Three severe SQL injection vulnerabilities have been identified in specific Amazon Redshift drivers, posing a significant risk of privilege escalation and data compromise. The vulnerabilities, labeled as CVE-2024-12744, CVE-2024-12745, and CVE-2024-12746, each hold a CVSS severity score of 8.0, emphasizing…
Elektronische Patientenakte: So lässt sich auf die ePAs aller Versicherten zugreifen
Die angeblich sicherste ePA Europas lässt sich von vielen Seiten aus angreifen. Potenziell sind die Daten aller Versicherten gefährdet. (38C3, Datenschutz) Dieser Artikel wurde indexiert von Golem.de – Security Lesen Sie den originalen Artikel: Elektronische Patientenakte: So lässt sich auf…
Microsoft adds another problem to the Windows 11 24H2 naughty list
Santa Satya pops one more issue into his sack just in time for Christmas The trickle of known issues with Windows 11 24H2 has continued with a new one just in time for festive season: installed the operating system using…
You Can Be a Part of this Grassroots Movement 🧑💻
< div class=”field field–name-body field–type-text-with-summary field–label-hidden”> < div class=”field__items”> < div class=”field__item even”> You ever hear the saying, “it takes a village”? I never really understood the saying until I started going to conferences, attending protests, and working on EFF’s…
38C3: Große Sicherheitsmängel in elektronischer Patientenakte 3.0 aufgedeckt
Gravierende Sicherheitslücken müssten bis zum Start der ePA 3.0 noch geschlossen werden. Das demonstrieren Martin Tschirsich und Bianca Kastl auf dem 38C3. Dieser Artikel wurde indexiert von heise Security Lesen Sie den originalen Artikel: 38C3: Große Sicherheitsmängel in elektronischer Patientenakte…
Palo Alto Networks Vulnerability Puts Firewalls at Risk of DoS Attacks
A critical vulnerability, CVE-2024-3393, has been identified in the DNS Security feature of Palo Alto Networks’ PAN-OS software. This flaw allows unauthenticated attackers to exploit firewalls through specially crafted packets, causing denial-of-service (DoS) conditions. The issue has been actively exploited,…
NjRat 2.3D Pro Edition Shared on GitHub: A Growing Cybersecurity Concern
The recent discovery of the NjRat 2.3D Professional Edition on GitHub has raised alarms in the cybersecurity community. This notorious Remote Access Trojan (RAT), also known as Bladabindi, has long been a tool of choice for cybercriminals due to its…
New ‘OtterCookie’ Malware Attacking Software Developers Via Fake Job Offers
Palo Alto Networks reported the Contagious Interview campaign in November 2023, a financially motivated attack targeting various organizations, unlike typical nation-sponsored attacks. While primarily associated with BeaverTail and InvisibleFerret malware, SOCs have recently observed OtterCookie deployed within this campaign. OtterCookie…
Lumma Stealer Attacking Users To Steal Login Credentials From Browsers
Researchers observed Lumma Stealer activity across multiple online samples, including PowerShell scripts and a disguised EXE installer, as analysis revealed a parent-child relationship between these samples, all of which communicated with the same C2 server. The Lumma Stealer Trojan, observed…
You Can Be a Part of this Grassroots Movement 🧑💻
< div class=”field field–name-body field–type-text-with-summary field–label-hidden”> < div class=”field__items”> < div class=”field__item even”> You ever hear the saying, “it takes a village”? I never really understood the saying until I started going to conferences, attending protests, and working on EFF’s…
Canvas fingerprinting in the wild
Every day, your computer renders dozens of these without you even noticing. Strange patterns, colorful shapes, and emojis—what do you think these are? These are canvas fingerprints, a technique used by the vast majority of websites to fingerprint devices and…
IT Security News Hourly Summary 2024-12-27 18h : 6 posts
6 posts were published in the last hour 16:38 : You Can Be a Part of this Grassroots Movement 🧑💻 16:10 : 38C3: Terabyte an Bewegungsdaten von VW-Elektroautos in der Cloud gefunden 16:10 : Datenschutzverletzung: Volkwagen-Bewegungsprofile von 800.000 E-Autos offengelegt…
