Tag: latest cybersecurity news

Anycubic 3D printers hacked worldwide to expose security flaw
News

Anycubic 3D printers hacked worldwide to expose security flaw

Customers of Anycubic have reported online that someone has hacked their 3D printers, alerting users to the possibility of assaults. The perpetrator of this issue informed the impacted users that their printer is compromised by a critical security flaw by uploading a hacked_machine_readme.gcode file to their devices. This file typically provides instructions for 3D printing. Using the company's MQTT service API, this vulnerability is said to allow potential attackers to take control of any Anycubic 3D printer that is impacted. Along with requesting Anycubic to open-source its 3D printers, the file that the affected devices got also claims that Anycubic's software "is lacking." There is a serious risk to your security from a severe vulnerability on your machine read more Anycub...
FBI Warns U.S. Healthcare Sector of Targeted BlackCat Ransomware Attacks
News

FBI Warns U.S. Healthcare Sector of Targeted BlackCat Ransomware Attacks

As recently as this month, the U.S. government issued a warning regarding the reappearance of BlackCat (also known as ALPHV) ransomware assaults that target the healthcare industry. The authorities added in an updated advisory that since mid-December 2023, the healthcare sector has been the most frequently victimized out of the roughly 70 victims who have been exposed. This is probably a reaction to a statement made by the ALPHV/BlackCat administrator, who encouraged its affiliates to target hospitals following the group's and its infrastructure's operational activity in early December 2023. The Department of Health and Human Services (HHS), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) are the organizations that provid...
President Biden Blocks Mass Transfer of Personal Data to High-Risk Nations
News

President Biden Blocks Mass Transfer of Personal Data to High-Risk Nations

An Executive Order issued by US President Joe Biden forbids the bulk transfer of Americans' personal information to nations of concern. According to a statement from the White House, the Executive Order "provides safeguards around other activities that can give those countries access to Americans' sensitive data." Sensitive data comprises financial, geographical, genetic, biometric, and personal health information, as well as some types of personally identifiable information (PII). According to the U.S. government, threat actors may use this information as a weapon to track down their residents and then provide it to foreign intelligence services and data brokers read more President Biden Blocks Mass Transfer of Personal Data to High Risk Nations. Get up to date on the latest ...
Chinese Hackers Exploiting Ivanti VPN Flaws to Deploy New Malware
News

Chinese Hackers Exploiting Ivanti VPN Flaws to Deploy New Malware

Ivanti Connect Secure VPN appliances' security weaknesses have been linked to at least two distinct alleged China-related cyber espionage clusters, identified by the tracking numbers UNC5325 and UNC3886. UNC5325 exploited CVE-2024-21893 to distribute LITTLELAMB, a new type of malware that is quite diverse.Mandiant revealed that in addition to maintaining continuous access to compromised appliances, they also maintain WOOLTEA, PITSTOP, PITDOG, PITJET, and PITHOOK. Because of LITTLELAMB source code overlaps, the Google-owned threat intelligence company has determined that UNC5325 is related to UNC3886 with a reasonable degree of confidence.PITHOOK and WOOLTEA, using malware employed by the latter. It's important to note that UNC3886 has a history of using VMware and Fortinet zero-d...
Pharmaceutical giant Cencora says data was stolen in a cyberattack
News

Pharmaceutical giant Cencora says data was stolen in a cyberattack

Big Pharma company Cencora claims to have been the victim of a hack in which criminals took information from company IT systems. Cencora, formerly AmerisourceBergen, is a pharmaceutical services company that offers drug delivery and solutions to veterinarians, doctors' offices, and pharmacies. In fiscal year 2023, the company brought in $262.2 billion, and it employed about 46,000 people.Cencora revealed they were the victim of a hack that resulted in data theft in a Form 8-K filing with the SEC. According to the SEC filing, Cencora, Inc. (the "Company") discovered on February 21, 2024, that data from its computer systems had been exfiltrated, some of which might contain personal information.Cencora claims to have contained the situation and is currently conducting an investigati...
Russian hackers hijack Ubiquiti routers to launch stealthy attacks
News

