Attacks & Vulnerabilities |
Ransomware Attack Disrupts Local Emergency Alert System Across US (3 minute read)
A ransomware attack hit the OnSolve CodeRED emergency alert system, affecting local agencies nationwide in the US and leading to a data breach. Hackers accessed user data and encrypted systems, causing some areas to lose emergency notification capabilities. Crisis24, a platform provider, is transitioning agencies to a new system and has advised users to change reused passwords. |
Harvard University reveals data breach hitting alumni and donors (3 minute read)
Harvard University suffered a data breach after a voice phishing attack compromised its Alumni Affairs and Development systems. Personal data like addresses, emails, and phone numbers of alumni, donors, and students were exposed, though financial details and passwords were not affected. Harvard is working with law enforcement. It has warned affected individuals to watch out for phishing attempts. |
Chrome Extension Caught Injecting Hidden Solana Transfer Fees Into Raydium Swaps (2 minute read)
A malicious Chrome extension called "Crypto Copilot" (still available, with 12 installs) silently injects hidden SystemProgram.transfer instructions into Raydium DEX swaps, siphoning 0.0013 SOL minimum or 0.05% of trades over 2.6 SOL to a hardcoded attacker wallet before users sign transactions. The extension uses obfuscation via minification and variable renaming, communicates with a fake backend at crypto-coplilot-dashboard.vercel[.]app, and leverages legitimate services like DexScreener and Helius RPC to appear trustworthy while bypassing Chrome Web Store review. Crypto users should audit all transaction instructions before signing and avoid installing browser extensions that request wallet access. Security teams should monitor for wallet-draining extensions targeting DeFi platforms. |
|
A Complete Guide to Transport Layer Security (TLS) Authentication (19 minute read)
This comprehensive guide covers TLS authentication fundamentals, including the handshake process, certificate validation chain, and the distinction between server-only authentication and mutual TLS (mTLS) for high-security environments. Key recommendations include enforcing TLS 1.3 (or 1.2 minimum), using forward secrecy cipher suites with ECDHE, storing private keys in HSMs/KMS, and automating certificate lifecycle management via the ACME protocol. For modern architectures, the article emphasizes layering TLS with OAuth 2.0/OIDC for combined machine and user authentication and leveraging service meshes such as Istio for automated mTLS across microservices. |
Desktop Application Security Standard: Introducing DASVS (6 minute read)
The Desktop Application Security Verification Standard (DASVS) is a comprehensive framework for addressing the unique security challenges of desktop applications across Windows, macOS, and Linux. Unlike web or mobile apps, desktop applications operate with significant system access, which demands specialized security controls. DASVS aims to provide clear, actionable verification rules and is being extended with guides and automated assessment tools to help organizations strengthen desktop application protection. |
Android Quick Share Support for AirDrop: A Secure Approach to Cross-Platform File Sharing (5 minute read)
Google enabled Quick Share interoperability with AirDrop starting with Pixel 10, using Rust for the core communication layer to eliminate memory-safety vulnerabilities in wireless protocol data parsing—a historically common attack surface. The implementation uses direct peer-to-peer connections without server routing. It underwent internal threat modeling plus independent penetration testing by NetSPI, and was validated as "notably stronger" than other industry implementations with no information leakage. For cross-platform development, Rust's compile-time memory safety guarantees make it ideal for parsing untrusted data from external sources, and Google's approach demonstrates how memory-safe languages can secure interoperability layers between disparate platforms without sacrificing performance. |
|
MaleficentVM (GitHub Repo)
A practice VM designed for learning malware development through CTF-style challenges. Exercises include OS enumeration, shellcode injection into target processes, and IAT hooking techniques. |
Vijil (Product Launch)
Vijil helps organizations develop secure, reliable AI agents by providing a platform for testing, hardening, and monitoring agents against risks such as prompt injection. It offers modular agent templates, compliance, and runtime protection for confidential deployments. |
XSSRecon (GitHub Repo)
XSSRecon is a powerful tool designed to help security researchers and penetration testers identify reflected XSS vulnerabilities in web applications. It automates testing URL parameters for the reflection of a test payload and further checks how special characters are handled. |
|
FBI: Cybercriminals stole $262M by impersonating bank support teams (2 minute read)
The FBI reported over 5,100 account takeover complaints since January, with attackers impersonating bank staff via calls, texts, and emails to harvest credentials and MFA/OTP codes, then wiring funds to cryptocurrency wallets. Attackers employed SEO poisoning to push phishing sites mimicking financial institutions to the top of search results. Some used dual-impersonation tactics to claim fraudulent transactions and direct victims to fake law enforcement. Defenders should train users to access banking sites via bookmarks rather than search results, and organizations should monitor for brand impersonation in search ads. |
Lifetime access to AI-for-evil WormGPT 4 costs just $220 (4 minute read)
Malicious AI tools like WormGPT 4 and the free KawaiiGPT are making it easier for cybercriminals to generate malware and phishing messages and to automate parts of attacks. While the code requires some human adjustment to evade detection, these "Dark LLMs" significantly lower the barriers to entry for cyberattacks and social engineering. |
|
| Love TLDR? Tell your friends and get rewards! | | Share your referral link below with friends to get free TLDR swag! | | | |
| Track your referrals here. |
| Want to advertise in TLDR? 📰 If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to advertise with us.
Want to work at TLDR? 💼 Apply here or send a friend's resume to jobs@tldr.tech and get $1k if we hire them!
If you have any comments or feedback, just respond to this email! Thanks for reading, Prasanna Gautam, Eric Fernandez & Sammy Tbeile
|
|
| |
0 Comments