BleepingComputer.com

"Bounty offered for secret NSA seeds behind NIST elliptic curves."

Accessed on 08 October 2023, 1353 UTC.  Content provided by "BleepingComputer.com."  Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.

Source:  https://www.bleepingcomputer.com/ ("BleepingComputer.com").

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Bounty offered for secret NSA seeds behind NIST elliptic curves algo

  • A bounty of $12,288 has been announced for the first person to crack the NIST elliptic curves seeds and discover the original phrases that were hashed to generate them.

  • DC Board of Elections
     

D.C. Board of Elections confirms voter data stolen in site hack

  • The District of Columbia Board of Elections (DCBOE) is currently probing a data leak involving an unknown number of voter records following breach claims from a threat actor known as RansomedVC.

  • Blackbaud agrees to $49.5 million settlement for ransomware data breach
     

Blackbaud agrees to $49.5 million settlement for ransomware data breach

  • Cloud computing provider Blackbaud reached a $49.5 million agreement with attorneys general from 49 U.S. states to settle a multi-state investigation of a May 2020 ransomware attack and the resulting data breach.

  • Financial Fraud steal theft money
     

FTC warns of ‘staggering’ losses to social media scams since 2021

  • The Federal Trade Commission says Americans have lost at least $2.7 billion to social media scams since 2021, with the real number likely many times larger due to unreported incidents. 

  • DNA
     

Genetics firm 23andMe says user data stolen in credential stuffing attack

  • 23andMe has confirmed to BleepingComputer that it is aware of user data from its platform circulating on hacker forums and attributes the leak to a credential-stuffing attack.

  • Bellagio Resort and Casino
     

MGM Resorts ransomware attack led to $100 million loss, data theft

  • MGM Resorts reveals that last month's cyberattack cost the company $100 million and allowed the hackers to steal customers' personal information.

  • Cortana
     

Microsoft officially removes Cortana for Windows 11 Insiders

  • Microsoft finally removed the Cortana standalone app from Windows 11 in the latest preview build for Insiders in the Canary Channel.

  • Linux
     

Exploits released for Linux flaw giving root on major distros

  • Proof-of-concept exploits have already surfaced online for a high-severity flaw in GNU C Library's dynamic loader, allowing local attackers to gain root privileges on major Linux distributions.

  • Motherboard Bios CPU
     

China-linked cyberspies backdoor semiconductor firms with Cobalt Strike

  • Hackers engaging in cyber espionage have targeted Chinese-speaking semiconductor companies with TSMC-themed lures that infect them with Cobalt Strike beacons.

  • Hacker
     

NSA and CISA reveal top 10 cybersecurity misconfigurations

  • The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) revealed today the top ten most common cybersecurity misconfigurations discovered by their red and blue teams in the networks of large organizations.

  • Amazon AWS
     

Amazon to make MFA mandatory for 'root' AWS accounts by mid-2024

  • Amazon will require all privileged AWS (Amazon Web Services) accounts to use multi-factor authentication (MFA) for stronger protection against account hijacks leading to data breaches, starting in mid-2024.

  • Microsoft Teams
     

Microsoft releases new, faster Teams app for Windows and Mac PCs

  • A new Microsoft Teams application, faster and completely redesigned, is generally available for all Windows and macOS users starting today.

  • Lyca Mobile
     

Lyca Mobile investigates customer data leak after cyberattack

  • Lyca Mobile has released a statement about an unexpected disruption on its network caused by a cyberattack that may have also compromised customer data.

  • Python packages
     

Hundreds of malicious Python packages found stealing sensitive data

  • A malicious campaign that researchers observed growing more complex over the past half year, has been planting on open-source platforms hundreds of info-stealing packages that counted about 75,000 downloads.

VIEW MORE

Comments

Popular posts from this blog

The Cyberwire Daily Briefing

BleepingComputer.com

SecurityWeek Briefing