News for June 16, 2024

News for June 16, 2024

By I_g_o_r | Some news | 16 Jun 2024


PHP vulnerability allows attackers to run malicious code on Windows servers

https://arstechnica.com/security/2024/06/php-vulnerability-allows-attackers-to-run-malicious-code-on-windows-servers/

 

Regulators in Canada and the UK launch a joint probe to assess what customer info was exposed in 23andMe's 2023 breach and if proper safeguards were in place

https://www.bleepingcomputer.com/news/security/23andme-data-breach-under-investigation-in-uk-and-canada/#google_vignette

 

Malicious Node on ComfyUI Steals Data from Crypto, Browser Users

https://hackread.com/comfyui-malicious-node-steal-crypto-browser-data/

 

Ransomware Is ‘More Brutal’ Than Ever in 2024

https://www.wired.com/story/state-of-ransomware-2024/

 

Two-Thirds Of Small Business Owners Worried Biden's Economy Will Kill Their Business

https://www.zerohedge.com/economics/two-thirds-small-business-owners-worried-bidens-economy-will-kill-their-business

 

Hackers Leak 270GB of New York Times Data and Source Code on 4Chan

https://hackread.com/hackers-leak-new-york-times-data-source-code-o4chan/

 

Cylance confirms data breach linked to 'third-party' platform

https://www.bleepingcomputer.com/news/security/cylance-confirms-data-breach-linked-to-third-party-platform/

 

Military Draft Coming? House Passes Measure To Automatically Register Men For Selective Service

https://www.zerohedge.com/military/military-draft-coming-house-passes-measure-automatically-register-men-selective-service

 

Mandiant, which is helping Snowflake investigate its recent cyber attacks, says the two companies have notified ~165 organizations of potential exposure

https://techcrunch.com/2024/06/10/mandiant-hackers-snowflake-stole-significant-volume-data-customers/

 

$82,000 Gold Nugget Stolen From Long Beach Coin Show

https://www.zerohedge.com/markets/82000-gold-nugget-stolen-long-beach-coin-show

 

Crypto hacks soar to $19B in 13 years: Crystal Intelligence

https://cointelegraph.com/news/crypto-hacks-19-billion-13-years

 

Scammers' New Way of Targeting Small Businesses: Impersonating Them

https://yro.slashdot.org/story/24/06/10/201235/scammers-new-way-of-targeting-small-businesses-impersonating-them

 

Turkish student arrested for using AI to cheat in university exam

https://finance.yahoo.com/news/turkish-student-arrested-using-ai-131049986.html

 

The Google Pay app is dead

https://arstechnica.com/gadgets/2024/06/google-shuts-down-the-google-pay-app/

 

Need a laptop quick? Walmart is selling restored HPs for under $70

https://www.digitaltrends.com/computing/hp-refurbished-under-70-deal-walmart-june-2024/

 

Chinese hackers breached 20,000 FortiGate systems worldwide

https://www.bleepingcomputer.com/news/security/chinese-hackers-breached-20-000-fortigate-systems-worldwide/

 

Yes, everyone really is sick a lot more often after COVID

https://financialpost.com/news/economy/yes-everyone-really-is-sick-a-lot-more-often-after-covid

 

Facebook, Meta, Apple, Amazon Most Impersonated in Phishing Scams

https://hackread.com/facebook-meta-apple-amazon-impersonate-phishing-scams/

 

Windows security hole allows attackers to install malware via Wi-Fi

https://www.tomshardware.com/software/windows/windows-security-hole-allows-attackers-to-install-malware-via-wi-fi-new-patch-plugs-gaping-vulnerability

 

Indian Ex-Employee Jailed for Wiping 180 Virtual Servers in Singapore

https://hackread.com/indian-ex-employee-jail-wiping-singapore-virtual-servers/

 

Confidential patient information found by member of the public

https://www.theregister.com/2024/06/13/nhs_bin_bag_data_breach/

 

