– [[{“value”:” By Waqas Notorious hacker IntelBroker claims a major data breach at Europol. Allegedly, sensitive data including employee info, source code, and operational documents were compromised. Europol has yet to confirm the breach. Could this expose ongoing investigations and endanger law enforcement personnel? Find out more. This is a post from HackRead.com Read the original post: Europol Hacked? IntelBroker...
– [[{“value”:” By Deeba Ahmed Researchers uncover a novel cyberattack scheme called “LLMjacking” exploiting stolen cloud credentials to hijack powerful AI models. This article explores the implications of attackers leveraging large language models (LLMs) for malicious purposes and offers security recommendations for the cloud and AI communities. This is a post from HackRead.com Read the original post: New LLMjacking Attack...
– [[{“value”:” SAN FRANCISCO — 2024 could turn out to be the year in which artificial intelligence upends the U.S. election, but at America’s largest cybersecurity conference, federal officials charged with protecting the vote said they are most concerned with a far more analog threat: physical violence directed at election administrators. While many election officials are concerned about issues of...
– [[{“value”:” Leaders of the House Homeland Security Committee want Microsoft President Brad Smith to testify before their panel in the aftermath of accumulating cybersecurity incidents that have drawn ample negative attention to the tech giant. In particular, the committee is zeroing in on a Cyber Safety Review Board report that faulted Microsoft for “a cascade of security failures” that...
– [[{“value”:”The North Korean threat actor tracked as Kimsuky has been observed deploying a previously undocumented Golang-based malware dubbed Durian as part of highly-targeted cyber attacks aimed at South Korean cryptocurrency firms. “Durian boasts comprehensive backdoor functionality, enabling the execution of delivered commands, additional file downloads and exfiltration of files,” Kaspersky&”}]] – Read More – The Hacker News
– [[{“value”:”Boeing has confirmed that it received a demand for a massive $200 million after a ransomware attack by the notorious LockBit hacking group in October 2023. The company confirmed its link to the indictment of Dmitry Yuryevich Khoroshev, who was identified this week by the US Department of Justice as the true identity of LockBitSupp, the kingpin of the...
– [[{“value”:”Artificial intelligence (AI) is transforming cybersecurity, and those leading the charge are using it to outsmart increasingly advanced cyber threats. Join us for an exciting webinar, “The Future of Threat Hunting is Powered by Generative AI,” where you’ll explore how AI tools are shaping the future of cybersecurity defenses. During the session, Censys Security Researcher Aidan Holland will”}]] –...
– [[{“value”:”Malicious Android apps masquerading as Google, Instagram, Snapchat, WhatsApp, and X (formerly Twitter) have been observed to steal users’ credentials from compromised devices. “This malware uses famous Android app icons to mislead users and trick victims into installing the malicious app on their devices,” the SonicWall Capture Labs threat research team said in a recent report. The”}]] – Read More –...
– [[{“value”:”A guide to finding the right endpoint detection and response (EDR) solution for your business’ unique needs. Cybersecurity has become an ongoing battle between hackers and small- and mid-sized businesses. Though perimeter security measures like antivirus and firewalls have traditionally served as the frontlines of defense, the battleground has shifted to endpoints. This is why endpoint”}]] – Read More – The...
– [[{“value”:”Google on Thursday released security updates to address a zero-day flaw in Chrome that it said has been actively exploited in the wild. Tracked as CVE-2024-4671, the high-severity vulnerability has been described as a case of use-after-free in the Visuals component. It was reported by an anonymous researcher on May 7, 2024. Use-after-free bugs, which arise when a program”}]] – Read More –...
– Annual Girl’s Day event in Wiesbaden encourages girls into careers in tech. – Read More – Sophos News
– [[{“value”:”Cybersecurity researchers have discovered a novel attack that employs stolen cloud credentials to target cloud-hosted large language model (LLM) services with the goal of selling access to other threat actors. The attack technique has been codenamed LLMjacking by the Sysdig Threat Research Team. “Once initial access was obtained, they exfiltrated cloud credentials and gained”}]] – Read More – The Hacker News
– [[{“value”:” By Waqas Dell has announced a data breach, while a hacker using the alias Menelik is selling 49 million Dell customer data on the notorious Breach Forums. This is a post from HackRead.com Read the original post: Dell Discloses Data Breach As Hacker Sells 49 Million Customer Data “}]] – Read More – Hackread – Latest Cybersecurity, Tech,...
