menu
techminis

A naukri.com initiative

google-web-stories
Home

>

Hacking News

Hacking News

source image

Tech Story

1w

read

25

img
dot

Krispy Kreme Faces Cyber Incident, Digital Sales Take a Hit Cybersecurity Breach Disrupts Operations

  • Krispy Kreme Doughnuts faces a cyberattack, disrupting its digital operations.
  • In-store sales are unaffected, but online ordering system restoration has challenges.
  • 400 U.S. locations operate normally, deliveries to partners continue.
  • The company responds promptly, takes steps to mitigate impact, and expects short-term financial strain.

Read Full Article

like

1 Like

source image

TechCrunch

1w

read

192

img
dot

Image Credit: TechCrunch

Krispy Kreme discloses cyberattack that is disrupting online orders

  • Krispy Kreme disclosed a cyberattack, causing operational disruptions, including online ordering in parts of the US.
  • The company has taken steps to investigate, contain, and remediate the incident with the help of cybersecurity experts.
  • Shops worldwide remain open, with no interruption to deliveries, but disruptions are present in the US.
  • The full scope, nature, and impact of the incident are still under investigation.

Read Full Article

like

11 Likes

source image

Securityaffairs

1w

read

222

img
dot

Image Credit: Securityaffairs

Ivanti fixed a maximum severity vulnerability in its CSA solution

  • Ivanti addressed a critical authentication bypass vulnerability in its Cloud Services Appliance (CSA) solution.
  • The vulnerability allows remote unauthenticated attackers to gain administrative access.
  • Ivanti also fixed critical SQL injection vulnerabilities in the CSA admin web console.
  • Ivanti released version CSA 5.0.3 to address the vulnerabilities.

Read Full Article

like

13 Likes

source image

Securityaffairs

1w

read

197

img
dot

Image Credit: Securityaffairs

Operation Digital Eye: China-linked relies on Visual Studio Code Remote Tunnels to spy on Europen entities

  • An alleged China-linked APT group targeted large business-to-business IT service providers in Southern Europe as part of Operation Digital Eye campaign.
  • The attack campaign, known as Operation Digital Eye, lasted for approximately three weeks from late June to mid-July 2024.
  • The attackers utilized Visual Studio Code and Microsoft Azure for command-and-control operations in an attempt to avoid detection.
  • The campaign highlights the increasing sophistication of China-linked APT threats and their use of innovative strategies to orchestrate complex and hard-to-detect attacks.

Read Full Article

like

11 Likes

source image

Securityaffairs

1w

read

248

img
dot

Image Credit: Securityaffairs

Chinese national charged for hacking thousands of Sophos firewalls

  • The US has charged the Chinese national Guan Tianfeng (aka gbigmao and gxiaomao) for hacking thousands of Sophos firewall devices worldwide in 2020.
  • Tianfeng worked at Sichuan Silence Information Technology Co., faces charges for developing and testing a zero-day exploit used to compromise approximately 81,000 firewalls.
  • The man and co-conspirators exploited a zero-day vulnerability, tracked as CVE-2020-12271, in Sophos firewalls to deploy malware.
  • At the end of April 2020, cybersecurity firm Sophos released an emergency patch to address an SQL injection zero-day vulnerability affecting its XG Firewall product that has been exploited in the wild.
  • The hackers exploited the SQL injection flaw to download malicious code on the device that was designed to steal files from the XG Firewall.
  • Hackers exploited the issue to install the Asnarök Trojan that allowed the attackers to steal files from the XG Firewall and use the stolen info to compromise the network remotely.
  • The Trojan could steal sensitive data including usernames and hashed passwords for the firewall device admin, and user accounts used for remote access.
  • Sophos published a series of reports named ‘Pacific Rim‘ that includes details about the operations conducted by Chinese hackers against network devices of different vendors worldwide for over 5 years.
  • Since 2018, Sophos has faced increasingly aggressive campaigns, including the India-based Sophos subsidiary Cyberoam, where attackers exploited a wall-mounted display for initial access.
  • The U.S. Treasury’s OFAC has sanctioned Sichuan Silence Information Technology Co. Ltd. and its employee Guan Tianfeng for hacking U.S. critical infrastructure companies.

Read Full Article

like

14 Likes

source image

Securityaffairs

2w

read

90

img
dot

Image Credit: Securityaffairs

Cybercriminals Impersonate Dubai Police to Defraud Consumers in the UAE – Smishing Triad in Action

  • A large-scale fraud campaign has been uncovered in the UAE where cybercriminals impersonate law enforcement, particularly Dubai Police, to defraud consumers.
  • Scammers target victims through phone calls, phishing, smishing, and vishing activities, asking them to pay non-existent fines online for traffic violations or license renewals.
  • The fraudulent activities have increased during the winter holidays and particularly around the UAE National Day celebrations, resulting in financial losses for victims.
  • UAE authorities have warned residents against sharing financial details over the phone and highlighted that official institutions will never request this information through phone calls.

Read Full Article

like

5 Likes

source image

Securityaffairs

2w

read

154

img
dot

Image Credit: Securityaffairs

U.S. CISA adds Microsoft Windows CLFS driver flaw to its Known Exploited Vulnerabilities catalog

  • The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the Microsoft Windows Common Log File System (CLFS) driver flaw to its Known Exploited Vulnerabilities catalog.
  • The flaw, CVE-2024-49138, has a CVSS score of 7.8 and allows a local attacker to escalate privileges.
  • Microsoft released security updates in December 2024 to address this vulnerability and 70 others.
  • CISA has ordered federal agencies to fix the vulnerability by December 31, 2024.

