Aggregator

Malicious Go, npm Packages Deliver Cross-Platform Malware, Trigger Remote Data Wipes

The Hackers News
2 weeks 3 days ago
Cybersecurity researchers have discovered a set of 11 malicious Go packages that are designed to download additional payloads from remote servers and execute them on both Windows and Linux systems. "At runtime the code silently spawns a shell, pulls a second-stage payload from an interchangeable set of .icu and .tech command-and-control (C2) endpoints, and executes it in memory," Socket security
The Hacker News

8 Essential Questions for Your Workforce Identity Verification (IDV) Vendor

Security Boulevard
2 weeks 3 days ago

Choosing the right identity verification (IDV) partner is one of the most critical security decisions you'll make. As organizations fortify their defenses, it’s clear that verifying the identity of your workforce requires a fundamentally different approach than verifying customers.

The stakes are simply higher. For customer verification, the primary goal is often a smooth, low-friction sign-up process. For your workforce, the goal is ironclad security to prevent a breach. The reality is that many IDV solutions on the market are repurposed customer onboarding tools, not purpose-built platforms designed to stop a skilled attacker from impersonating an employee.

This guide is designed to help you look beyond the surface-level features and assess whether a vendor can truly meet the security demands of a modern enterprise. Use these questions to find a genuine partner and a solution that is truly workforce-grade.

Core Capabilities and Security

The foundation of any IDV solution is its ability to accurately verify an identity while defending against advanced, modern attacks.

1. How do you protect against deepfakes and other advanced impersonation attacks?

To protect against modern threats, your first question should focus on a vendor's strategy for tackling sophisticated fraud. Threat actors now use AI to create deepfakes for both presentation attacks (showing a fake image to a camera) and injection attacks (bypassing the camera to feed a fake video stream directly into the system).

A workforce-grade solution should deliver:

  • Advanced Liveness Detection: The best solutions employ sophisticated liveness checks to distinguish between a live person and a spoof like a mask or recording. 
  • Injection Attack Prevention: A vendor should offer technology that prevents attackers from bypassing on-device cameras, making it nearly impossible to inject a deepfake into the verification stream.

The post 8 Essential Questions for Your Workforce Identity Verification (IDV) Vendor appeared first on Security Boulevard.

Joshua Gonzales

CVE-2023-28541 | Qualcomm QCA9898 Data Modem memory corruption

Vuldb Updates
2 weeks 3 days ago
A vulnerability classified as critical was found in Qualcomm AQT1000, AR8031, AR9380, C-V2X 9150, CSR8811, CSRA6620, CSRA6640, CSRB31024, FastConnect 6200, FastConnect 6700, FastConnect 6800, FastConnect 6900, FastConnect 7800, Flight RB5 5G Platform, Immersive Home 214 Platform, Immersive Home 216 Platform, Immersive Home 316 Platform, Immersive Home 318 Platform, IPQ4018, IPQ4019, IPQ4028, IPQ4029, IPQ5010, IPQ5028, IPQ6000, IPQ6010, IPQ6018, IPQ6028, IPQ8064, IPQ8065, IPQ8068, IPQ8070, IPQ8070A, IPQ8071A, IPQ8072A, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, IPQ9008, IPQ9574, MDM9250, MDM9628, MDM9640, MDM9650, MSM8909W, QAM8255P, QAM8295P, QCA4024, QCA6174A, QCA6175A, QCA6310, QCA6320, QCA6335, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6554A, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584AU, QCA6595, QCA6595AU, QCA6678AQ, QCA6696, QCA6698AQ, QCA6797AQ, QCA7500, QCA8072, QCA8075, QCA8081, QCA8082, QCA8084, QCA8085, QCA8337, QCA8386, QCA9377, QCA9880, QCA9886, QCA9888, QCA9889 and QCA9898. Affected by this vulnerability is an unknown functionality of the component Data Modem. The manipulation leads to memory corruption. This vulnerability is known as CVE-2023-28541. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2023-28542 | Qualcomm 315 5G IoT Modem WLAN Host memory corruption

