Uncategorized

Uncategorized post – later to be categorized.

Misconfigured Kubernetes RBAC in Azure Airflow Could Expose Entire Cluster to Exploitation The Hacker [email protected] (The Hacker News)
December 30, 2024

Cybersecurity researchers have uncovered three security weaknesses in Microsoft's Azure Data Factory Apache Airflow integration that, if successfully exploited, could have allowed an attacker to gain the ability to conduct …


U.S. Army Soldier Arrested in AT&T, Verizon Extortions Krebs on SecurityBrianKrebs
December 30, 2024

Federal authorities have arrested and indicted a 20-year-old U.S. Army soldier on suspicion of being Kiberphant0m, a cybercriminal who has been selling and leaking sensitive customer call records stolen earlier …


New HIPAA Rules Mandate 72-Hour Data Restoration and Annual Compliance Audits The Hacker [email protected] (The Hacker News)
December 30, 2024

The United States Department of Health and Human Services' (HHS) Office for Civil Rights (OCR) has proposed new cybersecurity requirements for healthcare organizations with an aim to safeguard patients' data …


⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips The Hacker [email protected] (The Hacker News)
December 30, 2024

Every week, the digital world faces new challenges and changes. Hackers are always finding new ways to breach systems, while defenders work hard to keep our data safe. Whether it's …


When Good Extensions Go Bad: Takeaways from the Campaign Targeting Browser Extensions The Hacker [email protected] (The Hacker News)
December 30, 2024

News has been making headlines over the weekend of the extensive attack campaign targeting browser extensions and injecting them with malicious code to steal user credentials. Currently, over 25 extensions, …


Happy 15th Anniversary, KrebsOnSecurity! Krebs on SecurityBrianKrebs
December 29, 2024

KrebsOnSecurity.com turns 15 years old today! Maybe it's indelicate to celebrate the birthday of a cybercrime blog that mostly publishes bad news, but happily many of 2024's most engrossing security …


16 Chrome Extensions Hacked, Exposing Over 600,000 Users to Data Theft The Hacker [email protected] (The Hacker News)
December 29, 2024

A new attack campaign has targeted known Chrome browser extensions, leading to at least 16 extensions being compromised and exposing over 600,000 users to data exposure and credential theft. The attack …


15,000+ Four-Faith Routers Exposed to New Exploit Due to Default Credentials The Hacker [email protected] (The Hacker News)
December 27, 2024

A high-severity flaw impacting select Four-Faith routers has come under active exploitation in the wild, according to new findings from VulnCheck. The vulnerability, tracked as CVE-2024-12856 (CVSS score: 7.2), has been …


North Korean Hackers Deploy OtterCookie Malware in Contagious Interview Campaign The Hacker [email protected] (The Hacker News)
December 27, 2024

North Korean threat actors behind the ongoing Contagious Interview campaign have been observed dropping a new JavaScript malware called OtterCookie. Contagious Interview (aka DeceptiveDevelopment) refers to a persistent attack campaign that …


Cloud Atlas Deploys VBCloud Malware: Over 80% of Targets Found in Russia The Hacker [email protected] (The Hacker News)
December 27, 2024

The threat actor known as Cloud Atlas has been observed using a previously undocumented malware called VBCloud as part of its cyber attack campaigns targeting "several dozen users" in 2024. "Victims …