< p style=”text-align: justify;”>SL Data Services, a U.S.-based data broker, experienced a massive data breach, exposing 644,869 personal PDF files on the web. The leaked records included sensitive information such as personal details, vehicle records, property ownership documents, background checks,…
Category: EN
Here’s How Hackers Are Using QR Codes to Break Browser Security
Browser isolation is a widely used cybersecurity tool designed to protect users from online threats. However, a recent report by Mandiant reveals that attackers have discovered a novel method to bypass this measure by utilizing QR codes for command-and-control…
How Chinese insiders are stealing data scooped up by President Xi’s national surveillance system
‘It’s a double-edged sword,’ security researchers tell The Reg Feature Chinese tech company employees and government workers are siphoning off user data and selling it online – and even high-ranking Chinese Communist Party officials and FBI-wanted hackers’ sensitive information is…
DEF CON 32 – Clash, Burn And Exploit Manipulate Filters To Pwn kernelCTF
Authors/Presenters: HexRabbit Chen Our sincere appreciation to DEF CON, and the Presenters/Authors for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel. Permalink The…
(Re)Building the Ultimate Homelab NUC Cluster – Part 2
Welcome to part 2 of my NUC cluster; in the first part, I explained how to deploy a cluster using proxmox and walked through the hardware setup and the rest of the connectors. In this part, we'll dive into building…
CFPB US Agency Proposes Rule to Block Data Brokers from Selling Sensitive Personal Information
The Consumer Financial Protection Bureau (CFPB) has proposed a groundbreaking rule to restrict data brokers from selling Americans’ personal and financial information, marking a significant step toward strengthening privacy protections in the digital age. The rule, introduced under the Fair…
The Privacy Risks of ChatGPT and AI Chatbots
AI chatbots like ChatGPT have captured widespread attention for their remarkable conversational abilities, allowing users to engage on diverse topics with ease. However, while these tools offer convenience and creativity, they also pose significant privacy risks. The very technology…
Exploit PoC Validates MiCollab Zero-Day Flaw Risks
< p style=”text-align: justify;”>A zero-day arbitrary file read vulnerability found in Mitel MiCollab has raised significant concerns about data security. Attackers can exploit this flaw and chain it with a critical bug (CVE-2024-35286) to access sensitive data stored on…
Ransomware Attackers Launch New Cyberattacks Against NHS Hospitals
< p style=”text-align: justify;”>Ransomware hackers have disrupted emergency services, compromised several hospitals, and exposed private patient data in an ongoing cyberattack targeting National Health Service (NHS) trusts across the United Kingdom. The attacks, which have raised serious concerns about…
Security Affairs newsletter Round 501 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. RedLine info-stealer campaign…
SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 23
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. SmokeLoader Attack Targets Companies in Taiwan LogoFAIL Exploited to Deploy Bootkitty, the first UEFI bootkit for Linux Horns&Hooves campaign delivers…
RedLine info-stealer campaign targets Russian businesses through pirated corporate software
An ongoing RedLine information-stealing campaign is targeting Russian businesses using pirated corporate software. Since January 2024, Russian businesses using unlicensed software have been targeted by an ongoing RedLine info-stealer campaign. Pirated software is distributed via Russian online forums, attackers disguise…
Week in review: Veeam Service Provider Console flaws fixed, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Veeam plugs serious holes in Service Provider Console (CVE-2024-42448, CVE-2024-42449) Veeam has fixed two vulnerabilities in Veeam Service Provider Console (VSPC), one of which (CVE-2024-42448)…
Andromeda Malware Resurfaces: Targeting APAC Manufacturing and Logistics Industries
In a fresh revelation by the Cybereason Security Services Team, a new wave of attacks linked to the notorious Andromeda malware has been uncovered, focusing on manufacturing and logistics sectors in the Asia-Pacific (APAC) region. This decades-old malware, first detected…
Mastering PAM to Guard Against Insider Threats
Why is Privileged Access Management (PAM) a Game-Changer in Cybersecurity? Have you ever wondered how to shore up your organization’s cybersecurity, minimize insider threats, and increase efficiency? The answer lies in mastering the art of Privileged Access Management or PAM.…
Enhancing Data Security with Advanced Secrets Rotation
How can Secrets Rotation Enhance Data Security? Most of us are well aware of the essential role that cybersecurity plays in safeguarding our sensitive information. But have you ever pondered about the importance of Non-Human Identity (NHI) management and secrets…
Best Practices for Machine Identity Management
Why is Machine Identity Management Crucial? In the ever-evolving field of cybersecurity, one critical element often overlooked is machine identity management. Even though humans interact with machines daily, the importance of securing machine identities — often referred to as Non-Human…
8Base ransomware group hacked Croatia’s Port of Rijeka
The 8Base ransomware group attacked Croatia’s Port of Rijeka, stealing sensitive data, including contracts and accounting info. A cyber attack hit the Port of Rijeka in Croatia, the 8Base ransomware group claimed responsibility for the security breach. The Port of…
Romania’s Election System Hit by Over 85,000 Cyberattacks, Russian Links Suspected
Romania’s intelligence service in its declassified report disclosed the country’s election systems were hit by over 85,000 cyberattacks. Attackers have also stolen login credentials for election-related sites and posted the information on a Russian hacker forum just before the first…
84 Arrested as Russian Ransomware Laundering Networks Disrupted
Operation Destabilise was a major international operation led by the UK’s National Crime Agency (NCA) to dismantle two Russian-speaking criminal networks: Smart and TGR. These networks were backbone in laundering billions of dollars for various criminal activities. This article has…