Geek-Guy.com

Category: Global Security News

Tesla’s loss is Zoox’s gain

Zoox co-founder and CTO Jesse Levinson told the crowd at TechCrunch Disrupt 2024 that he didn’t think Tesla would launch a robotaxi ride-hailing service in California (or anywhere else) next year, despite what Elon Musk had claimed. The “fundamental issue is they don’t have technology that works,” he said at the time. But it seems that…

Nearly half of US teens are online almost constantly, Pew study finds

Nearly half of teens in the U.S. are online almost constantly, and the platform they’re using the most is YouTube, a new study from the Pew Research Center has found. The center reports that 46% of teens say they’re online “almost constantly,” and 90% of teens it surveyed said they use the Google-owned video platform,…

Attackers exploit zero-day RCE flaw in Cleo managed file transfer

Security researchers have warned about in-the-wild attacks that exploit a remote code execution vulnerability in managed file transfer (MFT) solutions developed by enterprise software vendor Cleo Communications.The impacted products include the latest versions of Cleo LexiCom, Cleo VLTrader and Cleo Harmony, with experts advising to temporarily disconnect these systems from the internet until a patch…

Cybercriminal marketplace Rydox seized in international law enforcement operation

The Justice Department announced Thursday that it had participated in a coordinated effort to seize and dismantle Rydox, an online marketplace for stolen personal information and cybercrime tools. The operation led to the arrest of three individuals alleged to be the site’s administrators. Rydox has been linked to over 7,600 illicit sales and generated substantial…

ChatGPT: Everything you need to know about the AI-powered chatbot

ChatGPT, OpenAI’s text-generating AI chatbot, has taken the world by storm since its launch in November 2022. What started as a tool to supercharge productivity through writing essays and code with short text prompts has evolved into a behemoth with 300 million weekly active users. 2024 has been a big year for OpenAI, from its…

Court indicts 14 North Korean IT workers tied to $88 million in illicit gains

A federal court has indicted 14 more North Korean IT workers as part of an ongoing U.S. government campaign to crack down on Pyongyang’s use of tech professionals to swindle American companies and nonprofits. The Justice Department said the 14 indicted workers generated at least $88 million throughout a conspiracy that stretched over approximately six…

Holding Back Salt Typhoon + Other Chinese APT CVEs

Over the past several years, US Federal Agencies and private sector companies have observed China-based threat actors targeting network and telecommunication critical infrastructure. A wave of recent reports have disclosed that these attacks have succeeded in compromising government and industry targets to a far greater extent than previously thought. As a result, CISA has issued…

CyberArk Launches FuzzyAI to Test AI Models for Security Risks

Identity security solution vendor CyberArk has launched its new tool designed to test AI models and determine potential security issues before problems arise. CyberArk said in a press release announcing FuzzyAI that the tool has jailbroken every model it tested, pointing to significant flaws across AI adoption, leaving organizations vulnerable as they utilize emerging technologies.…

Cato Networks Expands SASE Platform with IoT/OT Security Solution

Secure Access Server Edge (SASE) leader Cato Networks recently announced that it will expand its Cato SASE Cloud Platform with a new IoT/OT security solution. Cato Networks brings new native capabilities to its platform The Cato IoT/OT Security solution will be the fourth major platform expansion for Cato in 2024, coming on the heels of…

Security researchers find deep flaws in CVSS vulnerability scoring system

The industrywide method for assessing the severity of vulnerabilities in software and hardware needs to be revised because it provides potential misleading severity assessment, delegates at Black Hat Europe were told Thursday. The Common Vulnerability Scoring System (CVSS) makes use of various metrics to quantify vulnerability severity. A presentation at Black Hat by cybersecurity experts…

Microsoft Windows ‘Best Fit’ character conversion ‘ripe for exploitation’

Security researchers have outlined a novel attack vector that exploits the “Best Fit” character conversion technology built into Windows. The technology comes into play in string conversions, particularly when characters cannot be directly represented in a target character set. However, application security experts Orange Tsai and Splitline Huang from Taiwanese firm DEVCORE used a presentation…

2024 Recap: 8 Notable and Dangerous Chrome Vulnerabilities

With a market share of 66.68%, Google Chrome remains a prime target for cyberattacks. In 2024, this widely used browser faced numerous critical Chrome vulnerabilities that put businesses and individuals at risk and led to significant damage. Attackers exploited these flaws to bypass security measures, steal sensitive information, and deploy malicious payloads.   Security managers are……

KeyTrap DNSSEC: The day the internet (almost) stood still

A severe vulnerability in the internet lookup protocol DNSSEC carried the potential to make much of the web functionally inaccessible for many, according to a presentation at Black Hat Europe. DNSSEC (Domain Name System Security Extensions) offers mitigation against various types of cyberattacks, including DNS spoofing and cache poisoning, by providing a way to cryptographically…

CISA and FCC Issue Urgent Call for Cyber Hardening for Communications Infrastructure

CISA has released new cybersecurity guidelines for communications infrastructure. The guidance comes in the wake of a series of disclosures that massive Telecommunications Carriers have been compromised by Salt Typhoon and other China-sponsored adversaries.  At the same time, the U.S. Federal Communications Commission (FCC) has proposed a Declaratory Ruling to require telecommunications carriers to protect…

Notorious Nigerian cybercriminal tied to BEC scams extradited to U.S.

