Posts

The Hacker News - Italy Fines OpenAI €15 Million for ChatGPT GDPR Data Privacy Violations

Italy's data protection authority has fined ChatGPT maker OpenAI a fine of €15 million ($15.66 million) over how the generative artificial intelligence application handles personal data. The fine comes nearly a year after the Garante found that ChatGPT processed users' information to train its service in violation of the European Union's General Data Protection Regulation (GDPR). The authority from The Hacker News https://thehackernews.com/2024/12/italy-fines-openai-15-million-for.html

The Hacker News - LockBit Developer Rostislav Panev Charged for Billions in Global Ransomware Damages

A dual Russian and Israeli national has been charged in the United States for allegedly being the developer of the now-defunct LockBit ransomware-as-a-service (RaaS) operation since its inception in or around 2019 through at least February 2024. Rostislav Panev, 51, was arrested in Israel earlier this August and is currently awaiting extradition, the U.S. Department of Justice (DoJ) said in a from The Hacker News https://thehackernews.com/2024/12/lockbit-developer-rostislav-panev.html

KnowBe4 - James Bond-Style Scamming Profits Explode

Image
There is a type of scam where victims are contacted by someone fraudulently posing as a popular trusted entity (e.g., Amazon, U.S. Post Office, etc.), law enforcement, or an intelligence agency that initially claims to have evidence linking the victim to a global, spy-like scam. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/james-bond-style-scamming-profits-explode

Rapid 7 - Metasploit Weekly Wrap-Up 12/20/2024

Image
New module content (4) GameOver(lay) Privilege Escalation and Container Escape Authors: bwatters-r7, g1vi, gardnerapp, and h00die Type: Exploit Pull request: #19460 contributed by gardnerapp Path: linux/local/gameoverlay_privesc AttackerKB reference: CVE-2023-2640 Description: Adds a module for CVE-2023-2640 and CVE-2023-32629, a local privilege escalation in some Ubuntu kernel versions that abuses overly trusting OverlayFS features. Clinic's Patient Management System 1.0 - Unauthenticated RCE Authors: Aaryan Golatkar and Oğulcan Hami Gül Type: Exploit Pull request: #19733 contributed by aaryan-11-x Path: multi/http/clinic_pms_fileupload_rce AttackerKB reference: CVE-2022-40471 Description: New exploit module for Clinic's Patient Management System 1.0 that targets CVE-2022-40471. The module exploits unrestricted file upload, which can be further used to get remote code execution (RCE) through a malicious PHP file. WordPress WP Time Capsule Arbitrary File Uploa...

The Hacker News - Lazarus Group Spotted Targeting Nuclear Engineers with CookiePlus Malware

The Lazarus Group, an infamous threat actor linked to the Democratic People's Republic of Korea (DPRK), has been observed leveraging a "complex infection chain" targeting at least two employees belonging to an unnamed nuclear-related organization within the span of one month in January 2024. The attacks, which culminated in the deployment of a new modular backdoor referred to as CookiePlus, are from The Hacker News https://thehackernews.com/2024/12/lazarus-group-spotted-targeting-nuclear.html

The Hacker News - Sophos Issues Hotfixes for Critical Firewall Flaws: Update to Prevent Exploitation

Sophos has released hotfixes to address three security flaws in Sophos Firewall products that could be exploited to achieve remote code execution and allow privileged system access under certain conditions. Of the three, two are rated Critical in severity. There is currently no evidence that the shortcomings have been exploited in the wild. The list of vulnerabilities is as follows - from The Hacker News https://thehackernews.com/2024/12/sophos-fixes-3-critical-firewall-flaws.html

The Hacker News - Hackers Exploiting Critical Fortinet EMS Vulnerability to Deploy Remote Access Tools

A now-patched critical security flaw impacting Fortinet FortiClient EMS is being exploited by malicious actors as part of a cyber campaign that installed remote desktop software such as AnyDesk and ScreenConnect.  The vulnerability in question is CVE-2023-48788 (CVSS score: 9.3), an SQL injection bug that allows attackers to execute unauthorized code or commands by sending specially crafted from The Hacker News https://thehackernews.com/2024/12/hackers-exploiting-critical-fortinet.html