Security News

Advanced persistent threat actors exploited a recently disclosed critical flaw impacting Ivanti Endpoint Manager Mobile as a zero-day since at least April 2023 in attacks directed against Norwegian entities, including a government network. The exact identity or origin of the threat actor remains unclear.

Ivanti released security patches for the path traversal flaw tracked as CVE-2023-35081 today and warned customers that it's "Critical" to upgrade as soon as possible to secure vulnerable appliances against attacks. In light of this, admins and security teams should immediately upgrade their Ivanti EPMM installations to the latest version to protect them from potential attacks.

A critical security flaw in Ivanti's mobile endpoint management code was exploited and used to compromise 12 Norwegian government agencies before the vendor plugged the hole. On Monday, the US government's Cybersecurity and Infrastructure Security Agency added CVE-2023-35078 to its Known Exploited Vulnerabilities Catalog that should be urgently patched.

A zero-day vulnerability affecting Ivanti Endpoint Manager Mobile has been exploited to carry out an attack that affected 12 Norwegian ministries, the Norwegian National Security Authority has confirmed on Tuesday. On Monday, the Norwegian government said that the attack was detected on the ICT platform used by the 12 ministries, though it did not name the platform at the time.

The Norwegian government is warning that its ICT platform used by 12 ministries has suffered a cyberattack after hackers exploited a zero-day vulnerability in third-party software. The Norwegian Security and Service Organization informed the National Security Authority when the cyberattack was discovered and engaged the police, who are currently investigating the incident.

The Norwegian Data Protection Authority, the country's data privacy watchdog, has banned behavioral advertising on Meta's Facebook and Instagram social networks. Meta extensively monitors the users' actions, meticulously tracking their activities across its platforms, according to the Norwegian DPA. The company uses content preferences, the info they post on Facebook and Instagram, and their location information to build personalized profiles that simplify targeted advertising, a tactic commonly known as behavioral advertising.

Norwegian police have seized 60 million kroner worth of cryptocurrency stolen by the North Korean Lazarus hacking group last year from Axie Infinity's Ronin Bridge. The seized cryptocurrency was stolen from Sky Mavis, the publisher of the blockchain-based game Axie Infinity, which suffered losses of $620 million in March 2022 after an attacker manipulated the game's Ronin bridge to gain partial control of its validators and perform two unauthorized transactions.

A Norwegian student who went wardriving around Oslo on a pushbike has discovered that several popular models of Bluetooth headphones don't implement MAC address randomisation - meaning they can be used to track their wearers. Norwegian state broadcaster NRK revealed Bjorn Hegnes' findings after helping him analyse Bluetooth emissions from a dozen different models of audio headphones, contained within 1.7 million Bluetooth messages he intercepted.

Norwegian cruise company Hurtigruten announced Monday that it had been hit by a major cyberattack involving what appeared to be "Ransomware", designed to seize control of data to ransom it. The company said it had alerted the relevant authorities when the attack was detected overnight Sunday to Monday.

China-linked cyber-espionage group APT10 has targeted companies in the United States and Europe to steal intellectual property or gain commercial advantage, Recorded Future security researchers...