Cybersecurity

There’s a direct correlation between the surge in crypto prices and the likelihood of your devices getting infected with malware.

#malware #cybersecurity #device #crypto #USB

https://cnews.link/crypto-boom-malware-surge-1/

CISA warns that threat actors are exploiting two newly disclosed Microsoft zero-day vulnerabilities and urges immediate patching.

#cybersecurity #CISA #Microsoft #cybercrime #patch

https://cnews.link/microsoft-patches-new-windows-zero-days-3/

"In the nascent field of AI hacking, indirect prompt injection has become a basic building block for inducing chatbots to exfiltrate sensitive data or perform other malicious actions. Developers of platforms such as Google's Gemini and OpenAI's ChatGPT are generally good at plugging these security holes, but hackers keep finding new ways to poke through them again and again.

On Monday, researcher Johann Rehberger demonstrated a new way to override prompt injection defenses Google developers have built into Gemini—specifically, defenses that restrict the invocation of Google Workspace or other sensitive tools when processing untrusted data, such as incoming emails or shared documents. The result of Rehberger’s attack is the permanent planting of long-term memories that will be present in all future sessions, opening the potential for the chatbot to act on false information or instructions in perpetuity."

https://arstechnica.com/security/2025/02/new-hack-uses-prompt-injection-to-corrupt-geminis-long-term-memory/

#AI #GenerativeAI #CyberSecurity #PromptEngineering #Gemini #Google #PromptInjection

"Another person who was allegedly targeted on WhatsApp with spyware made by Israeli company Paragon has come forward.

Beppe Caccia, one of the co-founders of Mediterranea Saving Humans, an Italian non-government organization that helps immigrants, told TechCrunch that he had been targeted by the spyware campaign.

Caccia disclosed he was targeted after another one of his organization’s co-founders, Luca Casarini, said publicly last week that he had also received a notification from WhatsApp alerting him to the suspected spyware attack.

On Monday, during a press conference organized by Sandro Ruotolo, an Italian member of the European Parliament, Casarini said that he filed a complaint with the Prosecutor’s Office in Palermo, Italy, regarding the alleged hack. Casarini said his goal was to find out who targeted him and his organization.

“We don’t have anything to hide. Those who spy have a lot to hide,” said Casarini.
(...)
In the same press release, the Italian government said that Meta told it there were other targets in Austria, Belgium, Cyprus, Czech Republic, Denmark, Germany, Greece, Latvia, Lithuania, the Netherlands, Portugal, Spain, and Sweden."

https://techcrunch.com/2025/02/11/another-person-targeted-by-paragon-spyware-comes-forward/

#CyberSecurity #Spyware #Paragon #WhatsApp #SocialMedia

The US joined Australia and Britain in sanctioning Russia-based Zservers for aiding Lockbit ransomware, the Treasury announced.

#US #Australia #Russia #ransomware #CyberSecurity #cybercrime

https://cnews.link/lockbit-hosting-zservers-sanctioned-treasury-4/

▪ @cybernews@infosec.exchange research ▪ Hipshipper, an international shipping platform, exposed millions of shipping labels with customer data.

#cybersecurity #DataSecurity #dataprivacy #shipping #data

https://cnews.link/hipshipper-data-leak-exposed-shipping-records-3/

"On Monday, Apple released updates for its mobile operating systems for iOS and iPadOS, which fixed a flaw that the company said “may have been exploited in an extremely sophisticated attack against specific targeted individuals.”

In the release notes for iOS 18.3.1 and iPadOS 18.3.1, the company said the vulnerability allowed the disabling of USB Restricted Mode “on a locked device.” Introduced in 2018, USB Restricted Mode is a security feature that blocks the ability for an iPhone or iPad to send data over a USB connection if the device isn’t unlocked for seven days. Last year, Apple released another security feature that reboots devices if they are not unlocked for 72 hours, making it harder for law enforcement or criminals using forensic tools to access data on those devices.

Based on its language used in its security update, Apple hints that the attacks were most likely carried out with physical control of a person’s device, meaning whoever was abusing this flaw had to connect to the person’s Apple devices with a forensics device like Cellebrite or Graykey, two systems that allow law enforcement to unlock and access data stored on iPhones and other devices.

The vulnerability was discovered by Bill Marczak, a senior researcher at the Citizen Lab, a University of Toronto group that investigates cyberattacks against civil society."

https://techcrunch.com/2025/02/10/apple-fixes-iphone-and-ipad-bug-used-in-an-extremely-sophisticated-attack/

#CyberSecurity #Apple #iPhone #iOS #iPadOS #iPad

#Nordnet - nordic digital platform for savings and investments - had an issue where people could see each others information. The website has been taken down for now.

https://www.nordnet.fi/

#infosec #infosecurity #cybersecurity #privacy

"The nation’s payment system has historically been operated by a very small group of nonpartisan career civil servants. In recent days, that norm has been upended, and the roles of these nonpartisan officials have been compromised by political actors from the so-called Department of Government Efficiency. One has been appointed fiscal assistant secretary — a post that for the prior eight decades had been reserved exclusively for civil servants to ensure impartiality and public confidence in the handling and payment of federal funds.