Life360 says hacker tried to extort them after Tile data breach

https://www.bleepingcomputer.com/news/security/life360-says-hacker-tried-to-extort-them-after-tile-data-breach/

 

Wells Fargo Fires Employees for Faking Work By Simulating Keyboard Activity

https://it.slashdot.org/story/24/06/13/1442205/wells-fargo-fires-employees-for-faking-work-by-simulating-keyboard-activity

 

Beware WARMCOOKIE Backdoor Knocking Your Inbox

https://gbhackers.com/beware-warmcookie-backdoor/

 

Yet Another Company Caught Using ‘AI’ To Quietly Create Fake Journalists And Fake Journalism

https://www.techdirt.com/2024/06/12/yet-another-company-caught-using-ai-to-quietly-create-fake-journalists-and-fake-journalism/

 

Truist Bank confirms breach after stolen data shows up on hacking forum

https://www.bleepingcomputer.com/news/security/truist-bank-confirms-data-breach-after-stolen-data-shows-up-on-hacking-forum/

 

Google's Privacy Sandbox more like a privacy mirage, campaigners claim

https://www.theregister.com/2024/06/13/noyb_gdpr_privacy_sandbox/

 

How We Hacked Multi-Billion Dollar Companies in 30 Minutes Using a Fake VSCode Extension

https://medium.com/@amitassaraf/the-story-of-extensiontotal-how-we-hacked-the-vscode-marketplace-5c6e66a0e9d7

https://medium.com/@amitassaraf/2-6-exposing-malicious-extensions-shocking-statistics-from-the-vs-code-marketplace-cf88b7a7f38f

 

Ex-employee Andrew Harris says Microsoft for years dismissed his warnings of an Active Directory flaw that led to the 2021 SolarWinds hack; Harris left in 2020

https://www.propublica.org/article/microsoft-solarwinds-golden-saml-data-breach-russian-hackers

 

How to Bypass Originality AI Detection

https://hackernoon.com/how-to-bypass-originality-ai-detection

 

Hackers Exploiting MS Office Editor Vulnerability to Deploy Keylogger

https://gbhackers.com/hackers-exploiting-ms-office/

 

Gitloker attacks abuse GitHub notifications to push malicious OAuth apps

https://www.bleepingcomputer.com/news/security/gitloker-attacks-abuse-github-notifications-to-push-malicious-oauth-apps/

 

Nigeria Drops Tax Charges Against Binance Executives

https://www.coindesk.com/policy/2024/06/14/nigeria-drops-tax-charges-against-binance-executives-family-spokesperson/

 

Chinese ‘Smishing Triad’ Group Targets Pakistanis with SMS Phishing

https://hackread.com/chinese-smishing-triad-group-pakistan-sms-phishing/

 

UwU Lend faces second hack during $20M reimbursement process

https://cointelegraph.com/news/uwu-lend-second-hack-20m-reimbursement

 

Insurance giant Globe Life investigating web portal breach

https://www.bleepingcomputer.com/news/security/insurance-giant-globe-life-investigating-web-portal-breach/

 

Pakistani Hacking Team 'Celestial Force' Spies on Indian Gov't, Defense

https://www.darkreading.com/cyberattacks-data-breaches/pakistani-hacking-team-celestial-force-spies-indian-govt-defense-orgs

 

0-day Vulnerability In 10,000 Web Apps Exploited Using XSS Payloads

https://gbhackers.com/0day-vulnerability-xss-payloads/

 

Cleveland City Hall Shuts Down After Cyber Incident

https://www.darkreading.com/cyberattacks-data-breaches/cleveland-city-hall-shuts-down-after-cyber-incident

 

OKX investigates multimillion account thefts after SIM swap attacks

https://cointelegraph.com/news/okx-investigates-multi-million-theft-sim-swap-attacks

 

DDoS attacks target EU political parties as elections begin

https://www.bleepingcomputer.com/news/security/ddos-attacks-target-eu-political-parties-as-elections-begin/

 

Cyber attack on a video portal in Japan

https://www.japantimes.co.jp/news/2024/06/09/japan/video-sharing-site-niconico-cyberattack/

