"Meta's latest update is a devastating blow to advertisers-what you need to know."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 29 December 2024, 1303 UTC.

Content and Source:  A security compilation from https://feedly.com.

 https://feedly.com/i/collection/content/user/f401222a-bca6-4c45-9cc1-183f239e8d86/category/7737d3c9-5fe2-4b34-8708-85e57085f895

Please check link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Security News Bundle

39

Most popular

Meta's latest update is a devastating blow to advertisers - what you need to know

ZDNet | Security / 1h

American small businesses could struggle as Meta's latest update changes the advertising landscape. Here's how to pivot your efforts to thrive instead.

Cybersecurity firm's Chrome extension hijacked to steal users' data

2 TTPs

•

100+BleepingComputer / 1d

•

Cyberhaven Chrome extension compromised attack

At least five Chrome extensions were compromised in a coordinated attack where a threat actor injected code that steals sensitive information from users. [...]

North Korean Hackers Deploy OtterCookie Malware in Contagious Interview Campaign

OtterCookie malware targets developers' jobs

•

100The Hacker News / 1d

North Korean threat actors behind the ongoing Contagious Interview campaign have been observed dropping a new JavaScript malware called OtterCookie. Contagious Interview (aka DeceptiveDevelopment) refers to a persistent attack campaign that employs social engineering lures, with the hacking crew often posing as recruiters to trick individuals looking for potential job opportunities into

Today

This Asus laptop is my go-to MacBook alternative - and it's on sale at Best Buy

ZDNet | Security / 30min

Asus' ROG Zephyrus G14 resembles a MacBook, but the OLED display and hardware make for a well-rounded machine that stands out.

I invested in a subscription-less video doorbell, and it's paying off for my smart home

ZDNet | Security / 58min

The Eufy Security E340 dual-camera video doorbell can help protect deliveries from porch pirates with no monthly fees required.

Yesterday

Hackers steal ZAGG customers' credit cards in third-party breach

Zagg credit card data breach

•

36BleepingComputer / 16h

ZAGG Inc. is informing customers that their credit card data has been exposed to unauthorized individuals after hackers compromised a third-party application provided by the company's e-commerce provider, BigCommerce. [...]

Pro-Russia group NoName targeted the websites of Italian airports

2 TTPs

•

Security Affairs / 19h

•

Pro-Russian cyberattacks target Italy's

Pro-Russia group NoName057 targets Italian sites, including Malpensa and Linate airports, in a new DDoS campaign amid rising geopolitical tensions. The pro-Russia group NoName57 continues its campaign of DDoS attacks against Italian infrastructure. This time, the group of alleged hacktivists targeted multiple websites, include the sites of Malpensa and Linate airports, as well as the site of the

Customer data from 800,000 electric cars and owners exposed online

VW data breach exposes 800000 EVs

•

39BleepingComputer / 20h

Volkswagen's automotive software company, Cariad, exposed data collected from around 800,000 electric cars. The info could be linked to drivers' names and reveal precise vehicle locations. [...]

Wiping your Android phone? Here's the easiest way to erase all personal data

ZDNet | Security / 23h

Before you sell or trash your old Android phone, you should properly delete all sensitive information. Here's the best (and simplest) way to do it.

How cops taking down LockBit, ALPHV led to RansomHub's meteoric rise

The Register – Security / 1d

Cut off one head, two more grow back in its place RansomHub, the ransomware collective that emerged earlier this year, quickly gained momentum, outpacing its criminal colleagues and hitting its victims especially hard. The group named and shamed hundreds of organizations on its leak site, while demanding exorbitant payments across various industries.…

How to blur your house on Google Street View (and 4 reasons why people do it)

ZDNet | Security / 1d

Blurring your house on Street View isn't just about privacy. Here's why it's become a trend and what to know before you try it.

Dec 27, 2024

North Korea actors use OtterCookie malware in Contagious Interview campaign

6 TTPs

•

Security Affairs / 1d

•

OtterCookie malware targets developers' jobs

North Korea-linked threat actors are using the OtterCookie backdoor to target software developers with fake job offers. North Korea-linked threat actors were spotted using new malware called OtterCookie as part of the Contagious Interview campaign that targets software developer community with fake job offers. The Contagious Interview campaign was first detailed by Palo Alto Networks researchers

15,000+ Four-Faith Routers Exposed to New Exploit Due to Default Credentials

IoC > 1 IP

•

83The Hacker News / 1d

•

5 TTPs

A high-severity flaw impacting select Four-Faith routers has come under active exploitation in the wild, according to new findings from VulnCheck. The vulnerability, tracked as CVE-2024-12856 (CVSS score: 7.2), has been described as an operating system (OS) command injection bug affecting router models F3x24 and F3x36. The severity of the shortcoming is lower due to the fact that it only works

Samsung's next-gen Galaxy Ring 2 may launch at Unpacked next month

Samsung to unveil Galaxy Ring 2

•

ZDNet | Security / 1d

Oura, your competition is coming in hot - here's what we know.

White House links ninth telecom breach to Chinese hackers

Ninth US telecom firm hacked

•

55BleepingComputer / 1d

A White House official has added a ninth U.S. telecommunications company to the list of telecoms breached in a Chinese hacking campaign that impacted dozens of countries. [...]

