And in the news a critical vulnerability in the Spring Framework (CVE-2024-22243) could lead to serious security breaches, urging updates. Threat actors exploit flaws in VMware, Microsoft Exchange, and Cisco, with law enforcement targeting groups like LockBit. The 8220 Gang targets cloud infrastructure, and I-Soon, a Chinese firm, faces a data leak. Users should utilize tools like Tor.taxi for dark web safety and be wary of TeaBot trojan infections from the Google Play Store. Updates are crucial for ConnectWise ScreenConnect vulnerabilities (CVE-2024-1708, CVE-2024-1709).

Today in the news, critical security issues include an authentication bypass vulnerability in ConnectWise ScreenConnect, requiring immediate updates. Two individuals were convicted for mail fraud involving counterfeit iPhones. Apple enhances iMessage encryption with PQ3 to combat future quantum attacks. GDPR impacts lead to significant data storage and processing reductions in Europe. A scam with a fake Exodus cryptocurrency wallet resulted in substantial Bitcoin theft. North Korean group Lazarus targets security researchers via LinkedIn. Dancho Danchev exposes LockBit ransomware associate. Cado Security identifies a malware campaign, Commando Cat, targeting Docker APIs. An SQL Injection vulnerability was found in the AI ChatBot plugin for WordPress. Lastly, Cyble reports on the CriminalMW Group's evolution of Android banking trojans in Brazil.

I’m Gracie Folkins, today is February 21st, 2024, and you are listening to Hack News Daily.

An employee at the Stratford-on-Avon District Council misused their access to steal 79,000 email addresses to promote a private business. This action resulted in a police caution and led the council to implement data breach resolution measures.

A report highlights that up to 275 credit unions using CU Solutions Group's content management system were at risk. They were vulnerable to account takeover and credential theft due to critical vulnerabilities. However, these have been mitigated by an update, and the implementation of multi-factor authentication is recommended.

The UK's National Crime Agency has taken significant action against the LockBit ransomware group. They've seized infrastructure, arrested affiliates, and plan to expose the group leader's identity. This marks a major setback for the cybercrime group and showcases law enforcement's global collaboration and strategic offensive against such threats.

New malware named Migo, targeting Redis servers, has been discovered. It mines cryptocurrency by disabling security configurations and uses a user-mode rootkit to evade detection. System administrators must be vigilant and secure their Linux hosts against these specific attack vectors.

A critical vulnerability, known as KeyTrap and identified as CVE-2023-50387, has been discovered in the DNSSEC. It could potentially cause extended Internet outages by sending DNS servers into an unresolvable loop. Updates to patch this issue have been released and need to be applied immediately.

Signal is enhancing user privacy by introducing a beta feature that allows users to create usernames, concealing their phone numbers. However, a phone number is still required during the registration process.

A security lapse at Wyze allowed 13,000 customers to inadvertently access video feeds from other users' cameras. This issue was attributed to a third-party library problem during high server load. The company has since implemented additional verification measures to prevent similar incidents.

ConnectWise has patched two critical vulnerabilities in its ScreenConnect software. The most severe allowed remote code execution. Users are urged to update to version 23.9.8 or apply the provided patches for earlier versions immediately...

I’m Gracie Folkins, today is February 20, 2024, and you are listening to Hack News Daily.

First up, a big cyber incident in Romania: the Backmydata ransomware has hit multiple hospitals, locking up their systems. Security experts recommend using Check Point Harmony Endpoint and running the latest updates from Microsoft and Adobe to stay safe. And remember, with Valentine’s Day just past, cyber threats are on the rise, so stay vigilant.

In the United States, Infosys McCamish Systems reported a breach affecting over 57,000 people, with Social Security numbers leaked. If you're affected, you might be eligible for free identity theft protection from Bank of America. Always keep an eye on your personal data, folks.

