Source: www.securityweek.com – Author: Ionut Arghire Vulnerabilities in Netgear’s NMS300 ProSAFE network management system allow attackers to retrieve cleartext credentials and escalate privileges, cybersecurity firm Flashpoint...
Month: May 2023
Passkeys Support Added to Google Accounts for Passwordless Sign-Ins – Source: www.securityweek.com
Source: www.securityweek.com – Author: Eduard Kovacs Google announced on Wednesday that users can now sign into their Google account using passkeys. The move is part of...
Chrome 113 Released With 15 Security Patches – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Google this week announced the release of Chrome 113 to the stable channel with 15 security fixes, including patches for...
Hackers Promise AI, Install Malware Instead – Source: www.securityweek.com
Source: www.securityweek.com – Author: AFP Meta on Wednesday warned that hackers are using the promise of generative artificial intelligence like ChatGPT to trick people into installing...
Open Banking: A Perfect Storm for Security and Privacy? – Source: www.securityweek.com
Source: www.securityweek.com – Author: Kevin Townsend Open banking was born in the EU, flourished in the UK, and is now spreading around the globe – including...
Chinese APT Uses New ‘Stack Rumbling’ Technique to Disable Security Software – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire A subgroup of the Chinese state-sponsored threat actor known as APT41 has been observed using a new denial-of-service (DoS) technique...
Exploitation of BGP Implementation Vulnerabilities Can Lead to Disruptions – Source: www.securityweek.com
Source: www.securityweek.com – Author: Eduard Kovacs A widely used BGP implementation is affected by three vulnerabilities that can be exploited to cause disruption through denial-of-service (DoS)...
Tracked by hidden tags? Apple and Google unite to propose safety and security standards… – Source: nakedsecurity.sophos.com
Source: nakedsecurity.sophos.com – Author: Paul Ducklin Apple’s AirTag system has famously been subjected to firmware hacking, used as a free low-bandwidth community radio network, and involved...
How To Survive a Ransomware Attack and Fix Ransomware Breach Face – Source: www.cyberdefensemagazine.com
Source: www.cyberdefensemagazine.com – Author: News team By Derek Nugent, Vice President of Revenue at Difenda Ransomware attacks have become a growing concern for businesses and individuals...
City of Dallas hit by Royal ransomware attack impacting IT services – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Lawrence Abrams The City of Dallas, Texas, has suffered a Royal ransomware attack, causing it to shut down some of its IT...
Hackers start using double DLL sideloading to evade detection – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas An APT hacking group known as “Dragon Breath,” “Golden Eye Dog,” or “APT-Q-27” is demonstrating a new trend of using...
Russian hackers use WinRAR to wipe Ukraine state agency’s data – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas The Russian ‘Sandworm’ hacking group has been linked to an attack on Ukrainian state networks where WinRar was used to...
Drone goggles maker claims firmware sabotaged to ‘brick’ devices – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Sergiu Gatlan Orqa, a maker of First Person View (FPV) drone racing goggles, claims that a contractor introduced code into its devices’...
Facebook disrupts new NodeStealer information-stealing malware – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Facebook discovered a new information-stealing malware distributed on Meta called ‘NodeStealer,’ allowing threat actors to steal browser cookies to hijack...
Windows admins can now sign up for ‘known issue’ email alerts – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Sergiu Gatlan Microsoft announced today that Windows admins can now choose to be emailed when new known issues are added to the Windows release...
Police dismantles Try2Check credit card verifier used by dark web markets – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Sergiu Gatlan The U.S. Department of Justice announced today the indictment of Russian citizen Denis Gennadievich Kulkov, suspected of running a stolen...
Researcher hijacks popular Packagist PHP packages to get a job – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Ax Sharma A researcher hijacked over a dozen Packagist packages—with some having been installed hundreds of millions of times over the course...
Brightline data breach impacts 783K pediatric mental health patients – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Pediatric mental health provider Brightline is warning patients that it suffered a data breach impacting 783,606 people after a ransomware...
Google adds passkeys support for passwordless sign-in on all accounts – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Sergiu Gatlan Google is rolling out support for passkeys for Google Accounts across all services and platforms, allowing users to sign into...
Divorce – Source: www.troyhunt.com
Source: www.troyhunt.com – Author: Troy Hunt I wish I’d read this blog post years ago. I don’t have any expertise whatsoever to be guiding others through...
ChatGPT hacking, it’s only just begun… – Source: www.cybertalk.org
Source: www.cybertalk.org – Author: slandau EXECUTIVE SUMMARY: Since its November debut on the world stage, the popular AI-powered chatbot, ChatGPT, has continuously attracted cyber criminal attention....
Hacktivism and the new age of cyber warfare – Source: www.cybertalk.org
Source: www.cybertalk.org – Author: slandau By Sergey Shykevich, Threat Intelligence Group Manager, Check Point. Hacktivism has traditionally been associated with loosely managed underground cyber criminal entities....
CISA Advises FCC Covered List For Risk Management – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 The US Cybersecurity and Infrastructure Security Agency (CISA) has urged organizations to incorporate the Covered List created by the Federal Communications...
Apple and Google Unveil Industry Specification For Unwanted Tracking – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 Google and Apple have announced jointly submitting a proposed industry specification to aid the fight against unwanted tracking via Bluetooth location-tracking...
Earth Longzhi Uses “Stack Rumbling” to Disable Security Software – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 Cybersecurity researchers at Trend Micro have discovered a new campaign by Earth Longzhi targeting organizations based in Taiwan, Thailand, the Philippines...
Three-Quarters of Firms Predict Breach in Coming Year – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 Most global organizations anticipate suffering a data breach or cyber-attack in the next 12 months, despite cyber-risk levels falling overall, according...
Government’s New Fraud Strategy Gets Lukewarm Reception – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 The UK government has announced a new fraud strategy which will focus heavily on mitigating the impact of telephone and online...
Dark Web Bust Leads to Arrest of 288 Suspects – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 International police have arrested nearly 300 individuals on suspicion of buying or selling drugs on underground marketplace Monopoly Market. Operation SpecTor...
Authorities dismantled the card-checking platform Try2Check – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini Authorities dismantled the Try2Check platform, a Card-Checking platform that generated tens of millions of dollars in revenue. The U.S. DoJ...
Passwordless sign-in with passkeys is now available for Google accounts – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini Google announced the introduction of the passwordless secure sign-in with Passkeys for Google Accounts on all platforms. Google is rolling...