Security
Headlines
HeadlinesLatestCVEs

Tag

#mac

Void Banshee APT Exploits Microsoft Zero-Day in Spear-Phishing Attacks

The threat group used CVE-2024-38112 and a "zombie" version of IE to spread Atlantida Stealer through purported PDF versions of reference books.

DARKReading
Open in Source
#vulnerability#web#mac#windows#microsoft#cisco#git#intel#backdoor#pdf#auth#zero_day#chrome
Hackers Claim to Have Leaked 1.1 TB of Disney Slack Messages

A hacker group called “NullBulge” says it stole more than a terabyte of Disney’s internal Slack messages and files from nearly 10,000 channels in an apparent protest over AI-generated art.

Ubuntu Security Notice USN-6898-1

Ubuntu Security Notice 6898-1 - Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. A privileged attacker could possibly use this to cause a denial of service.

'Trial' DDoS Attacks on French Sites Portend Greater Olympics Threats

Russian hacktivists claim DDoS attacks against basic tourist websites. Is it real, or just smoke and mirrors?

How an AI “artist” stole a woman’s face, with Ali Diamond (Lock and Code S05E15)

This week on the Lock and Code podcast, we speak with Ali Diamond about what it felt like to find an AI image model of herself online.

How Manufacturers Can Secure Themselves Against Cyber Threats

Good risk management is necessary to protect customers, ensure operational continuity, safeguard intellectual property, and maintain fiscal responsibility.

10,000 Victims a Day: Infostealer Garden of Low-Hanging Fruit

Imagine you could gain access to any Fortune 100 company for $10 or less, or even for free. Terrifying thought, isn’t it? Or exciting, depending on which side of the cybersecurity barricade you are on. Well, that’s basically the state of things today. Welcome to the infostealer garden of low-hanging fruit. Over the last few years, the problem has grown bigger and bigger, and only now are we

CRYSTALRAY Hackers Infect Over 1,500 Victims Using Network Mapping Tool

A threat actor that was previously observed using an open-source network mapping tool has greatly expanded their operations to infect over 1,500 victims. Sysdig, which is tracking the cluster under the name CRYSTALRAY, said the activities have witnessed a 10x surge, adding it includes "mass scanning, exploiting multiple vulnerabilities, and placing backdoors using multiple [open-source software]

A week in security (July 8 – July 14)

A list of topics we covered in the week of July 8 to July 14 of 2024

New HardBit Ransomware 4.0 Uses Passphrase Protection to Evade Detection

Cybersecurity researchers have shed light on a new version of a ransomware strain called HardBit that comes packaged with new obfuscation techniques to deter analysis efforts. "Unlike previous versions, HardBit Ransomware group enhanced the version 4.0 with passphrase protection," Cybereason researchers Kotaro Ogino and Koshi Oyama said in an analysis. "The passphrase needs to be provided during