The U.S. and eight other Western governments have jointly dismantled the computer infrastructure behind multiple popular cybercrime tools. In a three-day operation, law enforcement authorities took down more than 1,000 servers and 20 domains associated with the Rhadamanthys infostealer, the VenomRAT remote access Trojan and the Elysium botnet. Greek police arrested VenomRAT's suspected operator. READ MORE...
Hardware accessory giant Logitech has confirmed it suffered a data breach in a cyberattack claimed by the Clop extortion gang, which conducted Oracle E-Business Suite data theft attacks in July. Logitech International S.A. is a Swiss multinational electronics company that sells hardware and software solutions, including computer peripherals, gaming, video collaboration, music, and smart home products. READ MORE...
Food delivery company DoorDash is notifying users, Dashers, and merchants of a recent data breach that led to personal information compromise. The incident was discovered on October 25, the company says in the notifications sent to the impacted individuals, copies of which have been shared on social media. The data breach was the result of a social engineering attack that targeted one of DoorDash's employees, the company said in an incident notice on its website. READ MORE...
Anthropic made headlines Thursday when it released research claiming that a previously unknown Chinese state-sponsored hacking group used the company's Claude AI generative AI product to breach at least 30 different organizations. The threat actor was able to bypass Claude's security guardrails using two methods: breaking up the work into discrete tasks to prevent it from recognizing the broader malicious intentions, and tricking it into believing it was conducting a legitimate security audit. READ MORE...
US federal prosecutors have secured guilty pleas from five men who helped North Korean IT workers get hired by companies in the United States. This group of domestic facilitators helped a sanctioned government move money, slip past hiring checks, and place foreign workers inside more than one hundred American firms, the US Department of Justice (DoJ) says. In Georgia, three US nationals admitted that they let overseas workers pose as them to land remote jobs. READ MORE...
Containerization technology makes software development and cloud deployment easier, but the images that are the foundation of the ecosystem commonly have unnecessary components and hundreds of vulnerabilities. A Chainguard study, for example, found that popular Debian-based Docker images had 280 vulnerabilities, on average, while a study published by NetRise and based on a randomly selected sample of 70 different images found that the average container had 604 vulnerabilities. READ MORE...
Microsoft this week pushed security updates to fix more than 60 vulnerabilities in its Windows operating systems and supported software, including at least one zero-day bug that is already being exploited. Microsoft also fixed a glitch that prevented some Windows 10 users from taking advantage of an extra year of security updates, which is nice because the zero-day flaw and other critical weaknesses affect all versions of Windows, including Windows 10. READ MORE...
Amazon researchers discovered more than 150,000 malicious packages in the NPM registry, in what they called "a defining moment in supply chain security." The packages were part of a token farming campaign that targeted the tea.xyz protocol, which is a blockchain-based system designed to reward developers for open source contributions. The campaign marks the latest example of threat actors weaponizing NPM packages to compromise developers and conduct supply chain attacks. READ MORE...
The phishing kit Lighthouse, which has aided text scams like those soliciting victims to pay unpaid road tolls, appears to have been hampered shortly after Google filed a lawsuit aimed at its creators. Google said on Thursday that Lighthouse had been shut down. Two other organizations that have tracked the suspected Chinese operators of Lighthouse said they saw signs it had at least been disrupted. READ MORE...