Security Bulletin

Wireshark 4.2.0rc1 is now available, which means that soon we will move from 4.0.x to 4.2.x.

Jim was inspired by my diary entry " IPv4 Addresses in Little Endian Decimal Format" to make a new tool " New tool: le-hex-to-ip.py".

For those of you that use wireshark, they released 4.0.9 and 3.6.17 followed a few hours later by 4.0.10 and 3.6.18 on 4 Oct. According to the release notes the problem was primarily a Mac issue.

Significant cybersecurity gaps have been discovered by the Department of Energy Office of the Inspector General in the Brookhaven National Laboratory, FedScoop reports.

BleepingComputer reports that default software and app configurations, improper user/admin privilege separation, inadequate internal network monitoring, lacking network segmentation, and subpar patch management were noted by the National Security...

Ukrainian and Russian hacktivist operations have expressed disdain over new ethical guidelines on hacktivism issued by the International Committee of the Red Cross that discouraged the targeting of civilians and critical infrastructure amid the...

TechCrunch reports that mobile spyware Oospy, which emerged in July as a rebranded Spyhide phone monitoring app, has ended operations after its back-end server, which contained thousands of Android devices' data, was shut down due to terms of service...

Data from individuals who contacted the Lorenz ransomware group between June 3, 2021 and Sept. 17, 2023, including names, email addresses, and online form subject lines, were accidentally leaked due to a misconfigured Apache2 web server, according to...

Vietnamese banking apps hit by novel GoldDigger Android trojan Over 50 Vietnamese banking, cryptocurrency wallet, and e-wallet applications have been targeted in attacks involving the new GoldDigger Android banking trojan since June, reports The...

Suspected Chinese hackers have launched a cyberespionage campaign aimed at Guyana government agencies involving the novel data exfiltrating DinodasRAT backdoor and an iteration of the Korplug backdoor tied to Mustang Panda and other China-linked...

Taiwan-, Singapore-, and Hong Kong-based semiconductor companies have been subjected to a new China-linked cyberespionage operation that sought to facilitate Cobalt Strike beacon infections, reports BleepingComputer.

CyberScoop reports that state-sponsored threat operations have increased in both sophistication and aggression amid a growing focus on cyberespionage rather than high-profile intrusions.