Security News > 2023 > October
The North Korea-linked Lazarus Group (aka Hidden Cobra or TEMP.Hermit) has been observed using trojanized versions of Virtual Network Computing (VNC) apps as lures to target the defense industry...
On October 1, word of a data breach spread after a post on a hacking forum claimed to be selling 3 million lines of customer information as well as D-View source code for a one-time $500 fee. D-Link's public disclosure confirmed it became aware of the incident on October 2 and with the help of investigators called in from Trend Micro, the company determined the actual number of stolen records to be around the 700 mark - substantially off the previously advertised total.
A recently patched Citrix NetScaler ADC/Gateway information disclosure vulnerability has been exploited by attackers in the wild since late August 2023, Mandiant researchers have revealed.They exploited CVE-2023-4966 to hijack existing authenticated sessions, which means that they were able to effectively bypass multifactor authentication requirements.
Threat actors then distribute infostealer malware and leverage Telegram as the backend where fresh "Logs" are delivered upon successful infection. Finally these log files are then distributed in public and private Telegram channels to other threat actors.
An ethical hacker has exploited a bug in the way X truncates URLs to take over a CIA Telegram channel used to receive intelligence. Kevin McSheehan, who uses the online handle "Pad," spotted the issue after hovering over the link to the CIA's Telegram channel displayed on its X social media profile.
Citrix is warning of exploitation of a recently disclosed critical security flaw in NetScaler ADC and Gateway appliances that could result in exposure of sensitive information. Tracked as...
A threat actor, presumably from Tunisia, has been linked to a new campaign targeting exposed Jupyter Notebooks in a two-fold attempt to illicitly mine cryptocurrency and breach cloud environments....
In the ever-evolving landscape of cybersecurity, attackers are always searching for vulnerabilities and exploits within organizational environments. They don't just target single weaknesses;...
Cryptojackers are targeting exposed Jupyter Notebooks to install cryptominers and steal credential files for popular cloud services, researchers have uncovered. "Jupyter is a service that allows you to host individual snippets of code and lets others execute this code in an isolated environment. A Jupyter Notebook refers to an instance of the Jupyter web application," Matt Muir, Threat Research Lead at Cado Security, told Help Net Security.
Amnesty International has published a comprehensive analysis of the Predator government spyware products. These technologies used to be the exclusive purview of organizations like the NSA. Now they're available to every country on the planet-democratic, nondemocratic, authoritarian, whatever-for a price.