🐛 COMMON VULNERABILITIES AND EXPOSURES 1[−]
26 DecAdobe Warns of ColdFusion Vulnerability Allows Attackers Read arbitrary filesAdobe has issued a critical security update for ColdFusion versions 2023 and 2021 to address a major vulnerability that could lead to an arbitrary file system read. The identified vulnerability, CVE-2024-53961, has a known proof-of-concept exploit, making the updates crucial for …GBHACKERS.COM
⚠️ VULNERABILITY DISCLOSURE 4[−]
26 DecAraneida Scanner – Hackers Using Cracked Version Of Acunetix Vulnerability ScannerThreat Analysts have reported alarming findings about the “Araneida Scanner,” a malicious tool allegedly based on a cracked version of Acunetix, a renowned web application vulnerability scanner. The tool has been linked to illegal activities, including offensive recon…GBHACKERS.COM
26 DecA Dark Web Operation Acquiring KYC Details TO Bypass Identity Verification SystemsA major dark web operation dedicated to circumventing KYC (Know Your Customer) procedures, which involves the systematic collection and exploitation of genuine identity documents and images. Attackers utilize these resources to develop and sell techniques for bypassing iden…GBHACKERS.COM
26 DecNetwork problems delay flights at two oneworld Alliance airlinesIT problems struck flights at two oneworld Alliance member airlines this week, leading to delays and flight cancellations. Network equipment connecting internal and external systems at Japan Airlines (JAL) malfunctioned early on Dec. 26 after “receiving a large amount of data fro…NETWORKWORLD.COM
26 DecHow are you securing your communications in the wake of the Volt Typhoon revelations?The FBI recently released information that text messages between Apple and Android texting systems were insecure and that attackers could listen in and access those communications, more fallout from the revelation that a Chinese-affiliated threat actor had breached telecommunicat…CSOONLINE.COM
📋 SECURITY BULLETINS 1[−]
26 DecWindows 11 installation media bug causes security update failuresMicrosoft is warning of an issue when using a media support to install Windows 11, version 24H2, that causes the operating system to not accept further security updates. [...]BLEEPINGCOMPUTER.COM
🔥 INCIDENT REPORTING 6[−]
26 DecDefense Giant General Dynamics Says Employees Targeted in Phishing AttackGeneral Dynamics says several benefits accounts were hacked after threat actors targeted employees in a phishing campaign. The post Defense Giant General Dynamics Says Employees Targeted in Phishing Attack appeared first on SecurityWeek .SECURITYWEEK.COM
26 DecCl0p Ransomware Group to Name Over 60 Victims of Cleo AttackThe Cl0p ransomware group has confirmed that Blue Yonder was hit in the Cleo attack and the hackers are preparing to name over 60 others. The post Cl0p Ransomware Group to Name Over 60 Victims of Cleo Attack appeared first on SecurityWeek .SECURITYWEEK.COM
26 DecJapan Airlines Was Hit by a Cyberattack, Delaying Flights During the Year-End Holiday SeasonJapan Airlines was hit by a cyberattack, causing delays to more than 20 domestic flights, but there was no threat to flight safety. The post Japan Airlines Was Hit by a Cyberattack, Delaying Flights During the Year-End Holiday Season appeared first on SecurityWeek .SECURITYWEEK.COM
26 DecBrazilian Hacker Charged for Extorting $3.2M in Bitcoin After Breaching 300,000 AccountsA Brazilian citizen has been charged in the United States for allegedly threatening to release data stolen by hacking into a company's network in March 2020. Junior Barros De Oliveira, 29, of Curitiba, Brazil has been charged with four counts of extortionate threats involving inf…THEHACKERNEWS.COM
26 DecNorth Korean Hackers Stolen $2.2 Billion From Crypto Platforms In 2024Cryptocurrency hacking incidents in 2024 surged 21.07% YoY to $2.2 billion, with 303 breaches reported, which marks the fifth year exceeding $1 billion in stolen funds, demonstrating a concerning correlation between crypto market growth and the scale of cyberattacks. Crypto…GBHACKERS.COM
26 DecThese were the badly handled data breaches of 2024Blaming victims, months of silence, and suing security researchers all featured in cybersecurity in 2024. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
🕵️ THREAT INTELLIGENCE 9[−]
26 DecScams Based on Fake Google EmailsScammers are hacking Google Forms to send email to victims that come from google.com. Brian Krebs reports on the effects. Boing Boing post .SCHNEIER.COM
26 DecNew 'OtterCookie' malware used to backdoor devs in fake job offersNorth Korean threat actors are using new malware called OtterCookie in the Contagious Interview campaign that is targeting software developers. [...]BLEEPINGCOMPUTER.COM
26 DecThe Intersection of AI and OSINT: Advanced Threats On The HorizonArtificial Intelligence (A) is revolutionizing intelligence gathering, empowering cybersecurity defenders, and amplifying threat actor capabilities. The post The Intersection of AI and OSINT: Advanced Threats On The Horizon appeared first on SecurityWeek .SECURITYWEEK.COM
26 DecCapturing Honeypot Data Beyond the Logs, (Thu, Dec 26th)By default, DShield Honeypots [1] collect firewall, web and cowrie (telnet/ssh) [2] data and log them on the local filesystem. A subset of this data is reported to the SANS Internet Storm Center (ISC) where it can be used by anyone [3]. A common ques…ISC.SANS.EDU
26 DecBeware of New Malicious PyPI packages That Steals Login DetailsTwo malicious Python packages, Zebo-0.1.0 and Cometlogger-0.1, were recently detected by Fortinet’s AI-driven OSS malware detection system. These packages, spotted on November 16 and November 24, 2024, respectively, represent significant threats to users by leveraging advan…GBHACKERS.COM
26 DecBrazilian Hacker Arrested Hacking Computers & Selling DataA Brazilian man, Junior Barros De Oliveira, has been charged with multiple counts of cybercrime and extortion for hacking into the computer systems of a Brazilian subsidiary of a New Jersey-based company and attempting to extort millions in Bitcoin. The indictment, unsealed in Ne…GBHACKERS.COM
26 DecMcDonald’s Delivery App Bug Let Customers Orders For Just $0.01McDonald’s India (West & South) / Hardcastle Restaurants Pvt. Ltd. operates a custom McDelivery web app for ordering McDonald’s food for delivery, dine-in, and takeout. The app is popular, with over 10 million downloads on Google Play and #16 in Food & D…GBHACKERS.COM
26 DecSecuring Remote OT Operations:Expanded attack surfaces have made OT systems a target for cyber threats, underscoring the need for a security framework tailored to remote OT environments. The post Securing Remote OT Operations: appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
26 DecIs This The End of Screen Privacy? 🛑Microsoft’s latest feature has everyone questioning their screen privacy! Imagine everything you do being captured in real-time. While the idea has its benefits, the public reaction shows just how much trust is at stake. Can tech innovation balance security and privacy? Let us kn…YOUTUBE.COM