campuscodi

campuscodi, 2 hours ago to random

"Merry-Go-Round is the name HUMAN researchers have given to two independent rings of websites that operate and redirect traffic among each other in pop-under tabs, racking up digital ad impressions that are concealed from the user."

https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-merry-go-round-conceals-ads-from-users-and-brands

campuscodi, 2 hours ago to random

Microsoft not saying a peep about the Recall privacy scandal is a huge tell of how much the company is focused on security

We should have had a statement by now that Recall is either re-engineered or removed

campuscodi, 2 hours ago to random

Recorded Future has published a report on a cyber-espionage campaign carried out by Russian APT group BlueDelta that primarily targeted Ukrainian and European organizations with a tangent to Russia's war in Ukraine.

The final payload in this campaign was the Headlace infostealer.

The campaign started in late 2023 and is ongoing.

https://www.recordedfuture.com/grus-bluedelta-targets-key-networks-in-europe-with-multi-phase-espionage-camp

campuscodi, 3 hours ago to random

Cloudflare has shut down accounts on its platform used by a Russian threat actor known as FlyingYeti to launch phishing attacks on Ukrainian users and organizations.

https://blog.cloudflare.com/disrupting-flyingyeti-campaign-targeting-ukraine

campuscodi, 4 hours ago to random

OpenAI says it disrupted five influence networks that were using its systems for info-ops

https://openai.com/index/disrupting-deceptive-uses-of-AI-by-covert-influence-operations/

campuscodi, 4 hours ago to random

US authorities have issued an arrest warrant for an 18-year-old student for launching cyberattacks that disrupted the STAAR online exams in the state of Texas

https://www.houstonchronicle.com/neighborhood/spring-klein/article/klein-cyberattack-staar-testing-19481598.php

campuscodi, 4 hours ago to random

Indian authorities have arrested five suspects on charges of trafficking unwitting job seekers into Southeast Asian scam compounds

https://therecord.media/india-arrests-human-trafficking-southeast-asia-scam-compounds

campuscodi, 4 hours ago to random

WatchTowr Labs has published a write-up on that Check Point zero-day from yesterday

https://labs.watchtowr.com/check-point-wrong-check-point-cve-2024-24919/

campuscodi, 4 hours ago to random

The European Court of Human Rights (ECHR) has ruled that a Polish surveillance law violates the European Convention on Human Rights.

The ECHR ruled that Poland's secret surveillance program violated the personal privacy of its targets and did not provide an avenue of appeal.

The court also found the program did not undergo reviews by an independent body and was subject to political influence.

https://notesfrompoland.com/2024/05/29/polish-surveillance-law-violates-human-rights-rules-european-court/

campuscodi, 4 hours ago to random

Activision has won a lawsuit against EngineOwning, a company that makes cheats for Call of Duty games.

The judge awarded Activision a default judgement of $14.4 million and has ordered EngineOwning to stop making cheats and turn over its website to Activision.

https://www.theverge.com/2024/5/29/24166932/activision-call-of-duty-cheat-creator-lawsuit-engineowning

campuscodi, 6 hours ago to random

According to the FBI, commercial VPN solutions that used the 911 S5 botnet infrastructure include MaskVPN, DewVPN, PaladinVPN, ProxyGate, ShieldVPN, and ShineVPN

https://www.ic3.gov/Media/Y2024/PSA240529

campuscodi, 8 hours ago to random

A malware strain named Chalubo wiped more than 600,000 ActionTec routers at the end of last year

Lumen report here: https://blog.lumen.com/the-pumpkin-eclipse/

Lumen doesn't name the victim, but based on my amateurish OSINT skills, this looks like a US telco (if someone else can confirm plz :clippy: )

campuscodi, 8 hours ago to random

Home-made bomb explodes in an apartment in Romania.

