Author: nlqip
Evgenii Ptitsyn, a Russian national and suspected administrator of the Phobos ransomware operation, was extradited from South Korea and is facing cybercrime charges in the United States. Phobos is a long-running ransomware-as-a-service (RaaS) operation (derived from the Crysis ransomware family) widely distributed through many affiliates. In 2023, it accounted for roughly 4% of all submissions…
Read More
Palo Alto Networks confirmed two zero-day vulnerabilities were exploited as part of attacks in the wild against PAN-OS devices, with one being attributed to Operation Lunar Peek. Background On November 18, Palo Alto Networks updated its advisory (PAN-SA-2024-0015) for a critical flaw in its PAN-OS software to include a CVE identifier: CVE Description CVSS CVE-2024-0012…
Read More
Broadcom warned today that attackers are now exploiting two VMware vCenter Server vulnerabilities, one of which is a critical remote code execution flaw. TZL security researchers reported the RCE vulnerability (CVE-2024-38812) during China’s 2024 Matrix Cup hacking contest. It is caused by a heap overflow weakness in the vCenter’s DCE/RPC protocol implementation and affects products…
Read More
At Supercomputing 2024, the AI computing giant shows off what is likely its biggest AI ‘chip’ yet—the four-GPU Grace Blackwell GB200 NVL4 Superchip—while it announces the general availability of its H200 NVL PCIe module for enterprise servers running AI workloads. Nvidia is revealing what is likely its biggest AI “chip” yet—the four-GPU Grace Blackwell GB200…
Read More
AWS has released an important new feature that allows you to apply permission boundaries around resources at scale called Resource Control Policies (RCPs). Read on to learn what RCPs are all about and how to use them, as well as how Tenable Cloud Security already factors them into its analysis. AWS just launched Resource Control…
Read More
Fake Bitwarden password manager advertisements on Facebook are pushing a malicious Google Chrome extension that collects and steals sensitive user data from the browser. Bitwarden is a popular password manager app with a “free” tier featuring end-to-end encryption, cross-platform support, MFA integration, and a user-friendly interface. Its user base has been growing steadily in the…
Read More
‘We are not going to be successful driving adoption, sales of any of these things without our ecosystem of partners—the service partners, the MSPs, pretty much the entire constituency,’ says Bargav Balakrishnan, IBM vice president of product management for Power. IBM will incorporate its Spyre Accelerator in future Power products—including its Power11 system releasing next…
Read More
Check out our deep dive into both new and known techniques for abusing infrastructure-as-code and policy-as-code tools. You’ll also learn how to defend against them in this blog post which expands on the attack techniques presented at our fwd:cloudsec Europe 2024 talk “Who Watches the Watchmen? Stealing Credentials from Policy-as-Code Engines (and beyond).” Infrastructure-as-code (IaC)…
Read More
The Microsoft 365 Admin Portal is being abused to send sextortion emails, making the messages appear trustworthy and bypassing email security platforms. Sextortion emails are scams claiming that your computer or mobile device was hacked to steal images or videos of you performing sexual acts. The scammers then demand from you a payment of $500…
Read More
It’s time to shine a light on one of the internet’s most obscure and nefarious places: the dark web. This network, known for providing anonymity, draws both privacy advocates and cybercriminals to its corners. In this article, we will explore how the dark web functions, the types of people who visit its sites, the illicit…
Read More