Security News Bundle

"Ultralytics AI library compromised:  Crypto Miner found in PyPI versions."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 08 December 2024, 0018 UTC.

Content and Source compiled by https://feedly.com.  https://feedly.com/i/collection/content/user/f401222a-bca6-4c45-9cc1-183f239e8d86/category/7737d3c9-5fe2-4b34-8708-85e57085f895

Please check link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Security News Bundle

55

Most popular

Ultralytics AI Library Compromised: Cryptocurrency Miner Found in PyPI Versions
6 TTPs
37The Hacker News 13h
Ultralytics AI model compromised for cryptomining
In yet another software supply chain attack, it has come to light that two versions of a popular Python artificial intelligence (AI) library named ultralytics were compromised to deliver a cryptocurrency miner. The versions, 8.3.41 and 8.3.42, have since been removed from the Python Package Index (PyPI) repository. A subsequently released version has introduced a security fix that "ensures
8Base ransomware group hacked Croatia’s Port of Rijeka
3 TTPs
Security Affairs 4h
Cyberattack hits Port of Rijeka
The 8Base ransomware group attacked Croatia’s Port of Rijeka, stealing sensitive data, including contracts and accounting info. A cyber attack hit the Port of Rijeka in Croatia, the 8Base ransomware group claimed responsibility for the security breach. The Port of Rijeka (Luka Rijeka d.d.), Croatia’s largest dry cargo concessionaire, provides maritime traffic services, port operations, and cargo

Today

Yesterday

Russia’s FSB used spyware against a Russian programmer
Security Affairs 15h
after detaining him for allegedly donating to Ukraine earlier this year. The Federal Security Service (FSB) used spyware to monitor a Russian programmer, Kirill Parubets, after he was detained earlier this year for allegedly donating to Ukraine. Researchers from the First Department and the Citizen Lab discovered that the Russian intelligence agency installed the malware on the programmer’s Andr
Learn How Experts Secure Privileged Accounts—Proven PAS Strategies Webinar
24The Hacker News 15h
Cybercriminals know that privileged accounts are the keys to your kingdom. One compromised account can lead to stolen data, disrupted operations, and massive business losses. Even top organizations struggle to secure privileged accounts. Why? Traditional Privileged Access Management (PAM) solutions often fall short, leaving: Blind spots that limit full visibility. Complex deployment processes.
Hackers Using Fake Video Conferencing Apps to Steal Web3 Professionals' Data
IoC > 1 domain
54The Hacker News 15h
2 TTPs
Meeten malware targets crypto users
Cybersecurity researchers have warned of a new scam campaign that leverages fake video conferencing apps to deliver an information stealer called Realst targeting people working in Web3 under the guise of fake business meetings. "The threat actors behind the malware have set up fake companies using AI to make them increase legitimacy," Cado Security researcher Tara Gould said. "The company
Romania Cancels Presidential Election Results After Alleged Russian Meddling on TikTok
Romania faces Russian election interference
91The Hacker News 15h
In a historic decision, Romania's constitutional court has annulled the result of the first round of voting in the presidential election amid allegations of Russian interference. As a result, the second round vote, which was scheduled for December 8, 2024, will no longer take place. Călin Georgescu, who won the first round, denounced the verdict as an "officialized coup" and an attack on
Romania ’s election systems hit by 85,000 attacks ahead of presidential vote
Romania cancels election after cyberattacks
Security Affairs 23h
Romania ‘s election systems suffered over 85,000 attacks, with leaked credentials posted on a Russian hacker forum before the presidential election. Romania ‘s Intelligence Service revealed that over 85,000 cyberattacks targeted the country’s election systems. Threat actors gained access to credentials for election-related websites, and then leaked them on Russian cybercrime forums a few days bef
New Atrium Health data breach impacts 585,000 individuals
Atrium Health data breach apology
Security Affairs 1d
Atrium Health disclosed a data breach affecting 585,000 individuals to the HHS, potentially linked to the use of online tracking tools. Healthcare company Atrium Health disclosed a data breach that impacted 585,000 individuals. The company notified the US Department of Health and Human Services (HHS). Atrium Health launched an investigation into the security breach and discovered that from Januar
FSB Uses Trojan App to Monitor Russian Programmer Accused of Supporting Ukraine
5 TTPs
35The Hacker News 1d
FSB uses Monokle spyware on activists
A Russian programmer accused of donating money to Ukraine had his Android device secretly implanted with spyware by the Federal Security Service (FSB) after he was detained earlier this year. The findings come as part of a collaborative investigation by First Department and the University of Toronto's Citizen Lab. "The spyware placed on his device allows the operator to track a target device's
Open Source Security Priorities Get a Reshuffle
Census III reveals FOSS usage trends
Dark Reading 1d
The "Census of Free and Open Source Software" report, which identifies the most critical software projects, sees more cloud infrastructure and Python software designated as critical software components.
U.S. CISA adds CyberPanel flaw to its Known Exploited Vulnerabilities catalog
CVE-2024-51378
Security Affairs 1d
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds CyberPanel flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the CyberPanel flaw CVE-2024-51378 (CVSS score: 10.0) to its Known Exploited Vulnerabilities (KEV) catalog . The getresetstatus vulnerability in CyberPanel (before commit 1c0c6cb ) affects dns/views
Researchers Uncover Flaws in Popular Open-Source Machine Learning Frameworks
3 TTPs
25The Hacker News 1d
Cybersecurity researchers have disclosed multiple security flaws impacting open-source machine learning (ML) tools and frameworks such as MLflow, H2O, PyTorch, and MLeap that could pave the way for code execution. The vulnerabilities, discovered by JFrog, are part of a broader collection of 22 security shortcomings the supply chain security company first disclosed last month. Unlike the first