Vuldb Updates
2 weeks 3 days ago
A vulnerability, which was classified as critical, has been found in Qualcomm 315 5G IoT Modem, APQ8064AU, AQT1000, AR8031, AR8035, C-V2X 9150, CSRA6620, CSRA6640, CSRB31024, FastConnect 6200, FastConnect 6700, FastConnect 6800, FastConnect 6900, FastConnect 7800, Flight RB5 5G Platform, MDM9250, MDM9628, MDM9650, MSM8996AU, QAM8255P, QAM8295P, QCA6174A, QCA6175A, QCA6310, QCA6320, QCA6335, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6554A, QCA6564, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584, QCA6584AU, QCA6595, QCA6595AU, QCA6696, QCA6698AQ, QCA6797AQ, QCA8081, QCA8337, QCA9367, QCA9377, QCM2290, QCM4290, QCM6125, QCM6490, QCN6024, QCN9011, QCN9012, QCN9024, QCN9074, QCS2290, QCS410, QCS4290, QCS610, QCS6125, QCS6490, QCS8250, QRB5165M, QRB5165N, Qualcomm Video Collaboration VC1 Platform, Qualcomm Video Collaboration VC3 Platform, Qualcomm Video Collaboration VC5 Platform, Robotics RB3 Platform, Robotics RB5 Platform, SA4150P, SA4155P, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P and SA8255P. Affected by this issue is some unknown functionality of the component WLAN Host. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2023-28542. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2023-21673 | Qualcomm QT1000 VM Resource Manager memory corruption

Vuldb Updates
2 weeks 3 days ago
A vulnerability was found in Qualcomm QT1000, AR8035, FastConnect 6200, FastConnect 6700, FastConnect 6800, FastConnect 6900, FastConnect 7800, Flight RB5 5G Platform, QAM8255P, QAM8295P, QAM8650P, QAM8775P, QAMSRV1H, QCA6174A, QCA6310, QCA6335, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6595, QCA6595AU, QCA6696, QCA6698AQ, QCA6797AQ, QCA8081, QCA8337, QCA9377, QCC710, QCM4490, QCM6490, QCM8550, QCN6224, QCN6274, QCN9011, QCN9012, QCS4490, QCS6490, QCS7230, QCS8250, QCS8550, QDU1000, QDU1010, QDU1110, QDU1210, QDX1010, QDX1011, QFW7114, QFW7124, QRB5165M, QRB5165N, QRU1032, QRU1052, QRU1062, QSM8350, Qualcomm Video Collaboration VC3 Platform, Qualcomm Video Collaboration VC5 Platform, Robotics RB3 Platform, Robotics RB5 Platform, SA6145P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8255P, SA8295P, SA8540P, SA8650P, SA9000P, SD 675, SD 8 Gen1 5G, SD 8CX, SD670, SD675, SD855, SD865 5G, SD888, SDX55, SDX57M, SG8275P, SM7250P, SM7315 and SM7325P and classified as critical. Affected by this issue is some unknown functionality of the component VM Resource Manager. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2023-21673. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2023-22385 | Qualcomm 315 5G IoT Modem Data Modem memory corruption

Vuldb Updates
2 weeks 3 days ago
A vulnerability, which was classified as critical, was found in Qualcomm 315 5G IoT Modem, 9205 LTE Modem, 9206 LTE Modem, 9207 LTE Modem, APQ8017, APQ8037, AQT1000, AR8035, C-V2X 9150, CSRA6620, CSRA6640, CSRB31024, FastConnect 6200, FastConnect 6700, FastConnect 6800, FastConnect 6900, FastConnect 7800, MDM8207, MDM9230, MDM9250, MDM9330, MDM9628, MDM9630, MDM9640, MSM8108, MSM8209, MSM8608, MSM8909W, MSM8996AU, QCA4004, QCA6174, QCA6174A, QCA6310, QCA6320, QCA6335, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584, QCA6584AU, QCA6595AU, QCA6696, QCA6698AQ, QCA8081, QCA8337, QCA9367, QCA9377, QCC710, QCM2290, QCM4290, QCM4325, QCM4490, QCM6125, QCM6490, QCM8550, QCN6024, QCN6224, QCN6274, QCN9024, QCS2290, QCS410, QCS4290, QCS4490, QCS610, QCS6125, QCS6490, QCS8550, QFW7114, QFW7124, QTS110, Qualcomm 205 Mobile Platform and Qualcomm 215 Mobile Platform. This affects an unknown part of the component Data Modem. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2023-22385. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2023-24843 | Qualcomm 315 5G IoT Modem denial of service

