Hacker News with Generative AI: Cybersecurity

Still Standing [4chan] (4chan.org)
On the afternoon of April 14th, a hacker using a UK IP address exploited an out-of-date software package on one of 4chan’s servers, via a bogus PDF upload.
FBI offers $10M for information about Salt Typhoon members (arstechnica.com)
The FBI is offering $10 million for information about the China-state hacking group tracked as Salt Typhoon and its intrusion last year into sensitive networks belonging to multiple US telecommunications companies.
$6.7M stolen from city of Portland in phishing scheme (oregonlive.com)
A person posing as a city of Portland vendor persuaded a city employee to send them a link allowing them to redirect $6.7 million meant for a legitimate vendor to them, a lawsuit filed in New York this month says.
Unpatched Microsoft zero-day has been exploited by DPRK, Iran, Russia, and China (trendmicro.com)
Trend Zero Day Initiative™ (ZDI) uncovered both state-sponsored and cybercriminal groups extensively exploiting ZDI-CAN-25373 (aka ZDI-25-148), a Windows .lnk file vulnerability that enables hidden command execution.
2024 FBI Internet Crime Report [pdf] (ic3.gov)
Ransomware scum bilked victims out of a 'staggering' $16.6B last year, says FBI (theregister.com)
Digital scammers and extortionists bilked businesses and individuals in the US out of a "staggering" $16.6 billion last year, according to the FBI — the highest losses recorded since bureau’s Internet Crime Complaint Center (IC3) started tracking them 25 years ago.
Ex-NSA chief warns AI devs: Don't repeat infosec's early-day screwups (theregister.com)
AI engineers should take a lesson from the early days of cybersecurity and bake safety and security into their models during development, rather than trying to bolt it on after the fact, according to former NSA boss Mike Rogers.
'They cannot be jammed': fibre optic drones pose new threat in Ukraine (theguardian.com)
On the battlefields of Ukraine, new sights emerge. Thread-like filaments of wire, extended across open fields. Netting rigged up between trees along key supply roads. Both are responses to a hard-to-detect weapon able to sneak into spaces previously thought safe, hi tech and low tech all at once.
America's cyber defenses are being dismantled from the inside (theregister.com)
America's cyber defenses are being dismantled from the inside
Hacking US crosswalks to talk like Zuck is as easy as 1234 (theregister.com)
Video Crosswalk buttons in various US cities were hijacked over the past week or so to – rather than robotically tell people it's safe to walk or wait – instead emit the AI-spoofed voices of Jeff Bezos, Elon Musk, and Mark Zuckerberg.
M&S (Marks and Spencer) Cyber Incident Update (londonstockexchange.com)
CISA officials jump ship, both proud of pushing for Secure by Design software (theregister.com)
Two top officials have resigned from Uncle Sam's Cybersecurity and Infrastructure Security Agency, aka CISA, furthering fears of a brain drain amid White House cuts to the federal workforce.
CISA's Secure by Design initiative in limbo after key leaders resign (cybersecuritydive.com)
The future of the federal government’s software-security advocacy campaign is in doubt following the departure of the two Cybersecurity and Infrastructure Security Agency officials who oversaw the program.
AI is helping fraudsters pump out scamming campaigns in minutes (techradar.com)
1Password Service Is Unavailable (1password.com)
We are currently investigating a service disruption affecting our the 1Password web interface. Our engineering team is actively working to identify and resolve the issue.
Whistleblower: DOGE siphoned NLRB case data (krebsonsecurity.com)
A security architect with the National Labor Relations Board (NLRB) alleges that employees from Elon Musk‘s Department of Government Efficiency (DOGE) transferred gigabytes of sensitive data from agency case files in early March, using short-lived accounts configured to leave few traces of network activity.
AI hallucinations lead to a new cyber threat: Slopsquatting (csoonline.com)
Cybersecurity researchers are warning of a new type of supply chain attack, Slopsquatting, induced by a hallucinating generative AI model recommending non-existent dependencies.
Bulletproof hosting provider Proton66 steps-up malware campaigns (scworld.com)
The Russian bulletproof hosting provider Proton66 was observed conducting malware campaigns that compromised WordPress sites and then leveraged them to target Android devices.
Oracle hopes talk of cloud data theft dies off. CISA just resurrected it (theregister.com)
CISA – the US government's Cybersecurity and Infrastructure Security Agency – has issued an alert for those who missed Oracle grudgingly admitting some customer data was stolen from the database giant's public cloud infrastructure.
Krebs resigns from SentinelOne after Trump revokes clearances (theregister.com)
Chris Krebs, the former head of the US Cybersecurity and Infrastructure Security Agency (CISA) and a longtime Trump target, has resigned from SentinelOne following a recent executive order that targeted him and revoked the security clearances of everybody at the company.
4Chan was hacked and has been down for 4 days (pcworld.com)
A few days ago, on April 14, the infamous internet forum known as 4chan.org was subjected to a major hacking attack, which took down the site and made it inaccessible.
Can We Trust CVE? (opensourcesecurity.io)
If you are a security nerd, and even if you’re not, you probably heard about the epic CVE mess that happened. It’s a very long story and was covered in many places, but the TL;DR was the funding for CVE fell through, panic ensued, then CISA found some temporary funds to keep the lights, so everything is fine and we can all go back to normal.
Ssl.com: DCV bypass and issue fake certificates for any MX hostname (mozilla.org)
SSL.com failed to conduct accurate domain validation control when utilizing the BR 3.2.2.4.14 DCV method (Email to DNS TXT Contact). It incorrectly marks the hostname of the approver's email address as a verified domain, which is completely erroneous.
CISA warns threat hunting staff of end to Google, Censys contracts due to cuts (nextgov.com)
Hundreds of staff in the Cybersecurity and Infrastructure Security Agency were notified this week that the organization discontinued one cybersecurity tool and is preparing to retire another focused on threat hunting, according to two people familiar with the matter and internal email correspondence seen by Nextgov/FCW.
Im launching a community of dis-regulation hackers (unblend.me)
Cisco Webex bug lets hackers gain code execution via meeting links (bleepingcomputer.com)
Cisco has released security updates for a high-severity Webex vulnerability that allows unauthenticated attackers to gain client-side remote code execution using malicious meeting invite links.
Whistleblower: Doge came in, data went out, and Russians started to login (threadreaderapp.com)
🧵 THREAD: A federal whistleblower just dropped one of the most disturbing cybersecurity disclosures I’ve ever read.
CVE fallout: The splintering of the standard vulnerability tracking system (theregister.com)
The splintering of the global system for identifying and tracking security bugs in technology products has begun.
Deafening Silence from the Cybersecurity Industry (forbes.com)
In the world of cybersecurity, where truth is paramount and trust is everything, silence can be louder than an alarm.
Doge came in, data went out, and Russians started attempting logins (twitter.com)
Something went wrong, but don’t fret — let’s give it another shot.