Security News

HackerOne has announced that its bug bounty programs have awarded over $300 million in rewards to ethical hackers and vulnerability researchers since the platform's inception. Thirty hackers have earned over a million USD for their submissions, and one has broken the record, receiving over $4 million for his bug reports.

The Pwn2Own Toronto 2023 hacking competition has ended with security researchers earning $1,038,500 for 58 zero-day exploits targeting consumer products between October 24 and October 27. During the Pwn2Own Toronto 2023 hacking event organized by Trend Micro's Zero Day Initiative, security researchers targeted mobile and IoT devices.

The North Korean Lazarus hacking group repeatedly compromised a software vendor using flaws in vulnerable software despite multiple patches and warnings being made available by the developer. SIGNBT can also fetch additional payloads from the C2 and deploy them on the host, providing Lazarus with operational versatility.

Kettle In this week's Kettle the topic is one that's been much in the news this week - the much-underrated insider threat issue. Time and again the most effective thieves are already inside the building and using their corporate-issued credentials.

The Russian APT28 hacking group has been targeting government entities, businesses, universities, research institutes, and think tanks in France since the second half of 2021. The Russian hackers have been compromising peripheral devices on critical networks of French organizations and moving away from utilizing backdoors to evade detection.

A proof-of-concept exploit is released for the 'Citrix Bleed' vulnerability, tracked as CVE-2023-4966, that allows attackers to retrieve authentication session cookies from vulnerable Citrix NetScaler ADC and NetScaler Gateway appliances. The CVE-2023-4966 Citrix Bleed flaw is an unauthenticated buffer-related vulnerability affecting Citrix NetScaler ADC and NetScaler Gateway, network devices used for load balancing, firewall implementation, traffic management, VPN, and user authentication.

The threat actor known as Winter Vivern has been observed exploiting a zero-day flaw in Roundcube webmail software on October 11, 2023, to harvest email messages from victims' accounts. "Winter...

Several state and key industrial organizations in Russia were attacked with a custom Go-based backdoor that performs data theft, likely aiding espionage operations. Kaspersky first detected the campaign in June 2023, while in mid-August, the cybersecurity firm spotted a newer version of the backdoor that introduced better evasion, indicating ongoing optimization of the attacks.

The District of Columbia Board of Elections says that a threat actor who breached a web server operated by the DataNet Systems hosting provider in early October may have obtained access to the personal information of all registered voters. The entire voter roll that may have been exposed contains a wide range of personally identifiable information, including driver's license numbers, dates of birth, partial social security numbers, and contact information such as phone numbers and email addresses.

The number of Cisco IOS XE devices detected with a malicious backdoor implant has plummeted from over 50,000 impacted devices to only a few hundred after the attackers updated the backdoor to hide infected systems from scans. This week, Cisco warned that hackers exploited two zero-day vulnerabilities, CVE-2023-20198 and CVE-2023-20273, to hack over 50,000 Cisco IOS XE devices to create privileged user accounts and install a malicious LUA backdoor implant.