many parts make the whole
Jen Easterly from CISA confirmed on Wednesday that Salt Typhoon threat actors were detected on US government networks prior to telcos discovering the same activity in their organizations. She went on to say it is likely “just the tip of the iceberg” of Chinese state-sponsored intrusions into critical U.S infrastructure. She also took the opportunity … Read More “Salt Typhoon THREAT ACTORS SPOTTED ON US GOVT NETWORKS BEFORE TELCOS” »
The Salt Typhoon saga continues to unfold, the latest victims confirmed to have been compromised are Charter and Windstream. AT&T, Verizon, and Lumen are also confirmed to be impacted at this time. The attack has been attributed to Chinese state-sponsored threat actors that obtained text messages, voicemails, phone calls and wiretap information of active U.S … Read More “Charter and Windstream ADDED TO LIST OF TELCO PROVIDERS COMPROMISED BY Salt Typhoon” »
A data leak posted by IntelBroker on December 25th via BreachForums has been verified as authentic by Cisco. This follows an earlier leak this month of 2.9 GB of files. The files contain sensitive materials such as cryptographic signatures, internal project archives, and source code. Allegedly a misconfiguration in the DevHub platform inadvertently made the … Read More “Cisco CONFIRMS AUTHENTICITY OF 4.45 GB DATA BREACH” »
A Chinese state-sponsored espionage campaign being dubbed Salt Typhoon now includes nine U.S telecommunication firms. The Chinese government has denied responsibility for the attack which has compromised communications of senior U.S government officials. The full scope of the attack may never be known as the sophisticated attackers took steps to erase evidence of their presence. … Read More “NINTH TELECOM COMPANY ADDED TO LIST OF Salt Typhoon TARGETS” »
A flaw in McDonald’s McDelivery system in India could have allowed for the ability to order any number of menu items for $0.01. Sensitive information in the form of invoices for any order and the personal details for the delivery driver could also have been disclosed. This serves as a great reminder that while apps … Read More “McDonald’s API EXPLOITED FOR ONE CENT DELIVERIES” »
There has been a surge in brute-force attacks targeting Citrix NetScaler. The attacks are mainly originating from a cloud provider based in Hong-Kong, their IP ranges are available in the article linked below and should be blocked to help mitigate the attack on vulnerable systems. The attacks are leveraging zero-day exploits that were recently addressed … Read More “BRUTE-FORCE ATTACKS TARGETING Citrix NetScaler UNDERWAY” »
A new proof-of-concept attack has been disclosed by a team of researchers that effects AMD’s trusted execution environment. The attack does require physical access to the system however as the article below notes, in the age of cloud computing organizations may not have complete control over who has access to the physical hardware running their … Read More “AMD TRUSTED COMPUTING VULNERABLE TO NEW BadRAM ATTACK” »
Apple has confirmed a zero-day attack is currently underway targeting macOS devices running Intel CPUs. Apple’s security response team has declined to provide any Indications of Compromise (IOCs) to help identify effected systems. There is confirmation the vulnerabilities are already being exploited in the wild. Updates to macOS are available and should be applied immediately … Read More “ZERO-DAY ATTACK EFFECTING macOS SYSTEMS” »
PC Gamer has a good article on how long an unprotected Windows XP machine can last on the internet before becoming hopelessly compromised and infected with malware. According to their findings the machine will become infected in less than 10 minutes simply by being connected to the internet, no action from the user required! If … Read More “Windows XP BECOMES INFECTED IN LESS THAN 10 MINUTES IN 2024” »
In a recent court case Marriott has revealed that it was actually securing data using SHA-1 and not the more secure AES-128 encryption algorithm. Marriott was arguing that the encryption they were using was so strong the case against them should have been dismissed, however they recently revealed they were actually using SHA-1 at the … Read More “MARRIOTT ADMITS IT FALSELY CLAIMED IT WAS USING ENCRYPTION” »