Hacker News
- TIDRONE Espionage Group Targets Taiwan Drone Makers in Cyber Campaign September 9, 2024A previously undocumented threat actor with likely ties to Chinese-speaking groups has predominantly singled out drone manufacturers in Taiwan as part of a cyber attack campaign that commenced in 2024. Trend Micro is tracking the adversary under the moniker TIDRONE, stating the activity is espionage-driven given the focus on military-related industry chains. The exact initial […]
- U.S. Offers $10 Million for Info on Russian Cadet Blizzard Hackers Behind Major Attacks September 9, 2024The U.S. government and a coalition of international partners have officially attributed a Russian hacking group tracked as Cadet Blizzard to the General Staff Main Intelligence Directorate (GRU) 161st Specialist Training Center (Unit 29155). "These cyber actors are responsible for computer network operations against global targets for the purposes of espionage, sabotage, and reputational harm
- North Korean Threat Actors Deploy COVERTCATCH Malware via LinkedIn Job Scams September 7, 2024Threat actors affiliated with North Korea have been observed leveraging LinkedIn as a way to target developers as part of a fake job recruiting operation. These attacks employ coding tests as a common initial infection vector, Google-owned Mandiant said in a new report about threats faced by the Web3 sector. "After an initial chat conversation, […]
- FBI Cracks Down on Dark Web Marketplace Managed by Russian and Kazakh Nationals September 7, 2024Two men have been indicted in the U.S. for their alleged involvement in managing a dark web marketplace called WWH Club that specializes in the sale of sensitive personal and financial information. Alex Khodyrev, a 35-year-old Kazakhstan national, and Pavel Kublitskii, a 37-year-old Russian national, have been charged with conspiracy to commit access device fraud […]
- SonicWall Urges Users to Patch Critical Firewall Flaw Amid Possible Exploitation September 6, 2024SonicWall has revealed that a recently patched critical security flaw impacting SonicOS may have come under active exploitation, making it essential that users apply the patches as soon as possible. The vulnerability, tracked as CVE-2024-40766, carries a CVSS score of 9.3 out of a maximum of 10. "An improper access control vulnerability has been identified […]
- GeoServer Vulnerability Targeted by Hackers to Deliver Backdoors and Botnet Malware September 6, 2024A recently disclosed security flaw in OSGeo GeoServer GeoTools has been exploited as part of multiple campaigns to deliver cryptocurrency miners, botnet malware such as Condi and JenX, and a known backdoor called SideWalk. The security vulnerability is a critical remote code execution bug (CVE-2024-36401, CVSS score: 9.8) that could allow malicious actors to take […]
- GitHub Actions Vulnerable to Typosquatting, Exposing Developers to Hidden Malicious Code September 6, 2024Threat actors have long leveraged typosquatting as a means to trick unsuspecting users into visiting malicious websites or downloading booby-trapped software and packages. These attacks typically involve registering domains or packages with names slightly altered from their legitimate counterparts (e.g., goog1e.com vs. google.com). Adversaries targeting open-source repositories across
- The State of the Virtual CISO Report: MSP/MSSP Security Strategies for 2025 September 6, 2024The 2024 State of the vCISO Report continues Cynomi’s tradition of examining the growing popularity of virtual Chief Information Security Officer (vCISO) services. According to the independent survey, the demand for these services is increasing, with both providers and clients reaping the rewards. The upward trend is set to continue, with even faster growth expected […]
- Critical Security Flaw Found in LiteSpeed Cache Plugin for WordPress September 6, 2024Cybersecurity researchers have discovered yet another critical security flaw in the LiteSpeed Cache plugin for WordPress that could allow unauthenticated users to take control of arbitrary accounts. The vulnerability, tracked as CVE-2024-44000 (CVSS score: 7.5), impacts versions before and including 6.4.1. It has been addressed in version 6.5.0.1. "The plugin suffers from an
- Apache OFBiz Update Fixes High-Severity Flaw Leading to Remote Code Execution September 6, 2024A new security flaw has been addressed in the Apache OFBiz open-source enterprise resource planning (ERP) system that, if successfully exploited, could lead to unauthenticated remote code execution on Linux and Windows. The high-severity vulnerability, tracked as CVE-2024-45195 (CVSS score: 7.5), affects all versions of the software before 18.12.16. "An attacker with no valid