Network Security
Cheap ‘Junk-Gun Ransomware’ Emerging on the Dark Web
While inexpensive and crudely built, the ransomware variants still post a threat to smaller companies and individuals, Sophos says ...
USENIX Security ’23 – Fourteen Years in the Life: A Root Server’s Perspective on DNS Resolver Security
Authors/Presenters: *Alden Hilton, Casey Deccio, Jacob Davis,* Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s ...
XZ Utils-Like Takeover Attempt Targets the OpenJS Foundation
The OpenJS Foundation, which oversees multiple JavaScript projects, thwarted a takeover attempt of at least one project that has echoes of the dangerous backdoor found in versions of the XZ Utils data ...
SIM Swappers Try Bribing T-Mobile and Verizon Staff $300
Not OK: SMS 2FA — Widespread spam targets carrier employees, as scrotes try harder to evade two-factor authentication ...
Critical RCE Vulnerability in 92,000 D-Link NAS Devices
Cyber attacks have become increasingly prevalent. This has caused significant adverse impacts on businesses of all sizes. According to the latest Ponemon Institute’s State of Cybersecurity Report, 66% of respondents reported experiencing ...
Roku: Credential Stuffing Attacks Affect 591,000 Accounts
Almost 600,000 Roku customers had their accounts hacked through two credential stuffing attacks several weeks apart, illustrating the ongoing risks to people who reuse passwords for multiple online accounts. The streaming service ...
Ex-Security Engineer Gets Three Years in Prison for $12 Million Crypto Hacks
Prosecutors noted the need for deterrence as the amount of money stolen in crypto exchange frauds piles up ...
Sisense Hacked: CISA Warns Customers at Risk
A hard-coded credential catastrophe: The analytics firm kept big companies’ secrets in an insecure AWS bucket. Government says victims include the “critical infrastructure sector.” ...
TheMoon Botnet Facilitates Faceless To Exploit EoL Devices
In a digital landscape fraught with threats, vigilance is paramount. The cybercriminals are exploiting End-of-Life devices to perpetrate their malicious activities. Recently, Black Lotus Labs, the formidable threat intelligence arm of Lumen ...
CISA: Russian Hackers Stole Emails Between U.S. Agencies and Microsoft
The U.S. cybersecurity agency in an emergency directive is ordering affected agencies to address risks stemming from the attack ...