FreshRSS

πŸ”’
❌ About FreshRSS
☷
β–³ πŸ”ƒ
There are new available articles, click to refresh the page.
Before yesterdaySecurity

How to Stop Your X Account From Getting Hacked Like the SEC's

By Lily Hay Newman
The US Securities and Exchange Commission and security firm Mandiant both had their X accounts breached, possibly due to changes to X’s two-factor authentication settings. Here’s how to fix yours.

Secret multimillion-dollar cryptojacker snared by Ukrainian police

Criminal scored $2M in crypto proceeds but ends up in β€˜cuffs following property raid

The criminal thought to be behind a multimillion-dollar cryptojacking scheme is in custody following a Europol-led investigation.…

  • January 12th 2024 at 17:22
  • β†—

Secure network operations for hybrid working

How to have zero trust connectivity and optimize the remote user experience

Webinar Remote working has rapidly become the norm for many organizations and isn't ever going away. But it still needs to be secure if it's to be a success.…

  • January 12th 2024 at 14:42
  • β†—

Nation-State Actors Weaponize Ivanti VPN Zero-Days, Deploying 5 Malware Families

By Newsroom
As many as five different malware families were deployed by suspected nation-state actors as part of post-exploitation activities leveraging two zero-day vulnerabilities in Ivanti Connect Secure (ICS) VPN appliances since early December 2023. "These families allow the threat actors to circumvent authentication and provide backdoor access to these devices," Mandiant said in an

So, are we going to talk about how GitHub is an absolute boon for malware, or nah?

Microsoft says it's doing its best to crack down on crims

The popularity of Github has made it too big to block, which is a boon to dissidents ducking government censors but a problem for internet security.…

  • January 12th 2024 at 13:15
  • β†—

Data regulator fines HelloFresh Β£140K for sending 80M+ spams

Messaging menace used text and email to bombard people

Food delivery company HelloFresh is nursing a Β£140,000 ($178k) fine by Britain’s data privacy watchdog after a probe found it had dispatched upwards of a staggering 79 million spam email and one million texts in just seven months.…

  • January 12th 2024 at 11:27
  • β†—

While we fire the boss, can you lock him out of the network?

And he would have got away with it, too, if it weren’t for this one tiny backdoor

On Call Welcome once more, dear reader, to On Call, The Register's weekly reader-contributed column detailing the delights and dangers of working in tech support.…

  • January 12th 2024 at 08:31
  • β†—

A peek behind the curtain: How are sock puppet accounts used in OSINT?

How wearing a β€˜sock puppet’ can aid the collection of open source intelligence while insulating the β€˜puppeteer’ from risks
  • January 11th 2024 at 10:30
  • β†—

Medusa Ransomware on the Rise: From Data Leaks to Multi-Extortion

By Newsroom
The threat actors associated with the Medusa ransomware have ramped up their activities following the debut of a dedicated data leak site on the dark web in February 2023 to publish sensitive data of victims who are unwilling to agree to their demands. β€œAs part of their multi-extortion strategy, this group will provide victims with multiple options when their data is posted on their

Urgent: GitLab Releases Patch for Critical Vulnerabilities - Update ASAP

By Newsroom
GitLab has released security updates to address two critical vulnerabilities, including one that could be exploited to take over accounts without requiring any user interaction. Tracked as CVE-2023-7028, the flaw has been awarded the maximum severity of 10.0 on the CVSS scoring system and could facilitate account takeover by sending password reset emails to an unverified email address. The

Applying the Tyson Principle to Cybersecurity: Why Attack Simulation is Key to Avoiding a KO

By The Hacker News
Picture a cybersecurity landscape where defenses are impenetrable, and threats are nothing more than mere disturbances deflected by a strong shield. Sadly, this image of fortitude remains a pipe dream despite its comforting nature. In the security world, preparedness is not just a luxury but a necessity. In this context, Mike Tyson's famous adage, "Everyone has a plan until they get punched in

Cryptominers Targeting Misconfigured Apache Hadoop and Flink with Rootkit in New Attacks

