AT&T paid a hacker over $300,000 to delete stolen call records and prove the deletion with a video. The hacker from the ShinyHunters group said that AT&T paid the ransom in May. He gave the address of the cryptocurrency wallet where the payment was sent and the address that received …
Read More »Singapore to stop using one-time passwords for banking in 3 months.
Banks in Singapore are to phase out the use of phishing-prone One-Time Passwords (OTP) in favour of digital tokens for bank account login. OTP was introduced in the 2000s to enhance online security. However, scammers now use advanced tactics like setting up fake bank websites to easily phish for customers’ …
Read More »Apple alerts 98 countries iPhone users of spyware attacks
Apple has warned again iPhone users in 98 countries about potential spyware attacks. This is the second time this year that the company has issued such a warning, after a similar one in April in 92 countries. Apple has been sending notifications regularly since 2021. These notifications have reached users …
Read More »
(CVE-2024-39929)
Critical Exim Vulnerability Impacts 1.5 Million Mail Servers
Censys has warned that more than 1.5 million Exim mail transfer agent (MTA) instances are vulnerable to a critical security issue. This vulnerability allows threat actors to bypass security filters. Exim developers fixed a security flaw, tracked as CVE-2024-39929, impacting versions up to 4.97.1. The vulnerability is caused by not …
Read More »AT&T data breach exposes call logs of 109 million customers
AT&T, an American telecom service provider, has confirmed a data breach. The data approximately 109 million almost all its wireless customers and customers of mobile virtual network operators (MVNOs) who use AT&T’s wireless network was accessed by threat actors. AT&T’s MVNOs include Black Wireless, Boost Infinite, Consumer Cellular, Cricket Wireless, …
Read More »
CVE-2024-5910
Critical Vulnerability Threatens Palo Alto Networks’ Expedition
Palo Alto Networks has issued a critical security advisory outlining numerous vulnerabilities across its product lines, such as PAN-OS, Cortex XDR, and Expedition. These weaknesses vary in severity and potential impact, but collectively present a significant risk to organizations that depend on Palo Alto’s solutions. CVE-2024-5910: Missing Authentication in Expedition …
Read More »Vulnerabilities in GitLab Allows Attackers to Execute Unauthorized Pipelines
GitLab has issued a warning about a serious vulnerability in its GitLab Community and Enterprise editions. This vulnerability allows attackers to execute pipeline jobs as if they were another user. GitLab’s DevSecOps platform is used by more than 30 million registered users, including T-Mobile, Goldman Sachs, Airbus, Lockheed Martin, Nvidia, …
Read More »Adobe Issues Critical Security Patches for Various Products
Adobe released security updates to fix several vulnerabilities in their software. These vulnerabilities could be used by cyber attackers to gain control of a system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply necessary updates: Security Updates Available for Adobe Premiere Pro | APSB24-46: …
Read More »CISA Warns Hacker Use OS Command Injection Vulnerabilities to Compromise Systems
OS command injection vulnerabilities are a preventable type of weakness in software. Manufacturers can eliminate them by taking a secure design approach. Despite efforts, these vulnerabilities still appear, allowing adversaries to exploit them for harm. CISA and FBI are releasing this Alert because of recent well-known attacks that took advantage …
Read More »Pakistan allows spy agency to intercept phone messages, calls
The Pakistan Ministry of Information Technology and Telecommunication has given permission to the Inter-Services Intelligence (ISI) to intercept citizens’ phone communications for national security reasons. Issued on Monday, the ministry’s notification — a copy of which is available with Dawn.com — said that the authorisation was granted to the ISI …
Read More »