breach

the code war

“If you think you know-it-all all about cybersecurity, this discipline was probably ill-explained to you.” ― Stephane Nappo

Cybersecurity News July 26, 2024

BleepingComputer:

  1. TeamViewer Corporate Network Breach: TeamViewer has confirmed a breach of its corporate network, attributed to the Russian state-sponsored group Midnight Blizzard. The company reassured that customer data and the product environment were not compromised. Investigations are ongoing to assess the full impact of the attack. Read more.
  2. Linux Privilege Elevation Flaw Alert: CISA has issued a warning about an actively exploited Linux kernel vulnerability (CVE-2024-1086) that allows local attackers to gain root-level privileges. This flaw affects the netfilter: nf_tables component and has been patched in several stable kernel versions. Read more.

DarkReading:

  1. New Campaign by Earth Lusca: The Earth Lusca threat actor has been targeting high-value entities in government and private sectors globally. This group is known for espionage and financially motivated attacks. Read more.
  2. Critical Flaw in Cisco ASA and FTD Firewalls: The ArcaneDoor hacking group has been exploiting two zero-day vulnerabilities in Cisco ASA and FTD firewalls. These flaws have allowed the deployment of custom malware and backdoors, compromising government networks worldwide. Cisco has released patches to address these vulnerabilities. Read more.

The Hacker News:

  1. Critical Bugs in PJSIP SIP and Media Stack: Five security vulnerabilities have been disclosed in the PJSIP open-source multimedia communication library, which could lead to arbitrary code execution and denial-of-service (DoS). Users are advised to update to the latest patched versions to mitigate these risks. Read more.
  2. Europol Shuts Down VPNLab: Europol has taken down VPNLab.net, a VPN service favored by cybercriminals for deploying ransomware and other cybercrimes. The coordinated law enforcement operation has successfully disrupted this service. Read more.

SecurityWeek:

  1. WazirX Cryptocurrency Exchange Breach: WazirX, a major cryptocurrency exchange, has suffered a security breach leading to the loss of $230 million. The breach was due to vulnerabilities in the platform's infrastructure. Read more.
  2. North Korean Hackers Update Malware: North Korean hackers have updated their BeaverTail malware to target macOS users, expanding their capabilities and reach. This update demonstrates the evolving threat landscape posed by state-sponsored actors. Read more.

Wired:

  1. Impact of CrowdStrike Update Mishap: A faulty update from CrowdStrike has caused significant disruptions, crashing Windows systems globally and impacting numerous businesses. Cybercriminals have exploited this mishap to distribute Remcos RAT malware, further complicating the situation. Read more.

For more detailed information, you can visit BleepingComputer, DarkReading, The Hacker News, SecurityWeek, and Wired.

We use cookies to personalise content and ads, to provide social media features and to analyse our traffic. We also share information about your use of our site with our social media, advertising and analytics partners. View more
Cookies settings
Accept
Decline
Privacy & Cookie policy
Privacy & Cookies policy
Cookie name Active

Who we are

Suggested text: Our website address is: http://breachpr.com.

Comments

Suggested text: When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection. An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

Suggested text: If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Cookies

Suggested text: If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year. If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser. When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select "Remember Me", your login will persist for two weeks. If you log out of your account, the login cookies will be removed. If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Suggested text: Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website. These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Who we share your data with

Suggested text: If you request a password reset, your IP address will be included in the reset email.

How long we retain your data

Suggested text: If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue. For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

Suggested text: If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where your data is sent

Suggested text: Visitor comments may be checked through an automated spam detection service.
Save settings
Cookies settings
Scroll to Top