started disclosing their findings to the industrial giant last year. They discovered a total of nine new vulnerabilities, including seven that have been assigned a 'critical severity' rating. READ MORE...
A remotely-exploitable critical vulnerability in the Cisco SD-WAN vManage software could allow unauthenticated attackers to retrieve information from vulnerable instances. Tracked as CVE-2023-20214 (CVSS score of 9.1), the vulnerability exists because the REST API feature of vManage does not sufficiently validate requests. The vManage API allows administrators to configure, control, and monitor Cisco devices over the network. READ MORE...