It's unclear what the bomb was for, but this comes after Romanian authorities detained a man suspected of espionage on behalf of Russia and as Russian sabotage efforts are intensifying across Europe

https://stirileprotv.ro/stiri/actualitate/cine-este-barbatul-mort-in-timp-ce-construia-o-bomba-in-casa-la-fetesti-zse-uita-pe-youtube-cum-sa-si-faca-bombe.html

campuscodi, 8 hours ago to random

The US National Institute of Standards and Technology says it hired a new contractor to help the agency deal with the backlog of unprocessed entries in the National Vulnerability Database.

NIST staff slowed down the pace of new NVD entries in mid-February, citing a need to re-organize and the increasing volume of vulnerabilities.

The agency now says it expects the backlog to be cleared by the end of the fiscal year.

https://www.nist.gov/itl/nvd

campuscodi, 9 hours ago to random

New LilacSquid APT

https://blog.talosintelligence.com/lilacsquid/

campuscodi, 9 hours ago to random

Japanese authorities have arrested a 25-year-old man for allegedly creating ransomware using generative AI tools

https://japannews.yomiuri.co.jp/society/crime-courts/20240528-188598/

campuscodi, 10 hours ago to random

Microsoft plans to deprecate TLS server authentication certificates with 1024-bit RSA keys by the end of the year.
https://techcommunity.microsoft.com/t5/windows-it-pro-blog/tls-server-authentication-deprecation-of-weak-rsa-certificates/ba-p/4134028

campuscodi, 10 hours ago to random

Something from yesterday, the US arrested one of the 911 S5 botnet admins, disrupted their botnet:

https://www.youtube.com/watch?v=ltDurBG7vlE

https://www.justice.gov/opa/pr/911-s5-botnet-dismantled-and-its-administrator-arrested-coordinated-international-operation

campuscodi, 11 hours ago to random

HN Security has found three vulnerabilities in the Eclipse ThreadX real-time operating system—formerly known as the Microsoft Azure RTOS (before it was transferred over to the Eclipse Foundation).

https://security.humanativaspa.it/multiple-vulnerabilities-in-eclipse-threadx/

campuscodi, 13 hours ago to random

A coalition of international law enforcement agencies have taken down servers from multiple malware-loader botnets

Listed "victims" include:

-IcedID
-SystemBC
-Pikabot
-Smokeloader
-Bumblebee
-Trickbot

LEA calls the campaign Operation Endgame: https://operation-endgame.com/

Europol: https://www.europol.europa.eu/media-press/newsroom/news/largest-ever-operation-against-botnets-hits-dropper-malware-ecosystem

campuscodi, 21 hours ago to random

Netflix says it has now awarded more than $1 million to security researchers via its bug bounty program

https://netflixtechblog.medium.com/a-whistledown-exclusive-netflixs-journey-to-one-million-in-bug-bounty-and-beyond-9087ffebc3e1

campuscodi, 22 hours ago to random

Check Point has released a security update to patch a zero-day exploited in its VPN and security appliances.

Tracked as CVE-2024-24919, the zero-day is an information disclosure that allows threat actor to retrieve data from appliances.

https://support.checkpoint.com/results/sk/sk182336

Security firm Mnemonic says it observed threat actors use the vulnerability to enumerate and extract password hashes, including the accounts used to connect to Active Directory.

https://www.mnemonic.io/resources/blog/advisory-check-point-remote-access-vpn-vulnerability-cve-2024-24919/

campuscodi, 1 day ago to random

Newsletter: https://news.risky.biz/risky-biz-news-ir-reports-are-not-protected-documents-multiple-judges-rule/
Podcast: https://risky.biz/RBNEWS294/

-IR reports are not protected documents, multiple judges rule
-US sanctions Chinese nationals behind 911S5 proxy botnet
-MediSecure asks for a government bailout
-Check Point VPNs are under attack
-Ransomware hits Russian delivery service CDEK
-Ransomware hits Belgian ride-sharing app Mpact
-Rav-Rx paid a ransomware gang
-Data leak exposes Google Search internal docs
-OpenAI creates Safety Board
-Pegasus widely used in Rwanda