In Other News: McDonald’s API Hacking, Netflix Fine, Malware Kills ICS Process
Fri, 20 Dec 2024 13:00:00 +0000
Noteworthy stories that might have slipped under the radar: McDonald’s API hacking, Netflix fined nearly $5 million in Netherlands, experimental malware killing ICS process.
The post In Other News: McDonald’s API Hacking, Netflix Fine, Malware Kills ICS Process appeared first on SecurityWeek.
https://www.securityweek.com/in-other-news-mcdonalds-hacking-netflix-fine-malware-kills-ics-process/
Botnet of 190,000 BadBox-Infected Android Devices Discovered
Fri, 20 Dec 2024 12:20:00 +0000
Bitsight has discovered a BadBox botnet consisting of over 190,000 Android devices, mainly Yandex smart TVs and Hisense smartphones.
The post Botnet of 190,000 BadBox-Infected Android Devices Discovered appeared first on SecurityWeek.
https://www.securityweek.com/botnet-of-190000-badbox-infected-android-devices-discovered/
Ransomware Group Claims Theft of Personal, Financial Data From Krispy Kreme
Fri, 20 Dec 2024 11:58:20 +0000
The Play ransomware group claims to have stolen sensitive data from donut and coffee retail chain Krispy Kreme.
The post Ransomware Group Claims Theft of Personal, Financial Data From Krispy Kreme appeared first on SecurityWeek.
https://www.securityweek.com/ransomware-group-claims-theft-of-personal-financial-data-from-krispy-kreme/
Another NetWalker Ransomware Affiliate Gets 20-Year Prison Sentence in US
Fri, 20 Dec 2024 11:40:00 +0000
A second individual accused of being involved in NetWalker ransomware attacks, a Romanian national, has received a 20-year prison sentence.
The post Another NetWalker Ransomware Affiliate Gets 20-Year Prison Sentence in US appeared first on SecurityWeek.
https://www.securityweek.com/another-netwalker-ransomware-affiliate-gets-20-year-prison-sentence-in-us/
CISA Urges Immediate Patching of Exploited BeyondTrust Vulnerability
Fri, 20 Dec 2024 11:20:00 +0000
CISA is urging federal agencies to patch a recent critical vulnerability in BeyondTrust remote access products in one week.
The post CISA Urges Immediate Patching of Exploited BeyondTrust Vulnerability appeared first on SecurityWeek.
https://www.securityweek.com/cisa-urges-immediate-patching-of-exploited-beyondtrust-vulnerability/
Rockwell PowerMonitor Vulnerabilities Allow Remote Hacking of Industrial Systems
Fri, 20 Dec 2024 11:00:00 +0000
Rockwell’s PowerMonitor is affected by critical vulnerabilities that can enable remote access to industrial systems for disruption or further attacks.
The post Rockwell PowerMonitor Vulnerabilities Allow Remote Hacking of Industrial Systems appeared first on SecurityWeek.
https://www.securityweek.com/rockwell-powermonitor-vulnerabilities-allow-remote-hacking-of-industrial-systems/
Lazarus Group Spotted Targeting Nuclear Engineers with CookiePlus Malware
Fri, 20 Dec 2024 16:14:00 +0530
The Lazarus Group, an infamous threat actor linked to the Democratic People’s Republic of Korea (DPRK), has been observed leveraging a “complex infection chain” targeting at least two employees belonging to an unnamed nuclear-related organization within the span of one month in January 2024.
The attacks, which culminated in the deployment of a new modular backdoor referred to as CookiePlus, are
https://thehackernews.com/2024/12/lazarus-group-spotted-targeting-nuclear.html
Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack
Fri, 20 Dec 2024 14:09:00 +0530
The developers of Rspack have revealed that two of their npm packages, @rspack/core and @rspack/cli, were compromised in a software supply chain attack that allowed a malicious actor to publish malicious versions to the official package registry with cryptocurrency mining malware.
Following the discovery, versions 1.1.7 of both libraries have been unpublished from the npm registry. The latest
https://thehackernews.com/2024/12/rspack-npm-packages-compromised-with.html
Sophos Issues Hotfixes for Critical Firewall Flaws: Update to Prevent Exploitation
Fri, 20 Dec 2024 13:43:00 +0530
Sophos has released hotfixes to address three security flaws in Sophos Firewall products that could be exploited to achieve remote code execution and allow privileged system access under certain conditions.
Of the three, two are rated Critical in severity. There is currently no evidence that the shortcomings have been exploited in the wild. The list of vulnerabilities is as follows –
https://thehackernews.com/2024/12/sophos-fixes-3-critical-firewall-flaws.html
Hackers Exploiting Critical Fortinet EMS Vulnerability to Deploy Remote Access Tools
Fri, 20 Dec 2024 11:55:00 +0530
A now-patched critical security flaw impacting Fortinet FortiClient EMS is being exploited by malicious actors as part of a cyber campaign that installed remote desktop software such as AnyDesk and ScreenConnect.
