Iran’s Atomic Energy Organisation said Sunday an email server of its subsidiary was hacked in a “foreign” attack aimed at drawing “attention” amid protests over the death of Mahsa Amini.
Iran’s Nuclear Agency Says Email Server Hacked
FBI Warns of Iranian Cyber Firm’s Hack-and-Leak Operations
The Federal Bureau of Investigation on Thursday issued an alert to warn that Iranian cyber group Emennet Pasargad is targeting organizations to steal their data and leak it online.
Data of 3 Million Advocate Aurora Health Patients Exposed via Malformed Pixel
Non-profit healthcare provider Advocate Aurora Health is informing 3 million individuals that a malformed tracking pixel has inadvertently exposed protected health information (PHI) to Facebook or Google.
Text4Shell Vulnerability Exploitation Attempts Started Soon After Disclosure
Exploitation attempts targeting the Apache Commons Text vulnerability tracked as CVE-2022-42889 and Text4Shell started shortly after its disclosure, according to WordPress security company Defiant.
Dozen High-Severity Vulnerabilities Patched in F5 Products
Security and application delivery company F5 has released its October 2022 quarterly security notification, informing customers about a total of 18 vulnerabilities affecting its products.
CISA Tells Organizations to Patch Linux Kernel Vulnerability Exploited by Malware
The US Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a Linux kernel flaw to its Known Exploited Vulnerabilities Catalog and instructed federal agencies to address it within three weeks.
France Slaps Fine on Face Recognition Firm Clearview AI
France on Thursday slapped a 20-million-euro fine on US firm Clearview AI for breaching privacy laws, as pressure mounts on the controversial facial-recognition platform.
Google’s GUAC Open Source Tool Centralizes Software Security Metadata
Google today introduced Graph for Understanding Artifact Composition (GUAC), an open source tool for centralizing build, security, and dependency metadata.
Developed in collaboration with Kusari, Purdue University, and Citi, the new project is meant to help organizations better understand software supply chains.
Password Report: Honeypot Data Shows Bot Attack Trends Against RDP, SSH
An analysis of data collected by Rapid7’s RDP and SSH honeypots between September 10, 2021, and September 9, 2022, found tens of millions of connection attempts. The honeypots captured 215,894 unique IP source addresses and 512,002 unique passwords across RDP and SSH honeypots. Almost all the passwords (99.997%) can be found in rockyou2021.txt.
SIM Swappers Sentenced to Prison for Hacking Accounts, Stealing Cryptocurrency
Two Massachusetts individuals have been sentenced to prison for their roles in a scheme to take over high-profile social media accounts and steal cryptocurrency.
