October 2023 – Page 2 – Learn and Explore

October 30, 2023
Uncategorized

EleKtra-Leak Cryptojacking Attacks Exploit AWS IAM Credentials Exposed on GitHub

A new ongoing campaign dubbed EleKtra-Leak has set its eyes on exposed Amazon Web Service (AWS) identity and access management (IAM) credentials within public GitHub repositories to facilitate cryptojacking activities. “As a result of this, the threat actor associated with the campaign was able to create multiple AWS Elastic Compute (EC2)...

October 30, 2023
Uncategorized

Urgent: New Security Flaws Discovered in NGINX Ingress Controller for Kubernetes

Three unpatched high-severity security flaws have been disclosed in the NGINX Ingress controller for Kubernetes that could be weaponized by a threat actor to steal secret credentials from the cluster. The vulnerabilities are as follows – CVE-2022-4886 (CVSS score: 8.8) – Ingress-nginx path sanitization can be bypassed to obtain the credentials of the ingress-nginx...

October 30, 2023
Uncategorized

Hackers Using MSIX App Packages to Infect Windows PCs with GHOSTPULSE Maware

A new cyber attack campaign has been observed using spurious MSIX Windows app package files for popular software such as Google Chrome, Microsoft Edge, Brave, Grammarly, and Cisco Webex to distribute a novel malware loader dubbed GHOSTPULSE. “MSIX is a Windows app package format that developers can leverage to package, distribute, and...

October 28, 2023
Uncategorized

Researchers Uncover Wiretapping of XMPP-Based Instant Messaging Service

New findings have shed light on what’s said to be a lawful attempt to covertly intercept traffic originating from jabber[.]ru (aka xmpp[.]ru), an XMPP-based instant messaging service, via servers hosted on Hetzner and Linode (a subsidiary of Akamai) in Germany. “The attacker has issued several new TLS certificates using Let’s...

October 27, 2023
Uncategorized

N. Korean Lazarus Group Targets Software Vendor Using Known Flaws

The North Korea-aligned Lazarus Group has been attributed as behind a new campaign in which an unnamed software vendor was compromised through the exploitation of known security flaws in another high-profile software. The attack sequences, according to Kaspersky, culminated in the deployment of malware families such as SIGNBT and LPEClient, a known...

October 27, 2023
Uncategorized

Google Expands Its Bug Bounty Program to Tackle Artificial Intelligence Threats

Google has announced that it’s expanding its Vulnerability Rewards Program (VRP) to reward researchers for finding attack scenarios tailored to generative artificial intelligence (AI) systems in an effort to bolster AI safety and security. “Generative AI raises new and different concerns than traditional digital security, such as the potential for...

October 27, 2023
Uncategorized

How to Keep Your Business Running in a Contested Environment

When organizations start incorporating cybersecurity regulations and cyber incident reporting requirements into their security protocols, it’s essential for them to establish comprehensive plans for preparation, mitigation, and response to potential threats. At the heart of your business lies your operational technology and critical systems. This places them at the...

October 27, 2023
Uncategorized

F5 Issues Warning: BIG-IP Vulnerability Allows Remote Code Execution

F5 has alerted customers of a critical security vulnerability impacting BIG-IP that could result in unauthenticated remote code execution. The issue, rooted in the configuration utility component, has been assigned the CVE identifier CVE-2023-46747, and carries a CVSS score of 9.8 out of a maximum of 10. “This vulnerability may...

October 26, 2023
Uncategorized

iLeakage: New Safari Exploit Impacts Apple iPhones and Macs with A and M-Series CPUs

A group of academics has devised a novel side-channel attack dubbed iLeakage that exploits a weakness in the A- and M-series CPUs running on Apple iOS, iPadOS, and macOS devices, enabling the extraction of sensitive information from the Safari web browser. “An attacker can induce Safari to render an arbitrary webpage,...

October 26, 2023
Uncategorized

Record-Breaking 100 Million RPS DDoS Attack Exploits HTTP/2 Rapid Reset Flaw

Cloudflare on Thursday said it mitigated thousands of hyper-volumetric HTTP distributed denial-of-service (DDoS) attacks that exploited a recently disclosed flaw called HTTP/2 Rapid Reset, 89 of which exceeded 100 million requests per second (RPS). “The campaign contributed to an overall increase of 65% in HTTP DDoS attack traffic in Q3...