Sweden seizes vessel after another undersea cable damaged • The Register - Trans-Baltic cables between Latvia and Sweden were attacked the 26th. This makes the third cable in 2 months in the Baltics. The first being a Between Finland-and-Estonia and Finland-and-Sweden.
China and frieds say they’re hurting cyber-slave scam camps • The Register - China and other Asian nations (Cambodia, Laos, Myanmar, Thailand, Vietnam) are concentrating on cyber-scam slave camps. Many tech-support and romance scams are staffed by human slaves in border regions in Myanmar, Laos, Cambodia, and Thailand. China estimates 100k of its citizens are currently held in these camps.
Court rules FISA Section 702 surveillance unconstitutional • The Register - In a rare win for the 4th Amendment, a Federal Judge has ruled that the feds 702 powers violated the constitutional rights of a suspect.
SonicWall says hackers are exploiting a new zero-day bug to breach customer networks | TechCrunch - a CVS of 9.8, SonicWall says bad guys can implant malware to their SMA1000 remote access appliances.
Microsoft tests ‘scareware blocker’ for Edge that uses computer vision to detect scams | TechCrunch - Microsoft can’t resist the urge to literally record everything you do on your computer screen. First with CoPilot, now to stop scary notifications pop-ups.
FBI: North Korean IT workers steal source code to extort employers - FBI says N.Korean tech workers are stealing up important source code, then extorting the companies who hired them.
Mirai Botnet Launches Record 5.6 Tbps DDoS Attack with 13,000+ IoT Devices - the Mirai botnet, long a scourge of the internet came from over 5500 unique IP addresses per second and included around 13k devices. We still don’t know the top range of the ever growing Mirai botnet, but this weeks attacked reached 5.6 Terabits per second.
Hackers Exploit Zero-Day in cnPilot Routers to Deploy AIRASHI DDoS Botnet - Hackers are continuing to target unprotected and unpatched edge equipment. This attack hit cnPilot routers, AVTech IP Cams, Lilin DVRs and Shenzhen TVT camera devices.
Beware: Fake CAPTCHA Campaign Spreads Lumma Stealer in Multi-Industry Attacks - Don’t copy paste anything. Especially for a captcha.
Android’s New Identity Check Feature Locks Device Settings Outside Trusted Locations - Android will be offering location lock for certain settings.
RANsacked: Over 100 Security Flaws Found in LTE and 5G Network Implementations - 119 vulns assigned to 97 CVE identifiers across 7 LTE implementations (srsRAN, NextEPC, SD-Core, Athonet, OpenAirInterface, Magma, and Open5GS), Every one of the >100 vulnerabilities discussed below can be used to persistently disrupt all cellular communications (phone calls, messaging and data) at a city-wide level," the researchers said. An attacker can reliably and continuously crash the MME (Mobility Management Entity) or Access and Mobility Management Function (AMF) in a 5g network with a single unauthenticated packet. Of the 119 vulnerabilities discovered, 79 were found in MME implementations, 36 in AMF implementations, and four in SGW implementations. Twenty-five shortcomings lead to Non-Access Stratum (NAS) pre-authentication attacks that can be carried out by an arbitrary cellphone
OAuth Redirect Flaw in Airline Travel Integration Exposes Millions to Account Hijacking - Third Party Risk becomes our Risk.
Cloudflare CDN flaw leaks user location data, even through secure chat apps - Content-Delivery Networks can be helpful in distributing assets across the globe, and in finding out just exactly where you might be. between 50 and 300 miles.
Apple plugs exploited security hole in iOS, updates macOS • The Register - Apple zero-day being exploited in iThings. Patch patch patch.
President Trump Pardons Silk Road Creator Ross Ulbricht After 11 Years in Prison - Ulbricht, the creator of the Silk Road, one of the first dark-web marketplaces was arrested and given a double life sentence plus 40 years. One of the longest sentences ever give for a non-violent crime.
US government freezes funding for cyber aid to allies • The Register - US Gov freezes all aid for 90 days to ensure that any funding aligns with Trumps America First policy. The US is the largest provider of aid among all NATO nations, with US Aid reaching Trillions. Part of this freeze includes money from the CDP (Cybersecurity and Digital Policy) team in the State Dept. This money is usually utilized by allies after significant cyber attacks. Including millions to Costa Rica and Albania.
Trump admin fires security board investigating Chinese hack of large ISPs - Ars Technica - amid Trumps other Executive Orders, a new order fired all members of advisory committees, even the unpaid ones. These included the Department of Homeland Security’s Cyber Safety Review board that were investigating the largest attack on US Telecom networks in history. Request for comment resulted in a boilerplate response. “Effective immediately, the Department of Homeland Security will no longer tolerate any advisory committee[s] which push agendas that attempt to undermine its national security mission, the President’s agenda or Constitutional rights of Americans,” the DHS statement said.
Mysterious backdoor found on select Juniper routers • The Register - backdoors have been found inserted since 2023 in semiconductor plants, energy, and other manufacturing. Resides in memory, never writing to disk, and waits for one of five magic packets to arrive. Victim orgs are in the US, UK, Norway, Netherlands, Russia, Armenia, Brazil, and Colombia. Once the packets are received, threat actors have complete control of the networking equipment via a reverse shell.
Cisco warns of denial of service flaw with PoC exploit code - CLAM AV can be crashed with by an unauthenticated remote attacker to create a Denial of Service situation, preventing the scanning of future objects. Cisco has said that this won’t effect the functioning of the device.