News – December 2024

December 10, 2024

A new warning as we head into the busy holiday travel season. It would be best to be on guard for fake TSA precheck websites. “We are seeing a disturbing trend of mimicking TSA-like sites,” says Karin Zilberstein with Guardio, a browser extension that identifies fake websites and other malware. She says Guardio has discovered ...

December 10, 2024

Romanian energy supplier Electrica Group has confirmed suffering a cyberattack in the latest incident to hit major institutions in the country. In a press announcement, the company said it was investigating an “ongoing cyberattack” together with the local law enforcement. The company did not detail the attack, its nature, goal, or the identity of the threat ...

December 10, 2024

The E.U. Cyber Resilience Act was enacted on Dec. 10. This legislation impacts all manufacturers, distributors, and tech importers that connect to other devices or networks operating in the bloc. Examples of applicable products include smart doorbells, baby monitors, alarm systems, routers, mobile apps, speakers, toys, and fitness trackers. Those that comply with the legislation will ...

December 10, 2024

QNAP has released fixes for several vulnerabilities affecting the QTS and QuTS hero operating systems. In addition to the three high severity vulnerabilities below, the security advisory also addresses two medium severity vulnerabilities and three low severity vulnerabilities. QuTS is QNAP’s operating system for high-end enterprise NAS devices. Vulnerability Details CVE-2024-48865: An improper certificate validation vulnerability ...

December 10, 2024

The U.S. sanctioned a Chinese cybersecurity company and one of its employees for exploiting a zero-day vulnerability in Sophos firewalls to target U.S. organizations. On Tuesday, the U.S. Treasury Department said Guan Tianfeng, an employee of Sichuan Silence, used the vulnerability to compromise approximately 81,000 firewalls in April 2020. The hacking campaign, detailed by Sophos in ...

December 9, 2024

European law enforcement agencies have taken down yet another encrypted messaging service mainly used by criminals. The Matrix encrypted messaging service was an invite-only service which was also marketed under the names Mactrix, Totalsec, X-quantum, or Q-safe. Dutch and French authorities started an investigation when the service was found on the phone of a criminal convicted ...

December 9, 2024

Google has unveiled a new chip which it claims takes five minutes to solve a problem that would currently take the world’s fastest super computers ten septillion – or 10,000,000,000,000,000,000,000,000 years – to complete. The chip is the latest development in a field known as quantum computing – which is attempting to use the principles of ...

December 9, 2024

Researchers are warning of a new “fake job” hacking campaign that targets primarily people working in the Web3 (blockchain) industry. Experts at Cado Security Labs revealed the campaign started in September 2024, aiming to trick people into downloading infostealing malware to their devices, both for Windows and macOS. In some examples observed by the researchers, the ...

December 9, 2024

On Friday, the “Termite” ransomware group claimed responsibility for the attack on its dark web leak site. In a post seen by TechCrunch, the gang claims to have stolen 680 gigabytes of data from Blue Yonder, including documents, reports, insurance documents and email lists, which Termite says it intends to use “for future attacks.” In a ...

December 8, 2024

The US government has imposed fresh export controls on the sale of high tech memory chips used in artificial intelligence (AI) applications to China. The rules apply to US-made high bandwidth memory (HBM) technology as well as foreign-produced ones. High bandwidth memory (HBM) are basically a stack of memory chips, small components that store data. They ...