 

Cyber attack on a welfare association in Canada

https://thefamilyhelpnetwork.ca/update-on-recent-technology-issues/

 

Black Basta Ransomware Suspected of Exploiting Windows 0-day Before Patch

https://hackread.com/black-basta-ransomware-windows-0-day-patch/

 

Trump floats eliminating U.S. income tax and replacing it with tariffs on imports

https://www.cnbc.com/2024/06/13/trump-all-tariff-policy-to-replace-income-tax.html

 

Threat Actor Claiming Leak Of 5 Million Ecuador’s Citizen Database

https://gbhackers.com/claimig-claiming-ecuadors-database/

 

SEC's Gensler Sees Ether ETF Approval By "End Of Summer"

https://www.zerohedge.com/crypto/secs-gensler-sees-ether-etf-approval-end-summer

 

London Hospitals Knew of Cyber Vulnerabilities Years Before Hack

https://it.slashdot.org/story/24/06/14/1359210/london-hospitals-knew-of-cyber-vulnerabilities-years-before-hack

 

Location Tracker Firm Tile Hit by Data Breach, Hackers Access Internal Tools

https://hackread.com/location-tracker-tile-data-breach-hackers/

 

Keytronic confirms data breach after ransomware gang leaks stolen files

https://www.bleepingcomputer.com/news/security/keytronic-confirms-data-breach-after-ransomware-gang-leaks-stolen-files/

 

DERO Cryptojacking Campaign Adopts New Techniques to Evade Detection

https://www.wiz.io/blog/dero-cryptojacking-campaign-adapts-to-evade-detection

 

Tokenization Platform Holograph Plummets 80% in 9 Hours after Hacker Mints 1B HLG Tokens

https://www.coinspeaker.com/holograph-plummets-hacker-1b-hlg/

 

Victoria Racing Club suffers cyberattack

https://www.theage.com.au/national/victoria/victoria-racing-club-suffers-cyberattack-20240612-p5jl7v.html

 

DDoS attacks on websites of the public administration of Switzerland

https://www.nau.ch/news/schweiz/cyberangriff-it-probleme-in-der-bundesverwaltung-66778853

 

Panera Notifies Employees of Compromised Data

https://www.darkreading.com/cyberattacks-data-breaches/panera-notifies-employees-of-compromised-data

 

UwU Lend offers a $5M bounty to whoever catches its exploiter

https://cointelegraph.com/news/uwu-lend-offers-5-million-bounty-catch-hacker

 

City of Cleveland still working to fully restore systems impacted by a cyber attack

https://securityaffairs.com/164506/hacking/city-of-cleveland-cyberattack.html

 

Sleepy Pickle Exploit Let Attackers Exploit ML Models And Attack End-Users

https://gbhackers.com/sleepy-pickle-exploit-ml-models/

 

Crypto hack losses hit $19B, Terraform Labs shuts down: Finance Redefined

https://cointelegraph.com/news/crypto-hack-losses-19-b-terraform-labs-shuts-down-finance-redefined

 

LRC falls to 4-month low as Loopring’s ‘most secured wallets’ hit with $5 million breach

https://cryptoslate.com/lrc-falls-to-4-month-low-as-looprings-most-secured-wallets-hit-with-5-million-breach/

 

MEV Bot service provider @JokInTheBoxETH on the #ethereum chain suffered an exploit on June 11, 2024, and lost ~💰$34K worth of its assets.

https://www.immunebytes.com/blog/list-of-largest-crypto-hacks-in-2024/

 

How do you rate this article?

16


I_g_o_r
I_g_o_r

I am curious about science, technologies and their applications to solving real problems.


Some news
Some news

News on cyber security, data breaches, crypto security, trends, etc. Image of Suzy Hazelwood from pexels.com

Publish0x

Send a $0.01 microtip in crypto to the author, and earn yourself as you read!

20% to author / 80% to me.
We pay the tips from our rewards pool.