The Information Highway

The Information Highway

all things technology risk and cybersecurity

QR codes bypass browser isolation for malicious C2 communication

Hacker-headpic

Mandiant has identified a novel method to bypass browser isolation technology and achieve command-and-control operations through QR codes.

Continue reading
  138 Hits

FBI shares tips on how to tackle AI-powered fraud schemes

evil-hacker-ai

The FBI warns that scammers are increasingly using artificial intelligence to improve the quality and effectiveness of their online fraud schemes, ranging from romance and investment scams to job hiring schemes.

Continue reading
  125 Hits

BT unit took servers offline after Black Basta ransomware breach

BT-Group

Multinational telecommunications giant BT Group (formerly British Telecom) has confirmed that its BT Conferencing business division shut down some of its servers following a Black Basta ransomware breach.

Continue reading
  103 Hits

RomCom exploits vulnerabilities

Threat-Advisory-Banner3

Threat update

Recent reports have uncovered that a threat actor known as RomCom has been exploiting two zero-day vulnerabilities, one in Mozilla Firefox and another in Microsoft Windows, to deploy their proprietary backdoor malware. These vulnerabilities, CVE-2024-9680 and CVE-2024-49039, have been actively targeted in attacks across Europe and North America. Continue reading this Cybersecurity Threat Advisory to learn how to defend against RomCom. 

Continue reading
  99 Hits

7-Zip vulnerability

Threat-Advisory-Banner3

Threat update

A security vulnerability in 7-Zip allows remote attackers to bypass defenses and execute malicious code via specially crafted archives. Read this Cybersecurity Threat Advisory to learn how to mitigate your risk from this new threat. 

Continue reading
  95 Hits

Kemp LoadMaster and VMware vCenter vulnerabilities

Threat-Advisory-Banner3

Threat update

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added critical vulnerabilities in Progress Kemp LoadMaster (CVE-2024-1212) and VMware vCenter Server (CVE-2024-38812, CVE-2024-38813) to its Known Exploited Vulnerabilities (KEV) catalog. These vulnerabilities allow attackers to execute arbitrary commands, gain remote code execution (RCE), and escalate privileges. Continue reading this Cybersecurity Threat Advisory to reduce your risk of exploitation from these vulnerabilities. 

Continue reading
  108 Hits

New malware loader – BabbleLoader

Threat-Advisory-Banner3

Threat update

BabbleLoader is a newly identified malware loader designed for delivering information-stealing payloads such as WhiteSnake and Meduza. It demonstrates sophisticated evasion techniques that challenge both traditional antivirus solutions and modern AI-driven detection systems. Read this Cybersecurity Threat Advisory to learn how to protect against this cutting-edge malware loader. 

Continue reading
  117 Hits

Phishing campaign spreading Remcos RAT malware

Threat-Advisory-Banner3

Threat update

A new phishing campaign spreading a fileless variant of Remcos RAT malware has been discovered. Read below to learn how this could impact your organization.

Continue reading
  210 Hits

Palo Alto PAN-OS RCE vulnerability

Threat-Advisory-Banner3

Threat update

A threat advisory was issued to Palo Alto customers notifying them of a vulnerability in the PAN-OS interface that can lead to remote code execution (RCE).

Continue reading
  187 Hits

Critical Veeam RCE bug now used in Frag ransomware attacks

Veeam

After being used in Akira and Fog ransomware attacks, a critical Veeam Backup & Replication (VBR) security flaw was also recently exploited to deploy Frag ransomware.

Continue reading
  181 Hits

D-Link won’t fix critical flaw affecting 60,000 older NAS devices

D-Link-headpic

More than 60,000 D-Link network-attached storage devices that have reached end-of-life are vulnerable to a command injection vulnerability with a publicly available exploit.

Continue reading
  286 Hits

Unpatched Mazda Connect bugs let hackers install persistent malware

headpi_20241109-194606_1

Attackers could exploit several vulnerabilities in the Mazda Connect infotainment unit, present in multiple car models including Mazda 3 (2014-2021), to execute arbitrary code with root permission. 

Continue reading
  313 Hits

Palo Alto Networks warns of potential PAN-OS RCE vulnerability

Palo-Alto-Networks

 Today, cybersecurity company Palo Alto Networks warned customers to restrict access to their next-generation firewalls because of a potential remote code execution vulnerability in the PAN-OS management interface.

Continue reading
  245 Hits

Vulnerabilities found in Microsoft Azure AI

Threat-Advisory-Banner3

Threat update

Significant vulnerabilities in Microsoft's Azure AI Content Safety services have been discovered. These vulnerabilities enable attackers to bypass safeguards and deploy harmful AI-generated content.

Continue reading
  160 Hits

Zero-click flaw in Synology NAS devices

Threat-Advisory-Banner3

Threat update

Synology, network-attached storage (NAS) maker, addressed critical security vulnerability, CVE-2024-10443, which impacts their DiskStation and BeePhotos applications. This is an unauthenticated vulnerability that can allow attackers to obtain root-level code execution on Synology NAS devices.

Continue reading
  140 Hits

Google's mysterious 'search.app' links leave Android users concerned

Google_headpi_20241109-201732_1

Google has left Android users puzzled after the most recent update to the Google mobile app causes links shared from the app to now be prepended with a mysterious "search.app" domain.

Continue reading
  101 Hits

Malicious PyPI Package 'Fabrice' Found Stealing AWS Keys from Thousands of Developers

aw_20241109-185929_1

Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) that has racked up thousands of downloads for over three years while stealthily exfiltrating developers' Amazon Web Services (AWS) credentials.

Continue reading
  192 Hits

HPE warns of critical RCE flaws in Aruba Networking access points

HPE

Hewlett Packard Enterprise (HPE) released updates for Instant AOS-8 and AOS-10 software to address two critical vulnerabilities in Aruba Networking Access Points.. 

Continue reading
  228 Hits

Google Cloud to Enforce Multi-Factor Authentication by 2025 for All Users

clou_20241109-185203_1

Google's cloud division has announced that it will enforce mandatory multi-factor authentication (MFA) for all users by the end of 2025 as part of its efforts to improve account security.

Continue reading
  145 Hits

Vulnerabilities found in Microsoft Azure AI

Threat-Advisory-Banner3

Threat update

Significant vulnerabilities in Microsoft's Azure AI Content Safety services have been discovered. These vulnerabilities enable attackers to bypass safeguards and deploy harmful AI-generated content. Continue reading this Cybersecurity Threat Advisory to learn the implications of these flaws and which security measures to implement to protect your organization.

Continue reading
  131 Hits

Top Breaches Of 2023

Customers Affected In T-Mobile Breach
Accounts Affected In MOVEit Breach
Customers Affected In MCNA Insurance Data Breach
Individuals Affected In PharMerica Data Breach
Users Affected In ChatGPT Major Data Breach
*Founder Shield End of Year 2023