Credit to Author: Abdelrahman Esmail| Date: Fri, 30 Aug 2024 00:00:00 +0000
Trend Micro discovered that old Atlassian Confluence versions that were affected by CVE-2023-22527 are being exploited using a new in-memory fileless backdoor.
Read moreCredit to Author: Ted Lee| Date: Thu, 19 Sep 2024 00:00:00 +0000
We observed Earth Baxia carrying out targeted attacks against APAC countries that involved advanced techniques like spear-phishing and customized malware, with data suggesting that the group operates from China.
Read moreScammers are creating fake Walmart virtual shopping lists that look like a contact page for customer service.
Read more
Credit to Author: BrianKrebs| Date: Wed, 18 Sep 2024 13:43:51 +0000
Scammers are flooding Facebook with groups that purport to offer video streaming of funeral services for the recently deceased. Friends and family who follow the links for the streaming services are then asked to cough up their credit card information. Recently, these scammers have branched out into offering fake streaming services for nearly any kind of event advertised on Facebook. Here’s a closer look at the size of this scheme, and some findings about who may be responsible.
Read more
Credit to Author: Kim Zetter| Date: Wed, 18 Sep 2024 08:00:00 +0000
Participants in a hacking competition with ties to China’s military were, unusually, required to keep their activities secret, but security researchers say the mystery only gets stranger from there.
Read more
Credit to Author: Lily Hay Newman, Matt Burgess| Date: Tue, 17 Sep 2024 18:31:41 +0000
At least eight people have been killed and more than 2,700 people have been injured in Lebanon by exploding pagers. Experts say the blasts point toward a supply chain compromise, not a cyberattack.
Read moreSnapchat reserves the right to use your selfies to add a personal touch, as in your face, to its advertisements.
Read moreCredit to Author: Richard Y Lin| Date: Wed, 18 Sep 2024 00:00:00 +0000
Our research reveals two significant vulnerabilities in Microsoft Azure Private 5G Core (AP5GC). The first vulnerability (CVE-2024-20685) allows a crafted signaling message to crash the control plane, leading to potential service outages. The second (ZDI-CAN-23960) disconnects and replaces attached base stations, disrupting network operations. While these issues are implementation-specific, their exploitation is made possible by a systemic weakness: the lack of mandatory authentication procedures between base stations and packet-cores.
Read more
Credit to Author: Andrew Couts| Date: Mon, 16 Sep 2024 20:55:30 +0000
Musk’s now-deleted post questioning why no one has attempted to assassinate Joe Biden and Kamala Harris renews concerns over his work for the US government—and potential to inspire extremist violence.
Read more
Credit to Author: Matt Burgess| Date: Mon, 16 Sep 2024 15:52:52 +0000
Apple is launching its first stand-alone password manager app in iOS 18. Here’s what you need to know.
Read more