 

Comments

Post a Comment

Please leave a comment about our recent post.

Popular posts from this blog

Cyber War News Today.

Image
"International Defence Cooperation:  A key to regional stability." Views expressed in this cybersecurity, cyber espionage, and cyber crime update are those of the reporters and correspondents.  Accessed on 15 December 2024, 0134 UTC. Content and Source:   https://cyberwar.einnews.com/news/cyber-war-news?n=2&code=FA9GNesSTpp2rjO1&utm_source=NewsletterNews&utm_medium=email&utm_campaign=Cyber+War+News&utm_content=navig Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). Cyber War News Monitoring Get by    Email    •     RSS Published on  Dec 13, 2024 The Cyber Warfare Market Size Reach USD 127.1 Billion by 2032 Exhibiting CAGR at 13.3% WILMINGTON, DE, UNITED STATES, December 13, 2024 /⁨EINPresswire.com⁩/ -- According to the report, The Cyber Warfare Market Size Reach USD 127.1 Billion by 2032 Exhibiting CAGR at 1...
Read more

BleepingComputer.com

Image
"Progress LoadMaster vulnerable to 10/10 severity RCE flaw." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 08 September 2024, 1458 UTC. Content and Source:   https://www.bleepingcomputer.com/ Please check link or scroll down to read your selections. Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). Latest Articles   Security Progress LoadMaster vulnerable to 10/10 severity RCE flaw Progress Software has issued an emergency fix for a maximum (10/10) severity vulnerability impacting its LoadMaster and LoadMaster Multi-Tenant (MT) Hypervisor products that allows attackers to remotely execute commands on the device. Bill Toulas   September 08, 2024   10:11 AM     0   Deals Get started learning about cybersecurity with this course bundle deal Take a real step towards a job in information security with this intro to cybersecurity. Get the 2...
Read more

The Cyberwire Daily Briefing

Image
"Fortinet confirms breach of customer data." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 15 September 2024, 1339 UTC. Content and Source:   https://thecyberwire.com/newsletters/daily-briefing/13/176 Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). V13 | Issue 176 | 9.13.24 Daily Briefing for 09.13.24 Announcement Cloud Security in the Age of Generative AI. Artificial Intelligence is revolutionizing business, but it also introduces new risks. Join us on Wednesday, September 18th at 2pm EDT for a compelling live webinar on "Good vs. Evil: Cloud Security in the Age of Generative AI" with N2K CyberWire’s Dave Bittner and Sysdig’s Loris Degioanni.  Learn more and register now . Summary By the CyberWire staff At a glance. Fortinet confirms breach of customer data. Iran's Scarred Manticore deplo...
Read more