Hackers trying to extort the Rhode Island government infiltrated the state’s public benefits system, causing state officials to shut down online services that let residents apply for Medicaid and other assistance programs. “As part of this investigation today, we discovered that within the Rhode Island Bridges system, a cybercriminal had installed dangerous malware that constituted […]
December 16, 2024 | Policy, Rhode Island, ribridges, Security | No comments
Screenshot showing a graph tracking mining activity. Credit: Checkmarx But wait, there’s more On Friday, Datadog revealed that MUT-1244 employed additional means for installing its second-stage malware. One was through a collection of at least 49 malicious entries posted to GitHub that contained Trojanized proof-of-concept exploits for security vulnerabilities. These packages help malicious and benevolent […]
December 13, 2024 | Biz & IT, credential theft, cryptomining, GitHub, npm, Security, supply chain attacks | No comments
Thousands of sites running WordPress remain unpatched against a critical security flaw in a widely used plugin that was being actively exploited in attacks that allow for unauthenticated execution of malicious code, security researchers said. The vulnerability, tracked as CVE-2024-11972, is found in Hunk Companion, a plugin that runs on 10,000 sites that use the […]
December 12, 2024 | Biz & IT, CMS, exploits, plugins, Security, vulnerabilities, wordpress | No comments
“Microsoft assesses that Secret Blizzard either used the Amadey malware as a service (MaaS) or accessed the Amadey command-and-control (C2) panels surreptitiously to download a PowerShell dropper on target devices,” Microsoft said. “The PowerShell dropper contained a Base64-encoded Amadey payload appended by code that invoked a request to Secret Blizzard C2 infrastructure.” The ultimate objective […]
December 11, 2024 | backdoors, Biz & IT, nation state hacking, phishing, Security, turla | No comments
If a VM has been backdoored, the cryptographic attestation will fail and immediately alert the VM admin of the compromise. Or at least that’s how SEV-SNP is designed to work. BadRAM is an attack that a server admin can carry out in minutes, using either about $10 of hardware, or in some cases, software only, […]
December 10, 2024 | AMD, Biz & IT, cloud computing, Security, sev-snp | No comments
Seven out of 2,500 scans may sound like a small group, especially in the somewhat self-selecting customer base of iVerify users, whether paying or free, who want to be monitoring their mobile device security at all, much less checking specifically for spyware. But the fact that the tool has already found a handful of infections […]
December 5, 2024 | Biz & IT, nso group, pegasus, Security, spyware, syndication | No comments
Hackers pocketed as much as $155,000 by sneaking a backdoor into a code library used by developers of smart contract apps that work with the cryptocurrency known as Solana. The supply-chain attack targeted solana-web3.js, a collection of JavaScript code used by developers of decentralized apps for interacting with the Solana blockchain. These “dapps” allow people […]
December 5, 2024 | backdoor, Biz & IT, cryptocurrency, Security, solana, supply chain attack | No comments
An unnamed FBI official was quoted in the same report as saying that phone users “would benefit from considering using a cellphone that automatically receives timely operating system updates, responsibly managed encryption, and phishing-resistant” multifactor authentication for email accounts, social media, and collaboration tools. The FBI official reportedly said the hackers obtained metadata showing the […]
December 4, 2024 | Chinese hackers, Policy, salt typhoon, Security | No comments
Available over the Tor network, Hydra was a bazaar that brokered not just drugs but also fake documents, cryptocurrency laundering services, and other illicit goods and services. Nine months after Hydra was taken down, authorities came for Bitzlato, a cryptocurrency exchange that laundered “a substantial portion of the cryptocurrency that Hydra received.” In all, authorities […]
December 4, 2024 | Biz & IT, courts, dark net, drugs, ransomware, Security | No comments
Researchers have discovered malicious code circulating in the wild that hijacks the earliest stage boot process of Linux devices by exploiting a year-old firmware vulnerability when it remains unpatched on affected models. The critical vulnerability is one of a constellation of exploitable flaws discovered last year and given the name LogoFAIL. These exploits are able […]
November 29, 2024 | Biz & IT, bootkitty, Linux, logofail, Security, uefi, unified extensible firmware interface | No comments