16 Nov, 2024

US dismantles laptop farm used by undercover North Korean IT workers

​​The U.S. Justice Department arrested a Nashville man charged with helping North Korean IT workers obtain remote work at companies across the United States and operating a laptop farm they used to pose as U.S.-based individuals. Matthew Isaac Knoot, 38, helped North Koreans use a stolen identity to pose as Andrew M., a U.S. citizen, […]

3 mins read

Cisco warns of critical RCE zero-days in IP phones

Cisco is warning of multiple critical remote code execution zero-days in the web-based management interface of the end-of-life Small Business SPA 300 and SPA 500 series IP phones. The vendor has not made fixes available for these devices and shared no mitigation tips, so users of those products will have to move to newer and […]

2 mins read

CISA warns about actively exploited Apache OFBiz RCE flaw

The U.S. Cybersecurity & Infrastructure Security Agency is warning of two vulnerabilities exploited in attacks, including a path traversal impacting Apache OFBiz. Apache OFBiz (Open For Business) is a popular open-source enterprise resource planning (ERP) system that provides a suite of business applications to manage various aspects of an organization. Due to its versatility and […]

2 mins read

Exploit released for Cisco SSM bug allowing admin password changes

Cisco warns that exploit code is now available for a maximum severity vulnerability that lets attackers change any user password on unpatched Cisco Smart Software Manager On-Prem (Cisco SSM On-Prem) license servers. As a Cisco Smart Licensing component, Cisco SSM On-Prem helps manage accounts and product licenses on an organization’s environment using a dedicated dashboard […]

2 mins read

CISA warns of hackers abusing Cisco Smart Install feature

​On Thursday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) recommended disabling the legacy Cisco Smart Install (SMI) feature after seeing it abused in recent attacks. CISA has spotted threat actors using this tactic and leveraging other protocols or software to steal sensitive data, such as system configuration files, which prompted an alert advising admins to disable […]

3 mins read

18-year-old security flaw in Firefox and Chrome exploited in attacks

A vulnerability disclosed 18 years ago, dubbed “0.0.0.0 Day”, allows malicious websites to bypass security in Google Chrome, Mozilla Firefox, and Apple Safari and interact with services on a local network. However, it should be noted that this only affects Linux and macOS devices, and does not work on Windows. For impacted devices, threat actors […]

6 mins read

ADT confirms data breach after customer info leaked on hacking forum

American building security giant ADT confirmed it suffered a data breach after threat actors leaked allegedly stolen customer data on a popular hacking forum. ADT is a public American company that specializes in security and smart home solutions for residential and small business customers. The firm employs 14,300 people, has an annual revenue of $4.98 […]

2 mins read

Hacker wipes 13,000 devices after breaching classroom management platform

A hacker has breached Mobile Guardian, a digital classroom management platform used worldwide, and remotely wiped data from at least 13,000 student’s iPads and Chromebooks. Mobile Guardian, a ‘Google for Education’ partner, is a cross-platform (Android, Windows, iOS, ChromeOS, macOS) one-on-one solution for K-12 schools that offers a complete suite of device management, parental monitoring and […]

2 mins read

McLaren hospitals disruption linked to INC ransomware attack

​On Tuesday, IT and phone systems at McLaren Health Care hospitals were disrupted following an attack linked to the INC Ransom ransomware operation. McLaren is a non-profit healthcare system with annual revenues of over $6.5 billion, which operates a network of 13 hospitals across Michigan supported by a team of 640 physicians. It also has […]

3 mins read

Star Wars Jedi: Survivor Coming to PlayStation 4 and Xbox One

Today, Respawn Entertainment has made the announcement that Star Wars Jedi: Survivor will be coming to PlayStation 4 and Xbox One. This title is already available on PlayStation 5 and Xbox Series X|S. For those who may be on the last generation of consoles and have been wanting to try out Star Wars Jedi: Survivor, […]

2 mins read