BleepingComputer.com

"Fake celebrity photo leak videos flood TikTok with Temu referral codes."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 24 September 2023, 1439 UTC.  Content provided by "BleepingComputer.com."

Source:  https://www.bleepingcomputer.com/ ("BleepingComputer.com").

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Fake celebrity photo leak videos flood TikTok with Temu referral codes

  • TikTok is flooded with videos promoting fake nude celebrity photo leaks used to push referral rewards for the Temu online megastore.

  • Hacker cybersecurity
     

New stealthy and modular Deadglyph malware used in govt attacks

  • A novel and sophisticated backdoor malware named 'Deadglyph' was seen used in a cyberespionage attack against a government agency in the Middle East.

  • Hacker VR Spyware Surveillance
     

Evasive Gelsemium hackers spotted in attack against Asian govt

  • A stealthy advanced persistent threat (APT) tracked as Gelsemium was observed in attacks targeting a Southeast Asian government that spanned six months between 2022 and 2023.

  • Hacker books
     

National Student Clearinghouse data breach impacts 890 schools

  • U.S. educational nonprofit National Student Clearinghouse has disclosed a data breach affecting 890 schools using its services across the United States.

  • air canada
     

Air Canada discloses data breach of employee and 'certain records'

  • Air Canada, the flag carrier and the largest airline of Canada, disclosed a cyber security incident this week in which hackers "briefly" obtained limited access to its internal systems. The incident resulted in the theft of a limited amount of personal information of some of its employees and "certain records."

  • Dallas
     

Dallas says Royal ransomware breached its network using stolen account

  • The City of Dallas, Texas, said this week that the Royal ransomware attack that forced it to shut down all IT systems in May started with a stolen account.

  • Phishing
     

Nigerian man pleads guilty to attempted $6 million BEC email heist

  • Kosi Goodness Simon-Ebo, a 29-year-old Nigerian national extradited from Canada to the United States last April, pleaded guilty to wire fraud and money laundering through business email compromise (BEC).

  • Apple
     

Recently patched Apple, Chrome zero-days exploited in spyware attacks

  • Security researchers with the Citizen Lab and Google's Threat Analysis Group (TAG) revealed today that three zero-days patched by Apple on Thursday were abused as part of an exploit chain to install Cytrox's Predator spyware.

  • China Hacker
     

Government of Bermuda links cyberattack to Russian hackers

  • The Government of British overseas territory Bermuda has linked a cyberattack affecting all its departments' IT systems since Thursday to hackers based out of Russia.

  • Nansen
     

Crypto firm Nansen asks users to reset passwords after vendor breach

  • Ethereum blockchain analytics firm Nansen asks a subset of its users to reset passwords following a recent data breach at its authentication provider.

  • T-Mobile
     

T-Mobile denies new data breach rumors, points to authorized retailer

  • T-Mobile has denied suffering another data breach following Thursday night reports that a threat actor leaked a large database allegedly containing T-Mobile employees' data.

  • Credit Cards
     

Hotel hackers redirect guests to fake Booking.com to steal cards

  • Security researchers discovered a multi-step information stealing campaign where hackers breach the systems of hotels, booking sites, and travel agencies and then use their access to go after financial data belonging to customers.

  • Sandman hacker
     

‘Sandman’ hackers backdoor telcos with new LuaDream malware

  • A previously unknown threat actor dubbed 'Sandman' targets telecommunication service providers in the Middle East, Western Europe, and South Asia, using a modular info-stealing malware named 'LuaDream.'

  • GitHub
     

GitHub passkeys generally available for passwordless sign-ins

  • GitHub has made passkeys generally available across the platform today to secure accounts against phishing and allow passwordless logins for all users.

  • Apple
     

Apple emergency updates fix 3 new zero-days exploited in attacks

  • Apple released emergency security updates to patch three new zero-day vulnerabilities exploited in attacks targeting iPhone and Mac users, for a total of 16 zero-days patched this year.

  • Windows 11
     

Microsoft Copilot rolls out with Windows 11 22H2 update next week

  • Microsoft will start rolling out its Copilot digital assistant to all customers next week, on September 26th, together with a host of new AI-powered capabilities as part of a new Windows 11 22H2 update.

VIEW MORE

Comments

Popular posts from this blog

SecurityWeek Briefing.

Cyber War Newswire

SecurityWeek Briefing.