The hottest Vulnerabilities Substack posts right now

And their main takeaways
Category
Top Technology Topics

i-SOON: “Significant Superpower” or Just Getting the Job Done?

Natto Thoughts 159 implied HN points 07 Mar 24
🕹 Technology Cybersecurity Vulnerabilities
  1. A company's success heavily relies on hiring the right people and retaining them through competitive pay and employee-focused strategies.
  2. Business processes at i-SOON were dynamic and complex, involving partnerships, bid rigging, profit-sharing, and diversification to stay competitive.
  3. i-SOON's technology strategy focused on finding and exploiting vulnerabilities, although it faced challenges in developing its own exploits.

Fake LastPass App Made Its Way Onto Apple's App Store, Likely Used to Steal Credentials

Metacurity 39 implied HN points 09 Feb 24
🕹 Technology Security App Store Cyber Operations Vulnerabilities
  1. A fake LastPass app managed to get onto Apple's App Store and was likely designed to steal user credentials.
  2. Iranian cyber operations against Israel are becoming bolder and more sophisticated, posing risks to American critical infrastructure and the 2024 elections.
  3. The FCC has cracked down on AI-generated voice calls, recognizing them as 'artificial' and restricting their use for non-emergency purposes without consent.

Risky Biz News: Canada's tax revenue agency tries to ToS itself out of hacking liability

Risky Business News 359 HN points 08 Mar 23
🕹 Technology Cybersecurity Vulnerabilities Hackers Malware
  1. Canada Revenue Agency (CRA) updated its terms to avoid liability if personal information is stolen from their online service portal.
  2. There are concerns about CRA's basic web application security features being missing, despite their claims of taking all reasonable security steps.
  3. The offloading of responsibility by CRA through a benign Terms of Service update is harmful, especially considering the sensitive data they hold.

Tianfu Cup 2023: Still a Thing

Natto Thoughts 79 implied HN points 16 Nov 23
🕹 Technology Cybersecurity Competition Vulnerabilities Regulations
  1. China's Tianfu Cup hacking competition has evolved from focusing on foreign products to including more domestic products as targets, sparking concerns among Western companies and security experts.
  2. The competition rules of Tianfu Cup 2023 included new sections for exploit demonstration review process and responsible vulnerability disclosure, highlighting the importance of following responsible disclosure procedures in the competition.
  3. In Tianfu Cup 2023, two teams successfully hacked VMware products, winning the top awards, although the competition results did not provide much detail on other attempts on domestic targets.
Get a weekly roundup of the best Substack posts, by hacker news affinity:

What is “Prompt Injection”, And Why Does It Fool Chatbots?

Am I Stronger Yet? 31 implied HN points 17 Jan 24
🕹 Technology AI Security Chatbots Vulnerabilities
  1. Chatbots powered by large language models can be tricked into following malicious instructions.
  2. Prompt injection is a vulnerability where an attacker can sneak instructions into data fed to a chatbot.
  3. A key issue with large language models is the inability to distinguish instructions from data, making them susceptible to harmful prompts.

Most Bitcoin Inscriptions belong to a single person or entity

block21m 159 HN points 28 May 23
🔮 Crypto Bitcoin Blockchain Transactions Market Vulnerabilities
  1. 80% of Bitcoin inscriptions since March 2023 are controlled by a single person or entity with a specific public key
  2. This entity has influenced the blockchain significantly by controlling 64% of all inscriptions with a transaction fee total of 1056 BTC
  3. This high level of control showcases a vulnerability in the blockchain that could be exploited by entities with large amounts of Bitcoin

Must Learn AI Security Part 25: Sponge Attacks Against AI

Rod’s Blog 39 implied HN points 27 Nov 23
🕹 Technology AI Security Adversarial Attacks Vulnerabilities
  1. A Sponge attack against AI aims to confuse, distract, or overwhelm the AI system with irrelevant or nonsensical information.
  2. Types of Sponge attacks include flooding attacks, adversarial examples, poisoning attacks, deceptive inputs, and social engineering attacks.
  3. Mitigating a Sponge attack involves strategies like input validation, anomaly detection, adversarial training, rate limiting, monitoring, security best practices, updates, and user education.

China as a Target of Cyberattacks: What China Says About Who Are in Their Systems

Natto Thoughts 19 implied HN points 04 Aug 23
🕹 Technology Cybersecurity Geopolitics Espionage Vulnerabilities Threats
  1. The top APT groups targeting China come from Taiwan, Vietnam, India, North Korea, Russia, and the US, showing the diverse origin of cyber threats against China.
  2. China's geopolitical tensions with neighboring countries like India manifest in cyberspace, with APT groups from these regions actively targeting Chinese organizations.
  3. QAX's Global APT report points out the exploitation of zero-day vulnerabilities by overseas APT groups targeting China, such as the iMessage 0-click 0day vulnerability, reflecting the global nature of cyber threats.

