9 matches found
TorchServe vulnerable to bypass of allowed_urls configuration
Impact TorchServe's check on allowedurls configuration can be by-passed if the URL contains characters such as ".." but it does not prevent the model from being downloaded into the model store. Once a file is downloaded, it can be referenced without providing a URL the second time, which...
Kroll Suffers Data Breach: Employee Falls Victim to SIM Swapping Attack
Risk and financial advisory solutions provider Kroll on Friday disclosed that one of its employees fell victim to a "highly sophisticated" SIM swapping attack. The incident, which took place on August 19, 2023, targeted the employee's T-Mobile account, the company said. "Specifically, T-Mobile,...
Kroll Employee SIM-Swapped for Crypto Investor Data
Security consulting giant Kroll disclosed today that a SIM-swapping attack against one of its employees led to the theft of user information for multiple cryptocurrency platforms that are relying on Kroll services in their ongoing bankruptcy proceedings. And there are indications that fraudsters...
Experts Identify Fully-Featured Info Stealer and Trojan in Python Package on PyPI
A malicious Python package uploaded to the Python Package Index PyPI has been found to contain a fully-featured information stealer and remote access trojan. The package, named colourfool, was identified by Kroll's Cyber Threat Intelligence team, with the company calling the malware Colour-Blind...
Case Study: A Cryptomining Attack — With an Assist From Advanced Malware Techniques
In Carbon Black's Quarterly Incident Response Threat Report QIRTR, some of the world’s leading incident response IR professionals reported seeing an uptick in lateral movement, counter incident response, and island-hopping attacks from motivated nation-states. In the case study below, Kroll notes...
Debian DLA-1348-1 : patch security update
It was discovered that there was an input validation vulnerability in the patch1 utility where an ed1 script embedded in a regular input file could result in arbitrary code execution. This was reported by Rachel Kroll 0 et al. For Debian 7 'Wheezy', this issue has been fixed in patch version...
New POS Malware PinkKite Takes Flight
A new family of point-of-sale malware, dubbed PinkKite, has been identified by researchers who say the malware is tiny in size, but can delivered a hefty blow to POS endpoints. Researchers at Kroll Cyber Security first identified PinkKite in 2017 during a nine-month investigation into a large POS...
Hackers Plan Christmas Data Attacks via Social Media Apps
Hackers are planning to increase data security attacks via applications on social networking websites this Christmas, according to an expert. Earlier this month, IT security firm Sophos traced the history of malware and viruses created over the Christmas period from 1987 until 2009. The blog post...
Survey: Information Theft A Bigger Problem than Physical Theft
Anyone who has received “notification” of funky activity on their credit card, or an urgent e-mail plea from the widow of Mobutu Sese Seko won’t be surprised to learn that information theft is a big problem. But a new survey out from Kroll Consulting finds that its also the biggest problem facing...