Meanwhile, the Cactus ransomware group has made headlines by stealing 1.5TB of data from Schneider Electric. At the same time, law enforcement has been cracking down on the LockBit ransomware, seizing their servers and offering a way to unlock encrypted files.

International police forces have been busy, taking down LockBit's operations and gathering crucial evidence against this criminal gang. Always a good day when the bad guys get caught.

Website owners, take note: A severe vulnerability in the Bricks WordPress site builder was found. Update your sites ASAP to avoid attacks.

Hackers from North Korea have been caught in a sophisticated attack on maritime technology. Companies are urged to step up their security measures, including using multi-factor authentication and training staff to spot cyber threats.

A serious security hole in Microsoft Exchange servers has been exposed, affecting thousands of servers worldwide. If you manage one, make sure to update it immediately.

The I-S00N GitHub repository has revealed suspicious activities by the company Shanghai Anxun. If you’re involved with government IT, this is a red flag to investigate further.

In Europe, the TAG-70 group, linked to Belarus and Russia, has been exploiting vulnerabilities to spy on emails. This is a stark reminder of the importance of keeping your systems patched and secure.

Privacy concerns are rising as Wyze camera users found they could access other people's video feeds due to a bug. Wyze is working on fixing this to ensure user privacy.

The European Court of Human Rights has made a stand for privacy by ruling against compelled decryption by law enforcement. A win for personal privacy rights.

Developers, be aware: A significant vulnerability in the Kubernetes platform Rancher could allow hackers to hijack domains. Keep an eye out for updates and secure your domains.

DNSSEC, a system designed to protect the internet, had a big scare with the KeyTrap vulnerability. Thankfully, major providers have already patched this issue.

Researchers at the University of Illinois have shown how AI, like OpenAI's GPT-4, can identify and exploit web vulnerabilities. It's a new era for cybersecurity.

The notorious TAG-70 group has been busy, using security weaknesses to target over 80 organizations in Europe for espionage.

The spyware Pegasus, by NSO Group, now uses sophisticated techniques to profile mobile devices without any user interaction. A chilling development in cyber surveillance.

Meta is fighting back against cyber surveillance by disrupting malicious activities from several international firms. They've introduced new security measures to protect users.

The ALPHV ransomware group is claiming to have breached Prudential Financial and LoanDepot, showing that financial institutions remain prime targets.

Android users, beware: The Anatsa banking trojan has slipped past Google Play's defenses, posing as harmless apps. Google has removed these apps, but stay alert.

WordPress's Bricks Builder plugin had a severe flaw, now patched, highlighting the constant need for software updates.

SolarWinds has fixed some serious issues in its software. If you're using their Access Rights Manager, make sure it's up to date.

A new variant of the Mirai botnet is targeting TP-Link routers. Protect your devices by following the recommended security measures.

A critical security flaw in old versions of Ghostscript could allow attackers to take control. Update to stay safe.

Come back tomorrow for more Hack News Daily for the latest updates. You can find links to all the cyber news, red team tradecraft tooling, and more at HAQ.NEWS. Gracie Folkins out.

I’m Gracie Folkins, today is February 19, 2024, and you are listening to Hack News Daily.

Cybersecurity updates are critical, and here's what's happening in the world of cyber safety: Cybersecurity firm ESET has released patches for a significant vulnerability, known as CVE-2024-0353, affecting various Windows security products. This is a high-severity local privilege escalation issue. It's important for users to update their systems immediately to avoid potential abuse by attackers.

In other news, multiple Apple Watch Ultra 2 users have reported unauthorized remote access attempts. These incidents led to devices acting on their own, entering incorrect passcodes, and resulting in lockouts. The good news is, users regained control by resetting their watches and changing their passwords.

Rockwell Automation has patched a critical privilege escalation flaw in their FactoryTalk Service Platform software. To protect your systems from potential unauthorized administrative access, updating to the latest version is advised.

