FBI disrupts the Dispossessor ransomware operation, seizes servers
The FBI announced on Monday that it seized the servers and websites of the Radar/Dispossessor ransomware operation following a joint international investigation. The joint operation was carried out in collaboration with the U.K.'s National Crime Agency, the Bamberg Public Prosecutor's Office, and the Bavarian State Criminal Police Office (BLKA). Law enforcement seized three U.S. servers, three U.K. servers, 18 German servers, eight U.S.-based domains, and one German-based domain. READ MORE...
Attacker steals personal data of 200K+ people with links to Arizona tech school
An Arizona tech school will send letters to 208,717 current and former students, staff, and parents whose data was exposed during a January break-in that allowed an attacker to steal nearly 50 types of personal info. The East Valley Institute of Technology (EVIT) said a "cyber incident that involved unauthorized access to the network," which was on January 9, was the cause of the data theft. READ MORE...
Attackers target legacy Cisco Smart Install features
Federal authorities and security researchers warn malicious hackers are targeting legacy Cisco Smart Install features to steal system configuration files and compromise enterprise networks. The Cybersecurity and Infrastructure Security Agency advised organizations to disable the Smart Install feature and said it continues to see enterprises using weak passwords on Cisco network devices, in an advisory released Thursday. READ MORE...
Ukraine CERT: Mass Phishing Campaign Poses as Nation's Security Service
On Aug. 12, Ukraine's Computer Emergency Response Team (CERT-UA) discovered a mass distribution of emails carrying malicious software posing as the country's Security Service (SSU). The emails contain a link to download a file called "Document.zip" that, once clicked on, triggers a download of the MSI-file. This file launches a malware called ANONVNC that, when opened, allows attackers to gain unauthorized access to a victim's device. READ MORE...
Who uses LLM prompt injection attacks IRL? Mostly unscrupulous job seekers, jokesters and trolls
Despite worries about criminals using prompt injection to trick large language models (LLMs) into leaking sensitive data or performing other destructive actions, most of these types of AI shenanigans come from job seekers trying to get their resumes past automated HR screeners - and people protesting generative AI for various reasons, according to Russian security biz Kaspersky. READ MORE...
CLFS Bug Crashes Even Updated Windows 10, 11 Systems
A simple bug in the Common Log File System (CLFS) driver can instantly trigger the infamous blue screen of death across any recent versions of Windows. CLFS is a user- and kernel-mode logging service that helps applications record and manage logs. It's also a popular target for hacking. While experimenting with its driver last year, a Fortra researcher discovered an improper validation of specified quantities in input data which allowed him to trigger system crashes at will. READ MORE...
Chrome, Edge users beset by malicious extensions that can't be easily removed
A widespread campaign featuring a malicious installer that saddles users with difficult-to-remove malicious Chrome and Edge browser extensions has been spotted by researchers. "The trojan malware contains different deliverables ranging from simple adware extensions that hijack searches to more sophisticated malicious scripts that deliver local extensions to steal private data and execute various commands," the Reason Labs research team says. READ MORE...
AMD Says New Sinkclose CPU Vulnerability Only Affects 'Seriously Breached Systems'
Cybersecurity research company IOActive has disclosed the details of a new vulnerability impacting AMD processors, but the chip giant pointed out that the weakness is not easy to exploit. The vulnerability, dubbed Sinkclose and tracked as CVE-2023-31315, targets System Management Mode (SMM), a high-privilege operating mode in x86 processors used for low-level system management functions. READ MORE...
35% of exposed API keys still active, posing major security risks
Nightfall AI's research revealed that secrets like passwords and API keys were most often found in GitHub, with nearly 350 total secrets exposed per 100 employees every year. What's more concerning is that 35% of all API keys discovered were still active - posing a major risk for privilege escalation attacks, data leaks, data breaches and more. Many of the secrets discovered had already been exposed for several months. READ MORE...
Post-Quantum Cryptography Standards Officially Announced by NIST - a History and Explanation
NIST has formally published three post-quantum cryptography standards from the competition it held to develop cryptography able to withstand the anticipated quantum computing decryption of current asymmetric encryption. There are no surprises - but now it is official. The three standards are ML-KEM (formerly better known as Kyber), ML-DSA (formerly better known as Dilithium), and SLH-DSA (better known as Sphincs+). READ MORE...
- ...in 1860, celebrated performing sharpshooter Annie Oakley is born in a log cabin in Darke County, OH.
- ...in 1913, metallurgist Harry Brearley first synthesizes stainless steel in his laboratory in Sheffield, England.
- ...in 1942, the US Army Corps of Engineers authorizes the construction of facilities for creating the first atomic bomb, AKA the "Manhattan Project."
- ...in 1961, composer Koji Kondo, who wrote the music for the original 8-bit "Super Mario Bros." and "Legend of Zelda" video games, is born in Nagoya, Japan.
