Cisco notifies ‘limited set’ of customers after hacker accessed non-public files
Cisco said it has notified a limited set of customers about files that were accessed by a hacker during an incident announced in October. The tech giant has repeatedly denied that it suffered a breach but said on October 18 its investigation into the incident revealed that a threat actor downloaded data on a public-facing DevHub environment — a platform the company uses to make software code, scripts and more available for customers. Cisco admitted that a “small number of files that were not authorized for public download may have been published.”
Researchers at the Satori Threat Intelligence and Research team have published their findings about a group of cybercriminals that infect legitimate web shops to create and promote fake product listings. The threat, dubbed “Phish ‘n Ships” by the researchers, reportedly infected more than 1,000 websites and built 121 fake web stores to trick consumers. Estimated losses are in the region of tens of millions of dollars over the past five years. The group infected legitimate web shops with a malicious payload that would redirect visitors to web shops under their own control. While visiting such an affected web shop the visitor would be served fake product listings. When they clicked on the link for that item, hundreds of thousands of victims were redirected.
Google Researchers Claim First Vulnerability Found Using AI
Researchers from Google Project Zero and Google DeepMind have found their first real-world vulnerability using a large language model (LLM). In a November 1 blog post, Google Project Zero researchers said the vulnerability is an exploitable stack buffer underflow in SQLite, a widely used open-source database engine. A team from Project Zero and DeepMind, working under the Big Sleep project, found the flaw in early October before it appeared in an official release. They immediately reported it to the developers, who fixed it the same day. SQLite users were not impacted.
Canadian Authorities Arrest Suspected Snowflake Hacker
Canadian authorities have reportedly arrested an individual suspected of orchestrating a large-scale campaign leading to the compromise of Snowflake accounts belonging to 165 organizations. The campaign came to light in late May, after Snowflake warned that a limited number of customers that did not have their accounts protected with multi-factor authentication were targeted by threat actors. In June, Mandiant, which was involved in investigating the attacks, revealed that the attackers used credentials compromised in previous information stealer infections to access the improperly protected accounts.
Office apps crash on Windows 11 24H2 PCs with CrowdStrike antivirus
Another week, another issue with Windows 11 24H2 cropping up. It’s been over a month since the major Windows 11 update began rolling out to users and we’ve seen network connectivity issues, blue screen crashes, and rescue patches that fail to install. It’s gotten to the point where Microsoft has had to block the update for affected devices. But even as Microsoft works on fixing the numerous issues already in play, more problems are surfacing — like a recent issue involving Microsoft Office apps crashing when a particular antivirus software is installed on your system, .
Mozilla is eliminating its advocacy division, which fought for a free and open web
The Mozilla Foundation laid off 30 percent of its workforce and completely eliminated its advocacy and global programs divisions, TechCrunch reports. While Mozilla is best known for its Firefox web browser, the Mozilla Foundation — the parent of the Mozilla Corporation — describes itself as standing up “for the health of the internet.” With its advocacy and global programs divisions gone, its impact may be lessened going forward.