Security

Infrastructure used to maintain and distribute the Linux operating system kernel was infected for two years, starting in 2009, by sophisticated malware that managed to get a hold of one of the developers’ most closely guarded resources: the /etc/shadow files that stored encrypted password data for more than 550 system users, researchers said Tuesday.

Apple on Monday released iOS & iPadOS 17.5, with a substantial part of that update incorporating a handful of security patches. At the very top of Apple’s “About the security content of iOS 17.5 and iPadOS 17.5” web page is CVE-2024-27804, a peculiar kernel vulnerability in AppleAVD which had the potential impact of an app being able to execute arbitrary code with kernel privileges.

When the activities of Russian hacker groups are exposed in a major public report and tied to a government agency—such as the Russian military's Sandworm unit, which has targeted Ukrainian electrical utilities to trigger three blackouts over the past decade, or the Russian foreign intelligence service's APT29, which is believed to have carried out the notorious SolarWinds supply chain attack—they tend to slink into the shadows and lay low until their next operation.

Google has updated its Chrome browser to patch a high-severity zero-day vulnerability that allows attackers to execute malicious code on end user devices. The fix marks the fifth time this year the company has updated the browser to protect users from an existing malicious exploit.

Boeing declined to pay a $200 million ransom in exchange for securing 43GB of data stolen by hackers, the aerospace company confirmed this week.

Boeing was hacked in October 2023 by the LockBit ransomware gang, which threatened to release what it said was a "tremendous amount" of sensitive data. LockBit eventually published data from the hack, including IT management software, monitoring logs, and auditing tools.

Technology giant Dell notified customers on Thursday that it experienced a data breach involving customers’ names and physical addresses.

In an email seen by TechCrunch and shared by several people on social media, the computer maker wrote that it was investigating “an incident involving a Dell portal, which contains a database with limited types of customer information related to purchases from Dell.”

China-linked hackers deployed a roster of different backdoors and Web shells in the process of compromising the MITRE Corporation late last year.

Last month news broke that MITRE, best known for its Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) framework, was breached through Ivanti Connect Secure zero-day vulnerabilities. The hackers accessed its Networked Experimentation, Research, and Virtualization Environment (NERVE), an unclassified research and development network.

Hackers are using a new Mac malware to launch attacks against both newer Macs running Apple Silicon as well as older Intel-based Macs.

As reported by The Hacker News, the malware in question has been dubbed Cuckoo by security researchers at the device management company Kandji. Besides targeting both newer and older Macs, what sets Cuckoo apart is that it behaves like a cross between infostealer malware and spyware.

In April, Apple sent notifications to iPhone users in 92 countries, warning them they’d been targeted with spyware. “Apple detected that you are being targeted by a mercenary spyware attack that is trying to remotely compromise the iPhone associated with your Apple ID,” the notification reads.

Users quickly took to social media sites including X, trying to work out what the notification meant. Many of those targeted were based in India, but others in Europe also reported receiving Apple’s warning.

Earlier this year, we shared the story of how a classic NES Tetris player hit the game's "kill screen" for the first time, activating a crash after an incredible 40-minute, 1,511-line performance. Now, some players are using that kill screen—and some complicated memory manipulation it enables—to code new behaviors into versions of Tetris running on unmodified hardware and cartridges.