Cyber Security News

October 18, 2024

A Greek police officers association says it is planning legal action after names and details of hundreds of officers from a new elite crime-fighting agency were published on the internet. The Directorate for Combating Organised Crime, DAOE, was launched Thursday to tackle organized crime activities including contract killings, fuel smuggling and money laundering. Police officials confirmed ...

October 17, 2024

Microsoft Threat Intelligence uncovered a macOS vulnerability that could potentially allow an attacker to bypass the operating system’s Transparency, Consent, and Control (TCC) technology and gain unauthorized access to a user’s protected data. The vulnerability, which we refer to as “HM Surf”, involves removing the TCC protection for the Safari browser directory and modifying a configuration ...

October 17, 2024

US authorities have unveiled this week charges against two Sudanese nationals involved in a significant Distributed-Denial-of-Service (DDoS) cybercrime network, following an international investigation that spanned multiple countries. The investigation exposed the activities of Anonymous Sudan, a prolific cybercrime group conducting destructive DDoS attacks to support their ideologically-motivated agenda. Europol coordinated the European dimension of the investigation, ...

October 17, 2024

Most EU member states are set to miss an implementation deadline falling today (17 October) to implement rules to protect critical entities against cyber-attacks and organisations are also concerned about fragmentation of such rules. Euronews reported last week that the European Commission had so far only received confirmations from Belgium and Croatia on transposition of the ...

October 17, 2024

Unit 42 researchers have found that certain third-party utilities and applications pertaining to archiving, virtualization and Apple’s native command-line tools do not enforce the quarantine attribute. This can pose a threat to the integrity of a security feature on macOS known as Gatekeeper, which is responsible for ensuring that only trusted software runs on the system. ...

October 16, 2024

The Cyber Security Association of China on Wednesday called for the launch of a systematic review of potential cybersecurity risks in Intel products due to frequent vulnerabilities and high failure rates, in order to effectively safeguard China’s national security and the legitimate rights and interests of Chinese consumers. The association cited four reasons for the review: ...

October 16, 2024

From infostealer development to data exfiltration, cloud service providers are increasingly being abused by threat actors for malicious schemes. While in this case the ransomware samples we examined contained hard coded AWS credentials, this is specific to this single threat actor and in general, ransomware developers leverage other online services as part of their tactics. In ...

October 16, 2024

Mozilla has announced a security fix for its Firefox browser which also impacts the closely related Tor Browser. The new version fixes one critical security vulnerability which is reportedly under active exploitation. To address the flaw, both Mozilla and Tor recommend that users update their browsers to the most current versions available. Firefox users that have ...

October 15, 2024

Mandiant analyzed 138 vulnerabilities that were disclosed in 2023 and that we tracked as exploited in the wild. Consistent with past analyses, the majority (97) of these vulnerabilities were exploited as zero-days (vulnerabilities exploited before patches are made available, excluding end-of-life technologies). Forty-one vulnerabilities were exploited as n-days (vulnerabilities first exploited after patches are available). While ...

October 15, 2024

Westpac and subsidiaries including St George, Bank of Melbourne and BankSA have been hit by a string of outages. The bank said services were restored on Wednesday afternoon, but some customers continued to report disruptions. Treasurer Jim Chalmers says the government has been in contact with Westpac and described the internet and mobile banking issues as ...

October 15, 2024

In the last year, the cyber threat landscape continued to become more dangerous and complex. The malign actors of the world are becoming better resourced and better prepared, with increasingly sophisticated tactics, techniques, and tools that challenge even the world’s best cybersecurity defenders. Even Microsoft has been the victim of well-orchestrated attacks by determined and well-resourced ...