はてなブックマーク

Oracle has finally acknowledged to some customers that attackers have stolen old client credentials after breaching a "legacy environment" last used in 2017, Bloomberg reported. However, while Oracle told clients this is old legacy data that is not sensitive, the threat actor behind the attack has shared data with BleepingComputer from the end of 2024 and posted newer records from 2025 on a hackin

HomeNewsSecurityMax severity RCE flaw discovered in widely used Apache Parquet A maximum severity remote code execution (RCE) vulnerability has been discovered impacting all versions of Apache Parquet up to and including 1.15.0. The problem stems from the deserialization of untrusted data that could allow attackers with specially crafted Parquet files to gain control of target systems, exfiltrate

HomeNewsSecurityOracle customers confirm data stolen in alleged cloud breach is valid Despite Oracle denying a breach of its Oracle Cloud federated SSO login servers and the theft of account data for 6 million people, BleepingComputer has confirmed with multiple companies that associated data samples shared by the threat actor are valid. Last week, a person named ‘rose87168’ claimed to have breach

HomeNewsSecurityOracle denies breach after hacker claims theft of 6 million data records Oracle denies it was breached after a threat actor claimed to be selling 6 million data records allegedly stolen from the company's Oracle Cloud federated SSO login servers. "There has been no breach of Oracle Cloud. The published credentials are not for the Oracle Cloud. No Oracle Cloud customers experienced

HomeNewsSecurityUndocumented commands found in Bluetooth chip used by a billion devices Update 3/9/25: After receiving concerns about the use of the term 'backdoor' to refer to these undocumented commands, we have updated our title and story. Our original story can be found here. The ubiquitous ESP32 microchip made by Chinese manufacturer Espressif and used by over 1 billion units as of 2023 conta

HomeNewsSecurityRansomware gang encrypted network from a webcam to bypass EDR The Akira ransomware gang was spotted using an unsecured webcam to launch encryption attacks on a victim's network, effectively circumventing Endpoint Detection and Response (EDR), which was blocking the encryptor in Windows. Cybersecurity firm S-RM team discovered the unusual attack method during a recent incident respo

HomeNewsSecurityVSCode extensions with 9 million installs pulled over security risks Microsoft has removed two popular VSCode extensions, 'Material Theme – Free' and  'Material Theme Icons – Free,' from the Visual Studio Marketplace for allegedly containing malicious code. The two extensions are very popular, having been downloaded nearly 9 million times in total, with users now receiving alerts i

An attempt to block a phishing URL in Cloudflare's R2 object storage platform backfired yesterday, triggering a widespread outage that brought down multiple services for nearly an hour. Cloudflare R2 is an object storage service similar to Amazon S3, designed for scalable, durable, and low-cost data storage. It offers cost-free data retrievals, S3 compatibility, data replication across multiple lo

According to cybersecurity expert Kevin Beaumont, each IP address has a configuration.conf (Fortigate config dump) and a vpn-passwords.txt file, with some of the passwords in plain text. The configs also contain sensitive information, such as private keys and firewall rules. In a blog post about the FortiGate leak, Beaumont says that the leak is believed to be linked to a 2022 zero-day tracked as 

HomeNewsSecuritySix password takeaways from the updated NIST cybersecurity framework Password security is changing — and updated guidelines from the National Institute of Standards and Technology (NIST) reject outdated practices in favor of more effective protections. Don't have time to read the 35,000-word guidelines? No problem. Here are the six takeaways from NIST’s new guidance that your organ

HomeNewsSecurityPhishing emails increasingly use SVG attachments to evade detection Threat actors increasingly use Scalable Vector Graphics (SVG) attachments to display phishing forms or deploy malware while evading detection. Most images on the web are JPG or PNG files, which are made of grids of tiny squares called pixels. Each pixel has a specific color value, and together, these pixels form th

HomeNewsSecuritySecurity plugin flaw in millions of WordPress sites gives admin access A critical authentication bypass vulnerability has been discovered impacting the WordPress plugin 'Really Simple Security' (formerly 'Really Simple SSL'), including both free and Pro versions. Really Simple Security is a security plugin for the WordPress platform, offering SSL configuration, login protection, a

​VMware has announced that its VMware Fusion and VMware Workstation desktop hypervisors are now free to everyone for commercial, educational, and personal use. In May, the company also made VMware Workstation Pro and Fusion Pro free for personal use, allowing students and home users to set up virtualized test labs and experiment with other OSs by running virtual machines and Kubernetes clusters on

