AMD, Apple, Qualcomm GPUs leak AI data in LeftoverLocals attacks

A new vulnerability dubbed 'LeftoverLocals' affecting graphics processing units from AMD, Apple, Qualcomm, and Imagination Technologies allows retrieving data from the local memory space. [...]

https://www.bleepingcomputer.com/news/security/amd-apple-qualcomm-gpus-leak-ai-data-in-leftoverlocals-attacks/

 iShutdown scripts can help detect iOS spyware on your iPhone

Security researchers found that infections with high-profile spyware Pegasus, Reign, and Predator could be discovered on compromised Apple mobile devices by checking Shutdown.log, a system log file that stores reboot events. [...]

https://www.bleepingcomputer.com/news/security/ishutdown-scripts-can-help-detect-ios-spyware-on-your-iphone/

 CISA pushes federal agencies to patch Citrix RCE within a week

Today, CISA ordered U.S. federal agencies to secure their systems against three recently patched Citrix NetScaler and Google Chrome zero-days actively exploited in attacks. [...]

https://www.bleepingcomputer.com/news/security/cisa-pushes-federal-agencies-to-patch-citrix-rce-within-a-week/

 Bigpanzi botnet infects 170,000 Android TV boxes with malware

A previously unknown cybercrime syndicate named 'Bigpanzi' has been making significant money by infecting Android TV and eCos set-top boxes worldwide since at least 2015. [...]

https://www.bleepingcomputer.com/news/security/bigpanzi-botnet-infects-170-000-android-tv-boxes-with-malware/

 Microsoft: Iranian hackers target researchers with new MediaPl malware

Microsoft says that a group of Iranian-backed state hackers are targeting high-profile employees of research organizations and universities across Europe and the United States in spearphishing attacks pushing new backdoor malware. [...]

https://www.bleepingcomputer.com/news/security/microsoft-iranian-hackers-target-researchers-with-new-mediapl-malware/

 Have I Been Pwned adds 71 million emails from Naz.API stolen account list

Have I Been Pwned has added almost 71 million email addresses associated with stolen accounts in the Naz.API dataset to its data breach notification service. [...]

https://www.bleepingcomputer.com/news/security/have-i-been-pwned-adds-71-million-emails-from-nazapi-stolen-account-list/

 Jira down: Atlassian outage affecting multiple cloud services

Multiple Atlassian Jira products are experiencing an ongoing outage as of this morning. Users of Jira Work management, Jira Software, Jira Service Management and Jira Product Discovery are facing connection issues. [...]

https://www.bleepingcomputer.com/news/technology/jira-down-atlassian-outage-affecting-multiple-cloud-services/

 Docker hosts hacked in ongoing website traffic theft scheme

A new campaign targeting vulnerable Docker services deploys an XMRig miner and the 9hits viewer app on compromised hosts, allowing a dual monetization strategy. [...]

https://www.bleepingcomputer.com/news/security/docker-hosts-hacked-in-ongoing-website-traffic-theft-scheme/

 Google: Russian FSB hackers deploy new Spica backdoor malware

Google says the ColdRiver Russian-backed hacking group is pushing previously unknown backdoor malware using payloads masquerading as a PDF decryption tool. [...]

https://www.bleepingcomputer.com/news/security/google-russian-fsb-hackers-deploy-new-spica-backdoor-malware/

 Credentials are Still King: Leaked Credentials, Data Breaches and Dark Web Markets

Learn how threat actors utilize credentials to break into privileged IT infrastructure to create data breaches and distribute ransomware. [...]

https://www.bleepingcomputer.com/news/security/credentials-are-still-king-leaked-credentials-data-breaches-and-dark-web-markets/

 US govt wants BreachForums admin sentenced to 15 years in prison

The United States government has recommended that Conor Brian Fitzpatrick, the creator and lead administrator of the now-defunct BreachForums hacking forums, receive a sentence of 15 years in prison. [...]

https://www.bleepingcomputer.com/news/security/us-govt-wants-breachforums-admin-sentenced-to-15-years-in-prison/

 Haier hits Home Assistant plugin dev with takedown notice

Appliances giant Haier reportedly issued a takedown notice to a software developer for creating Home Assistant integration plugins for the company's home appliances and releasing them on GitHub. [...]

https://www.bleepingcomputer.com/news/security/haier-hits-home-assistant-plugin-dev-with-takedown-notice/

 Kansas State University cyberattack disrupts IT network and services

Kansas State University (K-State) announced it is managing a cybersecurity incident that has disrupted certain network systems, including VPN, K-State Today emails, and video services on Canvas and Mediasite. [...]

https://www.bleepingcomputer.com/news/security/kansas-state-university-cyberattack-disrupts-it-network-and-services/

 Microsoft tests instant access to Android photos in Windows 11

Microsoft plans to provide Windows 11 users with almost instant access to photos and screenshots they've taken on their Android smartphones. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-tests-instant-access-to-android-photos-in-windows-11/

 CISA: Critical Ivanti auth bypass bug now actively exploited

CISA warns that a critical authentication bypass vulnerability in Ivanti's Endpoint Manager Mobile (EPMM) and MobileIron Core device management software (patched in August 2023) is now under active exploitation. [...]

https://www.bleepingcomputer.com/news/security/cisa-critical-ivanti-auth-bypass-bug-now-actively-exploited/

 TeamViewer abused to breach networks in new ransomware attacks

Ransomware actors are again using TeamViewer to gain initial access to organization endpoints and attempt to deploy encryptors based on the leaked LockBit ransomware builder. [...]

https://www.bleepingcomputer.com/news/security/teamviewer-abused-to-breach-networks-in-new-ransomware-attacks/

 VMware confirms critical vCenter flaw now exploited in attacks

VMware has confirmed that a critical vCenter Server remote code execution vulnerability patched in October is now under active exploitation. [...]

https://www.bleepingcomputer.com/news/security/vmware-confirms-critical-vcenter-flaw-now-exploited-in-attacks/

 Vans, North Face owner says ransomware breach affects 35 million people

VF Corporation, the company behind brands like Vans, Timberland, The North Face, Dickies, and Supreme, said that more than 35 million customers had their personal information stolen in a December ransomware attack. [...]

https://www.bleepingcomputer.com/news/security/vans-north-face-owner-says-ransomware-breach-affects-35-million-people/

 Chinese hackers exploit VMware bug as zero-day for two years

A Chinese hacking group has been exploiting a critical vCenter Server vulnerability (CVE-2023-34048) as a zero-day since at least late 2021. [...]

https://www.bleepingcomputer.com/news/security/chinese-hackers-exploit-vmware-bug-as-zero-day-for-two-years/

 FTC bans one more data broker from selling your location info

The U.S. Federal Trade Commission (FTC) continues to target data brokers, this time in a settlement with InMarket Media, which bans the company from selling Americans' precise location data. [...]

https://www.bleepingcomputer.com/news/security/ftc-bans-one-more-data-broker-from-selling-your-location-info/

 CISA emergency directive: Mitigate Ivanti zero-days immediately

CISA issued this year's first emergency directive ordering Federal Civilian Executive Branch (FCEB) agencies to immediately mitigate two Ivanti Connect Secure and Ivanti Policy Secure zero-day flaws in response to widespread and active exploitation by multiple threat actors. [...]

https://www.bleepingcomputer.com/news/security/cisa-emergency-directive-mitigate-ivanti-zero-days-immediately/