Experts uncovered a botnet of 190,000 Android devices infected by BadBox bot, primarily Yandex smart TVs and Hisense smartphones. Bitsight researchers uncovered new BADBOX infrastructure, company’s telemetry shows that over 192,000 devices were infected with the BADBOX bot. The botnet includes…
Category: EN
DEF CON 32 – Grand Theft Actions Abusing Self Hosted GitHub Runners
Authors/Presenters: Adnan Khan, John Stawinski Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel.…
EFF Tells Appeals Court To Keep Copyright’s Fair Use Rules Broad And Flexible
< div class=”field field–name-body field–type-text-with-summary field–label-hidden”> < div class=”field__items”> < div class=”field__item even”> It’s critical that copyright be balanced with limitations that support users’ rights, and perhaps no limitation is more important than fair use. Critics, humorists, artists, and activists…
Novel Android NoviSpy Spyware Linked to Qualcomm Zero-Day Flaws
Amnesty International researchers discovered an Android zero-day bug that was exploited to silently disseminate custom surveillance spyware targeting Serbian journalists. The probe has traced the technology to Cellebrite, an Israeli forensics vendor. In a technical report published earlier this…
Hackers Infect Security Researchers with Malware to Steal WordPress Credentials
For the past year, a cyberattack campaign has been targeting security professionals, including red teamers, penetration testers, and researchers, infecting their systems with malware. The malicious software has been used to steal WordPress credentials and sensitive data while also…
Four Ways to Harden Your Code Against Security Vulnerabilities and Weaknesses
The specter of security vulnerabilities is a constant concern in today’s digital landscape. They’re the hidden pitfalls that can undermine even the most meticulously crafted code. But what if you… The post Four Ways to Harden Your Code Against Security…
PCI DSS 4.0: A Comprehensive Guide to Enhanced Payment Data Security
In the ever-evolving landscape of cybersecurity, regulation often plays a lagging, but critical role in driving industry wide improvements in security posture, particularly around the security of Payments Data (Note 1). The Payment Card Industry Data Security Standard (PCI DSS)…
The Rise of Agentic AI: How Hyper-Automation is Reshaping Cybersecurity and the Workforce
As artificial intelligence evolves, its impact on cybersecurity and the workforce is profound and far-reaching. Predictive AI once enabled security teams to anticipate threats, and generative AI brought creativity and automation to new levels. Now, we stand at the threshold…
Navigating the Future of Secure Code Signing and Cryptography
In today’s interconnected world, the integrity of software has never been more critical. With the increasing reliance on open-source components and the complexities introduced by containerized applications, ensuring trust in software has become a cornerstone of modern security practices. I…
Mystery Drone Sightings Lead to FAA Ban Despite No Detected Threats
Plus: Google’s U-turn on creepy “fingerprint” tracking, the LockBit ransomware gang’s teased comeback, and a potential US ban on the most popular routers in America. This article has been indexed from Security Latest Read the original article: Mystery Drone Sightings…
Romanian national was sentenced to 20 years in prison for his role in NetWalker ransomware attacks
Romanian national was sentenced to 20 years in prison for his role in NetWalker ransomware attacks, pleading guilty to fraud charges in June. Romanian national Daniel Christian Hulea, 30, was sentenced to 20 years in prison for his role in…
Salt Typhoon Hack: A Grave Threat to U.S. Telecommunications
< p style=”text-align: justify;”> The Chinese state-sponsored hacking group Salt Typhoon has been implicated in one of the most severe breaches in U.S. telecommunications history. Sensitive information, including call logs, timestamps, phone numbers, and location data, was compromised across…
FBI Warns of Security Risks in RCS Messaging
< p style=”text-align: justify;”>The FBI has issued a warning to Apple and Android device users regarding potential vulnerabilities in Rich Communication Services (RCS). While RCS was designed to replace traditional SMS with enhanced features, a critical security flaw has…
LockBit Developer Rostislav Panev Charged for Billions in Global Ransomware Damages
A dual Russian and Israeli national has been charged in the United States for allegedly being the developer of the now-defunct LockBit ransomware-as-a-service (RaaS) operation since its inception in or around 2019 through at least February 2024. Rostislav Panev, 51,…
How Fraudsters Are Adopting Cybersecurity Techniques to Bypass Detection
Each year, companies lose around 5% of their annual revenue to fraud, which is a conservative estimate as most fraud goes undetected. As a result, companies have made it a top priority to tackle fraud. However, just when they find…
Cyber Security Today: Year End Panel Discussion. Saturday, December 21, 2024
Cybersecurity Year in Review: Future Challenges and Industry Insights Join host Jim Love and a panel of cybersecurity experts—Terry Cutler from Cyology Labs, David Shipley from Beauceron Security, and Laura Payne of White Tuque—as they review the key cybersecurity events…
Combatting phantom secrets: have you heard of historical secrets scanning?
Most people are familiar with the concept of Schrödinger’s Cat – a thought experiment, whereby a hypothetical cat is sealed in a box with a radioactive substance and a device that releases a poison if the radioactive substance decays. The…
Maryland Association of Community Colleges and BCR Cyber Receive TEDCO Grant
Equitech Growth Fund Award for Developing Infrastructure to Enable Workforce Development Efforts Baltimore, MD (12/19/24) – The Maryland Association of Community Colleges (MACC), the advocate and unified voice for Maryland’s 16 community colleges, and BCR Cyber, a leading provider of…
New Report Shows That The U.S. Leads in Anonymous Open-Source Contributions
A recent report by Lineaje AI Labs has revealed that the United States is the top contributor to open-source projects, but it also leads in anonymous contributions, raising significant concerns about transparency and security in the global software supply chain. …
Navigating AI Risks: Best Practices for Compliance and Security
As we head into the new year, organizations face escalating governance, security, and regulatory compliance challenges, especially as AI adoption accelerates. To help businesses navigate these complexities and prepare for 2025, Henry Umney, Managing Director of GRC Strategy at Mitratech—a…