Cybersecurity

It's from MS, but I'll take anyways.

Summary: Attackers exploit critical vulnerabilities in OpenMetadata to access Kubernetes workloads and conduct cryptocurrency mining. Microsoft recommends updating OpenMetadata to version 1.3.1 or later and using Microsoft Defender for Cloud for detection of malicious activities. Relevant vulnerabilities include CVE-2024-28255, CVE-2024-28847, CVE-2024-28253, CVE-2024-28848, CVE-2024-28254.

IOCs (hashes with good detection rate on VT):

7c6f0bae1e588821bd5d66cd98f52b7005e054279748c2c851647097fa2ae2df 19a63bd5d18f955c0de550f072534aa7a6a6cc6b78a24fea4cc6ce23011ea01d 31cd1651752eae014c7ceaaf107f0bf8323b682ff5b24c683a683fdac7525bad

IP 8[.]222[.]144[.]60

IP 61[.]160[.]194[.]160

IP 8[.]130[.]115[.]208

[Edit: added summary]

The financially motivated threat actor FIN7 targeted a large U.S. car maker with spear-phishing emails for employees in the IT department to infect systems with the Anunak backdoor.

Steal browser cookies for edge, chrome and firefox through a BOF or exe! Cookie-Monster will extract the WebKit master key, locate a browser process with a

A new stealthy backdoor malware called Kapeka, likely created by Russia's APT group Sandworm, has been targeting Eastern Europe.

CVE-2024-24996 is described as a heap overflow in the WLInfoRailService component of the product, while CVE-2024-29204 is a heap overflow bug in the WLAvalancheService component. Both could allow a remote unauthenticated attacker to execute arbitrary commands, which is why they have been given a CVSS score of 9.8.

Nick Shevelyov, Senior Executive Reporter, Cyber Defense Magazine On February 7, 2024, the US Government Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory titled “PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S.

Cisco Dou warns of a third-party MFA-related breach. MGM Resorts sues to stop an FTC breach investigation. Meanwhile the FTC dings another mental telehealth service provider. Open Source foundations call for caution after social engineering attempts. The NSA shares guidance for securing AI systems. IntelBroker claims to have hit a US geospatial intelligence firm. The UK clamps down on deepfakes. Hard-coded passwords provide the key to smart-lock vulnerabilities. On our Industry Voices segment, Ryan Lougheed, Director of Product Management at Onspring, discusses the benefits of artificial intelligence in governance, risk and compliance (GRC). A Law Firm’s Misclick Ends 21 Years of Matrimony.

I'm not sure if this is the right place to ask, but here we go.

I run into scenarios like these quite often. There is some kind of stack based array (or character string in this case) which is initialized on declaration. Ghidra displays it like this in the decompilation window, which is, declaration first and initialization one element at a time. Is there a way to make Ghidra display a stack string like this on a single line? Something like:

wchar16 buf[22] = L"69F2a+18d346b/SQ5c65e";

This would be a lot nicer on the eyes.