Category: Uncategorized
-
Watering Hole Attack on Kurdish Sites Distributing Malicious APKs and Spyware [email protected] (The Hacker News)
As many as 25 websites linked to the Kurdish minority have been compromised as part of a watering hole attack designed to harvest sensitive information for over a year and a half. French cybersecurity firm Sekoia, which disclosed details of the campaign dubbed SilentSelfie, described the intrusion set as long-running, with first signs of infection…
-
Israeli Group Claims Lebanon Water Hack as CISA Reiterates Warning on Simple ICS Attacks Eduard Kovacs
Unsophisticated methods can still be used to hack ICS/OT — even so, many cyberattack claims are likely exaggerated. The post Israeli Group Claims Lebanon Water Hack as CISA Reiterates Warning on Simple ICS Attacks appeared first on SecurityWeek. Read More
-
Cloudflare Warns of India-Linked Hackers Targeting South and East Asian Entities [email protected] (The Hacker News)
An advanced threat actor with an India nexus has been observed using multiple cloud service providers to facilitate credential harvesting, malware delivery, and command-and-control (C2). Web infrastructure and security company Cloudflare is tracking the activity under the name SloppyLemming, which is also called Outrider Tiger and Fishing Elephant. “Between late 2022 to present, SloppyLemmingRead More
-
Chinese Hackers Infiltrate U.S. Internet Providers in Cyber Espionage Campaign [email protected] (The Hacker News)
Nation-state threat actors backed by Beijing broke into a “handful” of U.S. internet service providers (ISPs) as part of a cyber espionage campaign orchestrated to glean sensitive information, The Wall Street Journal reported Wednesday. The activity has been attributed to a threat actor that Microsoft tracks as Salt Typhoon, which is also known as FamousSparrow…
-
Apache HugeGraph-Server Improper Access Control Vulnerability (CVE-2024-27348)
What is the Vulnerability?CVE-2024-27348 is a remote code execution (RCE) vulnerability affecting Apache HugeGraph-Server. HugeGraph is a versatile graph database that integrates seamlessly with the Apache TinkerPop3 framework and the Gremlin query language, making it the first graph database project under the Apache umbrella.This vulnerability in particular allows unauthenticated attackers to execute arbitrary operating system…
-
OpenAI Exec Mira Murati Says She’s Leaving Artificial Intelligence Company Associated Press
Mira Murati, who served a few days as its interim CEO during a period of turmoil last year, said she’s leaving the artificial intelligence company. The post OpenAI Exec Mira Murati Says She’s Leaving Artificial Intelligence Company appeared first on SecurityWeek. Read More
-
Google’s Shift to Rust Programming Cuts Android Memory Vulnerabilities by 52% [email protected] (The Hacker News)
Google has revealed that its transition to memory-safe languages such as Rust as part of its secure-by-design approach has led to the percentage of memory-safe vulnerabilities discovered in Android dropping from 76% to 24% over a period of six years. The tech giant said focusing on Safe Coding for new features not only reduces the…
-
Cyber Founder Recipe for Success: Clear Vision and Trusted Experts Jennifer Leggio
A clear, consistent vision, along with reliable experts, are the two essential ingredients for startup founders to achieve success—both in cyber and beyond. The post Cyber Founder Recipe for Success: Clear Vision and Trusted Experts appeared first on SecurityWeek. Read More
-
Tamnoon Raises $12 Million for Cloud Security Remediation Service Eduard Kovacs
Tamnoon has raised $12 million in Series A funding for its Managed Cloud Security Remediation service. The post Tamnoon Raises $12 Million for Cloud Security Remediation Service appeared first on SecurityWeek. Read More
-
Mozilla Faces Privacy Complaint for Enabling Tracking in Firefox Without User Consent [email protected] (The Hacker News)
Vienna-based privacy non-profit noyb (short for None Of Your Business) has filed a complaint with the Austrian data protection authority (DPA) against Firefox maker Mozilla for enabling a new feature called Privacy Preserving Attribution (PPA) without explicitly seeking users’ consent. “Contrary to its reassuring name, this technology allows Firefox to track user behavior on websites,”…