– [[{“value”:”Do you know Dmitry Yuryevich Khoroshev? If you do, there’s a chance that you might well on the way to receiving a reward of up to $10 million. Read more in my article on the Exponential-e blog.”}]] – Read More – Graham Cluley
– [[{“value”:”Researchers have detailed a Virtual Private Network (VPN) bypass technique dubbed TunnelVision that allows threat actors to snoop on victim’s network traffic by just being on the same local network. The “decloaking” method has been assigned the CVE identifier CVE-2024-3661 (CVSS score: 7.6). It impacts all operating systems that implement a DHCP client and has”}]] – Read More – The Hacker News
– [[{“value”:” In this guest blog from Master of Pwn winner Cody Gallagher, he details CVE-2024-21115 – an Out-of-Bounds (OOB) Write that occurs in Oracle VirtualBox that can be leveraged for privilege escalation. This bug was recently patched by Oracle in April. Cody has graciously provided this detailed write-up of the vulnerability and how he exploited it at the contest....
– [[{“value”:” Ascension, a health care system with 140 hospitals in 19 states and Washington, D.C., and tens of thousands of employees and affiliated providers, detected a “cyber security event” Wednesday that has caused a “disruption to clinical operations,” the company said. Major impacts to medical services have been reported in multiple states, including Kansas, Florida and Michigan, including some...
– [[{“value”:”Polish government institutions have been targeted as part of a large-scale malware campaign orchestrated by a Russia-linked nation-state actor called APT28. “The campaign sent emails with content intended to arouse the recipient’s interest and persuade him to click on the link,” the computer emergency response team, CERT Polska, said in a Wednesday bulletin. Clicking on the link”}]] – Read More – The...
– [[{“value”:”The FBI has issued a warning to US retailers about a financially-motivated malicious hacking ring that has been targeting employees with phishing attacks in an attempt to create fraudulent gift cards. Read more in my article on the Tripwire State of Security blog.”}]] – Read More – Graham Cluley
– [[{“value”:” By Waqas Hackers claim to have breached a third-party contractor of HSBC and Barclays, stealing sensitive data including database files, source code, and more. This is a post from HackRead.com Read the original post: IntelBroker Hacker Leaks Alleged HSBC & Barclays Bank Data “}]] – Read More – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News
– [[{“value”:” By Waqas Discover the future of phishing email training, including personalized simulations, gamification, AI, and realistic scenarios. Empower your employees to combat evolving cyber threats and protect your organization. This is a post from HackRead.com Read the original post: The Future of Phishing Email Training for Employees in Cybersecurity “}]] – Read More – Hackread – Latest Cybersecurity,...
– [[{“value”:”A medical lab that specialises in cancer screenings has admitted to an alarming data breach that left sensitive patient information exposed for years – and accessible by unauthorised parties. California-based Guardant Health is notifying affected individuals that information related to samples collected in late 2019 and 2020 was “inadvertently” left exposed online to the general public after an employee...
– [[{“value”:”Two recently disclosed security flaws in Ivanti Connect Secure (ICS) devices are being exploited to deploy the infamous Mirai botnet. That’s according to findings from Juniper Threat Labs, which said the vulnerabilities CVE-2023-46805 and CVE-2024-21887 have been leveraged to deliver the botnet payload. While CVE-2023-46805 is an authentication bypass flaw,”}]] – Read More – The Hacker News
– [[{“value”:”Cybersecurity and compliance guidance are in high demand among SMEs. However, many of them cannot afford to hire a full-time CISO. A vCISO can answer this need by offering on-demand access to top-tier cybersecurity expertise. This is also an opportunity for MSPs and MSSPs to grow their business and bottom line. MSPs and MSSPs that expand their offerings and provide vCISO services”}]] ...
– [[{“value”:”Two security vulnerabilities have been discovered in F5 Next Central Manager that could be exploited by a threat actor to seize control of the devices and create hidden rogue administrator accounts for persistence. The remotely exploitable flaws “can give attackers full administrative control of the device, and subsequently allow attackers to create accounts on any F5 assets managed by...
– [[{“value”:”The kingpin of the LockBit ransomware is named and sanctioned, a cybersecurity consultant is charged with a $1.5 million extortion, and a romance fraudster defrauded women he met on Tinder of £80,000. All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this...
