The Sinaloa drug cartel in Mexico hacked the phone of an FBI official investigating kingpin Joaquín “El Chapo” Guzmán as part of a surveillance campaign “to intimidate and/or kill potential sources or cooperating witnesses,” according to a recently published report by the Justice Department. The report, which cited an “individual connected to the cartel,” said… Read More »
On Wednesday, CISA added CVE-2024-54085 to its list of vulnerabilities known to be exploited in the wild. The notice provided no further details. In an email on Thursday, Eclypsium researchers said the scope of the exploits has the potential to be broad. That scope includes: Attackers could chain multiple BMC exploits to implant malicious code… Read More »
Ubuntu users could see up to a 20 percent boost in graphics performance on Intel-based systems under a change that will turn off security mitigations for blunting a class of attacks known as Spectre. Spectre, you may recall, came to public notice in 2018. Spectre attacks are based on the observation that performance enhancements built… Read More »
Hackers suspected of working on behalf of the Chinese government exploited a maximum-severity vulnerability, which had received a patch 16 months earlier, to compromise a telecommunications provider in Canada, officials from that country and the US said Monday. “The Cyber Centre is aware of malicious cyber activities currently targeting Canadian telecommunications companies,” officials for the… Read More »
Large-scale attacks designed to bring down Internet services by sending them more traffic than they can process keep getting bigger, with the largest one yet, measured at 7.3 terabits per second, being reported Friday by Internet security and performance provider Cloudflare. The 7.3Tbps attack amounted to 37.4 terabytes of junk traffic that hit the target… Read More »
Elliptic also confirmed in its blog post about the attack that crypto tracing shows Nobitex does in fact have links with sanctioned IRGC operatives, Hamas, Yemen’s Houthi rebels, and the Palestinian Islamic Jihad group. “It’s also an act of sabotage, by attacking a financial institution that was pivotal in Iran’s use of cryptocurrency to evade… Read More »
Not the Apple page you’re looking for “If I showed the [webpage] to my parents, I don’t think they would be able to tell that this is fake,” Jérôme Segura, lead malware intelligence analyst at Malwarebytes, said in an interview. “As the user, if you click on those links, you think, ‘Oh I’m actually on… Read More »
The departments of Commerce, Treasury, Homeland Security and the National Institutes of Health were all compromised. A large roster of private companies—among them Microsoft, Intel, Cisco, Deloitte, FireEye, and CrowdStrike—were also breached. In response, a Biden EO required the Cybersecurity and Infrastructure Security Agency to establish a “common form” for self-attestation that organizations selling critical… Read More »
Screenshot, Ars Technica, Downdetector Credit: Screenshot, Ars Technica, Downdetector Over the past two decades, copper theft has emerged as a major problem in industries spanning plumbing, telephone and Internet connectivity, and others relying on the material, which is a good conductor of electricity and once sold at low prices. In 2008, the FBI warned that… Read More »
Credit: Apple As the video explains: This new process is fundamentally different and more secure than traditional credential export methods, which often involve exporting an unencrypted CSV or JSON file, then manually importing it into another app. The transfer process is user initiated, occurs directly between participating credential manager apps and is secured by local… Read More »