Interview with the ETSI Standards Organization That Created TETRA "Backdoor"

Zero Day 7 HN points 25 Jul 23
🕹 Technology Cybersecurity Communication Encryption Vulnerabilities
  1. TETRA radio communication technology used by police and critical infrastructure was found to have a backdoor, reducing encryption strength.
  2. Keeping encryption algorithms secret can hinder security, as seen in the TETRA case where a deliberate weakness was discovered.
  3. ETSI created new secret algorithms to address vulnerabilities, but the debate continues on whether secrecy is the best approach for security.

What are OWASP’s Top 10 API vulnerabilities?

microapis.io 3 HN points 27 Feb 23
🕹 Technology Vulnerabilities Authentication
  1. OWASP's Top 10 API vulnerabilities include issues like broken user authentication, excessive data exposure, and lack of resources & rate limiting.
  2. Broken Object Level Authorization can lead to attackers accessing information they shouldn't.
  3. API security is crucial due to the growing use of APIs, potential risks, and the significant impact of poor API security on organizations.

Risky Biz News: Two Iranian cyber groups get doxed in a week

Risky Business News 0 implied HN points 05 Feb 24
🕹 Technology Cybersecurity Malware Vulnerabilities Open Source
  1. Two Iranian cyber groups were recently exposed in a week, indicating increased cyber activity from Iran.
  2. Cyber Av3ngers attacked Israeli critical infrastructure, mainly targeting Unitronics devices.
  3. Various cybersecurity incidents, such as Cloudflare breach and Clorox ransomware attack, demonstrate ongoing threats in the digital landscape.

Risky Biz News: Let's revisit the Ivanti Connect Secure clusterfudge

Risky Business News 0 implied HN points 02 Feb 24
🕹 Technology Cybersecurity Software Vulnerabilities Tools
  1. Ivanti disclosed two zero-day vulnerabilities in its Connect Secure VPN appliance, leading to exploitation by threat actors.
  2. Security firm Volexity linked the attacks to a Chinese cyber-espionage group, influencing hundreds of infected devices globally.
  3. Malware names like GLASSTOKEN, GIFTEDVISITOR, BUSHWALK were found on infected devices, leading to the mass exploitation phase.

Risky Biz News: Brazilian police arrest Grandoreiro malware gang

Risky Business News 0 implied HN points 31 Jan 24
🕹 Technology Cybersecurity Malware Vulnerabilities Infosec Industry Threat intelligence
  1. Brazilian police arrested members of the Grandoreiro malware gang, known for stealing millions from bank customers in Brazil, Mexico, and Spain.
  2. Ukraine's GUR conducted a hack wiping 60TB of data from Russian company IPL Consulting and worked to cripple Akado-Telekom infrastructure.
  3. Various cybersecurity incidents, including crypto-heists, ransomware attacks on companies like Schneider Electric, Romanian government, and details on malware strains like Trigona and Ermac.

Risky Biz News: SVR hackers also breached HPE

Risky Business News 0 implied HN points 26 Jan 24
🕹 Technology Cybersecurity Vulnerabilities Malware Espionage Tools
  1. HPE and Microsoft faced breaches by the same Russian state-sponsored hacking group, highlighting the ongoing cyber threats to tech giants.
  2. SEC's new breach disclosure rules are leading to faster reporting of incidents and more detailed disclosures from affected companies, changing the cybersecurity landscape.
  3. Various new cybersecurity incidents and threats, including DDoS attacks, ransomware incidents, and insider threats, continue to impact organizations globally.

Risky Biz News: AU, UK, US sanction Russian behind Medibank ransomware attack

Risky Business News 0 implied HN points 24 Jan 24
🕹 Technology Cybersecurity Vulnerabilities Threat intelligence Malware Tech Updates
  1. Australia, UK, and US have sanctioned a Russian individual for ransomware attack on Medibank.
  2. Various cybersecurity incidents like data breaches, ransomware attacks, and malware discoveries are on the rise.
  3. Significant security updates and patches have been released for vulnerabilities in various platforms and software.

Risky Biz News: SVR hackers breach Microsoft, steal emails from the security team

Risky Business News 0 implied HN points 22 Jan 24
🕹 Technology Cybersecurity Incidents Software Tools Vulnerabilities
  1. Russian hackers breached Microsoft and stole emails from senior leadership and cybersecurity teams.
  2. Microsoft faced criticism for the timing and handling of the breach disclosure.
  3. Several other security incidents and breaches were reported, showcasing ongoing cyber threats and vulnerabilities.

