- 5 million payment card details stolen in painful reminder to monitor Christmas spending
December 17, 2024
Another day, another exposed S3 bucket. This time, 5 million US credit cards and personal details were leaked online. The Leakd.com security team discovered that 5 terabytes of sensitive screenshots were exposed in a freely accessible Amazon S3 bucket. An S3 bucket is like a virtual file folder in the cloud where you can store various ...
- Dragos Industrial Ransomware Analysis Q3 2024
December 17, 2024
The third quarter (July – September) of 2024 brought transformative shifts to the ransomware landscape, emphasizing its dynamic and continuously evolving nature. The ransomware threat ecosystem remained highly active in the third quarter, fueled by new groups, rebranding of existing entities, expansion of initial access broker operations, and proliferation of illicitly traded tools. Ransomware operators increasingly ...
- Texas medical school says hackers stole sensitive health data of 1.4 million individuals
December 17, 2024
The Texas Tech University Health Sciences Center (TTUHSC) confirmed hackers accessed the personal and sensitive health data of over 1.4 million individuals during a September cyberattack. The cyberattack, which also affected TTUHSC’s El Paso campus, saw attackers steal information including Social Security numbers, financial account information, government-issued ID details, and health information — including medical records ...
- BeyondTrust security advisory addresses a vulnerability in the Remote Support and Privileged Remote Access systems
December 17, 2024
BeyondTrust has released a security advisory that addresses a vulnerability in the Remote Support and Privileged Remote Access systems. Remote Support allows authorised individuals such as IT Helpdesk staff to connect to remote systems. Privileged Remote Access facilitates just-in-time secure access to enterprise environments. CVE-2024-12356 has a CVSSv3 score of 9.8 and if exploited could ...
- Download a banking Trojan to track your parcel
December 17, 2024
In late October 2024, a new scheme for distributing a certain Android banking Trojan called “Mamont” was uncovered. The victim would receive an instant message from an unknown sender asking to identify a person in a photo. The attackers would then send what appeared to be the photo itself but was actually a malware installer. Shortly ...
- Link Trap: GenAI Prompt Injection Attack
December 17, 2024
With the rise of generative AI, new security vulnerabilities are emerging. One such vulnerability is prompt injection, a method that malicious actors can exploit to manipulate AI systems. Typically, the impact of prompt injection attacks is closely tied to the permissions granted to the AI. However, the attack discussed in this article differs from commonly known ...
- Proof-of-Concept Released for Critical Apache Struts Vulnerability
December 17, 2024
Apache has released a security bulletin addressing a critical vulnerability in Apache Struts 2. Apache Struts is an open-source model-view-controller (MVC) framework for creating Java web applications. CVE-2024-53677 is a ‘Unrestricted Upload of File with Dangerous Type’ vulnerability and has a CVSSv4 score of 9.5. This vulnerability exists in the File Upload Interceptor, which allows developers ...
- Earth Koshchei Coopts Red Team Tools in Complex RDP Attacks
December 17, 2024
Red teaming provides essential tools and testing methodologies for organizations to strengthen their security defenses. Cybercriminals and advanced persistent threat (APT) actors pay close attention to new methods and tools red teams develop, and they may repurpose them with a malicious intent. In October 2024, an APT group that Trend Micro tracks as Earth Koshchei (also ...
- Task scams surge by 400%, but what are they?
December 16, 2024
An unfamiliar type of scam has surged against everyday people, with a year-over-year increase of some 400%, putting job seekers at risk of losing their time and money. The emerging threat is delivered in “task scams” or “gamified job scams.” While these scams were virtually non-existent in 2020, the FTC reported 5,000 cases in 2023 and ...
- HiatusRAT Actors Targeting Web Cameras and DVRs
December 16, 2024
The Federal Bureau of Investigation (FBI) is releasing this Private Industry Notification (PIN) to highlight HiatusRAT1 scanning campaigns against Chinese-branded web cameras and DVRs. Private sector partners are encouraged to implement the recommendations listed in the “Mitigation” column of the table below to reduce the likelihood and impact of these attack campaigns. Threat HiatusRAT is a ...
- 2024 Threat Landscape Statistics: Ransomware Activity, Vulnerability Exploits, and Attack Trends
December 16, 2024
In this blog, the global experts across our Rapid7 Labs and Managed Services teams share real-time vulnerability insights and threat intelligence so that our customers can anticipate and prevent breaches, pinpoint critical threats, and confidently take command of their attack surface. The Rapid7 Labs team has rounded up statistics and trends that caught their eye throughout ...