MILLIONS OF PC MOTHERBOARDS WERE SOLD WITH A FIRMWARE BACKDOOR BY ANDY GREENBERG

Researchers recently discovered a hidden mechanism in the firmware of motherboards sold by the Taiwanese manufacturer Gigabyte, whose components are commonly used in gaming PCs and other high-performance computers, potentially allowing the mechanism to be hijacked and used to install malware instead of Gigabyte’s intended program. “If you have one of these machines, you have to worry about the fact that it’s basically grabbing something from the internet and running it without you being involved, and hasn’t done any of this securely,” according to one of the researchers.

Read more

US INTELLIGENCE RESEARCH AGENCY EXAMINES CYBER PSYCHOLOGY TO OUTWIT CRIMINAL HACKERS BY ELIAS GROLL

The U.S. intelligence community’s moonshot research division, dubbed the Intelligence Advanced Research Projects Activity, is researching cyber psychology to better understand hackers’ psychology, discover their blind spots and build software that exploits these deficiencies to improve computer security. According to IARPA program manager Kimberly Ferguson-Walter, who is overseeing the initiative, “When you look at how attackers gain access, they often take advantage of human limitations and errors, but our defenses don’t do that.” Read more about the researchers' methods of finding so-called "cognitive vulnerabilities" and how those vulnerabilities may be exploited by hackers.

Read more

PyPI ANNOUNCES MANDATORY USE OF 2FA FOR ALL SOFTWARE PUBLISHERS BY BILL TOULAS

In an effort to reduce the risk of supply chain attacks and malware uploads, as well as support their long-term commitment to enhancing security on the platform, PyPI has announced that it will require every account that manages a project on the platform to have two-factor authentication turned on by the end of the year. Per their recent announcement, “The most important things you can do to prepare are to enable 2FA for your account as soon as possible, either with a security device (preferred) or an authentication app, and to switch to using either Trusted Publishers (preferred) or API tokens to upload to PyPI.”

Read more

NEW HACKING FORUM LEAKS DATA OF 478,000 RAIDFORUMS MEMBERS BY LAWRENCE ABRAMS

A database for RaidForums, a very popular and notorious hacking and data leak forum known for hosting, leaking, and selling data stolen from breached organizations, has been leaked online, allowing threat actors and security researchers insight into the people who frequented the forum. This development comes only months after the RaidForums website and infrastructure were seized in an international law enforcement operation, with the site's administrator and two accomplices arrested. The leaked data reportedly consists of a single SQL file with the registration information for 478,870 RaidForums members, including their usernames, email addresses, hashed passwords, registration dates, and a variety of other information related to the forum software.

Read more

CISA WARNS GOVT AGENCIES OF RECENTLY PATCHED BARRACUDA ZERO-DAY BY SERGIU GATLAN

CISA warned of a recently patched zero-day vulnerability exploited last week (cataloged as CVE-2023-2868) to hack into Barracuda Email Security Gateway (ESG) appliances. While Federal Civilian Executive Branch Agencies (FCEB) agencies have been ordered to patch or mitigate the vulnerability, Barracuda has reportedly already patched all vulnerable devices by applying two security patches over the weekend. The zero-day was limited to Barracuda's ESG product, but customers have been advised to review their environments to ensure the attackers didn't gain access to other devices on their network and federal agencies will be following suit.

Read more