Security

The US Cybersecurity and Infrastructure Security Agency (CISA) has disclosed a breach affecting business analytics provider Sisense and urged its customers to rest their credentials. On April 11, 2024, CISA issued an advisory regarding Sisense customer data being potentially compromised. The agency is “currently collaborating with private industry partners to respond to a recent compromise

A critical zero-day vulnerability in Palo Alto Networks’ PAN-OS software, used in its GlobalProtect gateways, is being exploited in the wild, and no patches are available yet. Palo Alto Networks issued an alert about the flaw on April 12, 2024, thanking cybersecurity firm Volexity for discovering it. The vulnerability is a command injection vulnerability in

Threat actors are going to great lengths to ensure that malicious code hidden in legitimate-looking GitHub repositories is used by as many developers as possible, Checkmarx has warned. The security vendor’s research engineer, Yehuda Gelb, described a number of techniques deployed in a recent campaign designed to ensure these repositories appear at the top of

A critical vulnerability in the Rust standard library could be exploited to target Windows systems and perform command injection attacks. The flaw was discovered by a security engineer from Flatt Security known as RyotaK. They named it BatBadBut, reported it to the CERT Coordination Center (CERT/CC) and published an analysis on April 9, 2024. That

Network attached storage (NAS) vendor D-Link has urged users of end-of-life (EOL) products to retire and replace them, after news emerged of mass exploitation of legacy kit via a newly discovered vulnerability. Security researcher “netsecfish” published details of the vulnerability, which affects various D-Link NAS devices, on March 26. “The vulnerability lies within the nas_sharing.cgi

Threat actors increasingly utilize YouTube to distribute information stealer malware (infostealers) by appropriating legitimate channels as well as using their own video channels. In a new report, the AhnLab Security Intelligence Center (ASEC) found a growing number of cases in which malicious actors steal famous YouTube channels and repurpose them to distribute infostealers like Vidar

Cloud security provider Wiz found two critical architecture flaws in generative AI models uploaded to Hugging Face, the leading hub for sharing AI models and applications. In a blog post published on April 4, Wiz Research described the two flaws and the risk they could pose to AI-as-a-service providers. These are: Shared Inference infrastructure takeover

Chinese threat actors have developed new techniques to move laterally post-exploitation of Ivanti vulnerabilities, new research from Mandiant has revealed. Five suspected China-nexus espionage groups’ activity has been detailed by Mandiant in a blog post, dated April 4. The activity follows the exploitation of the CVE-2023-46805, CVE-2024-21887 and CVE-2024-21893 vulnerabilities, which were previously identified in

China-affiliated threat actors are ramping up the use of AI to influence and sow division in the US and other countries, according to a new report by the Microsoft Threat Analysis Center (MTAC). The researchers highlighted how Chinese Communist Party (CCP)-affiliated actors are publishing AI-generated content on social media to amplify controversial domestic issues and

Leicester City Council has confirmed that confidential data has been published online by a “known ransomware group” following a cyber incident that was identified on March 7. The UK local authority said on April 3 that around 25 documents have been leaked, including rent statements, applications to purchase council housing and personal identification documents such

The UK and US will work together to develop tests for the most advanced AI models. On April 1, 2024, the UK’s Technology Secretary Michelle Donelan and the US Commerce Secretary Gina Raimondo signed a Memorandum of Understanding (MOU) committing to the safety of AI models. The new partnership will see the US and the

The Indian government has said it has been able to rescue hundreds of citizens lured to Cambodia with job offers only to be forced into working for cybercrime gangs. A brief statement from India’s Ministry of External Affairs (MEA) released on Saturday claimed that it and the country’s embassy in Cambodia had released several advisories

Reported data breach incidents rose by 34.5% in 2023, with over 17 billion personal records compromised throughout the year, according to Flashpoint’s 2024 Global Threat Intelligence Report. The firm recorded 6077 publicly reported data breaches last year, which included sensitive information such as names, social security numbers and financial data. Over 70% of these incidents

It’s now official: the US National Institute of Standards and Technology (NIST) will hand over some aspects of the management of the world’s most widely used software vulnerability repository to an industry consortium. NIST, an agency within the US Department of Commerce, launched the US National Vulnerability Database (NVD) in 2005 and has operated it

The US Cybersecurity and Infrastructure Security Agency (CISA) has unveiled a new draft for updated rules on cyber reporting for critical infrastructure organizations. In an effort to update its Cyber Incident Reporting for Critical Infrastructure (CIRCIA) Act of 2022, CISA released the first draft of new proposed rules, which will be published in the Federal