Vuldb Updates
2 weeks 3 days ago
A vulnerability has been found in Qualcomm 315 5G IoT Modem, AR8035, FastConnect 6200, FastConnect 6700, FastConnect 6800, FastConnect 6900, FastConnect 7800, QCA6391, QCA6421, QCA6426, QCA6431, QCA6436, QCA6574A, QCA6595AU, QCA6696, QCA8081, QCA8337, QCM6490, QCN6024, QCN9024, QCS6490, Qualcomm Video Collaboration VC3 Platform, SD855, SD865 5G, SDX55, SM7250P, SM7325P, Snapdragon 480 5G Mobile Platform and Snapdragon 480+ 5G Mobile Platform and classified as problematic. This vulnerability affects unknown code of the component Modem. The manipulation leads to denial of service. This vulnerability was named CVE-2023-24843. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2023-24847 | Qualcomm QCN9072 Modem denial of service

Vuldb Updates
2 weeks 3 days ago
A vulnerability was found in Qualcomm 315 5G IoT Modem, AQT1000, AR8031, AR8035, C-V2X 9150, CSR8811, CSRA6620, CSRA6640, CSRB31024, FastConnect 6200, FastConnect 6700, FastConnect 6800, FastConnect 6900, FastConnect 7800, FSM10055, Immersive Home 214 Platform, Immersive Home 216 Platform, Immersive Home 316 Platform, Immersive Home 318 Platform, IPQ5010, IPQ6010, IPQ6018, IPQ6028, IPQ8070, IPQ8070A, IPQ8071A, IPQ8072A, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, MDM9250, PMP8074, QCA4024, QCA6174A, QCA6310, QCA6320, QCA6335, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6595AU, QCA6696, QCA6698AQ, QCA8072, QCA8075, QCA8081, QCA8337, QCA9377, QCA9888, QCA9889, QCA9984, QCC710, QCM2290, QCM4290, QCM4325, QCM4490, QCM6125, QCM6490, QCM8550, QCN5021, QCN5022, QCN5024, QCN5052, QCN5054, QCN5122, QCN5124, QCN5152, QCN5154, QCN5164, QCN6023, QCN6024, QCN6224, QCN6274, QCN7605, QCN7606, QCN9000, QCN9012, QCN9022, QCN9024, QCN9070 and QCN9072. It has been classified as problematic. Affected is an unknown function of the component Modem. The manipulation leads to denial of service. This vulnerability is traded as CVE-2023-24847. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

No, Mr. Altman, Passwords Are Not Back in Vogue

DataBreachToday.com
2 weeks 3 days ago
OpenAI CEO Says AI Has Beaten Voice Recognition, But Experts Disagree
OpenAI CEO Sam Altman recently claimed that artificial intelligence has "fully defeated most of the ways that people authenticate currently, other than passwords." A host of security experts disagree and point out that passwords got us into this authentication mess to begin with.

Dialysis Firm Attack Affects 1 Million, Costs $13.5M to Date

DataBreachToday.com
2 weeks 3 days ago
Interlock Claims to Have 1.5TB of DaVita's Data as Expenses Mount
DaVita Inc., one of the largest kidney dialysis providers in the world, told regulators that an April cyberattack has cost the company $13.5 million so far and has affected more than one million people in the U.S., and counting. Interlock says it's behind the data theft and ransomware attack.

Candiru Spyware Infrastructure Uncovered

DataBreachToday.com
2 weeks 3 days ago
Inskit Researchers Uncover Clusters in Hungary, Saudi Arabia
Security researchers uncovered a previously unseen malware cluster associated with Israeli spyware maker Candiru. The company may have rebranded itself to evade sanctions to continue its operations. It continues to operate despite its inclusion in 2021 onto an exports blacklist by the United States.

Managed ad