Latest Cybersecurity News and Articles

---

New Discord DDoS Campaign Called Panamorfi Targets Vulnerable Jupyter Notebooks

Hackers are targeting misconfigured Jupyter Notebooks using a repurposed Minecraft DDoS tool known as mineping. The attack, dubbed Panamorfi, involves utilizing a Java tool to launch a TCP flood DDoS attack against vulnerable Jupyter Notebooks.

---

Critical Flaw in Rockwell Automation Devices Allows Unauthorized Access

A high-severity security bypass vulnerability has been disclosed in Rockwell Automation ControlLogix 1756 devices that could be exploited to execute common industrial protocol (CIP) programming and configuration commands. The flaw, which is assigned the CVE identifier CVE-2024-6242, carries a CVSS v3.1 score of 8.4. "A vulnerability exists in the affected products that allows a threat actor to

---

New Android Trojan "BlankBot" Targets Turkish Users' Financial Data

Cybersecurity researchers have discovered a new Android banking trojan called BlankBot targeting Turkish users with an aim to steal financial information. "BlankBot features a range of malicious capabilities, which include customer injections, keylogging, screen recording and it communicates with a control server over a WebSocket connection," Intel 471 said in an analysis published last week.

---

China-Linked Hackers Compromise ISP to Deploy Malicious Software Updates

The China-linked threat actor known as Evasive Panda compromised an unnamed internet service provider (ISP) to push malicious software updates to target companies in mid-2023, highlighting a new level of sophistication associated with the group. Evasive Panda, also known by the names Bronze Highland, Daggerfly, and StormBamboo, is a cyber espionage group that's been active since at least 2012,

---

Minister apologises for Northern Ireland special education needs data breach

Paul Givan says individuals concerned contacted after details of more than 400 people mistakenly sent outThe education minister in Northern Ireland has “unreservedly” apologised after the personal details of more than 400 people who had offered to contribute to a review of special education needs were breached.The embarrassing data breach came to light on Thursday after the education department said it had mistakenly sent to 174 people a spreadsheet attachment that contained the names, email address and titles of 407 individuals who had expressed an interest in attending the end-to-end review of special education needs (SEN) events across Northern Ireland. Continue reading...

---

DOJ and FTC Sue TikTok for Violating Children's Privacy Laws

The U.S. Department of Justice (DoJ), along with the Federal Trade Commission (FTC), filed a lawsuit against popular video-sharing platform TikTok for "flagrantly violating" children's privacy laws in the country. The agencies claimed the company knowingly permitted children to create TikTok accounts and to view and share short-form videos and messages with adults and others on the service. They

---

Attacks on Bytecode Interpreters Conceal Malicious Injection Activity

This type of attack, known as Bytecode Jiu-Jitsu, takes advantage of the fact that interpreters do not require execution privilege for bytecode, making it difficult for security tools to detect.

---

Hackers Exploit Misconfigured Jupyter Notebooks with Repurposed Minecraft DDoS Tool

Cybersecurity researchers have disclosed details of a new distributed denial-of-service (DDoS) attack campaign targeting misconfigured Jupyter Notebooks. The activity, codenamed Panamorfi by cloud security firm Aqua, utilizes a Java-based tool called mineping to launch a TCP flood DDoS attack. Mineping is a DDoS package designed for Minecraft game servers. Attack chains entail the exploitation

---

APT41 Hackers Use ShadowPad, Cobalt Strike in Taiwanese Institute Cyber Attack

A Taiwanese government-affiliated research institute that specializes in computing and associated technologies was breached by nation-state threat actors with ties to China, according to new findings from Cisco Talos. The unnamed organization was targeted as early as mid-July 2023 to deliver a variety of backdoors and post-compromise tools like ShadowPad and Cobalt Strike. It has been attributed

---

APT28 Targets Diplomats with HeadLace Malware via Car Sale Phishing Lure

A Russia-linked threat actor has been linked to a new campaign that employed a car for sale as a phishing lure to deliver a modular Windows backdoor called HeadLace. "The campaign likely targeted diplomats and began as early as March 2024," Palo Alto Networks Unit 42 said in a report published today, attributing it with medium to high level of confidence to APT28, which is also referred to as

---

Security leaders respond to HealthEquity data breach

4.3 million individuals were impacted by a HealthEquity data breach, and security leaders are sharing their insights. 

---

StackExchange Abused to Spread Malicious PyPI Packages as Answers

Threat actors used StackExchange to promote malicious PyPi packages, including 'spl-types,' 'raydium,' 'sol-structs,' 'sol-instruct,' and 'raydium-sdk,' which steal data from browsers, messaging apps, and cryptocurrency wallets.

---

Webinar: Discover the All-in-One Cybersecurity Solution for SMBs

In today's digital battlefield, small and medium businesses (SMBs) face the same cyber threats as large corporations, but with fewer resources. Managed service providers (MSPs) are struggling to keep up with the demand for protection. If your current cybersecurity strategy feels like a house of cards – a complex, costly mess of different vendors and tools – it's time for a change. Introducing

---

CrowdStrike Investors File Class Action Suit Following Global IT Outage

The Plymouth County Retirement Association claims the company misrepresented the effectiveness of its software platform and quality control procedures. The lawsuit alleges that CrowdStrike did not adequately test its software.

---

Social Media Malvertising Campaign Promotes Fake AI Editor Website for Credential Theft

A recent malvertising campaign has been exposed, where threat actors take over social media pages, rebranding them as popular AI photo editors and posting malicious links to fake websites.

---

Mirai Botnet targeting OFBiz Servers Vulnerable to Directory Traversal

Enterprise Resource Planning (ERP) Software is at the heart of many enterprising supporting human resources, accounting, shipping, and manufacturing. These systems can become very complex and difficult to maintain. They are often highly customized, which can make patching difficult. However, critical vulnerabilities keep affecting these systems and put critical business data at risk.  The

---

Suspects in 'Russian Coms' Spoofing Service Arrested in London, as NCA Announces Takedown

The caller ID spoofing service, which was established in 2021, is believed to have caused financial losses in the tens of millions and had around 170,000 victims in Britain.

---

Homebrew Security Audit Finds 25 Vulnerabilities

A security audit sponsored by the Open Tech Fund in August 2023 revealed 25 vulnerabilities in Homebrew. The audit found issues that could have allowed attackers to execute code, modify builds, control CI/CD workflows, and access sensitive data.

---

Threat Intelligence: A Blessing and a Curse?

Access to timely and accurate threat intelligence is essential for organizations, but it can be overwhelming to navigate the vast amount of available data and feeds. Balancing comprehensive information with relevance is crucial.

---

New Windows Backdoor BITSLOTH Exploits BITS for Stealthy Communication

Cybersecurity researchers have discovered a previously undocumented Windows backdoor that leverages a built-in feature called Background Intelligent Transfer Service (BITS) as a command-and-control (C2) mechanism. The newly identified malware strain has been codenamed BITSLOTH by Elastic Security Labs, which made the discovery on June 25, 2024, in connection with a cyber attack targeting an