By Newsroom
Cybersecurity researchers have identified a new attack that exploits misconfigurations in Apache Hadoop and Flink to deploy cryptocurrency miners within targeted environments. "This attack is particularly intriguing due to the attacker's use of packers and rootkits to conceal the malware," Aqua security researchers Nitzan Yaakov and Assaf Morag said in an analysis published earlier

Drivers: We'll take that plain dumb car over a flashy data-spilling internet one, thanks

Now that's a smart move

CES Despite all the buzz around internet-connected smart cars at this year's CES in Las Vegas, most folks don't want vehicle manufacturers sharing their personal data with third parties – and even say they'd consider buying an older or dumber car to protect their privacy and security.…

  • January 12th 2024 at 07:25
  • β†—

Act Now: CISA Flags Active Exploitation of Microsoft SharePoint Vulnerability

By Newsroom
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security vulnerability impacting Microsoft SharePoint Server to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The issue, tracked as CVE-2023-29357 (CVSS score: 9.8), is a privilege escalation flaw that could be exploited by an attacker to gain

eBay to cough up $3M after cyber-stalking couple who dared criticize the souk

Staff sent live cockroaches, porno – and more – in harassment campaign to silence pair

eBay will pay $3 million to settle criminal charges that its security team stalked and harassed a Massachusetts couple in retaliation for their website's critical coverage of the online tat bazaar.…

  • January 11th 2024 at 21:55
  • β†—

Mandiant's brute-forced X account exposes perils of skimping on 2FA

Speculation builds over whether a nearly year-old policy change was to blame

Google-owned security house Mandiant's investigation into how its X account was taken over to push cryptocurrency scams concludes the "likely" cause was a successful brute-force password attack.…

  • January 11th 2024 at 17:00
  • β†—

Threat Actors Increasingly Abusing GitHub for Malicious Purposes

By Newsroom
The ubiquity of GitHub in information technology (IT) environments has made it a lucrative choice for threat actors to host and deliver malicious payloads and act as dead drop resolvers, command-and-control, and data exfiltration points. β€œUsing GitHub services for malicious infrastructure allows adversaries to blend in with legitimate network traffic, often bypassing traditional security

Infoseccers think attackers backed by China are behind Ivanti zero-day exploits

Customers currently left patchless while attacks are expected to increase

Security experts believe Chinese nation-state attackers are actively exploiting two zero-day vulnerabilities in security products made by Ivanti.…

  • January 11th 2024 at 15:06
  • β†—

New PoC Exploit for Apache OfBiz Vulnerability Poses Risk to ERP Systems

By Newsroom
Cybersecurity researchers have developed a proof-of-concept (PoC) code that exploits a recently disclosed critical flaw in the Apache OfBiz open-source Enterprise Resource Planning (ERP) system to execute a memory-resident payload. The vulnerability in question is CVE-2023-51467 (CVSS score: 9.8), a bypass for another severe shortcoming in the same software (CVE-

Child Abusers Are Getting Better at Using Crypto to Cover Their Tracks

By Andy Greenberg
Crypto tracing firm Chainalysis found that sellers of child sexual abuse materials are successfully using β€œmixers” and β€œprivacy coins” like Monero to launder their profits and evade law enforcement.

New Python-based FBot Hacking Toolkit Aims at Cloud and SaaS Platforms

By Newsroom
A new Python-based hacking tool called FBot has been uncovered targeting web servers, cloud services, content management systems (CMS), and SaaS platforms such as Amazon Web Services (AWS), Microsoft 365, PayPal, Sendgrid, and Twilio. β€œKey features include credential harvesting for spamming attacks, AWS account hijacking tools, and functions to enable attacks against PayPal and various

US School Shooter Emergency Plans Exposed in a Highly Sensitive Database Leak

By Matt Burgess
More than 4 million school records, including safety procedures, student medical files, and court documents, were also publicly accessible online.

