TheHackerNews

January 19, 2024 Continuous integration and continuous delivery (CI/CD) misconfigurations discovered in the open-source TensorFlow machine learning framework could have been exploited to orchestrate supply chain attacks. The misconfigurations could be abused by an attacker to “conduct a supply chain compromise of TensorFlow releases on GitHub and PyPi by compromising TensorFlow’s build agents via Article posted by: https://thehackernews.com/2024/01/tensorflow-cicd-flaw-exposed-supply.html …

TensorFlow CI/CD Flaw Exposed Supply Chain to Poisoning Attacks Read More »

January 19, 2024 The Russia-linked threat actor known as COLDRIVER has been observed evolving its tradecraft to go beyond credential harvesting to deliver its first-ever custom malware written in the Rust programming language. Google’s Threat Analysis Group (TAG), which shared details of the latest activity, said the attack chains leverage PDFs as decoy documents to …

Russian COLDRIVER Hackers Expand Beyond Phishing with Custom Malware Read More »

January 19, 2024 Vulnerable Docker services are being targeted by a novel campaign in which the threat actors are deploying XMRig cryptocurrency miner as well as the 9Hits Viewer software as part of a multi-pronged monetization strategy. “This is the first documented case of malware deploying the 9Hits application as a payload,” cloud security firm …

New Docker Malware Steals CPU for Crypto & Drives Fake Website Traffic Read More »

January 19, 2024 High-profile individuals working on Middle Eastern affairs at universities and research organizations in Belgium, France, Gaza, Israel, the U.K., and the U.S. have been targeted by an Iranian cyber espionage group called Mint Sandstorm since November 2023. The threat actor “used bespoke phishing lures in an attempt to socially engineer targets into downloading malicious …

Iranian Hackers Masquerade as Journalists to Spy on Israel-Hamas War Experts Read More »

January 19, 2024 Multiple security vulnerabilities have been disclosed in the TCP/IP network protocol stack of an open-source reference implementation of the Unified Extensible Firmware Interface (UEFI) specification used widely in modern computers. Collectively dubbed PixieFail by Quarkslab, the nine issues reside in the TianoCore EFI Development Kit II (EDK II) and could be exploited to Article posted by: …

PixieFail UEFI Flaws Expose Millions of Computers to RCE, DoS, and Data Theft Read More »

January 19, 2024 In today’s digital landscape, traditional password-only authentication systems have proven to be vulnerable to a wide range of cyberattacks. To safeguard critical business resources, organizations are increasingly turning to multi-factor authentication (MFA) as a more robust security measure. MFA requires users to provide multiple authentication factors to verify their identity, providing an …

MFA Spamming and Fatigue: When Security Measures Go Wrong Read More »

January 18, 2024 The point-of-sale (PoS) terminals from PAX Technology are impacted by a collection of high-severity vulnerabilities that can be weaponized by threat actors to execute arbitrary code. The STM Cyber R&D team, which reverse engineered the Android-based devices manufactured by the Chinese firm owing to their rapid deployment in Poland, said it unearthed …

PAX PoS Terminal Flaw Could Allow Attackers to Tamper with Transactions Read More »

January 18, 2024 Wing Security announced today that it now offers free discovery and a paid tier for automated control over thousands of AI and AI-powered SaaS applications. This will allow companies to better protect their intellectual property (IP) and data against the growing and evolving risks of AI usage. SaaS applications seem to be multiplying by …

Combating IP Leaks into AI Applications with Free Discovery and Risk Reduction Automation Read More »

January 18, 2024 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) warned that threat actors deploying the AndroxGh0st malware are creating a botnet for “victim identification and exploitation in target networks.” A Python-based malware, AndroxGh0st was first documented by Lacework in December 2022, with the malware Article posted by: https://thehackernews.com/2024/01/feds-warn-of-androxgh0st-botnet.html ——————————————————————————————————————– Infocerts, 5B 306 …

Feds Warn of AndroxGh0st Botnet Targeting AWS, Azure, and Office 365 Credentials Read More »

January 18, 2024 In the digital age, the battleground for security professionals is not only evolving, it’s expanding at an alarming rate. The upcoming webinar, “The Art of Privilege Escalation – How Hackers Become Admins,” offers an unmissable opportunity for IT security experts to stay ahead in this relentless cyber war. Privilege escalation – the …

Webinar: The Art of Privilege Escalation – How Hackers Become Admins Read More »