Risky Biz News: Congress considers making CSRB permanent and more independent and transparent

Risky Business News 0 implied HN points 19 Jan 24
🕹 Technology Cybersecurity Vulnerabilities Malware Incident Response
  1. Congress is considering making the CSRB permanent and more independent and transparent for cybersecurity issues.
  2. Various cybersecurity incidents occurred, such as DDoS attacks in Switzerland and cyberattacks on companies like Kyivstar.
  3. Important developments include new Samsung phones promising 7 years of security updates and Google updating Chrome Incognito Mode text.

Risky Biz News: Cybercrime crew infects 172,000 smart TVs and set-top boxes

Risky Business News 0 implied HN points 17 Jan 24
🕹 Technology Cybersecurity Vulnerabilities Malware Government Tech news
  1. A cybercrime group infected 172,000 smart TVs and set-top boxes to carry out DDoS attacks.
  2. Bigpanzi botnet targeted Spanish and Portuguese-speaking users by spreading malware through social engineering.
  3. The security industry faces challenges like unpatched vulnerabilities in SonicWall firewalls and sophisticated malware targeting various platforms.

Risky Biz News: Chinese APT exploits two Pulse Secure zero-days

Risky Business News 0 implied HN points 12 Jan 24
🕹 Technology Security Malware Cybercrime Vulnerabilities Infosec Industry
  1. Chinese state-sponsored hacking group exploited two zero-days in Ivanti Connect Secure VPN appliances.
  2. FTC banned data broker Outlogic from selling precise location data of American citizens due to privacy violations.
  3. A member of the ShinyHunters hacking group was sentenced to three years in prison for hacking and selling data on underground forums.

Risky Biz News: FTC orders MoneyGram to return $115 million to scammed victims

Risky Business News 0 implied HN points 15 Feb 23
🕹 Technology Cybercrime Data security Vulnerabilities Malware Infosec Industry
  1. The FTC ordered MoneyGram to return $115 million to scam victims due to system abuse
  2. Cybercriminals are developing new ransomware like MortalKombat and using phishing campaigns for attacks
  3. Various cybersecurity vulnerabilities and exploits have been detected, addressed, and reported by different companies and security researchers

Risky Biz News: Ransomware wrecks Paraguay's largest telco

Risky Business News 0 implied HN points 10 Jan 24
🕹 Technology Cybersecurity Software Hackers Privacy Vulnerabilities
  1. A ransomware attack on Tigo, Paraguay's largest telco, impacted 300 servers and 300 companies.
  2. Ransomware group BlackHunt breached victims via unsecured RDP connections and is known for data encryption and theft.
  3. Dutch Police arrested a developer of the Babuk Tortilla ransomware, obtaining decryption keys and sharing them with Avast and Cisco Talos.

Risky Biz News: Last of the Twitter hackers to be extradited to the US

Risky Business News 0 implied HN points 20 Feb 23
🕹 Technology Cybercrime Vulnerabilities Malware Infosec Industry
  1. Spain's National Court agreed to extradite a 23-year-old UK national to the US for his role in the 2020 Twitter hack.
  2. GoDaddy and the FBI experienced breaches in their systems, while crypto platforms like Platypus and Dexible were hacked for millions of dollars.
  3. Various cybercrime incidents and threat intelligence reports emerged, including seizure of cryptocurrency funds by Norwegian authorities and dismantling of CEO fraud and IMSI catcher gangs.

Risky Biz News: EPA releases cybersecurity guidance for US public water sector

Risky Business News 0 implied HN points 06 Mar 23
🕹 Technology Cybersecurity Malware Vulnerabilities Infosec Industry Tech Updates
  1. The US EPA has released cybersecurity guidance for public water systems, aiming to improve cybersecurity resilience and address recent high-profile hacks.
  2. Recent cyber breaches include hacks on GunAction.com, Flutterwave, BitBNS, TheSandbox, Chick-fil-A, and Mastodon.
  3. Various cybersecurity incidents involve BEC phishing campaigns, malware like FiXS in ATMs, and vulnerabilities found in DJI drones and Intel processors.

Risky Biz News: CISA establishes ransomware warning pilot program

Risky Business News 0 implied HN points 15 Mar 23
🕹 Technology Cybersecurity Vulnerabilities Malware
  1. CISA launched a ransomware warning program to proactively scan and secure vulnerable systems in critical infrastructure.
  2. Several cyber incidents include the $197 million crypto-heist on Euler Finance, an extortion attempt on GSC Game World and potential breaches at Amazon Ring, Marshall Amps, and Saint Kitts and Nevis government.
  3. Tech updates feature Kali Linux Purple edition, the creation of UK National Protective Security Authority, and the development of a Russian GitHub alternative.