You Can Be a Part of this Grassroots Movement 🧑💻
< div class=”field field–name-body field–type-text-with-summary field–label-hidden”> < div class=”field__items”> < div class=”field__item even”> You ever hear the saying, “it takes a village”? I never really understood the saying until I started going to conferences, attending protests, and working on EFF’s…
38C3: Terabyte an Bewegungsdaten von VW-Elektroautos in der Cloud gefunden
Die für die Softwareentwicklung von VW zuständige Tochterfirma hat Bewegungsdaten hunderttausender Elektroautos so gespeichert, dass ein Zugriff leicht war. Dieser Artikel wurde indexiert von heise Security Lesen Sie den originalen Artikel: 38C3: Terabyte an Bewegungsdaten von VW-Elektroautos in der Cloud…
Datenschutzverletzung: Volkwagen-Bewegungsprofile von 800.000 E-Autos offengelegt
Persönliche Daten und Bewegungsprofile von rund 800.000 VW-E-Auto-Besitzern lagen monatelang öffentlich zugänglich in der Cloud. (VW, Datenschutz) Dieser Artikel wurde indexiert von Golem.de – Security Lesen Sie den originalen Artikel: Datenschutzverletzung: Volkwagen-Bewegungsprofile von 800.000 E-Autos offengelegt
Volkswagen data breach of Electric cars and D Link router botnet attack
Volkswagen Data Leak Exposes Information of Over 800,000 Electric Vehicle Owners Volkswagen (VW), one of the most well-known automobile manufacturers in the world, has become the latest victim of a significant data breach that has compromised the personal information of…
Baltic Sea Power Cable Severed In Latest Incident
Undersea internet and power cable in Baltic sea between Finland and Estonia suffers outage. Finland seizes suspected oil tanker This article has been indexed from Silicon UK Read the original article: Baltic Sea Power Cable Severed In Latest Incident
You Can Be a Part of this Grassroots Movement 🧑💻
< div class=”field field–name-body field–type-text-with-summary field–label-hidden”> < div class=”field__items”> < div class=”field__item even”> You ever hear the saying, “it takes a village”? I never really understood the saying until I started going to conferences, attending protests, and working on EFF’s…
You Can Be a Part of this Grassroots Movement 🧑💻
< div class=”field field–name-body field–type-text-with-summary field–label-hidden”> < div class=”field__items”> < div class=”field__item even”> You ever hear the saying, “it takes a village”? I never really understood the saying until I started going to conferences, attending protests, and working on EFF’s…
Understanding and Preventing Botnet Attacks: A Comprehensive Guide
Botnet attacks exploit a command-and-control model, enabling hackers to control infected devices, often referred to as “zombie bots,” remotely. The strength of such an attack depends on the number of devices compromised by the hacker’s malware, making botnets a…
Protect Yourself from AI Scams and Deepfake Fraud
In today’s tech-driven world, scams have become increasingly sophisticated, fueled by advancements in artificial intelligence (AI) and deepfake technology. Falling victim to these scams can result in severe financial, social, and emotional consequences. Over the past year alone, cybercrime…
Fortinet Researchers Discover Two Malicious Python Packages
A new research published earlier this week by Fortinet Inc.’s FortiGuard Labs warns of two newly found malicious Python packages that indicate a major threat of credential theft, data exfiltration, and unauthorised system access. The first flaw, Zebo-0.1.0, was…
Handala attempts a supply chain hack via ReutOne
During the week, Handala — a group painfully in love with Israel, breached ReutOne, a small Microsoft 365 Dynamics reseller. They sent out an email to their customers on 24th December 2024, asking them to run a software update: Kevin Beaumont (@GossiTheDog@cyberplace.social) The…
You Can Be a Part of this Grassroots Movement 🧑💻
< div class=”field field–name-body field–type-text-with-summary field–label-hidden”> < div class=”field__items”> < div class=”field__item even”> You ever hear the saying, “it takes a village”? I never really understood the saying until I started going to conferences, attending protests, and working on EFF’s…