Abiola Kayode, a 37-year-old Nigerian national, has been extradited from Ghana to the United States to face charges of conspiracy to commit wire fraud.  Kayode, who was on the FBI’s Most Wanted cybercriminal list, is charged with participating in a business email compromise (BEC) scheme and romance fraud from January 2015 to September 2016, defrauding…

International crackdown disrupts DDoS-for-hire operations

In a sweeping international crackdown, law enforcement agencies from 15 countries, including the United States and multiple European nations, have dismantled 27 of the most popular platforms used for carrying out distributed denial-of-service (DDoS) attacks, Europol announced Wednesday. The operation, known as PowerOFF, has led to the arrest of three administrators in France and Germany…

Die wichtigsten Cybersecurity-Prognosen für 2025

Der Cybersecurity-Blick auf 2025. Madcat_Madlove – Shutterstock.com Cyberangriffe auf mehrere deutsche Kliniken oder weltweite IT-Ausfälle durch eine Ransomware-Attacke auf den Software-as-a-Service (SaaS)-Anbieter Blue Yonder – das Jahr 2024 war geprägt von zahlreichen Meldungen aus der Cyberwelt. Doch wie sind die Aussichten für das kommende Jahr? Der Security-Anbieter Cybereason hat die wichtigsten Trends und Herausforderungen für…

Over 300K Prometheus Instances Exposed: Credentials and API Keys Leaking Online

Cybersecurity researchers are warning that thousands of servers hosting the Prometheus monitoring and alerting toolkit are at risk of information leakage and exposure to denial-of-service (DoS) as well as remote code execution (RCE) attacks. “Prometheus servers or exporters, often lacking proper authentication, allowed attackers to easily gather sensitive information, such as credentials and API

Itron marks ‘significant milestone’ of 50th Temetra deployment in Australia

Itron’s meter data collection and management solution to help Aqwest improve cisibility of water consumption and losses Energy, water, smart city, IIoT and intelligent infrastructure services company Itron, which is “innovating new ways for utilities and cities to manage energy and water”, marks a significant milestone with the 50th deployment of its Temetra solution in…

Itron marks ‘significant milestone’ of 50th Temetra deployment in Australia

Itron’s meter data collection and management solution to help Aqwest improve cisibility of water consumption and losses Energy, water, smart city, IIoT and intelligent infrastructure services company Itron, which is “innovating new ways for utilities and cities to manage energy and water”, marks a significant milestone with the 50th deployment of its Temetra solution in…

Gamaredon Deploys Android Spyware “BoneSpy” and “PlainGnome” in Former Soviet States

The Russia-linked state-sponsored threat actor tracked as Gamaredon has been attributed to two new Android spyware tools called BoneSpy and PlainGnome, marking the first time the adversary has been discovered using mobile-only malware families in its attack campaigns. “BoneSpy and PlainGnome target former Soviet states and focus on Russian-speaking victims,” Lookout said in an analysis.…

Researchers Uncover Symlink Exploit Allowing TCC Bypass in iOS and macOS

Details have emerged about a now-patched security vulnerability in Apple’s iOS and macOS that, if successfully exploited, could sidestep the Transparency, Consent, and Control (TCC) framework and result in unauthorized access to sensitive information. The flaw, tracked as CVE-2024-44131 (CVSS score: 5.3), resides in the FileProvider component, per Apple, and has been addressed with improved

The Insecure IoT Cloud Strikes Again: RCE on Ruijie Cloud-Connected Devices

GUEST RESEARCH: Executive Summary Team82 has researched devices manufactured by Ruijie Networks and discovered 10 vulnerabilities in its Reyee cloud management platform These vulnerabilities affect both the Reyee platform, as well as Reyee OS network devices The vulnerabilities, if exploited, could allow a malicious attacker to execute code on any cloud-enabled device, giving them the…

The Insecure IoT Cloud Strikes Again RCE on Ruijie Cloud-Connected Devices

GUEST RESEARCH: Executive Summary Team82 has researched devices manufactured by Ruijie Networks and discovered 10 vulnerabilities in its Reyee cloud management platform These vulnerabilities affect both the Reyee platform, as well as Reyee OS network devices The vulnerabilities, if exploited, could allow a malicious attacker to execute code on any cloud-enabled device, giving them the…

A security ‘hole’ in Krispy Kreme Doughnuts helped hackers take a bite

Global Doughnut and coffee chain owner Krispy Kreme, famous for its “original glazed doughnuts,” has a “portion of their IT systems” disrupted by a cyberattack. In an SEC filing on Wednesday, the global doughnut business said it suffered a cybersecurity incident that has hampered part of its online business in the US. “Krispy Kreme shops…

