The hottest Vulnerabilities Substack posts right now

And their main takeaways
Category
Top Technology Topics

Cybersecurity News Roundup

Vigilainte Newsletter 19 implied HN points 09 Sep 24
🕹 Technology Cybersecurity Software Data Protection Ransomware Vulnerabilities
  1. Popular travel sites have serious security problems that could put users at risk. It's important for them to fix these issues soon.
  2. Planned Parenthood confirmed a cyberattack, and a ransomware group claimed they did it. This shows how vulnerable even established organizations can be.
  3. CISA has released a warning about RansomHub ransomware and is urging people to be aware of it. Staying informed about these threats is essential for everyone.

i-SOON: “Significant Superpower” or Just Getting the Job Done?

Natto Thoughts 159 implied HN points 07 Mar 24
🕹 Technology Cybersecurity Business Operations Vulnerabilities
  1. A company's success heavily relies on hiring the right people and retaining them through competitive pay and employee-focused strategies.
  2. Business processes at i-SOON were dynamic and complex, involving partnerships, bid rigging, profit-sharing, and diversification to stay competitive.
  3. i-SOON's technology strategy focused on finding and exploiting vulnerabilities, although it faced challenges in developing its own exploits.

Risky Biz News: Canada's tax revenue agency tries to ToS itself out of hacking liability

Risky Business News 359 HN points 08 Mar 23
🕹 Technology Cybersecurity Vulnerabilities Hackers Malware
  1. Canada Revenue Agency (CRA) updated its terms to avoid liability if personal information is stolen from their online service portal.
  2. There are concerns about CRA's basic web application security features being missing, despite their claims of taking all reasonable security steps.
  3. The offloading of responsibility by CRA through a benign Terms of Service update is harmful, especially considering the sensitive data they hold.

What vulnerabilities were malicious actors focused on in 2022?

Resilient Cyber 199 implied HN points 14 Aug 23
🕹 Technology Cybersecurity Software Vulnerabilities Risk management Cloud Security
  1. Malicious actors focused heavily on Microsoft vulnerabilities in 2022, highlighting the importance for organizations to stay updated with security patches.
  2. Vendors and developers should identify often exploited vulnerabilities and hold business leaders responsible for security practices.
  3. End-user organizations need to enforce strong security measures, like multi-factor authentication, and continuously monitor their systems to protect against possible threats.

Most Bitcoin Inscriptions belong to a single person or entity

block21m 159 HN points 28 May 23
🔮 Crypto Bitcoin Blockchain Transactions Market Vulnerabilities
  1. 80% of Bitcoin inscriptions since March 2023 are controlled by a single person or entity with a specific public key
  2. This entity has influenced the blockchain significantly by controlling 64% of all inscriptions with a transaction fee total of 1056 BTC
  3. This high level of control showcases a vulnerability in the blockchain that could be exploited by entities with large amounts of Bitcoin
Get a weekly roundup of the best Substack posts, by hacker news affinity:

What's in a name?

Resilient Cyber 79 implied HN points 04 Dec 23
🕹 Technology Software Cybersecurity Vulnerabilities
  1. Software identification is important for managing everything from consumer products to national security, but the current naming systems are confusing and inconsistent.
  2. There are several ways to identify software, like Common Platform Enumeration (CPE), Package URL (PURL), and Software Identification Tags (SWID), each with its own uses and challenges.
  3. A unified approach to software identification is needed, but there are various paths forward, including using a single identifier or multiple formats, which could complicate things further.

Tianfu Cup 2023: Still a Thing

Natto Thoughts 79 implied HN points 16 Nov 23
🕹 Technology Cybersecurity Competition Vulnerabilities Regulations
  1. China's Tianfu Cup hacking competition has evolved from focusing on foreign products to including more domestic products as targets, sparking concerns among Western companies and security experts.
  2. The competition rules of Tianfu Cup 2023 included new sections for exploit demonstration review process and responsible vulnerability disclosure, highlighting the importance of following responsible disclosure procedures in the competition.
  3. In Tianfu Cup 2023, two teams successfully hacked VMware products, winning the top awards, although the competition results did not provide much detail on other attempts on domestic targets.