– [[{“value”:” The cybercriminals who targeted Boeing using the LockBit ransomware platform in October 2023 demanded a $200 million extortion payment, the company said Wednesday. Boeing confirmed to CyberScoop that it is the unnamed multinational aeronautical and defense corporation referenced in an indictment unsealed Tuesday by the U.S. Department of Justice. The indictment, which identified Dmitry Yuryevich Khoroshev as the...
– [[{“value”:” By Waqas The norotious IntelBroker hackers claims to have breached a leading cybersecurity company (revenue: $1.8 billion). The hacker is selling access to stolen data, including sensitive credentials and critical logs, for $20,000 in cryptocurrency. This is a post from HackRead.com Read the original post: IntelBroker Hacker Claims Breach of Top Cybersecurity Firm, Selling Access “}]] – Read...
– [[{“value”:” The U.S. spy chief on Wednesday published its policies for how intelligence agencies collect and use information from data brokers, but a prominent Hill critic says the guidance doesn’t address a key point about what kind of information it can or can’t obtain. The “Policy Framework for Commercially Available Information,” or CAI, released by the Office of the...
– [[{“value”:” By Deeba Ahmed Is your WordPress site using LiteSpeed Cache? A recent surge in malicious JavaScript injections targets vulnerable versions. Learn how to identify the signs of infection and prevent future attacks. Patch, scan, and secure your WordPress site today! This is a post from HackRead.com Read the original post: LiteSpeed Cache Plugin XSS Vulnerability Affects 1.8M WordPress...
– [[{“value”:”Researchers have discovered two novel attack methods targeting high-performance Intel CPUs that could be exploited to stage a key recovery attack against the Advanced Encryption Standard (AES) algorithm. The techniques have been collectively dubbed Pathfinder by a group of academics from the University of California San Diego, Purdue University, UNC Chapel”}]] – Read More – The Hacker News
– Permissions in SaaS platforms like Salesforce, Workday, and Microsoft 365 are remarkably precise. They spell out exactly which users have access to which data sets. The terminology differs between apps, but each user’s base permission is determined by their role, while additional permissions may be granted based on tasks or projects they are involved with. Layered on top of – Read More –...
– [[{“value”:” By cybernewswire Philadelphia, Pennsylvania, May 8th, 2024, CyberNewsWire Security Risk Advisors (SRA) announces the launch of their OT/XIoT Detection Selection… This is a post from HackRead.com Read the original post: Free Workshop from Security Risk Advisors Empowers Organizations to Select Optimal OT Security Tools “}]] – Read More – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News
– [[{“value”:” By Waqas Concerned about a potential MFA bypass in Microsoft Azure Entra ID? This article explores the research, explains the vulnerability in context, and offers actionable steps to secure your organization. This is a post from HackRead.com Read the original post: Findings Show MFA Bypass in Microsoft Azure Entra ID Using Seamless SSO “}]] – Read More –...
– [[{“value”:” In recent days, a purportedly pro-Israeli Telegram channel called “Tears of War” has posted dozens of messages. Interspersed with heartfelt posts pushing for the return of hostages taken as part of the Oct. 7 Hamas assault, a narrative thread is quite clear: The Israeli government is to blame for the ongoing suffering of hostages’ family members, and decisions...
– [[{“value”:”A newer version of a malware loader called Hijack Loader has been observed incorporating an updated set of anti-analysis techniques to fly under the radar. “These enhancements aim to increase the malware’s stealthiness, thereby remaining undetected for longer periods of time,” Zscaler ThreatLabz researcher Muhammed Irfan V A said in a technical report. “Hijack”}]] – Read More – The Hacker News
– [[{“value”:”״Defenders think in lists, attackers think in graphs,” said John Lambert from Microsoft, distilling the fundamental difference in mindset between those who defend IT systems and those who try to compromise them. The traditional approach for defenders is to list security gaps directly related to their assets in the network and eliminate as many as possible, starting with the...
