zCat 1 year ago

Internet Archive breached again through stolen access tokens The Internet Archive was breached again, this time on their Zendesk email support platform after repeated warnings that threat actors stole exposed GitLab authentication tokens. "Whether you were trying to ask a general question, or requesting the removal of your site from the Wayback Machine your data is now in the hands of some random guy. If not me, it'd be someone else." BleepingComputer attempted contact the Internet Archive numerous times, as recently as on Friday, offering to share what they knew about how the breach occurred and why it was done, but we never received a response. See more:

BleepingComputer

Internet Archive breached again through stolen access tokens

The Internet Archive was breached again, this time on their Zendesk email support platform after repeated warnings that threat actors stole exposed...

#cybersecurity #security

zCat 1 year ago

Cisco takes DevHub portal offline after hacker publishes stolen data Cisco confirmed today that it took its public DevHub portal offline after a threat actor leaked "non-public" data, but it continues to state that there is no evidence that its systems were breached. This statement comes after a threat actor known as IntelBroker claimed to have breached Cisco and attempted to sell data and source code stolen from the company. Screenshots and files, provided to BleepingComputer, showed that the threat actor had access to most, if not all, of the data stored on this portal. This data included source code, configuration files with database credentials, technical documentation, and SQL files. See more:

BleepingComputer

Cisco takes DevHub portal offline after hacker publishes stolen data

Cisco confirmed today that it took its public DevHub portal offline after a threat actor leaked "non-public" data, but it continues to state that t...

#cybersecurity #security

zCat 1 year ago

Internet Archive and Wayback Machine Resurrect After DDoS Wave Most of Internet Archive’s services have resumed after a series of distributed denial-of-service (DDoS) attacks took the world’s largest digital library’s website offline several times over the past few days. In a blog post published on October 18, the non-profit confirmed that many services are now up and running, including its Wayback Machine, Archive-It, scanning and national library crawls, email, blog, helpdesk and social media communications. See more:

Infosecurity Magazine

Internet Archive and Wayback Machine Resurrect After DDoS Wave

Internet Archive founder confirmed the allegedly exposed data was “safe”

#hacking

zCat 1 year ago

Intel, AMD CPUs on Linux impacted by newly disclosed Spectre bypass The latest generations of Intel processors, including Xeon chips, and AMD's older microarchitectures on Linux are vulnerable to new speculative execution attacks that bypass existing ‘Spectre’ mitigations. The vulnerabilities impact Intel's 12th, 13th, and 14th chip generations for consumers and the 5th and 6th generation of Xeon processors for servers, along with AMD's Zen 1, Zen 1+, and Zen 2 processors. See more:

BleepingComputer

Intel, AMD CPUs on Linux impacted by newly disclosed Spectre bypass

The latest generations of Intel processors, including Xeon chips, and AMD's older Zen 1, Zen 1+, and Zen 2 microarchitectures on Linux are vul...

#cybersecurity #security

zCat 1 year ago

Undercover North Korean IT workers now steal data, extort employers North Korean IT professionals who trick Western companies into hiring them are stealing data from the organization's network and asking for a ransom to not leak it. They avoided video during calls or resorted to various tricks while on the job to hide their face during video conferences, such as using artificial intelligence tools. Dispatching IT workers to seek employment at companies in wealthier nations is a tactic that North Korea has been using for years as a means to obtain privileged access for cyberattacks or to generate revenue for the country's weapons programs. See more:

BleepingComputer

Undercover North Korean IT workers now steal data, extort employers

North Korean IT professionals who trick Western companies into hiring them are stealing data from the organization's network and asking for a ...

#cybersecurity #security

zCat 1 year ago

Microsoft Reveals macOS Vulnerability that Bypasses Privacy Controls in Safari Browser Microsoft has disclosed details about a now-patched security flaw in Apple's Transparency, Consent, and Control (TCC) framework in macOS that has likely come under exploitation to get around a user's privacy preferences and access data. The shortcoming, codenamed HM Surf by the tech giant, is tracked as CVE-2024-44133. It was addressed by Apple as part of macOS Sequoia 15 by removing the vulnerable code. See more:

The Hacker News

Microsoft Reveals macOS Vulnerability that Bypasses Privacy Controls in Safari Browser

Microsoft uncovers a macOS flaw allowing unauthorized access to sensitive data. Update your device now!

#cybersecurity #security

zCat 1 year ago

Google: 70% of exploited flaws disclosed in 2023 were zero-days Google Mandiant security analysts warn of a worrying new trend of threat actors demonstrating a better capability to discover and exploit zero-day vulnerabilities in software. Specifically, of the 138 vulnerabilities disclosed as actively exploited in 2023, Mandiant says 97 (70.3%) were leveraged as zero-days. See more:

BleepingComputer

Google: 70% of exploited flaws disclosed in 2023 were zero-days

Google Mandiant security analysts warn of a worrying new trend of threat actors demonstrating a better capability to discover and exploit zero-day ...

#cybersecurity #security

zCat 1 year ago

VMware Patches High-Severity SQL Injection Flaw in HCX Platform VMWare on Wednesday called urgent attention to a critical remote code execution flaw haunting users of its enterprise-facing HCX application mobility platform. The vulnerability, tagged as CVE-2024-38814, carries a CVSS severity score of 8.8/10 and allows attackers with non-administrator privileges to execute remote code on the HCX manager. The security defect impacts multiple versions of the VMware HCX platform, including versions 4.8.x, 4.9.x, and 4.10.x. See more:

SecurityWeek

VMware Patches High-Severity SQL Injection Flaw in HCX Platform

VMware patches CVE-2024-38814 and warns that attackers with non-administrator privileges can execute remote code on the HCX manager.

#cybersecurity #security

zCat 1 year ago

Understand these seven password attacks and how to stop them: 1. Brute-force attacks 2. Dictionary attacks 3. Password spraying 4. Credential stuffing 5. Phishing 6. Keylogger attack 7. Social engineering See more:

BleepingComputer

Understand these seven password attacks and how to stop them

Hackers are always looking for new ways to crack passwords and gain access to your organization's data and systems. In this post, Specops Soft...

#cybersecurity #security

zCat 1 year ago

Oracle Patches Over 200 Vulnerabilities With October 2024 CPU Oracle on Tuesday announced 334 new security patches as part of its October 2024 Critical Patch Update (CPU), including 186 fixes for vulnerabilities that can be exploited remotely without authentication. SecurityWeek has identified roughly 220 unique CVEs in Oracle’s October 2024 CPU. Approximately three dozen security patches resolve critical-severity flaws. See more:

SecurityWeek

Oracle Patches Over 200 Vulnerabilities With October 2024 CPU

Oracle has released 334 new security patches to address roughly 220 unique CVEs as part of its October 2024 Critical Patch Update.

#cybersecurity #security