Attacks & Vulnerabilities |
HR giant Workday discloses data breach amid Salesforce attacks (3 minute read)
Workday disclosed a breach on August 6 where attackers accessed business contact information (names, emails, and phone numbers) from its third-party CRM platform through social engineering, though customer tenants remain unaffected. The attack is linked to ShinyHunters' ongoing campaign targeting Salesforce instances via OAuth app social engineering, which has affected multiple major companies, including Adidas, Google, and luxury brands. Attackers pose as HR or IT staff via phone/text to trick employees into revealing credentials, then use malicious OAuth apps to exfiltrate databases for extortion purposes. |
Over 800 N-able Servers Left Unpatched Against Critical Flaws (2 minute read)
N-central is a popular platform, developed by N-able, that is used by managed services providers (MSPs) and IT departments to monitor and manage networks and devices from a centralized web-based console. N-able has announced two vulnerabilities that allow authenticated attackers to inject commands due to improper sanitization of user input and execute commands on unpatched devices by exploiting an insecure deserialization weakness. The vulnerabilities are reportedly under active exploitation. |
|
How Exposed TeslaMate Instances Leak Sensitive Tesla Data (4 minute read)
Hundreds of TeslaMate setups are exposed online with no authentication, leaking GPS, vehicle, and charging data. Attackers can track vehicle locations and patterns, presenting serious privacy and physical security risks for Tesla owners. The fix is to secure deployments with authentication and firewalls. |
Turning Camera Surveillance on its Axis (7 minute read)
Researchers found critical vulnerabilities in Axis Communications' surveillance camera systems that could allow hackers to remotely access, control, and disable cameras at thousands of organizations. Axis has released security patches, and users are advised to update their systems right away to prevent exploitation. |
Agentic AI promises a cybersecurity revolution — with asterisks (8 minute read)
AI agents using LLMs can boost security productivity by 1,000x in tasks like vulnerability patching, but need strict implementation with permissions, transparency, and security controls to prevent hallucinations and data leaks. Security professionals should adopt a "yes with guardrails" approach: automate low-level tasks such as CSV processing and ticket creation while maintaining evidence validation, treat MCP servers as APIs with proper authentication, and ensure vendor AI products don't share data externally. Focus on upskilling teams in AI tools for multiplication, ask critical questions on permissions and data flows before deployment, and keep source code visible for all AI implementations. |
|
Elevate your SOC capabilities (Sponsor)
Dropzone AI becomes your team's intelligent partner - autonomously investigating alerts, surfacing critical insights, and accelerating decision-making. From 40-minute investigations to 3-minute conclusions. No playbooks required. Just seamless augmentation that scales with your needs. Request a demo |
DllShimmer (GitHub Repo)
DllShimmer parses DLLs and extracts information about exported functions (name, ordinal number, and forwarder info) and creates a boilerplate C++ file (.cpp) based on this information. The generated file allows you to add your own code to each function exported from the original DLL without disrupting the normal operation of the program. |
Wallarm (Product Launch)
Wallarm offers a unified platform for API and AI security, providing real-time attack blocking, abuse detection, and advanced penetration testing for AI through intelligent agents. |
Certipy (GitHub Repo)
Certipy is a tool to enumerate and assess Active Directory Certificate Services (AD CS) for misconfigurations. |
|
Someone's poking the bear with infostealers targeting Russian crypto developers (2 minute read)
Security researchers found malicious npm packages "solana-pump-test" and "solana-spl-sdk" posing as Solana SDK components but stealing cryptocurrency data from Russian developers. These infostealers send data to US servers, suggesting possible state-sponsored activity targeting Russia's ransomware ecosystem relying on cryptocurrency. The attacker, using the handle "cryptohan," promotes these packages that expose password files, exchange credentials, and wallet data from infected systems. |
DoJ seizes $2.8M linked to Zeppelin Ransomware (2 minute read)
The U.S. Department of Justice confiscated more than $2.8 million in cryptocurrency, $70,000 in cash, and a luxury car from Ianis Aleksandrovich Antropenko. He is accused of participating in the Zeppelin ransomware scheme from 2019 to 2022. Antropenko faces charges of computer fraud and conspiracy to launder money, having processed funds through ChipMixer while targeting healthcare and IT companies worldwide. The Zeppelin ransomware operation ended in November 2022, and its source code was later sold for only $500 on a hacking forum in January 2024. |
In Otter news, transcription app accused of illegally recording users' voices (2 minute read)
A federal class-action lawsuit accuses Otter.ai of violating privacy laws by secretly recording and using meeting participants' voices to train its AI without consent, particularly affecting non-account holders who join virtual meetings. The Otter Notetaker bot can automatically join meetings linked to workplace calendars and record all participants, with the lawsuit citing cases where sensitive business discussions were inadvertently captured and shared. With 25 million users and over 1 billion meetings processed, the case could set a precedent for AI transcription services' consent requirements and data usage practices. |
|
| Love TLDR? Tell your friends and get rewards! | | Share your referral link below with friends to get free TLDR swag! | | | |
| Track your referrals here. |
| Want to advertise in TLDR? 📰 If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to advertise with us.
Want to work at TLDR? 💼 Apply here or send a friend's resume to jobs@tldr.tech and get $1k if we hire them!
If you have any comments or feedback, just respond to this email! Thanks for reading, Prasanna Gautam, Eric Fernandez & Sammy Tbeile
|
|
| |
0 Comments