On the legal front, a Ukrainian national, Vyacheslav Igorevich Penchukov, has pleaded guilty to charges related to his roles in the Zeus and IcedID malware campaigns. He faces up to 20 years in prison for each count. This case echoes a similar scenario involving the operator of the Raccoon malware-as-a-service platform.

Turning our attention to hardware, ZTE F660 Routers have been identified to have a critical security flaw. This flaw allows an authentication bypass that could enable remote code execution on models produced between 2008 and 2013. Users should restrict access to vulnerable ports and update the firmware to mitigate this risk.

Furthermore, a variety of global and topical news categories are available for those interested in broadening their cyber security awareness. This includes country-specific news and areas of popular interest like technology and cyber security.

In academic circles, Neil G. Bowie's Research Note in Perspectives on Terrorism has expanded the inventory of terrorism-related databases and data sets to 40 new entries. These span across academic, commercial, and governmental sources, providing a wealth of information.

Lastly, Darktrace reports a surge in cyber attacks exploiting vulnerabilities in Ivanti Connect Secure appliances. Their Darktrace DETECT™ and RESPOND™ services are being used to autonomously contain threats and alert security teams.

That's all for today's cyber security updates. Come back tomorrow for more Hack News Daily for the latest updates. You can find links to all the cyber news, red team tradecraft tooling, and more at HAQ.NEWS. Gracie Folkins out.

I’m Gracie Folkins, today is February 18, 2024, and you are listening to Hack News Daily.

In our cybersecurity roundup today, Google Chrome is stepping up its game with a new feature called "Private Network Access protections". This is designed to keep your internal network devices safe from public website exploits by checking connectivity requests more thoroughly. For those interested in the technical details, the process involves CORS-preflight requests, which might block suspicious attempts.

A serious warning for Microsoft Outlook users: A flaw dubbed MonikerLink, identified as CVE-2024-21413, could let bad actors run unauthorized code or steal your data by tampering with file hyperlinks. The advice is clear—patch up as soon as Microsoft rolls out the fix.

Across the pond, a Russian-backed hacking group known as Winter Vivern or TAG-70 has been busy. They've managed to infiltrate various European targets, including government and military sites, thanks to a clever mix of social engineering and exploiting a weakness in Roundcube webmail servers. This is a stark reminder of the need for constant vigilance, patching up security holes, and keeping sensitive information on lockdown.

Dell EMC Enterprise SONiC software users, listen up: A critical bug (CVE-2023-32484) has been found that could let remote attackers get unauthorized access, run commands, and even escalate their privileges. Dell advises moving to versions 3.5.5, 4.0.0, or 4.1.1 to avoid trouble.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has its sights on the Akira Ransomware group, which is exploiting an old Cisco bug to sneak into systems. Federal agencies have until March 7, 2024, to patch up and keep their data safe from these memory extraction attacks.

For those using Okta for identity management, a recent post sheds light on how attackers might exploit misconfigured Role-Based Access Control to gain higher privileges. Understanding Okta's inner workings could be your best defense.

Android users, beware of SpyNote, a trojan that’s now manipulating Accessibility APIs to divert cryptocurrency transactions to attackers' wallets. Be extra cautious about which apps you grant Accessibility API permissions to.

VMware ESXi servers are under threat from the RansomHouse Group, wielding a tool named "MrAgent" for ransomware attacks. It’s crucial to beef up security with EDR solutions and hardening practices.

Wyze Labs is currently investigating a potential security issue that led to users accidentally seeing other people's camera thumbnails. As a precaution, they've forced a logout to reset user tokens.

Google isn’t just about search anymore; they've introduced Magika, an AI model for better file type identification, and are pushing an AI Cyber Defense Initiative to fund security research and collaborate with startups.

The ALPHV ransomware group, with a notorious history under names like DarkSide and BlackMatter, has hit Prudential Financial and loanDepot. The FBI is on their trail, offering rewards for information that leads to their capture.

A look back at a 1979 anthrax outbreak in the USSR reveals a military facility as the culprit, debunking the official story of infected livestock. This finding comes from an international team using open-source intelligence methods.

