25Articles
7Categories
2024-03-30Date
🚨 CISA KEV 1[−]
30 Mar KEVCISA: CISA Adds One Known Exploited Vulnerability to Catalog - RedPacket Securitysubmitted by Lanky_Pomegranate530 to cybersecurity 2 points | 0 comments https://www.redpacketsecurity.com/cisa-cisa-adds-one-known-exploited-vulnerability-to-catalog-30-03-2024/REDPACKETSECURITY.COM
🐛 COMMON VULNERABILITIES AND EXPOSURES 1[−]
30 MarUrgent: Secret Backdoor Found in XZ Utils Library, Impacts Major Linux DistrosRedHat on Friday released an "urgent security alert" warning that two versions of a popular data compression library called XZ Utils (previously LZMA Utils) have been backdoored with malicious code designed to allow unauthorized remote access. The software supply chain …THEHACKERNEWS.COM
⚠️ VULNERABILITY DISCLOSURE 7[−]
30 MarLessons from a Ransomware Attack against the British Library - Source: www.schneier.com - CISO2CISO.COM & CYBER SECURITY GROUPsubmitted by Lanky_Pomegranate530 to cybersecurity 2 points | 0 comments https://ciso2ciso.com/lessons-from-a-ransomware-attack-against-the-british-library-source-www-schneier-com/CISO2CISO.COM
30 MarAI bots hallucinate software packages and devs download themsubmitted by c0mmando to netsec 1 points | 0 comments https://go.theregister.com/feed/www.theregister.com/2024/03/28/ai_bots_hallucinate_software_packages/ Several big businesses have published source code that incorporates a software package previously hallucinated by generative…GO.THEREGISTER.COM
30 MarMeta allegedly snooped on Snapchat via traffic decryptionsubmitted by c0mmando to netsec 1 points | 0 comments https://www.theregister.com/2024/03/27/meta_snapchat_data/ To spy on rival Snapchat and get data on how the app was being used, Meta – when it was operating as Facebook – allegedly initiated a program called Project Ghostbuste…THEREGISTER.COM
30 MarGoFetch exploit can't be disabled on Apple's M1 and M2 chipssubmitted by c0mmando to netsec 2 points | 0 comments https://go.theregister.com/feed/www.theregister.com/2024/03/25/gofetch_security_exploit_demoed/ The GoFetch vulnerability found on Apple M-series and Intel Raptor Lake CPUs has been further unpacked by the researchers who firs…GO.THEREGISTER.COM
30 MarEasy Privilege Escalation Exploit Lands for Linux KernelsA Linux privilege-escalation proof-of-concept exploit has been published that, according to the bug hunter who developed it, typically works effortlessly on kernel versions between at least 5.14 and 6.6.14.THEREGISTER.COM
30 MarMalicious Backdoor Spotted in Linux Compression Library XZThis supply-chain compromise may have been caught early enough to prevent widespread exploitation, and it may only mainly affect bleeding-edge distros that picked up the latest xz versions right away.THEREGISTER.COM
30 MarMaking Our Infrastructure Resilient: 5 Priorities for Security R&D - Source: www.cyberdefensemagazine.com - CISO2CISO.COM & CYBER SECURITY GROUPsubmitted by Lanky_Pomegranate530 to cybersecurity 3 points | 0 comments https://ciso2ciso.com/making-our-infrastructure-resilient-5-priorities-for-security-rd-source-www-cyberdefensemagazine-com/CISO2CISO.COM
🔥 INCIDENT REPORTING 4[−]
30 MarPrisma Finance Crypto Theft Caps Strange Week of Platform BreachesTwo prominent crypto platforms were compromised this week, with millions worth of cryptocurrency stolen by hackers with confusing motives. The two platforms include the blockchain-based game Munchables and the DeFi platform Prisma Finance.THERECORD.MEDIA
30 MarWeekly Update 393Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite A serious but not sombre intro this week: I mentioned at the start of the vid that I had the classic visor hat on as I'd had a mol…TROYHUNT.COM
30 MarAT&T confirms data for 73 million customers leaked on hacker forumAT&T has finally confirmed it is impacted by a data breach affecting 73 million current and former customers after initially denying the leaked data originated from them. [...]BLEEPINGCOMPUTER.COM
30 MarLeaked Data Set Belongs to AT&T Current and Former CustomersData of 75 Million Individuals, Including SSNs, Posted On Criminal Forum AT&T did an about-face Saturday, saying that a leaked tranche of data pertaining to 73 million individuals does in fact reveal sensitive information of current and former customers of America's largest w…DATABREACHTODAY.CO.UK
🕵️ THREAT INTELLIGENCE 6[−]
30 MarGitHub disables XZ Repositorysubmitted by wyre to cybersecurity 5 points | 1 comments https://www.phoronix.com/news/GitHub-Disables-XZ-RepoPHORONIX.COM
30 MarDormakaba Locks Used in Millions of Hotel Rooms Could Be Cracked in Secondssubmitted by Lanky_Pomegranate530 to cybersecurity 1 points | 0 comments https://thehackernews.com/2024/03/dormakaba-locks-used-in-millions-of.html?m=1THEHACKERNEWS.COM
30 MarEverything I Know About the Xz Backdoorsubmitted by randomperson to cybersecurity 1 points | 0 comments https://boehs.org/node/everything-i-know-about-the-xz-backdoorBOEHS.ORG
30 MarLasse Collin: XZ Utils backdoorsubmitted by randomperson to cybersecurity 3 points | 0 comments https://tukaani.org/xz-backdoor/TUKAANI.ORG
30 MarAre You Affected by the Backdoor in XZ Utils?submitted by Lanky_Pomegranate530 to cybersecurity 1 points | 0 comments https://www.darkreading.com/vulnerabilities-threats/are-you-affected-by-the-backdoor-in-xz-utilsDARKREADING.COM
30 MarIsraeli LGBTQ App Atraf Faces Data Leak, 700,000 Users Affectedsubmitted by Lanky_Pomegranate530 to cybersecurity 2 points | 0 comments https://www.hackread.com/hacker-leak-atraf-database-700k-users/HACKREAD.COM
🌐 CYBER THREAT LANDSCAPE 3[−]
30 MarHackers Target macOS Users with Malicious Ads Spreading Stealer MalwareMalicious ads and bogus websites are acting as a conduit to deliver two different stealer malware, including Atomic Stealer, targeting Apple macOS users. The ongoing infostealer attacks targeting macOS users may have adopted different methods to compromise victims' Macs, but oper…THEHACKERNEWS.COM
30 MarVultur banking malware for Android poses as McAfee Security appSecurity researchers found a new version of the Vultur banking trojan for Android that includes more advanced remote control capabilities and an improved evasion mechanism. [...]BLEEPINGCOMPUTER.COM
📡 INFOSEC NEWS 3[−]
30 MarOver 100 Malicious Packages Target Popular ML PyPi LibrariesEarly on March 28, 2024, the Mend.io research team detected more than 100 malicious packages targeting the most popular machine learning (ML) libraries from the PyPi registry. Among those libraries are Pytorch, Matplotlib, and Selenium.MEND.IO
30 MarAT&T resets account passcodes after millions of customer records leak onlineSecurity researcher told TechCrunch that leaked AT&T customer data contained encrypted account passcodes that can be easily unscrambled. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM