Qualcomm has released security patches for a zero-day vulnerability in the Digital Signal Processor (DSP) service that impacts dozens of chipsets. The security flaw (CVE-2024-43047) was reported by Google Project Zero’s Seth Jenkins and Amnesty International Security Lab’s Conghui Wang, and it is caused by a use-after-free weakness that can lead to memory corruption when […]
āUkrainian nationalĀ Mark Sokolovsky has pleaded guilty to hisĀ involvement in the Raccoon Stealer malware cybercrime operation. Sokolovsky and his conspirators distributed Raccoon Stealer under a MaaS (malware-as-a-service) model, allowing threat actors to rent it for $75 per week or $200 monthly. The malware stealsĀ a wide range of information from infected devices, including stored browser credentials and […]
On Friday night, cryptocurrency scammers briefly hacked the LEGO website to promote a fake Lego token that could be purchased with Ethereum. During the breach, the hacker replaced the main banner for the official LEGO website with an image showing crypto tokens branded with the “LEGO” logo and text stating, “Our new LEGO Coin is […]
Nuclear waste processing facility Sellafield has been fined Ā£332,500 ($440k) by the Office for Nuclear Regulation (ONR) for failing to adhere to cybersecurity standards and putting sensitive nuclear information at risk over four years, from 2019 to 2023. According to the ONR announcement, Sellafield failed to follow its own approved cybersecurity protocols by leaving multiple […]
Canadian video game developer Red Barrels is warning that the development of its Outlast games will likely be delayed after the company suffered a cyberattack impacting its internal IT systems and data. Although the statement emphasizes that the attack has not affected player data, the production timeline has been impacted. “The Red Barrels team regrets […]
Over the weekend, Google removed Kaspersky’s Android security apps from the Google Play store and disabled the Russian company’s developer accounts. Users have been reporting over the last week that Kaspersky’s products (including Kaspersky Endpoint Security and VPN & Antivirus by Kaspersky) are no longer available on Google Play in the United States and other world regions. Kaspersky confirmed the issue on the company’s official forums on […]
Russian law enforcement detained almost 100 suspects linked to the Cryptex cryptocurrency exchange, the UAPS anonymous payment service, and 33 other online services and platforms used to make illegal payments and sell stolen credentials. Following 148 raids, 96 individuals were arrested and charged with organizing and participating in a criminal organization, unlawful access to computer […]
On Thursday, K-12 school district Highline Public Schools confirmed that a ransomware attack forced it to shut down all schools in early September. Highline Public Schools has over 2,000 staff members and offers programs ranging from early childhood education to college preparation. It serves over 17,500 students across 34 schools in the Burien, Des Moines, […]
A recently disclosed vulnerability in the Common Unix Printing System (CUPS) open-source printing system can be exploited by threat actors to launch distributed denial-of-service (DDoS) attacks with a 600x amplification factor. As Akamai security researchers found, a CVE-2024-47176 security flaw in the cups-browsed daemon that can be chained with three other bugsĀ to gain remote code execution […]
During a distributed denial-of-service campaign targeting organizations in the financial services, internet, and telecommunications sectors, volumetric attacks peaked at 3.8 terabits per second, the largest publicly recorded to date. The assault consisted of a āmonth-longā barrage of more than 100 hyper-volumetric DDoS attacks flooding the network infrastructure with garbage data. In a volumetric DDoS attack, […]