Fake LastPass App Made Its Way Onto Apple's App Store, Likely Used to Steal Credentials

Metacurity 39 implied HN points 09 Feb 24
🕹 Technology Security App Store Phishing Cyber Operations Vulnerabilities
  1. A fake LastPass app managed to get onto Apple's App Store and was likely designed to steal user credentials.
  2. Iranian cyber operations against Israel are becoming bolder and more sophisticated, posing risks to American critical infrastructure and the 2024 elections.
  3. The FCC has cracked down on AI-generated voice calls, recognizing them as 'artificial' and restricting their use for non-emergency purposes without consent.

Vulnerability Management and Developer Toil

Resilient Cyber 119 implied HN points 02 Apr 23
🕹 Technology Cybersecurity Vulnerabilities Software Developers Data Analysis
  1. Vulnerability management is crucial for security but often overwhelms developers with too much information. It’s important to focus on vulnerabilities that really pose a risk, instead of just following strict checklists.
  2. The number of vulnerabilities has exploded in recent years, but most are never exploited. Organizations need better ways to prioritize which vulnerabilities to address based on actual risk, rather than just severity scores.
  3. Security teams should work more closely with developers to reduce friction and support their efforts. Improving communication and providing context can make security a partner, not a blocker.

Must Learn AI Security Part 25: Sponge Attacks Against AI

Rod’s Blog 39 implied HN points 27 Nov 23
🕹 Technology AI Security Adversarial Attacks Vulnerabilities
  1. A Sponge attack against AI aims to confuse, distract, or overwhelm the AI system with irrelevant or nonsensical information.
  2. Types of Sponge attacks include flooding attacks, adversarial examples, poisoning attacks, deceptive inputs, and social engineering attacks.
  3. Mitigating a Sponge attack involves strategies like input validation, anomaly detection, adversarial training, rate limiting, monitoring, security best practices, updates, and user education.

What is “Prompt Injection”, And Why Does It Fool Chatbots?

Am I Stronger Yet? 31 implied HN points 17 Jan 24
🕹 Technology AI Security Chatbots Vulnerabilities
  1. Chatbots powered by large language models can be tricked into following malicious instructions.
  2. Prompt injection is a vulnerability where an attacker can sneak instructions into data fed to a chatbot.
  3. A key issue with large language models is the inability to distinguish instructions from data, making them susceptible to harmful prompts.

An Incomplete Look at Vulnerability Databases & Scoring Methodologies

Resilient Cyber 59 implied HN points 22 Nov 22
🕹 Technology Cybersecurity Software Databases Vulnerabilities Scoring
  1. Vulnerability databases like CVE and NVD help identify and score software weaknesses. This scoring helps companies prioritize what to fix first to keep users safe.
  2. The Common Vulnerability Scoring System (CVSS) rates how severe a vulnerability is. This helps organizations understand the impact and urgency of addressing the risk.
  3. New systems like the Open-Source Vulnerabilities (OSV) database and Global Security Database (GSD) aim to improve how vulnerabilities are recorded and shared, making it easier for developers to manage risk.

China as a Target of Cyberattacks: What China Says About Who Are in Their Systems

Natto Thoughts 19 implied HN points 04 Aug 23
🕹 Technology Cybersecurity Geopolitics Espionage Vulnerabilities Threats
  1. The top APT groups targeting China come from Taiwan, Vietnam, India, North Korea, Russia, and the US, showing the diverse origin of cyber threats against China.
  2. China's geopolitical tensions with neighboring countries like India manifest in cyberspace, with APT groups from these regions actively targeting Chinese organizations.
  3. QAX's Global APT report points out the exploitation of zero-day vulnerabilities by overseas APT groups targeting China, such as the iMessage 0-click 0day vulnerability, reflecting the global nature of cyber threats.