Russian hackers hijack Ubiquiti routers to launch stealthy attacks

In a joint alert released with the NSA, the U.S. Cyber Command, and international partners, the FBI claims that Russian military hackers are avoiding detection by utilizing compromised Ubiquiti EdgeRouters. These widely used and compromised routers are being used by Military Unit 26165 cyberspies, who are affiliated with Russia's Main Intelligence Directorate of the General Staff (GRU) and are being tracked as APT28 and Fancy Bear. They are utilizing these routers to create massive botnets that aid in credential theft, NTLMv2 digest collection, and the proxing of malicious traffic. In addition, they host phishing landing sites and customized tools for covert cyber operations aimed at governments, military forces, and other international organizations. The joint advise cautions th...
LabHost cybercrime service lets anyone phish Canadian bank users
News

LabHost cybercrime service lets anyone phish Canadian bank users

Cybercriminals have started using the Phishing as a Service (PhaaS) platform 'LabHost' to target banks in North America, especially financial institutions in Canada. This has resulted in a noticeable spike in activity. For a monthly membership fee, PhaaS systems offer cybercriminals readymade phishing kits, email content generation, campaign overview services, and hosting infrastructure for the pages. Although LabHost is not a new supplier, its popularity increased in the first half of 2023 when it introduced personalized phishing kits for Canadian banks. After the cybercriminal's actions, Fortra says that LabHost is now the main engine behind the majority of phishing assaults directed at Canadian bank customers surpassing Frappo read more LabHost cybercrime service lets anyone p...
WordPress LiteSpeed Plugin Vulnerability Puts 5 Million Sites at Risk
News

WordPress LiteSpeed Plugin Vulnerability Puts 5 Million Sites at Risk

It has been discovered that the WordPress plugin LiteSpeed Cache contains a security flaw that could allow unauthorized users to elevate their privileges. The issue, which was tracked as CVE-2023-40000, was fixed in version 5.7.0.1 released in October 2023. According to Patchstack researcher Rafie Muhammad, this plugin has an unauthenticated site-wide stored [cross-site scripting] vulnerability that could enable any unauthenticated user to steal sensitive data and use it to escalate privileges on the WordPress website with just one HTTP request. More than five million people have installed LiteSpeed Cache, a tool for enhancing website performance read more WordPress LiteSpeed Plugin Vulnerability Puts 5 Million Sites at Risk. Get up to date on the latest cybersecurity news and...
New Hugging Face Vulnerability Exposes AI Models to Supply Chain Attacks
News

New Hugging Face Vulnerability Exposes AI Models to Supply Chain Attacks

Researchers studying cybersecurity have discovered that it is feasible to breach the Hugging Face Safetensors conversion service, which might lead to supply chain attacks and the eventual theft of user-submitted models. According to a research released by HiddenLayer last week, it is possible to submit malicious pull requests containing data controlled by the attacker from the Hugging Face service to any repository on the platform. Additionally, any models submitted through the conversion service can be hijacked. Malicious actors can thus request changes to any repository on the platform by posing as the conversion bot, all thanks to a hijacked model that is intended to be converted by the service read more New Hugging Face Vulnerability Exposes AI Models to Supply Chain Attacks. ...
WordPress Plugin Alert – Critical SQLi Vulnerability Threatens 200K+ Websites
News

WordPress Plugin Alert – Critical SQLi Vulnerability Threatens 200K+ Websites

With over 200,000 active installs, the well-known WordPress plugin Ultimate Member has a serious security problem that has come to light. With a maximum score of 10, the vulnerability, identified as CVE-2024-1071, has a CVSS score of 9.8. It is acknowledged that security researcher Christiaan Swiers found and reported the vulnerability. Wordfence, a WordPress security company, stated in a warning released last week that the plugin is susceptible to SQL Injection via the'sorting' parameter in versions 2.1.3 to 2.8.2 because there is inadequate escaping on the user-supplied parameter and inadequate preparation on the current SQL query. Therefore, the vulnerability might be used by unauthenticated attackers to append more SQL queries to already existing read more WordPress Plugin Al...