The US Department of the Treasury has warned of the cybersecurity risks posed by AI to the financial sector. The report, which was written at the direction of Presidential Executive Order 14110 on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence, also sets out a series of recommendations for financial institutions on

Nearly half (48%) of the UK’s small and medium-sized enterprises (SMEs) have lost access to data since 2019, potentially costing them billions, according to a new study from Beaming. The business ISP polled 504 UK-based business leaders about their data backup and cybersecurity strategies, as well as any incidents of data loss they experienced between

UK police have arrested hundreds of suspects and seized £19m ($15m) as part of an ongoing crackdown on rampant fraud in the country. Now in its third iteration, Operation Henhouse was coordinated again by the National Economic Crime Centre and City of London Police. Activity in February and March led to 438 arrests, 211 voluntary

The US government has sought to close gaps in its sanctions program against Russia by going after blockchain and virtual currency firms it says have helped entities circumvent existing controls. The action taken yesterday by the Treasury’s Office of Foreign Assets Control (OFAC) follows a February 24 statement from the G7 leaders in which they

Police in Romania and Spain have struck a blow against a sophisticated cyber-fraud gang that tricked victims out of millions of dollars through fake ads and business email compromise (BEC) scams.   Law enforcement authorities conducted 22 house searches in Sibiu and Vâlcea, Romania, where the gang was located – although it had operations internationally,

The US government has published new distributed denial-of-service (DDoS) attack guidance for public sector entities to help prevent disruption to critical services. The document is designed to serve as a comprehensive resource to address the specific needs and challenges faced by federal, state and local government agencies in defending against DDoS attacks. The advisory noted

A new variant of the wiper malware AcidRain, known as AcidPour, has been discovered by SentinelOne’s threat intelligence team, SentinelLabs. AcidRain is destructive wiper malware attributed to Russian military intelligence. In May 2022, AcidRain was used in a broad-scale cyber-attack against Viasat’s KA-SAT satellites in Ukraine. The malware rendered KA-SAT modems inoperative in Ukraine and

The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced on Wednesday the designation of two individuals and two entities for their involvement in aiding the Government of the Russian Federation (GoR) in a foreign malign influence campaign.  The campaign notably included attempts to impersonate legitimate media outlets. Under Secretary of the

A team of French security researchers have won a Tesla Model 3 and $200,000 after finding a zero-day vulnerability in a vehicle’s electronic control unit (ECU). The Synacktiv team were at the top of the leaderboard after one day of Pwn2Own Vancouver 2024, the latest hacking contest held by Trend Micro’s Zero Day Initiative (ZDI).

The White House and Environmental Protection Agency (EPA) have written to state governors asking for their urgent help to boost the cyber-resilience of the water sector, in the fact of escalating attacks. EPA administrator Michael Regan and national security advisor Jake Sullivan invited state environmental, health and homeland security secretaries to a virtual meeting tomorrow

Researchers have revealed a major Chinese cyber-espionage campaign which could be linked to shadowy ‘cybersecurity’ firm I-Soon. Trend Micro claimed the Earth Krahang APT campaign shares multiple connections with a previously discovered Chinese actor dubbed Earth Lusca, which is suspected of being the penetration team behind I-Soon. That company, which appears to be a Chinese

The International Monetary Fund (IMF) said it is investigating a cybersecurity breach which led to the compromise of several internal email accounts. The Washington-headquartered UN financial agency revealed in a brief statement on Friday that the incident was first detected on February 16. “A subsequent investigation, with the assistance of independent cybersecurity experts, determined the

Protected health information and personal details of over a million Irish citizens were accidently exposed by the Ireland’s Health Service Executive (HSE) during the COVID pandemic, according to an AppOmni security researcher. This information included individuals’ vaccine status and type received, which could have been accessed by anyone who registered to the HSE COVID Vaccination

Something mysterious is happening at the US National Institute of Standards and Technology (NIST) that could make many organizations vulnerable to threat actors. Since February 12, 2024, NIST has almost completely stopped enriching software vulnerabilities listed in its National Vulnerability Database (NVD), the world’s most widely used software vulnerability database. Tom Pace, CEO of firmware

The US House of Representatives has approved a bill on Wednesday, compelling ByteDance, the parent company of TikTok, to divest the social media platform or face a complete ban in the United States.  The vote witnessed a landslide victory, with 352 members of Congress supporting the bill while only 65 opposed it. The bill, expedited