Read Full Article

like

9 Likes

source image

Securityaffairs

2w

read

274

img
dot

Image Credit: Securityaffairs

Microsoft December 2024 Patch Tuesday addressed actively exploited zero-day

  • Microsoft December 2024 Patch Tuesday security updates addressed 71 vulnerabilities including an actively exploited zero-day.
  • 16 vulnerabilities are rated Critical, 54 are rated Important, and one is rated Moderate in severity.
  • One of the issues addressed by Microsoft, tracked as CVE-2024-49138, is actively exploited in the wild.
  • The most severe flaw addressed by Microsoft is a Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability tracked as CVE-2024-49112.

Read Full Article

like

16 Likes

source image

TechCrunch

2w

read

0

img
dot

Image Credit: TechCrunch

US sanctions Chinese cybersecurity firm for firewall hacks targeting critical infrastructure

  • The U.S. sanctions Chinese cybersecurity company and employee for firewall hacks targeting critical infrastructure
  • The employee of Sichuan Silence exploited a zero-day vulnerability in Sophos firewalls
  • Approximately 81,000 firewalls were compromised in the hacking campaign
  • The purpose of the exploit was to steal data and attempt to infect victims' systems with ransomware

Read Full Article

like

Like

source image

Kaspersky

2w

read

127

img
dot

Image Credit: Kaspersky

Nearest Neighbor: remote attacks on Wi-Fi networks

  • Wireless networks are typically perceived as locally accessible, requiring physical proximity to the access point. However, the Nearest Neighbor attack tactic challenges this perception.
  • Remote attackers can target well-protected organizations by compromising a neighboring company with weaker security measures, using their Wi-Fi network as an entry point.
  • To protect against Nearest Neighbor attacks, organizations should isolate guest Wi-Fi networks, strengthen corporate Wi-Fi security, implement two-factor authentication, and consider advanced threat detection systems.
  • Cybersecurity services such as Managed Detection and Response and Incident Response can be utilized if in-house expertise is lacking.

Read Full Article

like

7 Likes

source image

TechCrunch

2w

read

356

img
dot

Image Credit: TechCrunch

US Senator announces new bill to secure telecom companies in wake of Chinese hacks

  • U.S. Senator Ron Wyden has introduced a new bill, the Secure American Communications Act, in response to Chinese government hacks on telecom providers.
  • The bill aims to secure American telephone networks and communications by implementing specific cybersecurity requirements.
  • Telecom providers would be required to perform annual vulnerability tests, hire independent auditors to ensure compliance, and submit documentation and statements of compliance.
  • Senator Wyden emphasized the need for mandatory security rules to protect against hackers and espionage.

Read Full Article

like

21 Likes

source image

Hackingblogs

2w

read

227

img
dot

Image Credit: Hackingblogs

Python’s Popular Package Ultralytics YOLO11 Was Used To Deliver Malware To Users

  • Ultralytics YOLO versions 8.3.41 and 8.3.42 were compromised by a malicious code injection for cryptocurrency mining.
  • The compromised versions have been removed and a new version 8.3.43 has been released to address the security issue.
  • Glenn Jocher, the founder and CEO of Ultralytics, confirmed the attack and stated that it has been resolved.
  • The compromised versions of Ultralytics resulted in the installation of a cryptominer on user devices.

Read Full Article

like

13 Likes

source image

Siliconangle

2w

read

133

img
dot

Image Credit: Siliconangle

Now-patched macOS and iOS vulnerability allowed undetected access by bypassing data protections

  • A vulnerability in iOS and macOS allowed unauthorized access to sensitive user data without user consent or notification.
  • The vulnerability exploited a flaw in Apple's TCC framework, allowing malicious apps to bypass data protections.
  • The vulnerability involved a symlink attack, enabling attackers to redirect file operations and access sensitive files stored in iCloud undetected.
  • Apple addressed the vulnerability in iOS 18 and macOS 15 by reinforcing symlink checks and strengthening the TCC framework.

Read Full Article

like

8 Likes

source image

Hackersking

2w

read

283

img
dot

Image Credit: Hackersking

TGPT AI Based Chat Bot For Your Linux Terminal

  • TGPT is an OpenAI chatbot designed for terminal environments, allowing users to interact with their systems more intuitively.
  • TGPT doesn't require API integration and provides advanced natural language processing capabilities.
  • Users can use TGPT for coding assistance, accessing documentation, and automating repetitive tasks.
  • TGPT can be installed on Linux and offers various providers, including Blackbox AI, OpenAI, Duckduck Go, Ollama, Groq, etc.

Read Full Article

like

17 Likes

source image

Cybersafe

2w

read

51

img
dot

Image Credit: Cybersafe

North Korean Hackers steal $50 M in Crypto from Radiant Capital

  • North Korean hackers stole $50 million in cryptocurrency from Radiant Capital.
  • The cyberattack occurred on October 16, 2024, and was traced back to a group known as Citrine Sleet or UNC4736.
  • Hackers compromised the devices of three Radiant developers and bypassed advanced security systems to execute unauthorized transfers.
  • Radiant Capital is collaborating with cybersecurity experts to trace and recover the stolen funds while emphasizing the need for improved device-level security measures.

Read Full Article

like

3 Likes

For uninterrupted reading, download the app