Internet Archive data breach impacts 31 million users
A threat actor has compromised the Internet Archive and stolen a user authentication database containing 31 million unique records. The data will soon be added to Have I Been Pwned, allowing users to enter their email and confirm if their data was exposed in this breach. Read More on Bleeping Computer
New Gorilla Botnet Launches Over 300,000 DDoS Attacks Across 100 Countries
New Gorilla Botnet Launches Over 300,000 DDoS Attacks Across 100 Countries A new botnet named “Gorilla” has launched over 300,000 Distributed Denial-of-Service (DDoS) attacks globally. It is derived from the leaked Mirai botnet source code. Using techniques like UDP floods to conduct the DDoS attacks, and exploiting a security flaw in Apache Hadoop YARN RPC […]
Nation-State Attack: China’s Salt Typhoon Breaches AT&T and Verizon, Report Reveals
The China-linked group Salt Typhoon has breached major U.S. broadband providers, including Verizon, AT&T, and Lumen Technologies, possibly compromising sensitive wiretap systems. This raises significant national security concerns. Security firms, including Microsoft, are investigating the incident, which involves a group known for targeting various sectors globally. Read More on Security Week
Hackers Could Remotely Control Kia Cars by Exploiting License Plates
Hackers Could Remotely Control Kia Cars by Exploiting License Plates Hackers have discovered a way to control Kia cars by exploiting vulnerabilities in the license plate recognition system. This security flaw allows them to remotely access and manipulate vehicle functions, posing significant risks to car owners. The issue highlights the growing concerns around cybersecurity in […]
New Bill Seeks to Mandate Healthcare Cybersecurity Standards
New Bill Seeks to Mandate Healthcare Cybersecurity Standards A new bill is being introduced in the U.S. Congress, aimed at mandating cybersecurity standards for the healthcare sector. The bill seeks to address the increasing number of cyberattacks on healthcare facilities by establishing minimum cybersecurity requirements. It also proposes the creation of a task force to […]
The Chaos of WordPress Revolves Around a cClash of Egos
The Chaos of WordPress Revolves Around a Clash of Egos Millions of websites worldwide are unable to update thanks to an ongoing dispute that has bubbled over between a core backbone of the internet and a popular hosting platform that brings it to many users. Read more on Fast Company
Critical Exploit in MediaTek Wi-Fi Chipsets: CVE-2024-20017
CVE-2024-20017 is a critical zero-click vulnerability affecting MediaTek Wi-Fi chipsets, allowing remote code execution due to an out-of-bounds write issue. This vulnerability impacts various devices, including routers and smartphones from manufacturers like Ubiquiti, Xiaomi, and Netgear. MediaTek has released patches, and users should update their devices immediately to protect against potential exploitation. The exploit uses […]
MoneyGram blames ‘cybersecurity issue’ for ongoing days-long outage
MoneyGram Blames ‘Cybersecurity Issue’ for Ongoing Days-Long Outage The money transferring giant MoneyGram has been experiencing a prolonged outage. Originally said to be a “network issue”, the outage was revealed to be due to a cybersecurity issue, which has disrupted its services for several days. The company has been working to resolve the problem but […]
EFF to FCC: SS7 is Vulnerable, and Telecoms Must Acknowledge That
SS7 was standardized in the late 1970s and early 1980s, at a time when communication relied primarily on landline phones. Because the large telecoms all trusted each other, there was no incentive to focus on the security of the network. SS7 was developed when modern encryption and authentication methods were not in widespread use. Read […]
Apple’s New macOS Sequoia update is breaking some cybersecurity tools
Apple’s New macOS Sequoia Update is Breaking Some Cybersecurity Tools Apple’s latest macOS Sequoia update is causing issues with some cybersecurity tools. The update includes new AI-powered features and improvements, but these changes have led to compatibility problems with certain security software. As a result, some cybersecurity tools are not functioning correctly, raising concerns about […]