New wearable data could lead to early diagnosis of fertility issues - without needles

ZDNet | Security / 1d

Can a fitness band detect menstrual irregularities?

AI data centers are becoming 'mind-blowingly large'

26ZDNet | Security / 1d

Clusters of GPU chips in coming years will have to connect over distances longer than a mile, says the CEO of this fiber-optics firm.

The best floodlight and security camera combo I've tested is $70 off

ZDNet | Security / 1d

I've had the Eufy Security Floodlight Cam E340 surveilling my house for months, and I can't recommend it enough, especially at only $150.

I replaced my iPhone 16 Pro Max with this pocket camera for video shooting - and can't go back

ZDNet | Security / 1d

The DJI Osmo Pocket 3 has become a mainstay in my work and travel essentials - and I don't expect that to change soon.

OpenAI's o3 isn't AGI yet but it just did something no other AI has done

OpenAI O3 achieves ARC-AGI breakthrough

•

20ZDNet | Security / 1d

The new AI model 'is doing something completely different from the GPT series.'

Microsoft adds another problem to the Windows 11 24H2 naughty list

Windows 11 24H2 update issues

•

The Register – Security / 1d

Santa Satya pops one more issue into his sack just in time for Christmas The trickle of known issues with Windows 11 24H2 has continued with a new one just in time for festive season: installed the operating system using removable media? There's a chance it might stop receiving security updates.…

Is free Apple TV+ on the way? The streaming service is teasing something for next weekend

Apple Watch motivates fitness goals

•

ZDNet | Security / 1d

You might have the chance to test-drive Apple's streaming service for free soon.

AI isn't the next big thing - here's what is

33ZDNet | Security / 1d

Here's what you should be focusing on instead.

Hackers exploit DoS flaw to disable Palo Alto Networks firewalls

5 TTPs

•

92BleepingComputer / 1d

Palo Alto Networks is warning that hackers are exploiting the CVE-2024-3393 denial of service vulnerability to disable firewall protections by forcing it to reboot. [...]

I've been testing the giant Echo Show 21 for weeks - here's who should buy it (and who shouldn't)

ZDNet | Security / 1d

Is the enormous Echo Show 21 Amazon's best smart display or its biggest missed opportunity? Here's what I think.

Hackers Are Hot for Water Utilities

2 TTPs

•

Dark Reading / 1d

The US water sector suffered a stream of cyberattacks over the past year and half, from a mix of cybercriminals, hacktivists, and nation-state hacking teams. Here's how the industry and ICS/OT security experts are working to better secure vulnerable drinking and wastewater utilities.

Defining & Defying Cybersecurity Staff Burnout

Dark Reading / 1d

Sometimes it feels like burnout is an inevitable part of working in cybersecurity. But a little bit of knowledge can help you and your staff stay healthy.

Quantum Computing Advances in 2024 Put Security In Spotlight

Quantum computing impacts Bitcoin security

•

Dark Reading / 1d

The work on quantum computing hit some major milestones in 2024, making the path to a workable quantum computer seem closer than ever. Google, Microsoft, and other research efforts hit significant milestones this year, but is the cybersecurity world ready?

Why ethics is becoming AI's biggest challenge

ZDNet | Security / 1d

Teams designing AI should include linguistics and philosophy experts, parents, young people, everyday people with different life experiences from different socio-economic backgrounds.

How managing networks differs on Windows 10 and Linux

ZDNet | Security / 1d

If you're considering leaving the soon-to-sunsetted Windows 10 for Linux, you'll want to know how to manage networks with the open-source operating system.

Experts warn of a surge in activity associated FICORA and Kaiten botnets

IoC > 2 IPs

•

Security Affairs / 2d

•

12 TTPs

•

D-Link routers targeted by botnets

FortiGuard Labs observed increased activity from two botnets, the Mirai variant “FICORA” and the Kaiten variant “CAPSAICIN”. FortiGuard Labs researchers observed a surge in activity associated with two botnets, the Mirai variant “ FICORA ” and the Kaiten variant “CAPSAICIN,” in late 2024. Both botnets target vulnerabilities in D-Link devices, particularly through the HNAP interface, allowing remo

Cloud Atlas Deploys VBCloud Malware: Over 80% of Targets Found in Russia

21 TTPs

•

60The Hacker News / 2d

The threat actor known as Cloud Atlas has been observed using a previously undocumented malware called VBCloud as part of its cyber attack campaigns targeting "several dozen users" in 2024. "Victims get infected via phishing emails containing a malicious document that exploits a vulnerability in the formula editor (CVE-2018-0802) to download and execute malware code," Kaspersky researcher Oleg

Palo Alto Networks fixed a high-severity PAN-OS flaw

2 TTPs

•

Security Affairs / 2d

Palo Alto Networks addressed a high-severity PAN-OS flaw that could trigger denial-of-service (DoS) on vulnerable devices. Palo Alto Networks addressed a high-severity flaw, tracked as CVE-2024-3393 (CVSS score: 8.7), in PAN-OS software that could cause a denial-of-service (DoS) condition. An