The Hacker News Daily Updates

"Kodi confirms data breach:  400K user records and private messages stolen."

Views expressed in this cybersecurity, cybercrime news summary are those of the reporters and correspondents.  Accessed on 14 April 2023, 1420 UTC.  Content provided by email subscription to "The Hacker News Daily Updates."

Source:  https://mail.google.com/mail/u/0/#inbox/FMfcgzGsmDlfpsXcjmLtMrlBtHkhBJfm ("The Hacker News Daily Updates").

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://hawaiicybersecurityjournal.net and https://paper.li/RussellRoberts).

The Hacker News Daily Updates
Newsletter
cover

Webinar: Tour of the Underground: Master the Art of Dark Web Intelligence Gathering

arn the art of extracting threat intelligence from the dark web -- Join this expert-led webinar!

Download NowSponsored
LATEST NEWSApr 14, 2023

Kodi Confirms Data Breach: 400K User Records and Private Messages Stolen

Open source media player software provider Kodi has confirmed a data breach after threat actors stole the company's MyBB forum database containing user data and private messages. What's more, the unknown threat actors attempted to sell the data dump comprising 400,635 Kodi users on the now-defunct BreachForums cybercrime marketplace. "MyBB admin logs show the account of a trusted but ...

Read More
TwitterFacebookLinkedIn

Severe Android and Novi Survey Vulnerabilities Under Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The two flaws are listed below - CVE-2023-20963 (CVSS score: 7.8) - Android Framework Privilege Escalation Vulnerability CVE-2023-29492 (CVSS score: TBD) - Novi Survey Insecure Deserialization ...

Read More
TwitterFacebookLinkedIn

Webinar: Tips from MSSPs to MSSPs – Building a Profitable vCISO Practice

In today's fast-paced and ever-changing digital landscape, businesses of all sizes face a myriad of cybersecurity threats. Putting in place the right people, technological tools and services, MSSPs are in a great position to ensure their customers' cyber resilience.  The growing need of SMEs and SMBs for structured cybersecurity services can be leveraged by MSPs and MSSPs to provide ...

Read More
TwitterFacebookLinkedIn

Google Launches New Cybersecurity Initiatives to Strengthen Vulnerability Management

Google on Thursday outlined a set of initiatives aimed at improving the vulnerability management ecosystem and establishing greater transparency measures around exploitation. "While the notoriety of zero-day vulnerabilities typically makes headlines, risks remain even after they're known and fixed, which is the real story," the company said in an announcement. "Those risks span everything ...

Read More
TwitterFacebookLinkedIn

RTM Locker: Emerging Cybercrime Group Targeting Businesses with Ransomware

Cybersecurity researchers have detailed the tactics of a "rising" cybercriminal gang called "Read The Manual" (RTM) Locker that functions as a private ransomware-as-a-service (RaaS) provider and carries out opportunistic attacks to generate illicit profit. "The 'Read The Manual' Locker gang uses affiliates to ransom victims, all of whom are forced to abide by the gang's strict ...

Read More
TwitterFacebookLinkedIn

WhatsApp Introduces New Device Verification Feature to Prevent Account Takeover Attacks

Popular instant messaging app WhatsApp on Thursday announced a new account verification feature that ensures that malware running on a user's mobile device doesn't impact their account. "Mobile device malware is one of the biggest threats to people's privacy and security today because it can take advantage of your phone without your permission and use your WhatsApp to send unwanted ...

Read More
TwitterFacebookLinkedIn

New Python-Based "Legion" Hacking Tool Emerges on Telegram

An emerging Python-based credential harvester and a hacking tool named Legion is being marketed via Telegram as a way for threat actors to break into various online services for further exploitation. Legion, according to Cado Labs, includes modules to enumerate vulnerable SMTP servers, conduct remote code execution (RCE) attacks, exploit unpatched versions of Apache, and brute-force cPanel ...

Read More
TwitterFacebookLinkedIn

Pakistan-based Transparent Tribe Hackers Targeting Indian Educational Institutions

The Transparent Tribe threat actor has been linked to a set of weaponized Microsoft Office documents in intrusions directed against the Indian education sector to deploy a continuously maintained piece of malware called Crimson RAT. While the suspected Pakistan-based threat group is known to target military and government entities in the country, the activities have since expanded to include ...

Read More
TwitterFacebookLinkedIn
cover

Webinar: Tour of the Underground: Master the Art of Dark Web Intelligence Gathering

arn the art of extracting threat intelligence from the dark web -- Join this expert-led webinar!

Download NowSponsored

Comments

Popular posts from this blog

BleepingComputer.com

The Cyberwire Daily Briefing

SecurityWeek Briefing