You're Vulnerable - And Malicious Actors Know It

Resilient Cyber 19 implied HN points 10 Apr 23
🕹 Technology Cybersecurity Vulnerabilities Software Data Protection
  1. Many organizations have old vulnerabilities in their systems that are not being fixed. These vulnerabilities can be easily exploited by hackers.
  2. There are millions of public instances still vulnerable to known security issues, and a significant number of these vulnerabilities have existed for over five years.
  3. The way we manage and address these vulnerabilities isn't working well. Companies need to improve their systems to keep up with the increasing number of vulnerabilities and threats.

What are OWASP’s Top 10 API vulnerabilities?

microapis.io 3 HN points 27 Feb 23
🕹 Technology Vulnerabilities Authentication
  1. OWASP's Top 10 API vulnerabilities include issues like broken user authentication, excessive data exposure, and lack of resources & rate limiting.
  2. Broken Object Level Authorization can lead to attackers accessing information they shouldn't.
  3. API security is crucial due to the growing use of APIs, potential risks, and the significant impact of poor API security on organizations.

Interview with the ETSI Standards Organization That Created TETRA "Backdoor"

Zero Day 7 HN points 25 Jul 23
🕹 Technology Cybersecurity Communication Encryption Vulnerabilities
  1. TETRA radio communication technology used by police and critical infrastructure was found to have a backdoor, reducing encryption strength.
  2. Keeping encryption algorithms secret can hinder security, as seen in the TETRA case where a deliberate weakness was discovered.
  3. ETSI created new secret algorithms to address vulnerabilities, but the debate continues on whether secrecy is the best approach for security.

Risky Biz News: Let's revisit the Ivanti Connect Secure clusterfudge

Risky Business News 0 implied HN points 02 Feb 24
🕹 Technology Cybersecurity Software Vulnerabilities Tools
  1. Ivanti disclosed two zero-day vulnerabilities in its Connect Secure VPN appliance, leading to exploitation by threat actors.
  2. Security firm Volexity linked the attacks to a Chinese cyber-espionage group, influencing hundreds of infected devices globally.
  3. Malware names like GLASSTOKEN, GIFTEDVISITOR, BUSHWALK were found on infected devices, leading to the mass exploitation phase.

Risky Biz News: Last of the Twitter hackers to be extradited to the US

Risky Business News 0 implied HN points 20 Feb 23
🕹 Technology Cybercrime Vulnerabilities Malware Infosec Industry
  1. Spain's National Court agreed to extradite a 23-year-old UK national to the US for his role in the 2020 Twitter hack.
  2. GoDaddy and the FBI experienced breaches in their systems, while crypto platforms like Platypus and Dexible were hacked for millions of dollars.
  3. Various cybercrime incidents and threat intelligence reports emerged, including seizure of cryptocurrency funds by Norwegian authorities and dismantling of CEO fraud and IMSI catcher gangs.

Risky Biz News: EPA releases cybersecurity guidance for US public water sector

Risky Business News 0 implied HN points 06 Mar 23
🕹 Technology Cybersecurity Malware Vulnerabilities Infosec Industry Tech Updates
  1. The US EPA has released cybersecurity guidance for public water systems, aiming to improve cybersecurity resilience and address recent high-profile hacks.
  2. Recent cyber breaches include hacks on GunAction.com, Flutterwave, BitBNS, TheSandbox, Chick-fil-A, and Mastodon.
  3. Various cybersecurity incidents involve BEC phishing campaigns, malware like FiXS in ATMs, and vulnerabilities found in DJI drones and Intel processors.

Risky Biz News: CISA establishes ransomware warning pilot program

Risky Business News 0 implied HN points 15 Mar 23
🕹 Technology Cybersecurity Vulnerabilities Malware
  1. CISA launched a ransomware warning program to proactively scan and secure vulnerable systems in critical infrastructure.
  2. Several cyber incidents include the $197 million crypto-heist on Euler Finance, an extortion attempt on GSC Game World and potential breaches at Amazon Ring, Marshall Amps, and Saint Kitts and Nevis government.
  3. Tech updates feature Kali Linux Purple edition, the creation of UK National Protective Security Authority, and the development of a Russian GitHub alternative.

