Slack Patches AI Bug That Let Attackers Steal Data From Private Channels
Slack has patched a critical flaw in its AI feature that allowed attackers to exploit a prompt injection vulnerability, enabling them to steal data from private channels or conduct phishing attacks within the platform. The flaw, discovered by PromptArmor, arose from the AI’s inability to differentiate between legitimate and malicious instructions, widening the attack surface as Slack AI began ingesting more types of documents. This incident highlights the ongoing risks associated with integrating AI into collaboration tools, underscoring the need for robust security measures to prevent unauthorized data access.
China-Linked ‘Velvet Ant’ Hackers Exploited Zero-Day to Deploy Malware on Cisco Nexus Switches
A China-linked threat actor known as Velvet Ant has been observed exploiting a zero-day vulnerability in Cisco Nexus switches to deploy malware and establish persistence in targeted networks. The attackers leveraged this critical flaw to execute arbitrary code with root privileges, potentially compromising the integrity and security of affected systems. Cybersecurity professionals are urged to immediately apply the patches released by Cisco and conduct thorough investigations to detect any signs of compromise in their network infrastructure.
Security flaws in Dahua Cameras being actively exploited, CISA warns
Critical security flaws in Dahua cameras are being actively exploited by threat actors, potentially exposing millions of devices to unauthorized access and control. These vulnerabilities allow attackers to bypass authentication mechanisms and execute arbitrary code, posing significant risks to organizations using these cameras for surveillance and security purposes. Cybersecurity professionals are urged to immediately patch affected systems and implement additional security measures to mitigate the risk of exploitation
Over 3400 High and Critical Cyber Alerts Recorded in First Half of 2024
Over 3,400 high-severity cybersecurity threats were recorded in the first half of 2024, marking a significant increase from previous years. This surge underscores the evolving sophistication of cyber attacks and the pressing need for robust security measures across organizations. Cybersecurity professionals must remain vigilant, continuously update their defense strategies, and prioritize addressing these high-severity threats to protect critical assets and data.
CISA Warns of Exploited Vulnerabilities Impacting Dahua Products
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about actively exploited vulnerabilities affecting various Dahua products, including IP cameras and video recorders. These critical flaws, if left unpatched, could allow attackers to bypass authentication, execute arbitrary code, and gain unauthorized access to sensitive systems. Cybersecurity professionals are strongly advised to apply the available patches immediately and implement additional security measures to mitigate the risk of exploitation.
SEC fines financial services firm for losing client money in two unrelated cyberattacks
The U.S. Securities and Exchange Commission (SEC) has imposed a $1.5 million fine on a financial services firm for inadequate cybersecurity measures that led to the loss of client funds. The firm’s failure to implement multi-factor authentication and other security controls resulted in unauthorized access to customer accounts and fraudulent wire transfers. This enforcement action underscores the SEC’s increasing focus on cybersecurity compliance in the financial sector and the critical importance of robust security measures to protect client assets.
European Parliament aware of flaws that lead to massive data breach, says noyb
The European Parliament is under scrutiny following a complaint filed by privacy advocacy group noyb, alleging a significant data breach involving the personal information of EU citizens who signed petitions. The complaint highlights potential violations of GDPR regulations, including the unauthorized transfer of data to the United States and the use of tracking technologies without proper consent. This incident underscores the ongoing challenges faced by governmental institutions in maintaining data privacy and compliance with stringent EU data protection laws.
McDonald’s hack unveiled as $700M Grimace meme coin crypto stunt
McDonald’s Instagram was hacked as part of a scheme to promote a Grimace-themed meme coin, leading to an inflated market capitalization of $20 million before it quickly crashed. The stunt, which generated $700,000 for the attackers, highlights the ongoing risks associated with the promotion of meme coins in the crypto space, often leveraging well-known brands and social media platforms. Although McDonald’s quickly regained control of the account, the incident underscores the persistent vulnerabilities in cybersecurity and the potential for market manipulation in the volatile world of cryptocurrency.
Oil giant Halliburton reportedly hit by cloud-based cyberattack
Halliburton, a major player in the global oil industry, is currently dealing with a significant cloud-based cyberattack, prompting the company to disconnect staff from internal networks as a precaution. The attack, which has affected operations at its Houston campus and other global networks, has led Halliburton to activate its incident response plan and engage external cybersecurity experts. This incident underscores the ongoing vulnerability of critical infrastructure sectors to cyber threats, echoing past attacks like the Colonial Pipeline ransomware incident that had widespread impacts on the energy supply chain.
Critical Flaw in WordPress LiteSpeed Cache Plugin Allows Hackers Admin Access
A critical vulnerability has been discovered in the WordPress LiteSpeed Cache plugin, potentially affecting over 4 million websites. This flaw allows unauthenticated attackers to execute arbitrary PHP code, granting them full control over vulnerable sites. WordPress administrators are strongly advised to update to the latest version of the plugin immediately to mitigate this severe security risk.
GitHub Patches Critical Security Flaw in Enterprise Server Granting Admin Privileges
GitHub has patched three significant security vulnerabilities in its Enterprise Server, including a critical flaw (CVE-2024-6800) that could allow attackers to gain unauthorized site administrator privileges via SAML SSO exploitation. The other two vulnerabilities involve incorrect authorization, potentially allowing unauthorized modifications to public repository issues and access to private repository contents. Organizations using affected versions of GitHub Enterprise Server are strongly urged to update immediately to mitigate the risk of unauthorized access and data breaches.
New Malware PG_MEM Targets PostgreSQL Databases for Crypto Mining
A new malware strain, PG_MEM, is targeting PostgreSQL databases with weak passwords, using brute-force attacks to gain access and deploy cryptocurrency mining operations. Once inside, the attackers exploit PostgreSQL’s “COPY … FROM PROGRAM” command to execute arbitrary shell commands, allowing them to drop malicious payloads, including a Monero miner, and strip superuser permissions to secure control. This attack highlights the critical need for robust password management and proper configuration to protect internet-facing databases from such threats.
Hardware Backdoor Discovered in RFID Cards Used in Hotels and Offices Worldwide
Cybersecurity researchers have discovered a hardware backdoor in MIFARE Classic RFID cards, specifically the FM11RF08S model, which could allow unauthorized access to hotel rooms and office doors globally. The backdoor, embedded by the manufacturer, enables attackers to bypass all user-defined keys within minutes, making these cards vulnerable to cloning and unauthorized entry. This discovery raises significant security concerns, particularly for hotels and offices using these widely deployed cards, as similar vulnerabilities have been identified in earlier card models dating back to 2007.