SiliconAngle reports that threat actor Matrix has compromised more than 35 million internet-connected devices around the world, most of which were in China and Japan, as part of a massive distributed denial-of-service attack campaign.
Fast cars kill people, Apple 0-Days, memory safety, poisoning the well, babble babble and malware that tries really hard to be stealthy, Palto Alto and Fortinet have some serious new vulnerabilities, open-source isn't free, but neither is commercial software, get on the TPM bus, find URLs with stealth, stealing credentials with more Palto Alto and ...
Using such information to contact organizations with internet-accessible programmable logic controllers resulted in a 34% reduction in PLC exposure in just a month, according to researchers, who noted testing the algorithm on Allen Bradley, Omron, and Wago PLCs.
In the news: Pacific Rim, Linux on Windows for attackers, one of the worst cases of a former employee's retaliation, Zery-Day FOMO, we predicted that, hacking for fun, working hard for no PoC, an LLM that discovers software vulnerabilities, absurd fines, long usernames and Okta, and paying a ransom with dough!
Attacks exploiting the authentication weakness within the 'lighthttpd' server, tracked as CVE-2024-8957, and the insufficient input sanitization bug, tracked as CVE-2024-8957, could enable camera hijacking and bot compromise, as well as further infiltration of devices within the same network.
Iranian cyber operation Emennet Pasargad was noted by the FBI, Department of Treasury, and the Israel National Cyber Directorate to have leveraged updated tradecraft, such as IP camera breaches and generative artificial intelligence, in recent attacks, including its compromise of the Summer Olympics.
Google's cookie encryption drama, Microsoft accusing Google of shady antitrust tactics, AI shenanigans, the rejected Defcon talk and hacking traffic lights, vulnerabilities in Realtek SD card readers, the never-ending debate on quantum computing vs. cryptography, backdoors are not secrets and where we are pushing attackers, firmware leakage, more o...
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