Risky Biz News: FTC looks at cloud providers, their business practices, and data security

Risky Business News 0 implied HN points 24 Mar 23
🕹 Technology Cybersecurity Government Malware Vulnerabilities Tech Events
  1. The US Federal Trade Commission is seeking public comments on the business practices and data security of cloud computing providers.
  2. The FTC's action is a response to concerns about the predatory business practices of cloud providers and potential cybersecurity risks.
  3. The FTC is focusing on issues such as negotiating cloud contracts, secure storage competition, breach notifications, and customer lock-in incentives.

Risky Biz News: Microsoft addresses OneNote malspam problem, promises fixes through the year

Risky Business News 0 implied HN points 03 Apr 23
🕹 Technology Cybersecurity Malware Vulnerabilities Infosec Industry
  1. Microsoft is addressing a malspam problem in OneNote by blocking execution of certain embedded files.
  2. Several major breaches and cyber incidents have been reported in various countries.
  3. Various new cyber threats, malware strains, and cybersecurity vulnerabilities have been discovered and analyzed recently.

Risky Biz News: Apple and Google release new spec to combat the use of Bluetooth devices for unwanted tracking

Risky Business News 0 implied HN points 03 May 23
🕹 Technology Cybersecurity Vulnerabilities
  1. Apple and Google introduced a new spec to prevent Bluetooth devices from being used for unwanted tracking.
  2. Japan plans to increase its cyber force by over 20,000 in the next five years.
  3. India banned 14 secure messaging apps due to concerns over terrorist activities in specific regions.

Risky Biz News: Facebook takes down NodeStealer malware before it can take off the ground

Risky Business News 0 implied HN points 05 May 23
🕹 Technology Cybersecurity Vulnerabilities Tools Company News Threat intelligence
  1. Meta disrupted the NodeStealer malware, preventing its spread and protecting user credentials from being compromised.
  2. Various cyberattacks and ransomware incidents have been reported, affecting entities like universities and cities.
  3. Key developments in the tech and privacy sector include the FTC proposing a ban on Facebook monetizing youth data and Discord transitioning to a new username format.

Risky Biz News: Almost 9 million Android phones sold pre-infected with malware

Risky Business News 0 implied HN points 22 May 23
🕹 Technology Cybersecurity Malware Vulnerabilities Infosec Industry
  1. A cybercrime group named Lemon Group has pre-installed malware in almost 9 million Android devices, planting it inside the firmware.
  2. The Lemon Group's malware, known as Guerrilla, is hidden inside the Zygote process and can download plugins for various malicious activities.
  3. The lack of security practices in the Android OEM ecosystem and the presence of pre-installed malware highlight the risk of buying low-cost devices from unknown vendors.

Risky Biz News: New Chinese APT attacks US critical infrastructure

Risky Business News 0 implied HN points 26 May 23
🕹 Technology Cybersecurity Malware Vulnerabilities Tools
  1. New Chinese APT group Volt Typhoon detected targeting US critical infrastructure with stealth techniques.
  2. Recent focus of Chinese APTs on stealth operations explained by pressure to avoid detection due to increased scrutiny.
  3. Breaches and hacks include Chinese cyber-spies targeting Kenyan government, crypto-heists, and exit scams affecting investors.

Risky Biz News: Move aside RowHammer, the RowPress attack is here

Risky Business News 0 implied HN points 28 Jun 23
🕹 Technology Cybersecurity Malware Vulnerabilities Tools Conferences
  1. A new memory attack named RowPress has been discovered as an alternative to RowHammer, making DRAM chips vulnerable.
  2. Software-level mitigations can help protect against the RowPress attack by limiting the time a memory row can stay open.
  3. Various notable breaches, hacks, and incidents have occurred recently, emphasizing the ongoing importance of cybersecurity measures and vigilance.

