Aggregator

APT31, using the Rekoobe backdoor, has been observed targeting TradingView, a popular financial platform, as researchers discovered malicious domains mimicking TradingView, suggesting a potential interest in compromising the platform’s user community.  By analyzing shared SSH keys, investigators identified additional infrastructure linked to this campaign and another open directory, highlighting the evolving tactics employed by APT31 […]

The post Rekoobe Backdoor In Open Directories Possibly Attacking TradingView Users appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

微博客服务 Bluesky 以接近每天新增 100 万用户的数量快速增长，几天前它有 1500 万用户，如今突破 2090 万。尽管 Bluesky 的规模仍然远逊于竞争对手 Threads 和 X，但过去几天的增长势头与 Meta 的 Threads 相差无几。Threads 过去 3 个月以每天新增 100 万用户的数量增长，11 月初用户达到 2.75 亿，11 月以来增加了至少 1500 万用户。App Figures 的数据显示，Bluesky 过去六天是苹果 App Store 最受欢迎的应用，连续四天成为 Google Play 最受欢迎的非游戏类应用。Thread 在 App Store 排名第二。Bluesky 新用户中很大一部分来自于逃离的 X/Twitter 用户。

Water Barghest, a sophisticated botnet, exploits vulnerabilities in IoT devices to enlist them in a residential proxy marketplace by leveraging automated scripts to identify vulnerable devices from public databases like Shodan.  When the device is compromised, the Ngioweb malware is installed in a stealthy manner, thereby establishing a connection to command-and-control servers.  The infected device […]

The post Water Barghest Botnet Comprised 20,000+ IoT Devices By Exploiting Vulnerabilities appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

North Korean IT workers, operating under the cluster CL-STA-0237, have been implicated in recent phishing attacks leveraging malware-infected video conference apps.  The group, likely based in Laos, has demonstrated a sophisticated approach, infiltrating a U.S.-based SMB IT services company to gain access to sensitive information and secure a position at a major tech company.  It […]

The post North Korean IT Worker Using Weaponized Video Conference Apps To Attack Job Seakers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Scammers are using everything from fraudulent deals and fake ads to spoofed websites and brand impersonation to target online shoppers who are gearing up for Black Friday as the holiday buying season gets underway, according to cybersecurity firms.

The post Black Friday Scammers are Hard at Work: Security Experts appeared first on Security Boulevard.

Recent threat hunting activities focused on analyzing outbound network traffic and binaries within containerized environments. By cross-referencing honeypot data with threat intelligence platforms, researchers identified suspicious network events linked to the execution of the benign tool ffmpeg. Although this particular instance was not inherently malicious, it did raise concerns due to the unusual context in […]

The post Hackers Hijacked Misconfigured Servers For Live Streaming Sports appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

知名游戏工作室 FromSoftware 的母公司角川发布声明，证实索尼有意收购该公司股份。索尼递交了收购的初步意向书，但它尚未做出决定。如果做出决定，它将会发布公告。角川的投资者包括了腾讯，它旗下有多家知名的工作室，其中包括开发了《ELDEN RING》和《ARMORED CORE》的 FromSoftware，开发 《Danganronpa》和《DRAGON BALL: Sparking! ZERO》的 Spike Chunsoft，《OCTOPATH TRAVELER》开发商 ACQUIRE，以及开发 《RPG Maker》游戏制作软件的 Gotcha Gotcha Games。

Amazon, Amazon Music, and Audible, an Amazon-owned online audiobook and podcast service, have been flooded with bogus listings that push dubious "forex trading" sites, Telegram channels, and suspicious links claiming to offer pirated software. [...]

