Category: Kamban

Welcome to this week’s edition of the “Bi-Weekly Cyber Roundup” by Canary Trap. At Canary Trap, it is our mission to keep you up-to-date with the most crucial news in the world of cybersecurity and this bi-weekly publication is your gateway to the latest news. In this week’s round-up, we will explore recent developments in…

Image: MidjourneyToday, the U.S. Justice Department said the FBI seized 32 web domains used by the Doppelgänger Russian-linked influence operation network in a disinformation campaign targeting the American public ahead of this year’s presidential election. According to court documents, Doppelgänger is believed to be linked to Russian companies Social Design Agency (SDA), Structura National Technology…

Cisco has fixed a command injection vulnerability with public exploit code that lets attackers escalate privileges to root on vulnerable systems. Tracked as CVE-2024-20469, the security flaw was found in Cisco’s Identity Services Engine (ISE) solution, an identity-based network access control and policy enforcement software that enables network device administration and endpoint access control in…

A new “EUCLEAK” flaw found in FIDO devices using the Infineon SLE78 security microcontroller, like Yubico’s YubiKey 5 Series, allows attackers to extract Elliptic Curve Digital Signature Algorithm (ECDSA) secret keys and clone the FIDO device. NinjaLab’s Thomas Roche, who discovered the flaw and devised the EUCLEAK side-channel attack, notes that the side channel can retrieve…

Cisco has removed a backdoor account in the Cisco Smart Licensing Utility (CSLU) that can be used to log into unpatched systems with administrative privileges. CSLU is a Windows application that helps manage licenses and linked products on-premise without connecting them to Cisco’s cloud-based Smart Software Manager solution. The company says this critical vulnerability (CVE-2024-20439)…

Cisco’s site for selling company-themed merchandise is currently offline and under maintenance due to hackers compromising it with JavaScript code that steals sensitive customer details provided at checkout. Cisco’s site for selling company-themed merchandise is currently offline and under maintenance due to a compromise with JavaScript code that steals sensitive details provided at checkout. It…

Google has released the September 2024 Android security updates to fix 34 vulnerabilities, including CVE-2024-32896, an actively exploited elevation of privilege flaw that was previously fixed on Pixel devices. The high-severity vulnerability is related to a logic error in the code, which allows an attacker to bypass certain protections on Android and elevate their privileges…

AI SPERA, a leading Cyber Threat Intelligence (CTI) company, has achieved PCI DSS v4.0 certification for its flagship search engine solution, Criminal IP. This accomplishment builds on last year’s attainment of PCI DSS v3.2.1 (Payment Card Industry Data Security Standard) certification and represents a significant milestone in the company’s ongoing efforts to strengthen security, further…

Threat actors are utilizing an attack called “Revival Hijack,” where they register new PyPi projects using the names of previously deleted packages to conduct supply chain attacks. The technique “could be used to hijack 22K existing PyPI packages and subsequently lead to hundreds of thousands of malicious package downloads,” the researchers say. Hijacking popular projects…