These political actors have not been subject to the same rigorous ethics rules as civil servants, and one has explicitly retained his role in a private company, creating at best the appearance of financial conflicts of interest. They lack training and experience to handle private, personal data — like Social Security numbers and bank account information. Their power subjects America’s payments system and the highly sensitive data within it to the risk of exposure, potentially to our adversaries. And our critical infrastructure is at risk of failure if the code that underwrites it is not handled with due care. That is why a federal judge this past weekend blocked, at least temporarily, these individuals from the Treasury’s payments system, noting the risk of “irreparable harm.”"

https://www.nytimes.com/2025/02/10/opinion/treasure-secretaries-doge-musk.html

#USA #DOGE #Musk #FederalTreasury #USTreasury #USConstitution #Cybersecurity #Privacy #DataProtection

Alleged members of the 8Base ransomware group have been arrested in Thailand.

#cybersecurity #cybercrime #ransomware #Thailand #arrest

https://cnews.link/8base-ransomware-gang-members-arrested-servers-seized-thailand-1/

Safer Internet Day: Mythen zur E-Mail-Sicherheit entlarvt! 🔒
E-Mails sind Alltag – aber wie sicher sind sie wirklich? Viele Irrtümer helfen Cyberkriminellen!

❓ Ist das Öffnen einer E-Mail harmlos?
❓ Bringt der „Abbestellen“-Link wirklich etwas?
🚨 Tipp: Deaktiviert HTML & externes Laden, prüft Links genau!
#SaferInternetDay #CyberSecurity

Russia is swiftly isolating its internet, with over two-thirds of discoverable services vanishing behind the ‘Great Firewall’ in under six months.

#Russia #CyberSecurity #internet #IP

https://cnews.link/russia-disappearing-from-the-internet-cyberwarfare-1/

The Shadowserver Foundation is warning of an alarming surge in brute force login attacks targeting web logins for multiple network devices.

#CyberSecurity #cyberattacks #logins #Networking #infosec

https://cnews.link/over-2-million-ips-attacking-edge-network-devices-1/

"The Washington Post reported that the United Kingdom is demanding that Apple create an encryption backdoor to give the government access to end-to-end encrypted data in iCloud. Encryption is one of the best ways we have to reclaim our privacy and security in a digital world filled with cyberattacks and security breaches, and there’s no way to weaken it in order to only provide access to the “good guys.” We call on Apple to resist this attempt to undermine the right to private spaces and communications.

As reported, the British government’s undisclosed order was issued last month, and requires the capability to view all encrypted material in iCloud. The core target is Apple’s Advanced Data Protection, which is an optional feature that turns on end-to-end encryption for backups and other data stored in iCloud, making it so that even Apple cannot access that information. For a long time, iCloud backups were a loophole for law enforcement to gain access to data otherwise not available to them on iPhones with device encryption enabled. That loophole still exists for anyone who doesn’t opt in to using Advanced Data Protection. If Apple does comply, users should consider disabling iCloud backups entirely. Perhaps most concerning, the U.K. is apparently seeking a backdoor into users’ data regardless of where they are or what citizenship they have."

https://www.eff.org/deeplinks/2025/02/uks-demands-apple-break-encryption-emergency-us-all

#CyberSecurity #UK #Privacy #Encryption #Apple #iCloud

With Super Bowl LIX just around the corner, security insiders are warning millions of gambling football fans.

#SuperBowlLIX #NFL #sports #gambling #AI #cybersecurity

https://cnews.link/super-bowl-online-betting-site-security-3/

"Members of Elon Musk’s Department of Government Efficiency (DOGE) team have had access to the US Treasury Department’s payment systems for over a week. On Thursday, the threat intelligence team at one of the department's agencies recommended that DOGE members be monitored as an “insider threat.”

Sources say members of the Bureau of the Fiscal Service’s IT division and others received an email detailing these concerns.

“There is ongoing litigation, congressional legislation, and widespread protests relating to DOGE’s access to Treasury and the Bureau of the Fiscal Service,” reads a section of the email titled “Recommendations,” reviewed by WIRED. “If DOGE members have any access to payment systems, we recommend suspending that access immediately and conducting a comprehensive review of all actions they may have taken on these systems.”"

https://www.wired.com/story/treasury-bfs-doge-insider-threat/?amp%3Butm_social-type=owned&amp%3Butm_source=twitter&amp%3Bmbid=social_twitter&amp%3Butm_medium=social

#USA #Musk #DOGE #CyberSecurity #InsiderThreat #USTreasury

A Russian threat actor has posted for sale the alleged login account credentials for 20 million OpenAI ChatGPT accounts.

#cybersecurity #ChatGPT #OpenAI #DataSecurity #dataprivacy #cybercrime

https://cnews.link/chatgpt-20-million-openai-account-logins-for-sale-breachforums-3/

“Whoever dominates space will, ultimately, dominate Earth.” And cyberattacks will play a decisive role in who wins the second space race.