RansomLook is a new tool on the block for monitoring ransomware group activities online, helping cybersecurity teams stay one step ahead.

And for those in the cloud, Proofpoint reports an attack campaign targeting Microsoft Azure users with phishing and account takeover attempts. Changing credentials and keeping an eye out for suspicious activity is recommended.

Lastly, Gazprombank Investments has updated its app for a more stable stock market investing experience. It’s a reminder of the digital advancements in financial services and the need for secure online interactions.

Come back tomorrow for more Hack News Daily for the latest updates. You can find links to all the cyber news, red team tradecraft tooling, and more at HAQ.NEWS. Gracie Folkins out.

I’m Gracie Folkins, today is February 17th, 2024, and you are listening to Hack News Daily.

First up, an Enea report uncovers the 'MMS Fingerprint' attack by NSO Group, which sneaks into WhatsApp to gather information on your phone without you doing anything. It's like a reminder that even our messages need strong guards.

In other news, Vyacheslav Igorevich Penchukov, a cybercriminal from Ukraine, could face up to 40 years in prison for his role in the Zeus and IcedID banking malware, causing lots of trouble and financial losses.

The U.S. Cybersecurity and Infrastructure Security Agency warns everyone about Akira ransomware. It's sneaking through an old Cisco flaw, and they're saying we need to patch it up quick, by March 7, 2024, to stay safe.

The US Feds have taken down a big botnet run by Russian spies, telling everyone to reset their routers. Imagine a robot army hiding in your internet box, spying on you!

Watch out for 'MMS Fingerprint,' a sneaky way attackers can learn about your phone and plan their next move, all without you noticing a thing.

SentinelOne found a smishing tool named SNS Sender. It's tricking people with fake UPS messages. Always double-check those 'missed delivery' texts, they might not be what they seem!

The US didn't stay quiet against threats, launching a cyberattack on an Iranian military ship to stop it from helping pirates. It's like a digital battle on the high seas!

North Korea's Lazarus hacker group is using a bitcoin mixer to clean their stolen treasures. It's like laundering money, but for digital gold.

Mac users, beware! A malware named RustDoor is sneaking in through fake job offers, aiming to get inside cryptocurrency firms. Always double-check where your updates and emails are coming from.

Two cab drivers found themselves in hot water for hacking JFK airport's taxi system. It's a reminder that jumping the line can lead to big trouble, not just a faster ride.

Critical security flaws in SolarWinds ARM software need urgent fixing. It's like locking the door to keep out digital intruders.

An Azure ATO campaign is targeting big names in organizations, using sneaky tricks to sneak in. It's a digital masquerade ball, but the masks hide something sinister.

Bank of America faces a data breach, with personal info of over 57,000 people at risk. It's a wake-up call to keep our digital doors locked tight.

23andMe had a breach too, affecting 6.9 million accounts. Even our DNA isn't safe from hackers! They've upped their security, so make sure you do too.

The FBI is warning about Volt Typhoon, a Chinese cyber threat lurking in our infrastructure. It's like finding out there are invisible spies in our machines.

A breach through an old VPN account has CISA urging for tighter security. It's a reminder to always update our passwords and keep our digital keys safe.

There's a new exploit out for Microsoft Outlook, threatening our emails with a high-risk vulnerability. Make sure your updates are in check to keep those hackers out.

DNSSEC has a flaw named KeyTrap, capable of knocking out the internet with just one packet. It's like a tiny bug causing a huge blackout, but fixes are on the way.

QNAP devices need patching against two nasty bugs. It's time to update to keep your stored memories and files safe from digital thieves.

Prudential Financial reports a cyber incident, with ongoing investigations to see the extent of the damage. It's a stark reminder of the digital risks in our interconnected world.

New malware targeting phones can steal your face and fingerprints, turning biometrics against us. It's crucial to guard our digital identities as much as our physical ones.

