US Charges Five People Over North Korean IT Worker Scheme

The US has announced charges against five individuals involved in a fake IT workers scheme to funnel funds to North Korea. The post US Charges Five People Over North Korean IT Worker Scheme appeared first on SecurityWeek. Source link

Subaru Starlink Vulnerability Exposed Cars to Remote Hacking

A vulnerability in Subaru’s Starlink connected vehicle service exposed US, Canada, and Japan vehicle and customer accounts. The post Subaru Starlink Vulnerability Exposed Cars to Remote Hacking appeared first on SecurityWeek. Source link

Cloud-targeted attacks conducted by TRIPLESTRENGTH operation

Numerous cloud platforms, including Microsoft Azure, Amazon Web Services, and Google Cloud, have been aimed to be compromised for cryptomining and on-premises ransomware intrusions by the TRIPLESTRENGTH threat operation, The Hacker News reports. TRIPLESTRENGTH leveraged stolen credentials and cookies to infiltrate targeted cloud environments, which were later subjected to cryptomining through the unMIner application and unMineable mining pool, an […]

New Trump AI order pursues new action plan

Under the Trump order, all policies, regulations, and actions related to Biden’s EO must be examined by the administration’s special advisor for AI and crypto and the assistant to the president for science and technology policy in coordination with other agencies. Source link

Enterprise Juniper routers subjected to malware campaign

CyberScoop reports that intrusions involving magic packet-listening malware have been deployed against enterprise Juniper Networks routers for a year beginning mid-2023 as part of the J-Magic attack campaign, which has been aimed at organizations in the manufacturing, semiconductor, IT, and energy sectors, primarily in Europe and South America. Installation of the malware in targeted routers facilitates the deployment […]

More robust BC malware with QBot ties emerges

Installation of the malware in targeted routers facilitates the deployment of a cd00r variant scanning for five network signals, which when received triggers reverse shell creation on the local file system, enabling device takeover, data exfiltration, and additional malware compromise, according to an investigation by Black Lotus Labs researchers. Source link

Most online Exchange Servers vulnerable to ProxyLogon still not remediated

Ninety-one percent of almost 30,000 internet-exposed Microsoft Exchange Server instances impacted by the ProxyLogon flaw leveraged by Chinese state-backed threat operation Salt Typhoon continue to be vulnerable to attacks involving the bug, tracked as CVE-2021-26855, nearly four years after it was patched, reports The Register. Such lagging vulnerability remediation for ProxyLogon significantly contrasts patching activities for a pair […]