Author: securnerd

We're your premier source for the latest in AI, cybersecurity, science, and technology. Dedicated to providing clear, thorough, and accurate information, our team brings you insights into the innovations that shape tomorrow. Let's navigate the future together."

Cutting-edge research has exposed a series of innovative attacks challenging Bluetooth Classic’s forward secrecy and future secrecy assurances, leading to potential adversary-in-the-middle (AitM) scenarios between two connected devices. Termed collectively as BLUFFS, these vulnerabilities impact Bluetooth Core Specification versions 4.2 through 5.4 and have been assigned the identifier CVE-2023-24023, with a CVSS score of 6.8. These vulnerabilities were responsibly disclosed in October 2022. EURECOM researcher Daniele Antonioli, in a study published last month, revealed that these attacks “facilitate device impersonation and machine-in-the-middle scenarios across sessions by compromising just one session key.” This exploit is made possible by capitalizing on two…

Read More

A recent discovery by security researchers has unveiled a new variant of the notorious Qilin ransomware, specifically designed to target VMware ESXi servers. This Linux encryptor, considered one of the most sophisticated seen to date, demonstrates the adaptability of cybercriminals in the face of the enterprise’s growing reliance on virtual machines. As businesses increasingly opt for virtual machines to optimize resource utilization, ransomware groups have adapted, creating specialized encryptors for VMware ESXi servers. Unlike many ransomware strains that leverage existing code, Qilin stands out by crafting its own encryptors, focusing on Linux servers. Security researcher MalwareHunterTeam recently unearthed a Linux…

Read More

Zyxel has taken swift action to rectify 15 security vulnerabilities affecting a range of devices, including network-attached storage (NAS), firewalls, and access points (APs). Among these vulnerabilities, three critical flaws posed significant risks, enabling potential attackers to bypass authentication and execute command injections. The specific vulnerabilities are detailed as follows: CVE-2023-35138 (CVSS score: 9.8) – A critical command injection vulnerability that permits unauthenticated attackers to execute operating system commands through a carefully crafted HTTP POST request. CVE-2023-4473 (CVSS score: 9.8) – A critical command injection vulnerability within the web server, allowing unauthenticated attackers to execute operating system commands via a…

Read More

In the ever-evolving landscape of cybercrime, stolen account credentials have emerged as a prized commodity, posing a significant risk to organizations worldwide. The 2023 Verizon Data Breach Investigation Report highlights the alarming fact that external actors were responsible for a staggering 83% of breaches between November 2021 and October 2022, with nearly half of these incidents involving pilfered credentials. Social engineering, a leading cybersecurity threat in 2023, continues to be a key weapon in the arsenal of threat actors. Phishing, constituting a substantial portion of social engineering attempts, stands out as the preferred method for credential theft due to its…

Read More

In a recent cyber onslaught, an undisclosed Afghan governmental organization fell victim to a sophisticated attack orchestrated by an Advanced Persistent Threat (APT) group, featuring the deployment of a previously undocumented web shell named HrServ. Kaspersky, a leading cybersecurity firm, disclosed that the web shell, identified as a dynamic-link library (DLL) named “hrserv.dll,” boasts advanced features such as customized encoding methods for client communication and in-memory execution. Detailed analysis by Kaspersky researcher Mert Degirmenci, published this week, uncovered the intricacies of the attack. The Russian cybersecurity experts traced variants of the malware back to early 2021, drawing on compilation timestamps…

Read More

Israeli higher education and technology sectors have fallen victim to a series of highly sophisticated cyber attacks initiated in January 2023, with the perpetrators deploying previously undocumented wiper malware in their attempts to compromise sensitive data. These intrusions, continuing until as recently as October, have been traced back to an Iranian nation-state hacking group known as Agonizing Serpens, which operates under various aliases including Agrius, BlackShadow, and Pink Sandstorm (formerly Americium). A recent report from Palo Alto Networks Unit 42 revealed that the attacks aimed at stealing critical information such as personally identifiable information (PII) and intellectual property. Once the…

Read More

In response to evolving data protection regulations in the European Union (EU), European Economic Area (EEA), and Switzerland, Meta made a significant announcement on Monday. The tech giant unveiled plans to roll out an ad-free subscription option for Facebook and Instagram users in these regions, starting next month. Priced at €9.99/month on the web and €12.99/month on iOS and Android, this subscription offering is designed to align with the changing legal landscape concerning user privacy. “In November, users in these regions will have the choice to continue using our personalized services with ads for free, or opt for an ad-free…

Read More

In a move to fortify the safety and security of artificial intelligence (AI), Google has expanded its Vulnerability Rewards Program (VRP), offering compensation to researchers who identify potential threats specific to generative AI systems. The decision aims to address unique concerns arising from generative AI, including issues like unfair bias, model manipulation, and misinterpretation of data, commonly referred to as “hallucinations,” according to statements by Google’s Laurie Richardson and Royal Hansen. The expanded program encompasses various categories, such as prompt injections, leakage of sensitive data from training datasets, model manipulation, adversarial perturbation attacks triggering misclassification, and model theft. Google had…

Read More

In response to a serious security concern, VMware has swiftly released crucial updates to rectify a critical flaw detected in the vCenter Server software, capable of enabling remote code execution on vulnerable systems. The flaw, identified as CVE-2023-34048 with a CVSS score of 9.8, is described as an out-of-bounds write vulnerability within the DCE/RPC protocol implementation. VMware stated in a recently published advisory that a malevolent actor with network access to vCenter Server could exploit this flaw, potentially leading to remote code execution. The discovery and reportage of this vulnerability are credited to Grigory Dorodnov of Trend Micro Zero Day…

Read More

In a groundbreaking move, Microsoft has launched the early access phase for its revolutionary AI-driven security analysis tool, Security Copilot. The platform, akin to the familiar ChatGPT, empowers security teams to swiftly combat threats using Microsoft’s extensive global threat intelligence and cutting-edge large language models. Security Copilot offers a dynamic approach, responding to security queries from defenders while continuously learning and adapting from interactions. Tailoring its recommendations to specific enterprise environments, it provides instant incident summaries, rapid guided responses, simplified natural language queries, and real-time malware analysis. One of its standout features is the ability to identify previously unknown threats…

Read More