Source: thehackernews.com – Author: . The threat actors behind ClearFake, SocGholish, and dozens of other actors have established partnerships with another entity known as VexTrio as...
Day: January 23, 2024
Malicious NPM Packages Exfiltrate Hundreds of Developer SSH Keys via GitHub – Source:thehackernews.com
Source: thehackernews.com – Author: . Jan 23, 2024NewsroomSoftware Security / Supply Chain Two malicious packages discovered on the npm package registry have been found to leverage...
“Activator” Alert: MacOS Malware Hides in Cracked Apps, Targeting Crypto Wallets – Source:thehackernews.com
Source: thehackernews.com – Author: . Jan 23, 2024NewsroomMalware / Cryptocurrency Cracked software have been observed infecting Apple macOS users with a previously undocumented stealer malware capable...
From Megabits to Terabits: Gcore Radar Warns of a New Era of DDoS Attacks – Source:thehackernews.com
Source: thehackernews.com – Author: . As we enter 2024, Gcore has released its latest Gcore Radar report, a twice-annual publication in which the company releases internal...
Windows 10 KB5034203 preview update adds EU DMA compliance – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Sergiu Gatlan Microsoft has released the January 2024 preview update for Windows 10, version 22H2, which adds Digital Markets Act (DMA) compliance...
Jason’s Deli says customer data exposed in credential stuffing attack – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Jason’s Deli is warning of a data breach in notifications sent to customers of its online platform stating that their...
Fortra warns of new critical GoAnywhere MFT auth bypass, patch now – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Fortra is warning of a new authentication bypass vulnerability impacting GoAnywhere MFT (Managed File Transfer) versions before 7.4.1 that allows...
Australia sanctions REvil hacker behind Medibank data breach – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas The Australian government has announced sanctions for Aleksandr Gennadievich Ermakov, a Russian national considered responsible for the 2022 Medibank hack...
New Cybersecurity Governance Code Puts Cyber Risks on Boardroom Agenda – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 The UK government has published a new Code of Practice on cybersecurity governance, targeting directors and other senior business leaders. The...
French Watchdog Slams Amazon with €32m Fine for Spying on Workers – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 Amazon France Logistique, a subsidiary of the e-commerce giant that manages its large warehouses in France, has been fined €32m ($35m)...
Australia Sanctions Russian Hacker Behind Medibank Breach – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 The Australian government has publicly named a Russian cybercriminal as responsible for the Medibank data breach, which affected 9.7 million people....
LoanDepot data breach impacted roughly 16.6 individuals – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini LoanDepot data breach impacted roughly 16.6 individuals Financial services company LoanDepot disclosed a data breach that impacted roughly 16.6 million...
Black Basta gang claims the hack of the UK water utility Southern Water – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini Black Basta gang claims the hack of the UK water utility Southern Water The Black Basta ransomware gang claimed to...
CISA adds VMware vCenter Server bug to its Known Exploited Vulnerabilities catalog – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini CISA adds VMware vCenter Server bug to its Known Exploited Vulnerabilities catalog U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds...
Mother of all breaches – a historic data leak reveals 26 billion records: check what’s exposed – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini Mother of all breaches – a historic data leak reveals 26 billion records: check what’s exposed Cybersecurity researcher Bob Dyachenko...
Apple fixed actively exploited zero-day CVE-2024-23222 – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini Apple fixed actively exploited zero-day CVE-2024-23222 Apple addressed the first zero-day vulnerability that impacts iPhones, Macs, and Apple TVs. The...
“My Slice”, an Italian adaptive phishing campaign – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini “My Slice”, an Italian adaptive phishing campaign Adaptive phishing campaigns are emerging as an increasingly sophisticated threat in the cybersecurity...
Top 6 LastPass Alternatives and Competitors for 2024 – Source: www.techrepublic.com
Source: www.techrepublic.com – Author: Franklin Okeke We may earn from vendors via affiliate links or sponsorships. This might affect product placement on our site, but not...
BreachForums Founder Sentenced to 20 Years of Supervised Release, No Jail Time – Source:thehackernews.com
Source: thehackernews.com – Author: . Jan 23, 2024NewsroomCyber Crime / Dark Web Conor Brian Fitzpatrick has been sentenced to time served and 20 years of supervised...
~40,000 Attacks in 3 Days: Critical Confluence RCE Under Active Exploitation – Source:thehackernews.com
Source: thehackernews.com – Author: . Jan 23, 2024NewsroomVulnerability / Cyber Attack Malicious actors have begun to actively exploit a recently disclosed critical security flaw impacting Atlassian...
Apple Issues Patch for Critical Zero-Day in iPhones, Macs – Update Now – Source:thehackernews.com
Source: thehackernews.com – Author: . Jan 23, 2024NewsroomVulnerability / Device Security Apple on Monday released security updates for iOS, iPadOS, macOS, tvOS, and Safari web browser...
Apple Ships iOS 17.3, Warns of WebKit Zero-Day Exploitation – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ryan Naraine Apple pushes out fresh versions of its iOS and macOS platforms to fix WebKit vulnerabilities being exploited as zero-day in...
Security Experts Describe AI Technologies They Want to See – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ryan Naraine SecurityWeek interviews a wide spectrum of security experts on AI-driven cybersecurity use-cases that are worth immediate attention. The post Security...
Hackers Targeting Critical Atlassian Confluence Vulnerability Days After Disclosure – Source: www.securityweek.com
Source: www.securityweek.com – Author: Eduard Kovacs The Atlassian Confluence vulnerability CVE-2023-22527 is being exploited in the wild just days after it was disclosed. The post Hackers...
LoanDepot Breach: 16.6 Million People Impacted – Source: www.securityweek.com
Source: www.securityweek.com – Author: SecurityWeek News Lending giant LoanDepot (NYSE: LDI) said that roughly 16.6 million individuals were impacted as a result of a ransomware attack....
New NTLM Hash Leak Attacks Target Outlook, Windows Programs – Source: www.securityweek.com
Source: www.securityweek.com – Author: Eduard Kovacs Varonis finds one vulnerability and three attack methods that can be used to obtain NTLM hashes via Outlook and two...
Owner of Cybercrime Website BreachForums Sentenced to Supervised Release – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Conor Brian Fitzpatrick, the owner of the cybercrime website BreachForums, was sentenced to time served and supervised release. The post...
Chinese Spies Exploited VMware vCenter Server Vulnerability Since 2021 – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire CVE-2023-34048, a vCenter Server vulnerability patched in October 2023, had been exploited as zero-day for a year and a half....
France Fines Yahoo 10 Mn Euros Over Cookie Abuses – Source: www.securityweek.com
Source: www.securityweek.com – Author: AFP France’s data protection watchdog fines Yahoo 10 million euros for not respecting users’ refusals of internet-tracking “cookies” The post France Fines...
AI Bots on X (Twitter) – Source: www.schneier.com
Source: www.schneier.com – Author: Bruce Schneier HomeBlog Comments Tom • January 22, 2024 8:12 AM Something I’ve been expecting to see for a while now is...