Security
Headlines
HeadlinesLatestCVEs

Tag

#mac

Microsoft Uncovers New XCSSET macOS Malware Variant with Advanced Obfuscation Tactics

Microsoft said it has discovered a new variant of a known Apple macOS malware called XCSSET as part of limited attacks in the wild. "Its first known variant since 2022, this latest XCSSET malware features enhanced obfuscation methods, updated persistence mechanisms, and new infection strategies," the Microsoft Threat Intelligence team said in a post shared on X. "These enhanced features add to

The Hacker News
Open in Source
#mac#apple#microsoft#intel#The Hacker News
10 Key SOC Challenges and How AI Addresses Them

SOC challenges like alert fatigue, skill shortages and slow response impact cybersecurity. AI-driven solutions enhance SOC efficiency, automation…

Top US Election Security Watchdog Forced to Stop Election Security Work

The US Cybersecurity and Infrastructure Security Agency has frozen efforts to aid states in securing elections, according to an internal memo viewed by WIRED.

RansomHub: The New King of Ransomware? Targeted 600 Firms in 2024

RansomHub emerges as a major ransomware threat in 2024, targeting 600 organizations after ALPHV and LockBit disruptions. Group-IB…

N. Korean Hackers Suspected in DEEP#DRIVE Attacks Against S. Korea

A phishing attack dubbed DEEP#DRIVE is targeting South Korean entities, with thousands already affected. North Korean hackers from…

New “whoAMI” Attack Exploits AWS AMI Name Confusion for Remote Code Execution

Cybersecurity researchers have disclosed a new type of name confusion attack called whoAMI that allows anyone who publishes an Amazon Machine Image (AMI) with a specific name to gain code execution within the Amazon Web Services (AWS) account. "If executed at scale, this attack could be used to gain access to thousands of accounts," Datadog Security Labs researcher Seth Art said in a report

GHSA-x4c5-c7rf-jjgv: @octokit/endpoint has a Regular Expression in parse that Leads to ReDoS Vulnerability Due to Catastrophic Backtracking

### Summary By crafting specific `options` parameters, the `endpoint.parse(options)` call can be triggered, leading to a regular expression denial-of-service (ReDoS) attack. This causes the program to hang and results in high CPU utilization. ### Details The issue occurs in the `parse` function within the `parse.ts` file of the npm package `@octokit/endpoint`. The specific code is located at the following link: https://github.com/octokit/endpoint.js/blob/main/src/parse.ts, at line 62: ```ts headers.accept.match(/[\w-]+(?=-preview)/g) || ([] as string[]); ``` The regular expression `/[\w-]+(?=-preview)/g` encounters a backtracking issue when it processes `a large number of characters` followed by the `-` symbol. e.g., the attack string: ```js "" + "A".repeat(100000) + "-" ``` ### PoC [The gist](https://gist.github.com/ShiyuBanzhou/a17202ac1ad403a80ca302466d5e56c4) Here is the reproduction process for the vulnerability: 1. run 'npm i @octokit/endpoint' 2. Move `poc.js` to the root dir...

GHSA-ffvr-gmp3-xx43: Apache EventMesh: raft Hessian Deserialization Vulnerability allowing remote code execution

CWE-502 Deserialization of Untrusted Data at the eventmesh-meta-raft plugin module in Apache EventMesh master branch without release version on windows\linux\mac os e.g. platforms allows attackers to send controlled message and remote code execute via hessian deserialization rpc protocol. Users can use the code under the master branch in project repo or version 1.11.0 to fix this issue.

How Banks Can Adapt to the Rising Threat of Financial Crime

Banking fraud and financial crimes are growing more sophisticated every day. By understanding the threats and building strong collaborations, banks can protect themselves and their clients.

Open Source AI Models: Perfect Storm for Malicious Code, Vulnerabilities

Companies pursing internal AI development using models from Hugging Face and other open source repositories need to focus on supply chain security and checking for vulnerabilities.