Volt Typhoon, a Chinese state-sponsored threat actor, targets critical infrastructure sectors like communications, energy, transportation, and water systems by pre-positions itself in target networks, often exploiting vulnerabilities in operational technology (OT) environments.  Known for persistence and patient operations, Volt Typhoon has been tracked under various aliases, including BRONZE SILHOUETTE, Voltzite, Insidious Taurus, DEV-0391, UNC3236, and […]

The post Volt Typhoon Attacking U.S. Critical Infra To Maintain Persistent Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability was found in University of Cambridge Exim 3.35/3.36/4.10 and classified as critical. Affected by this issue is some unknown functionality of the file daemon.c. The manipulation of the argument pid_file_path leads to format string. This vulnerability is handled as CVE-2002-1381. An attack has to be approached locally. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Неуместные кнопки замечены на снимках в шокирующих статьях.

GitHub is calling on maintainers of open source projects to apply for the newly opened Secure Open Source Fund, to get funding and knowledge to improve the security and sustainability of their software. The program is funded by companies (AmEx Chainguard, Microsoft, 1Password, Shopify, Stripe, etc.), venture funds (e.g., Mayfield Fund) and nonprofits (e.g., the Alfred P. Sloan Foundation). About the program Applicants that get chosen will receive, among other things: $10,000 per project (delivered … More →

The post GitHub Secure Open Source Fund: Project maintainers, apply now! appeared first on Help Net Security.

Oracle Linux offers a secure, streamlined platform for deploying and managing applications across on-premises, cloud, and edge environments. Designed for demanding workloads, it includes tools for automation, virtualization, high availability, cloud-native development, Kubernetes, and more. Oracle Linux, 9 Update 5 for the 64-bit Intel and AMD (x86_64) and 64-bit Arm (aarch64) platforms is now generally available. This release is packaged with the following kernel options: Unbreakable Enterprise Kernel (UEK) Release 7 Update 3, 5.15.0-302.167.6 for … More →

The post Oracle Linux 9 Update 5 brings security updates, OpenJDK 17, .NET 9.0 appeared first on Help Net Security.

半导体国际团体 SEMI 的资料显示，中国的半导体自给率从 2014 年的 14% 左右上升到 2023 年的 23%，预计到 2027 年将接近 27%。推动构建中国自主的半导体供应链的是政策性基金。首先 2014 年设立的“国家集成电路产业投资基金(大基金)”达到 1387 亿元规模设，2019 年追加了超过 2000 亿元的二期。今年 5 月推出的三期超过 3440 亿元，规模正不断扩大。随着国产化的进展，企业业绩表现强劲。据中国调查公司 Wind 的数据，中国内地半导体相关上市企业 2024 年 1～9 月财报显示，营业收入和净利润的合计与上年同期相比增加了约 20%。中芯国际的联合首席执行官赵海军在 8 日的财报说明会上表示，国产化需求急剧增加是强劲业绩的背景。

A vulnerability, which was classified as very critical, has been found in Zope. Affected by this issue is some unknown functionality. The manipulation leads to improper privilege management. This vulnerability is handled as CVE-2011-3587. The attack may be launched remotely. Furthermore, there is an exploit available.

Quantum announces the DXi9200, the latest generation of its flagship DXi9000 Series hybrid (flash + dense disk) data protection appliances, designed for scalable, efficient backup and recovery services for large organizations. With the continuing threat of ransomware attacks, organizations need to take a comprehensive and proactive approach to secure their data and data copies, continuously validate recovery operations, and quickly recover in case of attack. As the industry’s most scalable, feature-rich, and efficient data protection … More →

The post Quantum DXi9200 helps organizations manage and reduce cybersecurity risks appeared first on Help Net Security.

A vulnerability, which was classified as critical, has been found in Advanced Order Export For WooCommerce up to 1.5.3 on WordPress. This issue affects some unknown processing. The manipulation leads to injection. The identification of this vulnerability is CVE-2018-11525. Attacking locally is a requirement. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Advanced Order Export Plugin 3.1.3 on WooCommerce. Affected by this vulnerability is an unknown functionality of the file view/settings-form.php. The manipulation of the argument woe_post_type as part of Parameter leads to cross site scripting. This vulnerability is known as CVE-2020-11727. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in Advanced Order Export up to 3.1.7 on WooCommerce. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2021-27349. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.