Risky Biz News: FTC looks at cloud providers, their business practices, and data security

Risky Business News 0 implied HN points 24 Mar 23
🕹 Technology Cybersecurity Government Malware Vulnerabilities Tech Events
  1. The US Federal Trade Commission is seeking public comments on the business practices and data security of cloud computing providers.
  2. The FTC's action is a response to concerns about the predatory business practices of cloud providers and potential cybersecurity risks.
  3. The FTC is focusing on issues such as negotiating cloud contracts, secure storage competition, breach notifications, and customer lock-in incentives.

Risky Biz News: Microsoft addresses OneNote malspam problem, promises fixes through the year

Risky Business News 0 implied HN points 03 Apr 23
🕹 Technology Cybersecurity Malware Vulnerabilities Infosec Industry
  1. Microsoft is addressing a malspam problem in OneNote by blocking execution of certain embedded files.
  2. Several major breaches and cyber incidents have been reported in various countries.
  3. Various new cyber threats, malware strains, and cybersecurity vulnerabilities have been discovered and analyzed recently.

Risky Biz News: Apple and Google release new spec to combat the use of Bluetooth devices for unwanted tracking

Risky Business News 0 implied HN points 03 May 23
🕹 Technology Cybersecurity Vulnerabilities
  1. Apple and Google introduced a new spec to prevent Bluetooth devices from being used for unwanted tracking.
  2. Japan plans to increase its cyber force by over 20,000 in the next five years.
  3. India banned 14 secure messaging apps due to concerns over terrorist activities in specific regions.

Risky Biz News: Facebook takes down NodeStealer malware before it can take off the ground

Risky Business News 0 implied HN points 05 May 23
🕹 Technology Cybersecurity Vulnerabilities Tools Company News Threat intelligence
  1. Meta disrupted the NodeStealer malware, preventing its spread and protecting user credentials from being compromised.
  2. Various cyberattacks and ransomware incidents have been reported, affecting entities like universities and cities.
  3. Key developments in the tech and privacy sector include the FTC proposing a ban on Facebook monetizing youth data and Discord transitioning to a new username format.

Risky Biz News: Almost 9 million Android phones sold pre-infected with malware

Risky Business News 0 implied HN points 22 May 23
🕹 Technology Cybersecurity Malware Vulnerabilities Infosec Industry
  1. A cybercrime group named Lemon Group has pre-installed malware in almost 9 million Android devices, planting it inside the firmware.
  2. The Lemon Group's malware, known as Guerrilla, is hidden inside the Zygote process and can download plugins for various malicious activities.
  3. The lack of security practices in the Android OEM ecosystem and the presence of pre-installed malware highlight the risk of buying low-cost devices from unknown vendors.

Risky Biz News: New Chinese APT attacks US critical infrastructure

Risky Business News 0 implied HN points 26 May 23
🕹 Technology Cybersecurity Malware Vulnerabilities Tools
  1. New Chinese APT group Volt Typhoon detected targeting US critical infrastructure with stealth techniques.
  2. Recent focus of Chinese APTs on stealth operations explained by pressure to avoid detection due to increased scrutiny.
  3. Breaches and hacks include Chinese cyber-spies targeting Kenyan government, crypto-heists, and exit scams affecting investors.

Risky Biz News: Move aside RowHammer, the RowPress attack is here

Risky Business News 0 implied HN points 28 Jun 23
🕹 Technology Cybersecurity Malware Vulnerabilities Tools Conferences
  1. A new memory attack named RowPress has been discovered as an alternative to RowHammer, making DRAM chips vulnerable.
  2. Software-level mitigations can help protect against the RowPress attack by limiting the time a memory row can stay open.
  3. Various notable breaches, hacks, and incidents have occurred recently, emphasizing the ongoing importance of cybersecurity measures and vigilance.

Risky Biz News: US and Canada warn of new Truebot malware variant

Risky Business News 0 implied HN points 07 Jul 23
🕹 Technology Cybersecurity Vulnerabilities Malware Privacy Government
  1. US and Canada issue joint security alert about new Truebot malware variant being spread through phishing campaigns
  2. Cybersecurity incidents include ransomware attack on Japan's largest cargo port, DDoS attack on Russian railway company, and data leak of Indonesian passports
  3. Privacy concerns arise with inability to delete Instagram Threads account and secret blocklist feature in Firefox

Risky Biz News: US imposes visa ban on individuals linked to commercial spyware

Risky Business News 0 implied HN points 07 Feb 24
🕹 Technology Cybersecurity Software Vulnerabilities Events
  1. The US government has restricted visas for individuals linked to the misuse of commercial spyware.
  2. Commercial spyware has been linked to repression, human rights abuses, and poses a security threat to the US.
  3. Investors and individuals tied to spyware vendors like Candiru, NSO Group, Intellexa, and Cytrox may face the visa ban.