US oil giant Halliburton confirms cyberattack behind systems shutdown
Source: Bleeping Computer
Halliburton, one of the world's largest providers of services to the energy industry, has confirmed a cyberattack that forced it to shut down some of its systems earlier this week. "On August 21, 2024, Halliburton Company (the "Company") became aware that an unauthorized third party gained access to certain of its systems," the oil services giant said in a filing with the U.S. Securities and Exchange Commission (SEC).
NFC Traffic Stealer Targets Android Users & Their Banking Info
Source: Dark Reading
A dangerous new Android malware has surfaced that can clone contactless payment data from physical credit and debit cards and relay it to an attacker's Android device, enabling fraudulent transactions.
Slack Patches Prompt Injection Flaw in AI Tool Set
Source: Data Breach Today
Chat app Slack patched a vulnerability in its artificial intelligence tool set that hackers could have exploited to manipulate an underlying large language model to phish employees and steal sensitive data.
Georgia Tech Sued Over Cybersecurity Violations
Source: Infosecurity Magazine
The US government has filed a lawsuit against the Georgia Institute of Technology (Georgia Tech) and its affiliate Georgia Tech Research Corporation (GTRC) for alleged cybersecurity violations. The Department of Justice (DoJ) has joined a whistleblower to file a “complaint-in-intervention” against the institutions for “knowingly” failing to implement cybersecurity controls as required by their Department of Defense (DoD) contract.
Hardcoded Credential Vulnerability Found in SolarWinds Web Help Desk
Source: The Hacker News
SolarWinds has issued patches to address a new security flaw in its Web Help Desk (WHD) software that could allow remote unauthenticated users to gain unauthorized access to susceptible instances. "The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential vulnerability, allowing [a] remote unauthenticated user to access internal functionality and modify data," the company said in a new advisory released today.
Comments