Attack – OWASP Jakarta

CISA: No Wider Federal Impact from Treasury Cyber Attack, Investigation Ongoing

CISA: No Wider Federal Impact from Treasury Cyber Attack, Investigation Ongoing The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday said there are no indications that the cyber attack targeting the Treasury Department impacted other federal agencies. The agency said it’s working closely with the Treasury Department and BeyondTrust Read more…

By adminowasp, 6 months ago

News

New AI Jailbreak Method 'Bad Likert Judge' Boosts Attack Success Rates by Over 60%

New AI Jailbreak Method 'Bad Likert Judge' Boosts Attack Success Rates by Over 60% Cybersecurity researchers have shed light on a new jailbreak technique that could be used to get past a large language model’s (LLM) safety guardrails and produce potentially harmful or malicious responses. The multi-turn (aka many-shot) attack Read more…

By adminowasp, 6 months ago

News

Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack

Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack The developers of Rspack have revealed that two of their npm packages, @rspack/core and @rspack/cli, were compromised in a software supply chain attack that allowed a malicious actor to publish malicious versions to the official package registry with Read more…

By adminowasp, 6 months ago

News

Europol Dismantles 27 DDoS Attack Platforms Across 15 Nations; Admins Arrested

Europol Dismantles 27 DDoS Attack Platforms Across 15 Nations; Admins Arrested A global law enforcement operation has failed 27 stresser services that were used to conduct distributed denial-of-service (DDoS) attacks and took them offline as part of a multi-year international exercise called PowerOFF. The effort, coordinated by Europol and involving Read more…

By adminowasp, 7 months ago

News

Warning: Over 2,000 Palo Alto Networks Devices Hacked in Ongoing Attack Campaign

Warning: Over 2,000 Palo Alto Networks Devices Hacked in Ongoing Attack Campaign As many as 2,000 Palo Alto Networks devices are estimated to have been compromised as part of a campaign abusing the newly disclosed security flaws that have come under active exploitation in the wild. According to statistics shared Read more…

By adminowasp, 7 months ago

News

PyPI Attack: ChatGPT, Claude Impersonators Deliver JarkaStealer via Python Libraries

PyPI Attack: ChatGPT, Claude Impersonators Deliver JarkaStealer via Python Libraries Cybersecurity researchers have discovered two malicious packages uploaded to the Python Package Index (PyPI) repository that impersonated popular artificial intelligence (AI) models like OpenAI ChatGPT and Anthropic Claude to deliver an information stealer called JarkaStealer. The packages, named gptplus and Read more…

By adminowasp, 7 months ago

News

Latest Multi-Stage Attack Scenarios with Real-World Examples

Latest Multi-Stage Attack Scenarios with Real-World Examples Multi-stage cyber attacks, characterized by their complex execution chains, are designed to avoid detection and trick victims into a false sense of security. Knowing how they operate is the first step to building a solid defense strategy against them. Let’s examine real-world examples Read more…

By adminowasp, 7 months ago

News

VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware

VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware Nov 06, 2024Ravie LakshmananSaaS Security / Threat Detection An ongoing threat campaign dubbed VEILDrive has been observed taking advantage of legitimate services from Microsoft, including Teams, SharePoint, Quick Assist, and OneDrive, as part of its modus operandi. “Leveraging Microsoft Read more…

By adminowasp, 8 months ago

A glowing privacy policy document with digital padlocks surround

News

Rhysida ransomware attack on Columbus claimed 500K victims

Rhysida ransomware attack on Columbus claimed 500K victims The City of Columbus, Ohio, confirmed Nov. 1 that 500,000 people were affected by a July 18 ransomware attack that was claimed by the Rhysida gang. In a filing with Maine’s attorney general, the city said the personal information that may have Read more…

By adminowasp, 8 monthsNovember 5, 2024 ago

News

LottieFiles ends crypto wallet-targeting supply chain attack • The Register

LottieFiles ends crypto wallet-targeting supply chain attack • The Register LottieFiles is overcoming something of a Halloween fright after battling to regain control of a compromised developer account that was used to exploit users’ crypto wallets. Nattu Adnan, co-founder and CTO at LottieFiles – best known for its popular website Read more…

By adminowasp, 8 monthsNovember 1, 2024 ago