There is a Ransomware Armageddon Coming for Us All

By The Hacker News
Generative AI will enable anyone to launch sophisticated phishing attacks that only Next-generation MFA devices can stop The least surprising headline from 2023 is that ransomware again set new records for a number of incidents and the damage inflicted. We saw new headlines every week, which included a who’s-who of big-name organizations. If MGM, Johnson Controls, Chlorox, Hanes Brands, Caesars

Atomic Stealer Gets an Upgrade - Targeting Mac Users with Encrypted Payload

By Newsroom
Cybersecurity researchers have identified an updated version of a macOS information stealer called Atomic (or AMOS), indicating that the threat actors behind the malware are actively enhancing its capabilities. "It looks like Atomic Stealer was updated around mid to late December 2023, where its developers introduced payload encryption in an effort to bypass detection rules,"

Attack of the copycats: How fake messaging apps and app mods could bite you

WhatsApp, Telegram and Signal clones and mods remain a popular vehicle for malware distribution. Don’t get taken for a ride.
  • January 10th 2024 at 10:30
  • β†—

Mandiant's X Account Was Hacked Using Brute-Force Attack

By Newsroom
The compromise of Mandiant's X (formerly Twitter) account last week was likely the result of a "brute-force password attack," attributing the hack to a drainer-as-a-service (DaaS) group. "Normally, [two-factor authentication] would have mitigated this, but due to some team transitions and a change in X's 2FA policy, we were not adequately protected," the threat intelligence firm said 

Chinese Hackers Exploit Zero-Day Flaws in Ivanti Connect Secure and Policy Secure

By Newsroom
A pair of zero-day flaws identified in Ivanti Connect Secure (ICS) and Policy Secure have been chained by suspected China-linked nation-state actors to breach less than 10 customers. Cybersecurity firm Volexity, which identified the activity on the network of one of its customers in the second week of December 2023, attributed it to a hacking group it tracks under the name UTA0178

Cisco Fixes High-Risk Vulnerability Impacting Unity Connection Software

By Newsroom
Cisco has released software updates to address a critical security flaw impacting Unity Connection that could permit an adversary to execute arbitrary commands on the underlying system. Tracked as CVE-2024-20272 (CVSS score: 7.3), the vulnerability is an arbitrary file upload bug residing in the web-based management interface and is the result of a lack of authentication in a specific

Fidelity National now says 1.3M customers had data stolen by cyber-crooks

It's still not calling it ransomware

Fidelity National Financial now says criminals got hold of data belonging to 1.3 million customers after breaking into its IT network in November.…

  • January 10th 2024 at 23:16
  • β†—

Uncle Sam tells hospitals: Meet security standards or no federal dollars for you

Expect new rules in upcoming weeks

US hospitals will be required to meet basic cybersecurity standards before receiving federal funding, according to rules the White House is expected to propose in the next few weeks.…

  • January 10th 2024 at 20:32
  • β†—

Be honest. Would you pay off a ransomware crew?

Today us vultures are debating bans on ransom payments, deplorable tactics by extortionists, and more

Kettle Believe us, we wish there was a simple solution that could stop ransomware dead in its tracks for good.…

  • January 10th 2024 at 19:56
  • β†—

Cybercrooks play dress-up as 'helpful' researchers in latest ransomware ruse

Posing as cyber samaritans, scumbags are kicking folks when they're down

Ransomware victims already reeling from potential biz disruption and the cost of resolving the matter are now being subjected to follow-on extortion attempts by criminals posing as helpful security researchers.…

  • January 10th 2024 at 17:01
  • β†—

Lawmakers Are Out for Blood After a Hack of the SEC’s X Account Causes Bitcoin Chaos

By Joel Khalili
The US Securities and Exchange Commission is under pressure to explain itself after its X account was compromised, leading to wild swings in the bitcoin market.

ShinyHunters chief phisherman gets 3 years, must cough up $5M

Sebastien Raoult developed various credential-harvesting websites over more than 2 years

A key member of the ShinyHunters cybercrime group is facing three years in the slammer and being forced to return $5 million in criminal proceeds.…

  • January 10th 2024 at 15:30
  • β†—

NoaBot: Latest Mirai-Based Botnet Targeting SSH Servers for Crypto Mining

By Newsroom
A new Mirai-based botnet called NoaBot is being used by threat actors as part of a crypto mining campaign since the beginning of 2023. β€œThe capabilities of the new botnet, NoaBot, include a wormable self-spreader and an SSH key backdoor to download and execute additional binaries or spread itself to new victims,” Akamai security researcher Stiv Kupchik said in a report shared with The
❌