The European Court says forcing companies to break encryption is a no-go, standing up for our right to private conversations. It's a win for privacy, keeping our secrets safe from prying eyes.

Microsoft and Adobe are patching up holes that could let hackers in. It's like digital pest control, sealing up cracks to keep our software safe and sound.

Canada's looking to ban Flipper Zero, worrying it might help thieves. But not everyone agrees, saying we need these tools to test our defenses against real bad guys.

A big problem in Mastodon lets someone pretend to be you. It's been fixed, but it shows why staying updated is key to keeping our digital selves secure.

The US is fighting back against Russian hackers, taking control of a botnet to stop their digital spying. It's like capturing a castle to keep the kingdom safe.

Come back tomorrow for more Hack News Daily for the latest updates. You can find links to all the cyber news, red team tradecraft tooling, and more at HAQ.NEWS. Gracie Folkins out.

I’m Gracie Folkins, today is February 16th, 2024, and you are listening to Hack News Daily. In today's update, the FBI has taken action against a group of hackers from Russia by stopping a harmful program on certain internet routers. They advise everyone with these routers to reset them and pick new passwords to stay safe online. The U.S. State Department is offering a reward of up to $15 million for information that helps catch members of a notorious hacking group responsible for stealing over $300 million worldwide. A major flaw named "KeyTrap" could have caused big problems on the internet by overloading it with too much information. Thankfully, Google has found a way to fix this issue, but experts say more changes are needed to prevent future problems. Zenlayer had a big oopsie when it accidentally left nearly 385 million records out in the open without a password. This mistake was fixed quickly after a security researcher pointed it out. OpenAI has shut down accounts used by hackers from countries like Iran and Russia. These hackers were misusing ChatGPT to do things like spy and create phishing attacks. The office of South Korea's President was targeted by hackers linked to North Korea, but they say their security systems stopped the hackers from causing serious harm. Zoom has fixed a serious security problem in its apps, along with six other smaller issues, and is asking everyone to make sure their app is up to date. A new malware called TicTacToe Dropper has been found, tricking computers into letting in viruses. Users are advised to use advanced security tools to detect such sneaky tricks. A new threat on iPhones named GoldPickaxe has been spotted, stealing personal and banking information through fake apps. It's a reminder to be careful about what apps to download and trust. The RansomHouse group has created a new tool to attack servers and spread ransomware, showing the importance of strong defenses and careful monitoring of network activities. German company Varta had to stop work at five of its plants due to a cyberattack, showing how serious these threats can be to businesses. Security experts have unveiled new malware used by Russian hackers to sneak into NGO networks, showing the ongoing challenges in protecting sensitive information. A new scam involves cybercriminals using Amazon's messaging service to send fake texts pretending to be from the USPS, a reminder to keep cloud accounts secure to prevent misuse. The Kryptina Ransomware has become more dangerous after its source code was made freely available, potentially leading to more attacks on Linux systems. A clever malware pretending to be an Adobe installer is tricking people into downloading harmful software, highlighting the need for caution with email attachments. European courts have ruled that weak encryption and excessive data retention are against human rights, affecting future laws on data surveillance. Finally, a group called GoldFactory is using advanced tricks to steal from bank accounts on mobile devices, reminding us to be wary of suspicious links and to check app permissions carefully. Come back tomorrow for more Hack News Daily for the latest updates. You can find links to all the cyber news, red team tradecraft tooling, and more at HACK dot NEWS. Gracie Folkins out.

I’m Gracie Folkins, today is February 15th, 2024, and you are listening to Hack News Daily.

In today's cyber news, the PlayDapp gaming platform experienced a major security issue when an unauthorized person created 1.79 billion PLA tokens. This happened because they got hold of a private key they shouldn't have. The company has stopped all transactions and asked exchanges to block the hacker's wallets to fix the problem.

Meanwhile, Zenlayer, a company that handles lots of internet data, accidentally left a huge amount of information unprotected online. This mistake exposed 380 million records, but the good news is that the problem was fixed after a cybersecurity expert found it and told the company.