– [[{“value”:”A high-severity flaw impacting the LiteSpeed Cache plugin for WordPress is being actively exploited by threat actors to create rogue admin accounts on susceptible websites. The findings come from WPScan, which said that the vulnerability (CVE-2023-40000, CVSS score: 8.3) has been leveraged to set up bogus admin users with the names wpsupp‑user “}]] – Read More – The Hacker News
– [[{“value”:” By Deeba Ahmed Over 1.2 million records were exposed in a major data breach at UK security firm Amberstone. Learn the potential impact, what to do if affected, and how to stay secure. This is a post from HackRead.com Read the original post: Major UK Security Provider Leaks Trove of Guard and Suspect Data “}]] – Read More ...
– Recent research finds signs of progress in the public-private alliance against ransomware – Read More – Sophos News
– [[{“value”:” By Waqas In a major blow to ransomware, international law enforcement has unmasked Dmitry Yuryevich Khoroshev, the leader of LockBit ransomware. Learn about the takedown, sanctions imposed, and the future of LockBit in a post-Khoroshev era. This is a post from HackRead.com Read the original post: Feds Unmask LockBit Ransomware Leader as Dmitry Yuryevich Khoroshev “}]] – Read...
– [[{“value”:” The United States joined the United Kingdom and Australia today in sanctioning 31-year-old Russian national Dmitry Yuryevich Khoroshev as the alleged leader of the infamous ransomware group LockBit. The U.S. Department of Justice also indicted Khoroshev and charged him with using Lockbit to attack more than 2,000 victims and extort at least $100 million in ransomware payments. Image:...
– [[{“value”:”The U.K. National Crime Agency (NCA) has unmasked the administrator and developer of the LockBit ransomware operation, revealing it to be a 31-year-old Russian national named Dmitry Yuryevich Khoroshev. In addition, Khoroshev has been sanctioned by the U.K. Foreign, Commonwealth and Development Office (FCD), the U.S. Department of the Treasury’s Office of Foreign Assets Control (“}]] – Read More – The Hacker...
– [[{“value”:” Malicious hackers are exploiting emerging technologies that rapidly connect people, posing advanced cyber risks in a world where the digital and physical are increasingly interwoven, according to a report Tuesday from the Office of the National Cyber Director. “We are in the midst of a fundamental transformation in our Nation’s cybersecurity,” National Cyber Director Harry Coker said in...
– [[{“value”:” By cybernewswire San Francisco, United States, May 7th, 2024, CyberNewsWire Hunters, the pioneer in modern SOC platforms, today announced its… This is a post from HackRead.com Read the original post: Hunters Announces Full Adoption of OCSF and Introduces OCSF-Native Search “}]] – Read More – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News
– [[{“value”:” The U.S. and British governments on Tuesday identified Dmitry Yuryevich Khoroshev as the leader, developer and administrator of the LockBit ransomware operation, one of the most prolific and profitable cybercriminal syndicates in recent years. Khoroshev, a Russian national, has been LockBit’s main administrator and developer since at least September 2019 continuing through the present, U.S. federal prosecutors said...
– [[{“value”:”The MITRE Corporation has offered more details into the recently disclosed cyber attack, stating that the first evidence of the intrusion now dates back to December 31, 2023. The attack, which came to light last month, singled out MITRE’s Networked Experimentation, Research, and Virtualization Environment (NERVE) through the exploitation of two Ivanti Connect Secure zero-day”}]] – Read More – The Hacker News
– [[{“value”:”The Iranian state-backed hacking outfit called APT42 is making use of enhanced social engineering schemes to infiltrate target networks and cloud environments. Targets of the attack include Western and Middle Eastern NGOs, media organizations, academia, legal services and activists, Google Cloud subsidiary Mandiant said in a report published last week. “APT42 was”}]] – Read More – The Hacker News
– [[{“value”:” By Deeba Ahmed A massive data leak of 820,000 Dominicans’ personal information (including COVID vaccination status) has been leaked online puting individuals at risk of identity theft, scams, and social engineering attacks. This is a post from HackRead.com Read the original post: Hackers Leak COVID-19 Data of 820K Dominicans, Including Vaccination Info “}]] – Read More – Hackread...
– [[{“value”:” By Waqas UK Ministry of Defence (MoD) faces potential Chinese cyberattack. Learn more about the details of the alleged attack, China’s role in cyberspace, potential consequences, and the importance of international cooperation in cybersecurity. This is a post from HackRead.com Read the original post: China Suspected in Major Cyberattack on UK’s Ministry of Defence (MoD) “}]] – Read...
This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.
Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.
If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.
