China-linked APT40 used ScanBox Framework in a long-running espionage campaignExperts uncovered a cyber espionage campaign conducted by a China-linked APT group and aimed at several entities...
Month: August 2022
2.5M People Had Their Student Loan Accounts Data Stolen
2.5M People Had Their Student Loan Accounts Data StolenAbout 2,501,324 individuals have been affected by a breach in the network of Nelnet Servicing, a technology services...
Agenda, a New Golang Ransomware, Is on the Loose
Agenda, a New Golang Ransomware, Is on the LooseA new type of ransomware has been identified. Agenda is written in Go language (or Golang), a language...
Cyber Insurance: a fast-changing landscape
Cyber Insurance: a fast-changing landscapeFocus on the evolving cyber insurance market in Europe for businesses, and the key factors that companies looking […] The post Cyber...
HYPERSCRAPE Detection: Iranian Cyberespionage Group APT35 Uses a Custom Tool to Steal User Data
HYPERSCRAPE Detection: Iranian Cyberespionage Group APT35 Uses a Custom Tool to Steal User Data The malicious campaigns of the Iran-backed APT34 hacking collective also tracked as...
MagicWeb Detection: NOBELIUM APT Uses Sophisticated Authentication Bypass
MagicWeb Detection: NOBELIUM APT Uses Sophisticated Authentication Bypass A notorious APT group tracked as NOBELIUM (aka APT29, Cozy Bear, and The Dukes) adds new threats to...
High-School Graduation Prank Hack
High-School Graduation Prank HackThis is a fun story, detailing the hack a group of high school students perpetrated against an Illinois school district, hacking 500 screens...
How 1-Time Passcodes Became a Corporate Liability
How 1-Time Passcodes Became a Corporate LiabilityPhishers are enjoying remarkable success using text messages to steal remote access credentials and one-time passcodes from employees at some...
0 - CT 0 - CT - CISO Strategics - Privacy Cyber Security News McAfee Antivirus | Securing Tomorrow RSS Feed
Privacy, please! Why a VPN on your smartphone may be a smart move for you.
Privacy, please! Why a VPN on your smartphone may be a smart move for you. Using a VPN on your smartphone can boost your privacy in...
Malicious Cookie Stuffing Chrome Extensions with 1.4 Million Users
Malicious Cookie Stuffing Chrome Extensions with 1.4 Million Users Authored by Oliver Devane and Vallabh Chole A few months ago, we blogged about malicious extensions redirecting...
Our Quest: Advancing Product Labels to Help Consumers Consider Cybersecurity
Our Quest: Advancing Product Labels to Help Consumers Consider CybersecurityFor many decades, consumers have relied on labels to help them make decisions about which products to...
US govt sues Kochava for selling sensitive geolocation data
US govt sues Kochava for selling sensitive geolocation dataThe U.S. Federal Trade Commission (FTC) announced today that it filed a lawsuit against Idaho-based location data broker...
Pirate sites ban in Austria took down Cloudflare CDNs by mistake
Pirate sites ban in Austria took down Cloudflare CDNs by mistakeExcessive and indiscriminate blocking is underway in Austria, with internet service providers (ISPs) complying to a...
Windows malware delays coinminer install by a month to evade detection
Windows malware delays coinminer install by a month to evade detectionA new malware campaign disguised as Google Translate or MP3 downloader programs was found distributing cryptocurrency...
Leading library services firm Baker & Taylor hit by ransomware
Leading library services firm Baker & Taylor hit by ransomwareBaker & Taylor, which describes itself as the world's largest distributor of books to libraries worldwide, today...
0 - CT 0 - CT - SOC - CSIRT Operations - Data Leak & Breach Incidents Notepad BLEEPINGCOMPUTER Cyber Security News
Nelnet Servicing breach exposes data of 2.5M student loan accounts
Nelnet Servicing breach exposes data of 2.5M student loan accountsNelnet Serving, a Nebraska-based student loan technology services provider, has been breached by unauthorized network intruders who...
FBI: Hackers increasingly exploit DeFi bugs to steal cryptocurrency
FBI: Hackers increasingly exploit DeFi bugs to steal cryptocurrencyThe U.S. Federal Bureau of Investigation (FBI) is warning investors that cyber criminals increasingly exploiting security vulnerabilities in Decentralized Finance...
Google launches open-source software bug bounty program
Google launches open-source software bug bounty programGoogle will now pay security researchers to find and report bugs in the latest versions of Google-released open-source software (Google...
Chrome extensions with 1.4 million installs steal browsing data
Chrome extensions with 1.4 million installs steal browsing dataThreat analysts at McAfee found five Google Chrome extensions that steal track users' browsing activity. Collectively, the extensions have...
Microsoft Azure outage knocks Ubuntu VMs offline after buggy update
Microsoft Azure outage knocks Ubuntu VMs offline after buggy updateMicrosoft Azure customers' virtual machines (VMs) running Ubuntu 18.04 have been taken offline by an ongoing outage caused...
Chinese hackers target Australian govt with ScanBox malware
Chinese hackers target Australian govt with ScanBox malwareChina-based threat actors have been targeting Australian government agencies and wind turbine fleets in the South China Sea by...
0 - CT 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad Proofpoint Threat Insights
Summertime Blues: TA558 Ramps Up Attacks on Hospitality, Travel Sectors
Summertime Blues: TA558 Ramps Up Attacks on Hospitality, Travel SectorsContenido de la entradaLeer másProofpoint News Feed
0 - CT 0 - CT - SOC - CSIRT Operations - Data Leak & Breach Incidents Notepad BLEEPINGCOMPUTER Cyber Security News
Russian streaming platform confirms data breach affecting 7.5M users
Russian streaming platform confirms data breach affecting 7.5M usersRussian media streaming platform 'START' (start.ru) has confirmed rumors of a data breach impacting millions of users. [...]Leer...
Security investment, toolchain consolidation emerge as top priorities
Security investment, toolchain consolidation emerge as top prioritiesA new survey from GitLab also finds that nearly three-quarters of respondents have adopted or are planning to adopt...
Hackers hide malware in James Webb telescope images
Hackers hide malware in James Webb telescope imagesThreat analysts have spotted a new malware campaign dubbed 'GO#WEBBFUSCATOR' that relies on phishing emails, malicious documents, and space...
0 - CT 0 - CT - CISO Strategics - Cybersecurity Frameworks 0 - CT - SOC - CSIRT Operations - Threat Hunting Cyber Security News Security on TechRepublic
Sliver offensive security framework increasingly used by threat actors
Sliver offensive security framework increasingly used by threat actorsThe offensive security tool used by penetration testers is also being used by threat actors from the ransomware...
6 different types of CISOs and the environments they thrive in
6 different types of CISOs and the environments they thrive inEXECUTIVE SUMMARY: The CISO’s role is to protect the business from cyber threats, but often times...
Ukraine takes down cybercrime group hitting crypto fraud victims
Ukraine takes down cybercrime group hitting crypto fraud victimsThe National Police of Ukraine (NPU) took down a network of call centers used by a cybercrime group...
Don’t Let ‘Perfect’ Be the Enemy of a Good AppSec Program
Don't Let 'Perfect' Be the Enemy of a Good AppSec ProgramThese five suggestions provide a great place to start building a scalable and affordable program for...
New ODGen Tool Unearths 180 Zero-Days in Node.js Libraries
New ODGen Tool Unearths 180 Zero-Days in Node.js LibrariesNew graph-based tool offers a better alternative to current approaches for finding vulnerabilities in JavaScript code, they note.Leer...