Risky Biz News: US and Canada warn of new Truebot malware variant

Risky Business News 0 implied HN points 07 Jul 23
🕹 Technology Cybersecurity Vulnerabilities Malware Privacy Government
  1. US and Canada issue joint security alert about new Truebot malware variant being spread through phishing campaigns
  2. Cybersecurity incidents include ransomware attack on Japan's largest cargo port, DDoS attack on Russian railway company, and data leak of Indonesian passports
  3. Privacy concerns arise with inability to delete Instagram Threads account and secret blocklist feature in Firefox

Risky Biz News: US imposes visa ban on individuals linked to commercial spyware

Risky Business News 0 implied HN points 07 Feb 24
🕹 Technology Cybersecurity Software Vulnerabilities Events
  1. The US government has restricted visas for individuals linked to the misuse of commercial spyware.
  2. Commercial spyware has been linked to repression, human rights abuses, and poses a security threat to the US.
  3. Investors and individuals tied to spyware vendors like Candiru, NSO Group, Intellexa, and Cytrox may face the visa ban.

Risky Biz News: Two Iranian cyber groups get doxed in a week

Risky Business News 0 implied HN points 05 Feb 24
🕹 Technology Cybersecurity Malware Vulnerabilities Open Source
  1. Two Iranian cyber groups were recently exposed in a week, indicating increased cyber activity from Iran.
  2. Cyber Av3ngers attacked Israeli critical infrastructure, mainly targeting Unitronics devices.
  3. Various cybersecurity incidents, such as Cloudflare breach and Clorox ransomware attack, demonstrate ongoing threats in the digital landscape.

Risky Biz News: FTC orders MoneyGram to return $115 million to scammed victims

Risky Business News 0 implied HN points 15 Feb 23
🕹 Technology Cybercrime Data security Vulnerabilities Malware Infosec Industry
  1. The FTC ordered MoneyGram to return $115 million to scam victims due to system abuse
  2. Cybercriminals are developing new ransomware like MortalKombat and using phishing campaigns for attacks
  3. Various cybersecurity vulnerabilities and exploits have been detected, addressed, and reported by different companies and security researchers

Risky Biz News: Brazilian police arrest Grandoreiro malware gang

Risky Business News 0 implied HN points 31 Jan 24
🕹 Technology Cybersecurity Malware Vulnerabilities Infosec Industry Threat intelligence
  1. Brazilian police arrested members of the Grandoreiro malware gang, known for stealing millions from bank customers in Brazil, Mexico, and Spain.
  2. Ukraine's GUR conducted a hack wiping 60TB of data from Russian company IPL Consulting and worked to cripple Akado-Telekom infrastructure.
  3. Various cybersecurity incidents, including crypto-heists, ransomware attacks on companies like Schneider Electric, Romanian government, and details on malware strains like Trigona and Ermac.

Risky Biz News: SVR hackers also breached HPE

Risky Business News 0 implied HN points 26 Jan 24
🕹 Technology Cybersecurity Vulnerabilities Malware Espionage Tools
  1. HPE and Microsoft faced breaches by the same Russian state-sponsored hacking group, highlighting the ongoing cyber threats to tech giants.
  2. SEC's new breach disclosure rules are leading to faster reporting of incidents and more detailed disclosures from affected companies, changing the cybersecurity landscape.
  3. Various new cybersecurity incidents and threats, including DDoS attacks, ransomware incidents, and insider threats, continue to impact organizations globally.

Risky Biz News: AU, UK, US sanction Russian behind Medibank ransomware attack

Risky Business News 0 implied HN points 24 Jan 24
🕹 Technology Cybersecurity Vulnerabilities Threat intelligence Malware Tech Updates
  1. Australia, UK, and US have sanctioned a Russian individual for ransomware attack on Medibank.
  2. Various cybersecurity incidents like data breaches, ransomware attacks, and malware discoveries are on the rise.
  3. Significant security updates and patches have been released for vulnerabilities in various platforms and software.