Nissan concept teases electric reboot of Godzilla GT-R

<p>The 1,000-kilowatt Hyper Force concept is a track car with road car manners.</p>

https://www.autonews.com/cars-concepts/n...ctric-gt-r

Backdoor Implanted on Hacked Cisco Devices Modified to Evade Detection

The backdoor implanted on Cisco devices by exploiting a pair of zero-day flaws in IOS XE software has been modified by the threat actor so as to escape visibility via previous fingerprinting methods.
"Investigated network traffic to a compromised device has shown that the threat actor has upgraded the implant to do an extra header check," NCC Group's Fox-IT team said. "Thus, for a lot of devices

https://thehackernews.com/2023/10/backdo...cisco.html

iOS Zero-Day Attacks: Experts Uncover Deeper Insights into Operation Triangulation

The TriangleDB implant used to target Apple iOS devices packs in at least four different modules to record microphone, extract iCloud Keychain, steal data from SQLite databases used by various apps, and estimate the victim's location.
The new findings come from Kaspersky, which detailed the great lengths the adversary behind the campaign, dubbed Operation Triangulation, went to conceal and cover

https://thehackernews.com/2023/10/operat...cover.html

Alert: PoC Exploits Released for Citrix and VMware Vulnerabilities

Virtualization services provider VMware has alerted customers to the existence of a proof-of-concept (PoC) exploit for a recently patched security flaw in Aria Operations for Logs.
Tracked as CVE-2023-34051 (CVSS score: 8.1), the high-severity vulnerability relates to a case of authentication bypass that could lead to remote code execution.
"An unauthenticated, malicious actor can inject files

https://thehackernews.com/2023/10/alert-...itrix.html

Malvertising Campaign Targets Brazil's PIX Payment System with GoPIX Malware

The popularity of Brazil's PIX instant payment system has made it a lucrative target for threat actors looking to generate illicit profits using a new malware called GoPIX.
Kaspersky, which has been tracking the active campaign since December 2022, said the attacks are pulled off using malicious ads that are served when potential victims search for "WhatsApp web" on search engines.
"The

https://thehackernews.com/2023/10/malver...azils.html

Freelance Market Flooded With North Korean IT Actors

Organizations should be careful that the workers they hire on a freelance and temporary basis are not operatives working to funnel money to North Korea's WMD program, US DOJ says.

https://www.darkreading.com/careers-and-...-it-actors

How State and Local Governments Can Serve Citizens More Securely

The top 10 priorities of state CIOs underscore the importance of securing applications and APIs in complex environments.

https://www.darkreading.com/edge/how-sta...e-securely

'Log in with...' Feature Allows Full Online Account Takeover for Millions

Hundreds of millions of users of Grammarly, Vidio, and the Indonesian e-commerce giant Bukalapak are at risk for financial fraud and credential theft due to OAuth misfires — and other online services likely have the same problems.

https://www.darkreading.com/remote-workf...r-millions

It's Time to Establish the NATO of Cybersecurity

Cybercriminals already operate across borders. Nations must do the same to protect their critical infrastructure, people, and technology from threats foreign and domestic.

https://www.darkreading.com/attacks-brea...ersecurity

Israeli-Hamas Conflict Spells Opportunity for Online Scammers

As the conflict in the Middle East rages, malicious actors look to exploit the situation with bogus charity sites encouraging donations.

https://www.darkreading.com/dr-global/is...e-scammers