Sat.Nov 25, 2023

article thumbnail

Rhysida ransomware gang claimed China Energy hack

Security Affairs

The Rhysida ransomware group claimed to have hacked the Chinese state-owned energy conglomerate China Energy Engineering Corporation. The Rhysida ransomware gang added the China Energy Engineering Corporation to the list of victims on its Tor leak site. Energy China [link] TL;DR That's huuuge! China Energy Engineering Group ranks 3rd in ENR Top 150 Global Engineering Design Firms and 13th in ENR Top 250 Global Contractors.

article thumbnail

Atomic Stealer malware strikes macOS via fake browser updates

Bleeping Computer

The 'ClearFake' fake browser update campaign has expanded to macOS, targeting Apple computers with Atomic Stealer (AMOS) malware.

Malware 135
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

PoC Exploit Released for Apache NiFi Code Execution Vulnerability (CVE-2023-34212)

Penetration Testing

Security researcher Matei “Mal” Badanoiu disclosed the proof-of-concept (PoC) of a patched code execution vulnerability (CVE-2023-34212) that has been found to impact Apache NiFi. Assigned a CVSS score of 6.5, the flaw allows for... The post PoC Exploit Released for Apache NiFi Code Execution Vulnerability (CVE-2023-34212) appeared first on Penetration Testing.

article thumbnail

General Electric investigates claims of cyber attack, data theft

Bleeping Computer

General Electric is investigating claims that a threat actor breached the company's development environment in a cyberattack and leaked allegedly stolen data. [.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Chinese Hacker Group Chimera Invaded Dutch Chipmaker NXP for Nearly Three Years

Penetration Testing

In the murky world of cyber espionage, where nation-states and sophisticated hacking groups vie for secrets and intellectual property, the Dutch chipmaker NXP found itself at the center of a clandestine operation. For nearly... The post Chinese Hacker Group Chimera Invaded Dutch Chipmaker NXP for Nearly Three Years appeared first on Penetration Testing.

article thumbnail

Google’s Ad Blocker Crackdown Is Growing

WIRED Threat Level

Plus: North Korean supply chain attacks, a Russian USB worm spreads internationally, and more.

90
article thumbnail

North Korea-linked APT Lazarus is using a MagicLine4NX zero-day flaw in supply chain attack

Security Affairs

UK and South Korea agencies warn that North Korea-linked APT Lazarus is using a MagicLine4NX zero-day flaw in supply-chain attack The National Cyber Security Centre (NCSC) and Korea’s National Intelligence Service (NIS) released a joint warning that the North Korea-linked Lazarus hacking group is exploiting a zero-day vulnerability in the MagicLine4NX software to carry out supply-chain attacks.

Software 138