HomeNewsSecurityMicrosoft SharePoint RCE bug exploited to breach corporate network A recently disclosed Microsoft SharePoint remote code execution (RCE) vulnerability tracked as CVE-2024-38094 is being exploited to gain initial access to corporate networks. CVE-2024-38094 is a high-severity (CVSS v3.1 score: 7.2) RCE flaw impacting Microsoft SharePoint, a widely used web-based platform functioning

HomeNewsSecurityMicrosoft warns it lost some customer's security logs for a month Microsoft is warning enterprise customers that, for almost a month, a bug caused critical logs to be partially lost, putting at risk companies that rely on this data to detect unauthorized activity. The issue was first reported by Business Insider earlier this month, who reported that Microsoft had began notifying cu

HomeNewsSecurityInternet Archive hacked, data breach impacts 31 million users Update on 10/20/24 added to the bottom of this article. Internet Archive's "The Wayback Machine" has suffered a data breach after a threat actor compromised the website and stole a user authentication database containing 31 million unique records. News of the breach began circulating Wednesday afternoon after visitors to

HomeNewsSecurityGoogle removes Kaspersky's antivirus software from Play Store Over the weekend, Google removed Kaspersky's Android security apps from the Google Play store and disabled the Russian company's developer accounts. Users have been reporting over the last week that Kaspersky's products (including Kaspersky Endpoint Security and VPN & Antivirus by Kaspersky) are no longer available on Go

HomeNewsSecurityFortinet confirms data breach after hacker claims to steal 440GB of files Cybersecurity giant Fortinet has confirmed it suffered a data breach after a threat actor claimed to steal 440GB of files from the company's Microsoft Sharepoint server. Fortinet is one of the largest cybersecurity companies in the world, selling secure networking products like firewalls, routers, and VPN dev

Toyota confirmed that customer data was exposed in a third-party data breach after a threat actor leaked an archive of 240GB of stolen data on a hacking forum. "We are aware of the situation. The issue is limited in scope and is not a system wide issue," Toyota told BleepingComputer when asked to validate the threat actor's claims. The company added that it's "engaged with those who are impacted a

HomeNewsMicrosoftWindows 11 taskbar has a hidden "End Task" feature, how to turn it on Microsoft has added a new feature to Windows 11 that allows you to end tasks directly from the taskbar, but it's turned off by default. While Windows has had a 'Close Window' option when right-clicking on a taskbar icon, it would only close the particular Window associated with the right-clicked icon. If that pr

HomeNewsSecurityHackers abused API to verify millions of Authy MFA phone numbers Twilio has confirmed that an unsecured API endpoint allowed threat actors to verify the phone numbers of millions of Authy multi-factor authentication users, potentially making them vulnerable to SMS phishing and SIM swapping attacks. Authy is a mobile app that generates multi-factor authentication codes at websites w

HomeNewsSecurityNSA warns of North Korean hackers exploiting weak DMARC email policies The NSA and FBI warned that the APT43 North Korea-linked hacking group exploits weak email Domain-based Message Authentication Reporting and Conformance (DMARC) policies to mask spearphishing attacks. Together with the U.S. State Department, the two agencies cautioned that the attackers abuse misconfigured DMARC

Japanese police placed fake payment cards in convenience stores to protect the elderly targeted by tech support scams or unpaid money fraud. The cards are labeled "Virus Trojan Horse Removal Payment Card" and "Unpaid Bill Late Fee Payment Card," and were created by the Echizen Police in the Fukui prefecture in Japan as an alert mechanism. Their purpose is to warn elder victims seeking payment card

HomeNewsSecurityIsrael warns of BiBi wiper attacks targeting Linux and Windows Data-wiping attacks are becoming more frequent on Israeli computers as researchers discovered variants of the BiBi malware family that destroys data on both Linux and Windows systems. Over the weekend, Israel's CERT published an alert with rules that could help organizations identify or prevent the threat actors' activi

1Password, a popular password management platform used by over 100,000 businesses, suffered a security incident after hackers gained access to its Okta ID management tenant. "We detected suspicious activity on our Okta instance related to their Support System incident. After a thorough investigation, we concluded that no 1Password user data was accessed," reads a very brief security incident notif