Source: securityboulevard.com – Author: Richi Jennings Microsoft 365 “Core Platform Substrate” gets rewrite in Rust language. A job ad seems to say Microsoft is going all in...
Author: Richi Jennings
FBI Warning: China Will Hack US Infra. (via Router Botnet) – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings FBI head Wray won’t tolerate China’s “real-world threat to our physical safety.” Harsh rhetoric against the People’s Republic yesterday at...
Russian Internet Outage: DNSSEC Oops or Ukraine Hack? – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings Government ministry denies hackers hacked its network infrastructure. The Russian internet was down for hours yesterday: Everything under the .ru and...
‘Extremely serious’ — Mercedes-Benz Leaks Data on GitHub – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings My friends all hack Porsches—I must make amends. For four months, Mercedes-Benz lost control of critical private data—including designs, security keys...
Malicious AdTech Spies on People as NatSec Targets – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings Patternz and Nuviad enable potentially hostile governments to track individuals by misusing ad bidding. Two companies are allegedly tracking target...
‘Mother of all Breaches’ Leaks — 26 BILLION Records from 12TB Open Bucket – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings Researchers discover unsecured database of stolen personal information. And you thought last week’s Naz.API leak was massive? You ain’t seen nothin’...
OpenAI: We’ll Stop GPT Misuse for Election Misinfo – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings Sam says avoid AI abuse—protect the democratic process. With elections coming up in the US and other major countries, concerns...
Ivanti VPN Zero-Day Combo Chained ‘by China’ – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings Under active exploitation since last year—but still no patch available. A critical zero-day and another high-severity CVE are being chained together to...
China Cracks Apple Private Protocol — AirDrop Pwned – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings Chinese citizens using peer-to-peer wireless comms “must be identified.” The Beijing Bureau of Justice claims it can trace senders of...
Google Whistles While OAuth Burns — ‘MultiLogin’ 0-Day is 70+ Days Old – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings Infostealer scrotes having a field day with unpatched vulnerability. A zero-day vulnerability, publicly revealed in October, is still unpatched. Google’s...
SSH FAIL: Terrapin Attack Smashes ‘Secure’ Shell Spec – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings Lurking vuln in SSH spec means every implementation must build patches. A nasty vulnerability in a crucial bit of internet...
X/Twitter Under Investigation by EU in First DSA Move – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings Manipulation, deception, transparency: “We will make full use of our toolbox,” promises Europe. The European Union’s Digital Services Act is...
iPhone/iPad Warning: Update Now to Avoid Zero-Day Pain – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings iOS 17.0.3 fixes yet more nasty zero-days (and the overheating bug). Apple has updated iOS 17 again, patching two zero-day...
‘All of Sony’ Hacked, Claims Ransomed.vc Group – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings If true, Sony might have to push the RESET button (again). Another day, yet another hack of Sony. This time,...
More iOS Zero Days, More Mercenary Spyware — This Time: Cytrox Predator – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings Egyptian opposition presidential candidate Ahmed Eltantawy targeted “by the government.” Would-be president pwned by President: Former Egyptian politician Ahmed Tantawy (pictured)...
Patch EVERYTHING: Widely Used ‘WebP’ Code has Critical Bug – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings Critical vuln in libwebp: Go get updates to Chrome, Firefox, Edge, Slack and more. After Apple’s BLASTPASS patches, come a...
What Happens in Vegas: MGM Resorts ‘Ransomware’ Attack – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings Not happening in Vegas: 12 hotels and casinos—nor in many more elsewhere, neither. MGM Resorts has pulled the plug on...
Google Kills 3rd-Party Cookies — but Monopolizes AdTech – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings “Privacy Sandbox” criticized as a proprietary, hypocritical, anti-competitive, self-serving contradiction. Google says its Topics API is ready for prime time:...
BadBazaar: Chinese Spyware Shams Signal, Telegram Apps – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings After sneaking into Google and Samsung app stores, “GREF” APT targets Uyghurs and other PRC minorities. China stands accused of...
Qakbot Cracked: FBI and Friends Hack the Hackers – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings Operation Duck Hunt shoots to kill big botnet. Qakbot is dead. The world’s biggest “loader” botnet has ceased to be....
Did Russia Hack Poland’s Trains? MSM Says Yes, but … Well, You Decide – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings It depends what you mean by “hack” (and by “Russia”). Trains all over Poland are mysteriously slamming on the brakes,...
Lapsus$ Jury Says Teen Duo Did Do Crimes – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings Arion Kurtaj and anon minor: Part of group that hacked Uber, Nvidia, Microsoft, Rockstar Games and many more. Two teenage...
LOL WinRAR: Serious One-Click Bug (Patch NOW) – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings Fix for CVE-2023-40477 now available. Good old WinRAR has a serious security hole. If you still have it installed, get...
Ransomware Robs Realtors — Rapattoni MLS-aaS Down: Day 8 and Counting – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings Home listings SaaS dead in the water as real estate agents lose leads. A service that helps local realtor associations...
AI coding helpers get FAILing grade – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings An academic study says ChatGPT is wrong more than half the time, when asked the sort of programming questions you’d find...
Microsoft is a “Strategic Problem in the Security Space,” Says CEO – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings Yoran has had enough—and he’s not gonna take it anymore. Tenable CEO Amit Yoran says his team reported a critical...
FraudGPT/WormGPT: Scammy for now — but a worrying signpost for software security – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings Dark web AI models that can phish and write malware have been exercising minds in recent weeks. But the so-called WormGPT...
Android Foils AirTag Stalkers and Thieves — While Apple Does Nothing – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings “Unknown Tracker Detected,” your phone screams. What now? An Apple AirTag that’s not yours—but traveling with you—could be bad news. Perhaps...