Cybersecurity

The FBI announced on Monday that it seized the servers and websites of the Radar/Dispossessor ransomware operation following a joint international investigation.

The treaty would allow any country to request technology firms to aid in cybercrime investigations and preserve data about their users — potentially imperiling penetration testers and security researchers, among others.

South Korea's ruling party, People Power Party (PPP), claims that North Korean hackers have stolen crucial information about K2 tanks, the country's main battle tank, as well as its "Baekdu" and "Geumgang" spy planes.

Attackers impersonating the Security Service of Ukraine (SSU) have used malicious spam emails to target and compromise systems belonging to the country's government agencies.

The company has decided not to extend these updates to its Ryzen 1000, 2000, and 3000 series processors or its Threadripper 1000 and 2000 models.

A series of targeted cyberattacks that started at the end of July 2024, targeting dozens of systems used in Russian government organizations and IT companies, are linked to Chinese hackers of the APT31 and APT 27 groups.

"Modern consumers have come to imagine the internet as something unseen in the atmosphere – an invisible “cloud” just above our heads, raining data down upon us. Because our devices aren’t tethered to any cables, many of us believe the whole thing is wireless, says Starosielski, but the reality is far more extraordinary..."

The vulnerabilities, which have been patched, may have novel appeal to attackers as an avenue to compromising phones.

An ongoing and widespread malware campaign force-installed malicious Google Chrome and Microsoft Edge browser extensions in over 300,000 browsers, modifying the browser's executables to hijack homepages and steal browsing history.

'The intuition was to take the complexity and push it onto the user,' Moxie Marlinspike says at Black Hat. 'We were just wrong.'

AMD is warning about a high-severity CPU vulnerability named SinkClose that impacts multiple generations of its EPYC, Ryzen, and Threadripper processors. The vulnerability allows attackers with Kernel-level (Ring 0) privileges to gain Ring -2 privileges and install malware that becomes nearly undetectable.

Tracked as CVE-2023-31315 and rated of high severity (CVSS score: 7.5), the flaw was discovered by IOActive Enrique Nissim and Krzysztof Okupski, who named privilege elevation attack 'Sinkclose.'

Full details about the attack will be presented by the researchers at tomorrow in a DefCon talk titled "AMD Sinkclose: Universal Ring-2 Privilege Escalation."

• CVE-2023-31315
• AMD-SB-7014