July 19, 2021
Via: Help Net SecurityBy now, most of us are aware that smartphones are powerful computers and should be treated as such. It’s not a coincidence that most of the security tips given to smartphone users – such as refraining from opening suspicious links […]
July 8, 2021
Via: Security AffairsA threat actor that goes online with the name “integra” has deposited 26.99 Bitcoins on one of the cybercrime forums with the intent to purchase zero-day Exploits from other forum members, researchers from threat intelligence firm Cyble. According to the […]
July 6, 2021
Via: Security AffairsSoftware provider Kaseya announced that fewer than 60 of its customers and less than 1,500 businesses have been impacted by the recent supply-chain ransomware attack. Up to 1,500 downstream organizations, which were customers of MSPs using Kaseya VSA management platform, […]
Data loss, Hacker, Threats & Malware
June 11, 2021
Via: Security AffairsThe US Department of Justice announced to have seized the infrastructure of SlilPP, a popular marketplace used by cybercriminals to buy and sell stolen login credentials. The seizure is the result of a multinational operation involving law enforcement agencies in […]
June 11, 2021
Via: Security AffairsResearchers from NordLocker have discovered an unsecured database containing 1.2-terabyte of stolen data. Threat actors used custom malware to steal data from 3.2 million Windows systems between 2018 and 2020. The database includes 6.6 million files and 26 million credentials, […]
Threats & Malware, Vulnerabilities
May 19, 2021
Via: Security AffairsSecurity researchers with Tencent Security Keen Lab identified five vulnerabilities, tracked as CVE-2021-23906, CVE-2021-23907, CVE-2021-23908, CVE-2021-23909, and CVE-2021-23910, in the latest infotainment system in Mercedes-Benz cars. The experts focused their analysis on the Mercedes-Benz User Experience (MBUX) infotainment system, which […]
April 13, 2021
Via: Security WeekWyatt Travnichek, 22, was charged last month with remotely accessing the Post Rock Rural Water District’s systems in March 2019, about two months after he quit his job with the utility. He’s accused of shutting down the facility’s cleaning and […]
April 13, 2021
Via: Computer WeeklyMember of parliament and Foreign Affairs Committee chair Tom Tugendhat has made the claim that the UK’s intelligence services unofficially told him to stop using his official parliamentary email in favour of Google’s Gmail service over concerns that the government’s […]
Threats & Malware, Vulnerabilities
April 9, 2021
Via: TechRadarSecurity researchers squaring off at the Pwn2Own hacking competition have discovered various vulnerabilities in Microsoft’s Windows 10 operating system. During the first two days of the event, which is run by the Zero Day Initiative, three Windows 10 exploits were […]
April 5, 2021
Via: CSO OnlineDetails of the 2020 SolarWinds attack continue to unfold, and it may be years before the final damages can be tallied. While it is “hard to say” if the SolarWinds software supply-chain compromise will become known as the highest-impact cyber […]
April 1, 2021
Via: The Hacker NewsA 22-year-old man from the U.S. state of Kansas has been indicted on charges that he unauthorizedly accessed a public water facility’s computer system, jeopardizing the residents’ safety and health in the local community. Wyatt A. Travnichek, 22, of Ellsworth […]
March 25, 2021
Via: Security AffairsWhile vaccination campaigns go ahead with different speeds in many countries multiple threat actors on the Dark Web started offering fake COVID-19 test results and vaccination certificates. Multiple research teams, including mine, are monitoring these specific criminal activities in the […]
March 5, 2021
Via: Security WeekAt least four such forums have been breached to date, namely Verified in January, Crdclub in February, and Exploit and Maza in March. All are predominantly Russian-language forums and saw their breaches publicly disclosed elsewhere. Intelligence firm Intel 471, which […]
February 23, 2021
Via: Help Net SecurityThere’s an increased adoption of managed infrastructure services and the emergence of new cloud watering hole attacks, Accurics reveals. Of all violations identified, 23 percent correspond to poorly configured managed service offerings – largely the result of default security profiles […]
February 22, 2021
Via: The Hacker NewsOn August 13, 2016, a hacking unit calling itself “The Shadow Brokers” announced that it had stolen malware tools and exploits used by the Equation Group, a sophisticated threat actor believed to be affiliated to the Tailored Access Operations (TAO) […]
February 18, 2021
Via: Panda SecurityThe largest-ever compilation of stolen passwords and emails was recently posted online on a hacking forum that anyone could access. The lists contain a staggering 3.27 billion entries! The enormous database appears to be a compilation of leaked login credentials […]
February 16, 2021
Via: Computer WeeklyAn apparent cyber attack on pharmaceutical company Pfizer was probably an attempt to steal Covid-19 vaccine information by North Korean state-backed actors, according to South Korea’s intelligence service, which briefed lawmakers during a closed-door session, says news agency Yonhap. National […]
February 15, 2021
Via: Panda SecurityFor years we have written about malware, viruses and phishing on the Panda Security blog – but there are other ways to break into a computer. Here are three of the weirdest techniques we’ve heard of – and they really […]
Threats & Malware, Vulnerabilities
February 12, 2021
Via: Security WeekThe report by the Center for Internet Security, a nonprofit that partners with the federal government on election security initiatives, focuses on how hardware and software components can provide potential entryways for hackers. “We have to continue to get better,” […]
Threats & Malware, Vulnerabilities
January 27, 2021
Via: Security AffairsIn order to better understand the evolutionary trend of worldwide shipping and port facilities from 2007 to present, it is necessary to talk again about cyber risk in the maritime and port setting. It is not the purpose of this […]