The 7 most in-demand cybersecurity skills today

Cybersecurity teams find themselves understaffed, overburdened, and rushing to keep up with a rapidly changing threat landscape, as cyberattackers continually devise new ways to attack organizations — and organizations accelerate their embrace of the latest technologies. As a result, security professionals must continually upskill themselves to ensure they keep pace with organizations’ latest skill demands.…

WordPress Hunk Companion Plugin Flaw Exploited to Silently Install Vulnerable Plugins

Malicious actors are exploiting a critical vulnerability in the Hunk Companion plugin for WordPress to install other vulnerable plugins that could open the door to a variety of attacks. The flaw, tracked as CVE-2024-11972 (CVSS score: 9.8), affects all versions of the plugin prior to 1.9.0. The plugin has over 10,000 active installations. “This flaw…

Europol Dismantles 27 DDoS Attack Platforms Across 15 Nations; Admins Arrested

A global law enforcement operation has failed 27 stresser services that were used to conduct distributed denial-of-service (DDoS) attacks and took them offline as part of a multi-year international exercise called PowerOFF. The effort, coordinated by Europol and involving 15 countries, dismantled several booter and stresser websites, including zdstresser.net, orbitalstress.net, and

Video: How To Inquire About Being Acquired With ABM Technology Group

Zac Paulson, Director of Product and Strategy at North Dakota-based ABM Technology Group, sits down with Channel Insider: Partner POV host Katie Bavoso to explain the process behind selling his former business TrueIT to Advanced Business Methods, a legacy copy and print company. During his tenure as CEO of TrueIT, Paulson says his managed services…

AMD data center chips vulnerable to revealing data through ‘BadRAM’ attack

AMD’s Secure Encrypted Virtualization (SEV), meant to protect processor memory from prying eyes in virtual machine (VM) environments, can be tricked into giving access to its encrypted memory contents using a test rig costing less than $10, researchers have revealed. Dubbed “BadRAM” by researchers from the University of Lübeck in Germany, KU Leven in Belgium,…

Smashing Security podcast #397: Snowflake hackers, and under the influence

A Canadian man is arrested in relation to the Snowflake hacks from earlier this year – after a cybersecurity researcher managed to track his identity, and a cryptocurrency-trading Instagram influencer is in trouble with the law. All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham…

Attackers can abuse the Windows UI Automation framework to steal data from apps

An accessibility feature built into Windows to facilitate the use of computers by people with disabilities can be abused by malware to steal data from other applications or control them in malicious ways that evades detection by most endpoint protection systems. The Windows UI Automation framework has existed since the days of Windows XP and…

Senators, witnesses: $3B for ‘rip and replace’ a good start to preventing Salt Typhoon-style breaches

The $3 billion that Congress folded into the annual defense policy bill to remove Chinese-made telecommunications technology from U.S. networks would be a huge start to defending against breaches like the Salt Typhoon espionage campaign, senators and hearing witnesses said Wednesday. Federal Communications Commission Chairwoman Jessica Rosenworcel recently told Hill leaders that the $1.9 billion…

How Cryptocurrency Turns to Cash in Russian Banks

A financial firm registered in Canada has emerged as the payment processor for dozens of Russian cryptocurrency exchanges and websites hawking cybercrime services aimed at Russian-speaking customers, new research finds. Meanwhile, an investigation into the Vancouver street address used by this company shows it is home to dozens of foreign currency dealers, money transfer businesses,…

The imperative for governments to leverage genAI in cyber defense

In an era where cyber threats are evolving at an unprecedented pace, the need for robust cyber defense mechanisms has never been more critical. Sixty-two percent of all cyberattacks focus on public sector organizations directly and indirectly. Nation-state actors, equipped with generative artificial intelligence (genAI) sophisticated tools and techniques, pose significant threats to national security,…

Honeywell’s Phoenix Controls introduces new platform for ‘safer, more efficient operations’ in critical environments

Phoenix Controls’ Critical Spaces Control Platform and mobile app will automate airflow, temperature and humidity COMPANY NEWS: Phoenix Controls, a Honeywell (NASDAQ: HON) business that provides precision airflow control solutions for critical environments, announced today the launch of the Critical Spaces Control Platform. The platform uses automation to direct airflow via a specialised venturi valve…

Cardiac surgery device manufacturer falls prey to ransomware

The healthcare industry has been increasingly in the crosshairs of cyberattackers this year, with ransomware near the top of the sector’s biggest cyber threats. Hackers are attacking IT systems and personal data, among other things, with the aim of manipulation or theft.  But it’s not just hospitals that are affected by cyberattacks; their suppliers are under attack as…

Secret Blizzard Deploys Kazuar Backdoor in Ukraine Using Amadey Malware-as-a-Service

The Russian nation-state actor tracked as Secret Blizzard has been observed leveraging malware associated with other threat actors to deploy a known backdoor called Kazuar on target devices located in Ukraine. The new findings come from the Microsoft threat intelligence team, which said it observed the adversary leveraging the Amadey bot malware to download custom…

WordPress Appliance - Powered by TurnKey Linux