The Hacker News Daily Updates

Hidden Facebook tool lets users remove their email or phone number shared by others.

Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents.  Accessed on 07 November 2022, 2032 UTC.  Content supplied by email subscription to "The Hacker News Daily Updates."

Source:  https://mail.google.com/mail/u/0/?ogbl#inbox/FMfcgzGqRQHbXLbQhzSCdRdfcfPnvkTr

Please click link or scroll down to read your selections. Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net and https://paper.li/RussellRoberts).

The Hacker News Daily Updates

2022 Zscaler ThreatLabz State of Phishing Report Phishing has long been one of the most pervasive cyberthreats, and it grows every year. Download Now Sponsored

LATEST NEWS Nov 7, 2022

This Hidden Facebook Tool Lets Users Remove Their Email or Phone Number Shared by Others Facebook appears to have silently rolled out a tool that allows users to remove their contact information, such as phone numbers and email addresses, uploaded by others. The existence of the tool, which is buried inside a Help Center page about "Friending," was first reported by Business ... Read More

Experts Find URLScan Security Scanner Inadvertently Leaks Sensitive URLs and Data Security researchers are warning of "a trove of sensitive information" leaking through urlscan.io, a website scanner for suspicious and malicious URLs. "Sensitive URLs to shared documents, password reset pages, team invites, payment invoices and more are publicly listed and searchable," Positive ... Read More

Robin Banks Phishing Service for Cybercriminals Returns with Russian Server A phishing-as-a-service (PhaaS) platform known as Robin Banks has relocated its attack infrastructure to DDoS-Guard, a Russian provider of bulletproof hosting services. The switch comes after "Cloudflare disassociated Robin Banks phishing infrastructure from its services, causing a multi-day ... Read More

Researchers Uncover 29 Malicious PyPI Packages Targeted Developers with W4SP Stealer Cybersecurity researchers have uncovered 29 packages in Python Package Index (PyPI), the official third-party software repository for the Python programming language, that aim to infect developers' machines with a malware called W4SP Stealer. "The main attack seems to have started around October ... Read More

Microsoft Warns of Uptick in Hackers Leveraging Publicly-Disclosed 0-Day Vulnerabilities Microsoft is warning of an uptick among nation-state and criminal actors increasingly leveraging publicly-disclosed zero-day vulnerabilities for breaching target environments. The tech giant, in its 114-page Digital Defense Report, said it has "observed a reduction in the time between the ... Read More

Researchers Detail New Malware Campaign Targeting Indian Government Employees The Transparent Tribe threat actor has been linked to a new campaign aimed at Indian government organizations with trojanized versions of a two-factor authentication solution called Kavach. "This group abuses Google advertisements for the purpose of malvertising to distribute backdoored versions ... Read More

Your OT Is No Longer Isolated: Act Fast to Protect It Not too long ago, there was a clear separation between the operational technology (OT) that drives the physical functions of a company – on the factory floor, for example – and the information technology (IT) that manages a company's data to enable management and planning.  As IT assets became ... Read More

CISA Warns of Critical Vulnerabilities in 3 Industrial Control System Software The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published three Industrial Control Systems (ICS) advisories about multiple vulnerabilities in software from ETIC Telecom, Nokia, and Delta Industrial Automation. Prominent among them is a set of three flaws affecting ETIC ... Read More

Zero Trust Access for Dummies. Never trust. Always verify. Understanding the Need for Zero Trust Download Now Sponsored