#Earth #cybersecurity #datasecurity #dataprivacy #cyberattacks

https://cnews.link/cyberattacks-in-space-1/

Im Rahmen des Projektes "Codeanalyse von Open Source Software" (CAOS 3.0) haben wir die Open-Source-Kollaborationssoftware #Nextcloud auf ihre Sicherheitseigenschaften überprüft. Dabei wurden mehrere Schwachstellen entdeckt. Die Entwicklerinnen und Entwickler haben wir über die Sicherheitslücken informiert und sie haben auf die Probleme bereits reagiert.

Mehr Infos dazu 👉 https://www.bsi.bund.de/dok/1136652

#CAOS #BSI #Cybersecurity #IT-Sicherheit #OpenSource

"Paragon Solutions, whose military-grade hacking software was allegedly used to target 90 people, including journalists and members of civil society, in two dozen countries, has terminated its client relationship with Italy, according a person familiar with the matter.

The decision to terminate the contract comes less than one week after WhatsApp announced that Paragon’s spyware had been used to target dozens of people. Like other spyware vendors, Paragon sells its cyberweapon to government clients who are supposed to use it to prevent crime. It remains unclear who the specific government clients were behind the alleged attacks.

The decision to end the Italy contract followed revelations that an Italian investigative journalist and two activists who were critical of Italy’s dealings with Libya were among the people who had had been targeted with the spyware. The work of all three individuals has been critical of Italian prime minister Giorgia Meloni’s rightwing government.

Responding to the allegations of involvement late on Wednesday, Meloni’s office denied that domestic intelligence services or the government were behind the alleged breaches."

https://www.theguardian.com/technology/2025/feb/06/owner-of-spyware-used-in-alleged-whatsapp-breach-ends-contract-with-italy

#CyberSecurity #Spyware #WhatsApp #Paragon #Italy

"It’s time to expand encryption on Android and iPhone. With governments around the world engaging in constant attacks on user’s digital rights and access to the internet, removing glaring and potentially dangerous targets off of people’s backs when they use their mobile phones is more important than ever.

So far we have seen strides for at least keeping messages private on mobile devices with end-to-end encrypted apps like Signal, WhatsApp, and iMessage. Encryption on the web has been widely adopted. We even declared in 2021 that “HTTPS Is Actually Everywhere.” Most web traffic is encrypted and for a website to have a reputable presence with browsers, they have to meet certain requirements that major browsers enforce today. Mechanisms like certificate transparency, Cross-origin resource sharing (CORS) rules, and enforcing HTTPS help prevent malicious activity happening to users every day.

Yet, mobile has always been a different and ever expanding context. You access the internet on mobile devices through more than just the web browser. Mobile applications have more room to spawn network requests in the app without the user ever knowing where and when a request was sent. There is no “URL bar” to see the network request URL for the user to see and check. In some cases, apps have been known to “roll their own” cryptographic processes outside of non-standard encryption practices."

https://www.eff.org/deeplinks/2025/02/closing-gap-encryption-mobile

#CyberSecurity #Encryption #Mobile #Cellphones #VPNs #Privacy

The number of compromised accounts in 2024 surged eightfold compared to the previous year, with nearly half of all breaches concentrated in just three countries.

#databreach #cybersecurity #China #account #datasecurity

https://cnews.link/five-billion-accounts-breached-china-1/

▪ @cybernews@infosec.exchange research ▪ Foh&Boh, a US hiring platform used by KFC, Taco Bell, Hyatt Grand, and others, has exposed millions of applicants’ resumes.

#cv #dataprivacy #datasecurity #US #hiring #cybersecurity

https://cnews.link/foh-boh-hiring-platform-exposed-millions-resumes-3/

"A 25-year-old engineer named Marko Elez, who previously worked for two Elon Musk companies, has direct access to Treasury Department systems responsible for nearly all payments made by the US government, three sources tell WIRED.

Two of those sources say that Elez’s privileges include the ability not just to read but to write code on two of the most sensitive systems in the US government: the Payment Automation Manager and Secure Payment System at the Bureau of the Fiscal Service (BFS). Housed on a secure mainframe, these systems control, on a granular level, government payments that in their totality amount to more than a fifth of the US economy.

Despite reporting that suggests that Musk’s so-called Department of Government Efficiency (DOGE) task force has access to these Treasury systems on a “read-only” level, sources say Elez, who has visited a Kansas City office housing BFS systems, has many administrator-level privileges. Typically, those admin privileges could give someone the power to log in to servers through secure shell access, navigate the entire file system, change user permissions, and delete or modify critical files. That could allow someone to bypass the security measures of, and potentially cause irreversible changes to, the very systems they have access to."

https://www.wired.com/story/elon-musk-associate-bfs-federal-payment-system/

#USA #CyberSecurity #Privacy #DataProtection #BFS #Musk

#cURL doesn't validate SSH host identity if known_hosts file is missing. I think this is a #vulnerability, but the project disagrees. Advisory is here: https://sintonen.fi/advisories/curl-ssh-insufficient-host-identity-verification.txt

#infosec #cybersecurity #nocve