The vulnerability in question is CVE-2023-48788 (CVSS score: 9.3), an SQL injection bug that allows attackers to execute unauthorized code or commands by sending specially crafted
https://thehackernews.com/2024/12/hackers-exploiting-critical-fortinet.html
CISA Adds Critical Flaw in BeyondTrust Software to Exploited Vulnerabilities List
Fri, 20 Dec 2024 10:00:00 +0530
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild.
The vulnerability, tracked as CVE-2024-12356 (CVSS score: 9.8), is a command injection flaw that
https://thehackernews.com/2024/12/cisa-adds-critical-flaw-in-beyondtrust.html
How to Implement Impactful Security Benchmarks for Software Development Teams
Thu, 19 Dec 2024 16:40:34 +0000
Benchmarking is all about taking back control – you’re measuring to gain complete awareness of your development teams’ security skills and practices.
The post How to Implement Impactful Security Benchmarks for Software Development Teams appeared first on SecurityWeek.
https://www.securityweek.com/how-to-implement-impactful-security-benchmarks-for-software-development-teams/
Thousands Download Malicious npm Libraries Impersonating Legitimate Tools
Thu, 19 Dec 2024 19:26:00 +0530
Threat actors have been observed uploading malicious typosquats of legitimate npm packages such as typescript-eslint and @types/node that have racked up thousands of downloads on the package registry.
The counterfeit versions, named @typescript_eslinter/eslint and types-node, are engineered to download a trojan and retrieve second-stage payloads, respectively.
“While typosquatting attacks are
https://thehackernews.com/2024/12/thousands-download-malicious-npm.html
CISA Releases Mobile Security Guidance After Chinese Telecom Hacking
Thu, 19 Dec 2024 13:50:32 +0000
In light of recent Chinese hacking into US telecom infrastructure, CISA has released guidance on protecting mobile communications.
The post CISA Releases Mobile Security Guidance After Chinese Telecom Hacking appeared first on SecurityWeek.
https://www.securityweek.com/cisa-releases-mobile-security-guidance-after-chinese-telecom-hacking/
Juniper Warns of Mirai Botnet Targeting SSR Devices with Default Passwords
Thu, 19 Dec 2024 19:07:00 +0530
Juniper Networks is warning that Session Smart Router (SSR) products with default passwords are being targeted as part of a malicious campaign that deploys the Mirai botnet malware.
The company said it’s issuing the advisory after “several customers” reported anomalous behavior on their Session Smart Network (SSN) platforms on December 11, 2024.
“These systems have been infected with the Mirai
https://thehackernews.com/2024/12/juniper-warns-of-mirai-botnet-targeting.html
Ukrainian Raccoon Infostealer Operator Sentenced to Prison in US
Thu, 19 Dec 2024 13:16:26 +0000
Raccoon Infostealer MaaS operator Mark Sokolovsky was sentenced to 60 months in prison in the US and agreed to pay over $910,000 in restitution.
The post Ukrainian Raccoon Infostealer Operator Sentenced to Prison in US appeared first on SecurityWeek.
https://www.securityweek.com/ukrainian-raccoon-infostealer-operator-sentenced-to-prison-in-us/
Cisco to Acquire Threat Detection Company SnapAttack
Thu, 19 Dec 2024 12:54:31 +0000
Cisco has announced its intention to acquire threat detection company SnapAttack to boost Splunk security product capabilities.
The post Cisco to Acquire Threat Detection Company SnapAttack appeared first on SecurityWeek.
https://www.securityweek.com/cisco-to-acquire-threat-detection-company-snapattack/
Fortinet Warns of Critical FortiWLM Flaw That Could Lead to Admin Access Exploits
Thu, 19 Dec 2024 16:01:00 +0530
Fortinet has issued an advisory for a now-patched critical security flaw impacting Wireless LAN Manager (FortiWLM) that could lead to disclosure of sensitive information.
The vulnerability, tracked as CVE-2023-34990, carries a CVSS score of 9.6 out of a maximum of 10.0. It was originally fixed by Fortinet back in September 2023, but without a CVE designation.
“A relative path traversal [CWE-23]
https://thehackernews.com/2024/12/fortinet-warns-of-critical-fortiwlm.html
CISA Mandates Cloud Security for Federal Agencies by 2025 Under Binding Directive 25-01
Thu, 19 Dec 2024 15:30:00 +0530
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued Binding Operational Directive (BOD) 25-01, ordering federal civilian agencies to secure their cloud environments and abide by Secure Cloud Business Applications (SCuBA) secure configuration baselines.
“Recent cybersecurity incidents highlight the significant risks posed by misconfigurations and weak security controls,
https://thehackernews.com/2024/12/cisa-mandates-cloud-security-for.html
Dutch DPA Fines Netflix €4.75 Million for GDPR Violations Over Data Transparency
Thu, 19 Dec 2024 14:56:00 +0530
The Dutch Data Protection Authority (DPA) on Wednesday fined video on-demand streaming service Netflix €4.75 million ($4.93 million) for not giving consumers enough information about how it used their data between 2018 and 2020.
An investigation launched by the DPA in 2019 found that the tech giant did not inform customers clearly enough in its privacy statement about what it does with the data
https://thehackernews.com/2024/12/dutch-dpa-fines-netflix-475-million-for.html