Over in Germany, VARTA AG, known for making batteries, was hit by a cyberattack that messed up their computer systems and stopped production in five of their factories. They're working hard to get everything running smoothly again and make sure all their data is safe.

Prudential Financial had a scare on February 4, 2024, when someone got into their systems without permission. They're still looking into it, but so far, it seems like no customer data was taken. They're working with the police and cybersecurity experts to keep everything secure.

Zoom just fixed a really bad flaw in their Windows software that could have let hackers take over. It was one of seven problems they found and fixed, so if you use Zoom, make sure you've updated it!

Microsoft Outlook had a bug that could let hackers steal your login details just by tricking you into clicking a link. Microsoft has fixed this, so make sure your software is up to date.

In Romania, over 100 hospitals were attacked with ransomware through a healthcare management system. The national cybersecurity agency is helping them deal with this without paying the ransom.

The CL0P ransomware group used some sneaky tricks to attack companies last year, and they might have made up to $100 million even though fewer victims are paying ransoms these days. It's a reminder that everyone needs to be careful and protect their computers and data.

That's just a glimpse of what's happening in the world of cybersecurity. Attacks are getting more sophisticated, and everyone from big companies to regular folks needs to stay alert and protect their information.

Come back tomorrow for more Hack News Daily for the latest updates. You can find links to all the cyber news, red team tradecraft tooling, and more at HAQ.NEWS. Gracie Folkins out.

I’m Gracie Folkins, today is February 14th, 2024, and you are listening to Hack News Daily.

First up, there's a new vulnerability that was used by hackers to sneak past Microsoft Defender SmartScreen. This vulnerability was exploited to distribute a harmful malware called DarkMe, targeting financial traders. But don't worry, this has been patched, and if you're using Trend Micro solutions, you're already protected against it.

For Bank of America customers, there's an important update. A third-party provider, Infosys McCamish Systems, was hacked, and personal information like names, Social Security numbers, and financial details were accessed. It's a good reminder to monitor your credit information regularly for any suspicious activity.

Canada's Trans-Northern Pipelines might be in trouble as the ALPHV/BlackCat ransomware group claims to have stolen critical data. Authorities are investigating, but it shows how critical infrastructure can be targeted by cybercriminals.

A huge data breach has affected roughly 2.4 million patients of Integris Health. Cyber attackers accessed sensitive information, which could lead to scams and identity theft. Always be vigilant about unexpected communications asking for personal information.

Microsoft's recent Patch Tuesday addressed 80 vulnerabilities, with some being critical and actively exploited. It's essential to keep your software updated to protect against these vulnerabilities.

Ivanti's VPN appliances have been found to have multiple critical vulnerabilities. This situation has led to cyberattacks and a directive to disconnect affected products, highlighting the importance of timely patching and security practices.

An interesting case of vulnerability was found in Ghost CMS, where a Stored XSS vulnerability could allow attackers to take over an instance. It's a reminder of the importance of web security and keeping systems updated.

Zoom users, make sure to update your software. Critical security issues, including a high-risk privilege escalation vulnerability, have been fixed in the latest versions.

For gamers, a security flaw allowed hackers to mint and steal $290 million in PLA tokens from PlayDapp's blockchain gaming platform. This incident led to a suspension of token trading and withdrawals as the company worked to mitigate the breach.

Lastly, let's touch on Bitcoin mining. The economics of Bitcoin mining are facing challenges due to the upcoming halving event, which might decrease miner revenue and increase energy costs. It's a situation that highlights the complexities of cryptocurrency mining and sustainability concerns.

That wraps up today’s cyber news. Remember, staying informed and vigilant is the key to staying safe online. Come back tomorrow for more Hack News Daily for the latest updates. You can find links to all the cyber news, red team tradecraft tooling, and more at HACK.NEWS. Gracie Folkins out.