Security News Bundle

"BreachForums boss busted for bond blunders-including use of a VPN."

Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents. Accessed on 05 January 2024, 1455 UTC.

Content and Source: https://feedly.com/i/collection/content/user/f401222a-bca6-4c45-9cc1-183f239e8d86/category/7737d3c9-5fe2-4b34-8708-85e57085f895 ("Security News Bundle").

Please click link or scroll down to read your selections. Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

TODAY

BreachForums boss busted for bond blunders – including using a VPN
The Register – Security / 10min
Fitzpatrick faces potentially decades in prison later this month, so may as well get some foreign Netflix in beforehand The cybercriminal behind BreachForums was this week arrested for violating the terms of his pretrial release and will now be held in custody until his sentencing hearing.…
Ukraine: Russia Hacked Webcams To Aid Missile, Drone Strikes On Kyiv
Russian hackers spy on Kyiv
•
Packet Storm Security / 18min
[no content]
SpectralBlur macOS Backdoor Linked To North Korea
New macOS backdoor linked to North Korea
•
Packet Storm Security / 18min
[no content]
Ivanti Patches Critical Vulnerability In Endpoint Manager
Packet Storm Security / 18min
[no content]
23andMe Told Victims Of Data Breach That Suing Is Futile, Letters Shows
23andMe blames users for breach
•
34Packet Storm Security / 18min
[no content]
Update your white hat hacking skills with $70 off this training bundle
37BleepingComputer / 1h
Aggressively pursuing flaws and problems is the most effective way to ensure networks and data are secure. This 10-course ethical hacking bundle shows you how for $39.99, $70 off the $110 MSRP. [...]
Russia-linked APT Sandworm was inside Ukraine telecoms giant Kyivstar for months
Security Affairs / 2h
Ukrainian authorities revealed that Russia-linked APT Sandworm had been inside telecom giant Kyivstar at least since May 2023. Russia-linked APT group Sandworm was inside Ukrainian telecoms giant Kyivstar from at least May 2023, the head of Ukraine’s Security Service of Ukraine’s (SBU) told Reuters. “This attack is a big message, a big warning, not only to Ukraine, but for the whole Western world
Crypto wallet founder loses $125,000 to fake airdrop website
IoC > 1 domain
•
BleepingComputer / 2h
•
Crypto wallet founder loses $125,000
A crypto wallet service co-founder shares with the world his agony after losing $125,000 to a crypto scam. The startup CEO, who at the time believed he was on a legitimate cryptocurrency airdrop website, realized after his loss that the domain he'd went on was setup for the purposes of phishing unsuspecting users. [...]
US Says 19 People Charged Following 2019 Takedown of xDedic Cybercrime Marketplace
SecurityWeek / 2h
Justice Department says 19 people involved in the xDedic cybercrime marketplace have been charged to date following its 2019 takedown. The post appeared first on SecurityWeek .
Ivanti Patches Critical Vulnerability in Endpoint Manager
Exploitation for Client Execution (Enterprise T1203)
•
SecurityWeek / 2h
CVE-2023-39336, a critical vulnerability in Ivanti EPM, may lead to device takeover and code execution on the server. The post appeared first on SecurityWeek .
Nigerian Arrested, Charged in $7.5 Million BEC Scheme Targeting US Charities
Nigerian arrested for $7.5M charity scam
•
SecurityWeek / 3h
A Nigerian national arrested in Ghana faces charges in the US for a BEC scheme involving two charitable organizations. The post appeared first on SecurityWeek .
Energy Department Offering $70 Million for Security, Resilience Research
DOE grants $70 million for energy resilience
•
SecurityWeek / 3h
US Department of Energy offering up to $70 million in funding for research into technologies that boost the resilience and security of energy sector. The post appeared first on SecurityWeek .
Russia Hacked Residential Cameras in Ukraine to Spy on Air Defense, Critical Infrastructure
Russian hacking targets Kyiv surveillance
•
SecurityWeek / 3h
Ukraine said Russia hacked two surveillance cameras and used them to spy on air defense systems and critical infrastructure in Kyiv. The post appeared first on SecurityWeek .
23andMe shifts blame to users for data breach
23andMe blames users for breach
•
IT Security Guru / 4h
The DNA testing company 23andMe has had a rough few months – first reported in October that data had been breached – and now, the response to those breaches due to customers taking legal action against the company. In an almost bizarre twist, 23andMe has stated in a lette r that plaintiffs who had moved to take legal action against the company under the California Privacy Rights Act (CRPA) were i
MyEstatePoint Property Search Android app leaks user passwords
Security Affairs / 4h
The MyEstatePoint Property Search app leaked data on nearly half a million of its users, exposing their names and plain-text passwords, the Cybernews research team has found. The all-in-one real estate app MyEstatePoint Property Search left a publicly accessible MongoDB server containing the sensitive details of its app users. The app, developed by NJ Technologies, an India-based software develop
Vigilant Ops Raises $2 Million for SBOM Management Platform
Vigilant Ops secures $2M
•
SecurityWeek / 4h
Vigilant Ops receives $2 million seed investment from DataTribe to help organizations manage SBOMs. The post appeared first on SecurityWeek .
Exposed Secrets are Everywhere. Here's How to Tackle Them
31The Hacker News / 4h
Picture this: you stumble upon a concealed secret within your company's source code. Instantly, a wave of panic hits as you grasp the possible consequences. This one hidden secret has the power to pave the way for unauthorized entry, data breaches, and a damaged reputation. Understanding the secret is just the beginning; swift and resolute action becomes imperative. However, lacking the
Orange Spain Faces BGP Traffic Hijack After RIPE Account Hacked by Malware
3 TTPs
•
The Hacker News / 4h
•
Orange Spain RIPE account hacked
Mobile network operator Orange Spain suffered an internet outage for several hours on January 3 after a threat actor used administrator credentials captured by means of stealer malware to hijack the border gateway protocol (BGP) traffic. "The Orange accoun

SecurityWeek Briefing

"New RAMBO attack allows air-gapped data theft." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents. Accessed on 10 September 2024, 0035 UTC. Content and Source: https://www.securityweek.com Please check link or scroll down to read your selections. Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). Monday, September 9 , 2024 Are you worried about unmanaged devices and apps? LATEST CYBERSECURITY HEADLINES New RAMBO Attack Allows Air-Gapped Data Theft Predator Spyware Resurfaces With Fresh Infrastructure Google Pushes Rust in Legacy Firmware to Tackle Memory Safety Flaws 300,000 Impacted by Data Breach at Car Rental Firm Avis One Million US Kaspersky Customers Transferred to Pango’s UltraAV Two Indicted in US for Running Dark Web Marketplaces Offering Stolen Information Critical SonicWall Vulnerability Possibly Exploited in Ransomware Attacks CISA Breaks Silence on Controvers...

Hawaii Cybersecurity Journal

Search This Blog