The Office of the Comptroller of the Currency (OCC) today notified Congress of a major information security incident, as required by the Federal Information Security Modernization Act.

This finding is the result of internal and independent third-party reviews of OCC emails and email attachments that were subject to unauthorized access. On February 11, 2025, the OCC learned of unusual interactions between a system administrative account in its office automation environment and OCC user mailboxes. On February 12, the OCC confirmed the activity was unauthorized and immediately activated its incident response protocols which include initiating an independent third-party incident assessment and reporting the incident to the Cybersecurity and Infrastructure Security Agency. On February 12, the OCC disabled the compromised administrative accounts and confirmed that the unauthorized access had been terminated. The OCC provided public notice of the incident on February 26.

Apple recently addressed a macOS vulnerability that allows attackers to bypass System Integrity Protection (SIP) and install malicious kernel drivers by loading third-party kernel extensions.
#Apple #Computer #InfoSec #Integrity #Microsoft #Protection #SIP #Security #System #Vulnerability #macOS

CrowdStrike says it has revamped several testing, validation, and update rollout processes to prevent a repeat of the embarrassing July outage that caused widespread disruption on Windows systems around the world.

Reconstructing the Attack from a 4th party collector’s point of view
Hamid Kashfi

[Update: December 18th, 2023]: On 18th December, Predator Sparrows launched a second
attack against the fuel distribution system in Iran, similar to their previous operation in 2021.
Since 2021, Iranian officials or third-party security vendors have not published any analysis or
technical details about the original attack, which is not unusual. Their screenshots from the
latest attacks provide some clues that only confirm our previous work, indicating connections to
the “Yaas Arghavani” company, a VSAT and POS service provider for the fuel distribution
system. The following is an old draft from December 2021, which I wrote for peer eyes rather
than public view. The original draft focused on the first attack against the fuel distribution
system. Still, some remarks remain valid and relevant to the recent attack on 18 Dec 2023, as
little has changed regarding how the system works. The same infrastructure, same suppliers,
and same 3rd party vendors, so we are likely just talking about a different attack vector and
entry point from the previous case. I will probably draft a new note about the recent attack from
scratch soon and when more details are gathered rather than updating the old speculative work.

CVSS version 4.0 is the next generation of the Common Vulnerability Scoring System standard.

FIRST announces CVSS v4.0, the latest version of the Common Vulnerability Scoring System. Discover how this update addresses critical vulnerabilities.

I’m a Swiss voter living abroad, and like all Swiss expats from Basel-Stadt, St.Gallen or Thurgau, I’ve been invited to vote over the internet in this year’s national election. Switzerland’s e-voting system is supposed to have safeguards to protect the election against malicious actors, however as a computer scientist, I have found a flaw in the practical implementation of one of those safeguards.

A Brazilian hacker claimed at a congressional hearing Thursday that then-President Jair Bolsonaro wanted him to hack into the country’s electronic voting system to expose its alleged weaknesses ahead of the 2022 presidential election.