Cryptocurrency analysts have shed light on an online marketplace called HuiOne Guarantee that’s widely used by cybercriminals in Southeast Asia, particularly those linked to pig butchering scams. “Merchants on the platform offer technology, data, and money laundering services, and have…
Category: EN
Threat Actors Claiming Breach of KFC Database
A group of threat actors has claimed responsibility for breaching the database of fast-food giant KFC. The announcement was made via a post on the social media platform X by the user @MonThreat, who is known for disseminating information about…
The $11 Billion Marketplace Enabling the Crypto Scam Economy
Deepfake scam services. Victim data. Electrified shackles for human trafficking. Crypto tracing firm Elliptic found all were available for sale on an online marketplace linked to Cambodia’s ruling family. This article has been indexed from Security Latest Read the original…
U.S. CISA adds Microsoft Windows and Rejetto HTTP File Server bugs to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Windows and Rejetto HTTP File Server bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog:…
The Heritage Foundation – 72,004 breached accounts
In July 2024, hacktivists published almost 2GB of data taken from The Heritage Foundation and their media arm, The Daily Signal. The data contained 72k unique email addresses, primarily used for commenting on articles (along with names, IP addresses and…
34 Years Supporting the Wild and Weird World Online
< div class=”field field–name-body field–type-text-with-summary field–label-hidden”> < div class=”field__items”> < div class=”field__item even”> Oh the stories I could tell you about EFF’s adventures anchoring the digital rights movement. Clandestine whistleblowers. Secret rooms. Encryption cracking. Airships over mass spying facilities. Even…
Big Tech’s eventual response to my LLM-crasher bug report was dire
Fixes have been made, it appears, but disclosure or discussion is invisible Column Found a bug? It turns out that reporting it with a story in The Register works remarkably well … mostly. After publication of my “Kryptonite” article about…
U.S. Disrupts AI-Powered Russian State-Sponsored Hackers Bot Farm
In collaboration with international partners, the U.S. Federal Bureau of Investigation (FBI) and the Cyber National Mission Force (CNMF) have successfully disrupted a sophisticated AI-powered bot farm operated by Russian state-sponsored hackers. The bot farm, known as Meliorator, was used…
What to expect from Samsung Unpacked July 2024 and how to watch today’s livestream
Samsung’s next big launch event will take place today, and the Galaxy Z Fold 6, Smart Ring, Buds 3 Pro, Watch Ultra, and more are on the docket. This article has been indexed from Latest news Read the original article:…
X-Files Stealer Attacking Windows Users to Steal Passwords
Cybersecurity experts have identified a new malware strain, dubbed “XFiles Stealer,” which is actively targeting Windows users to steal passwords and other sensitive information. The discovery was made public by MonThreat, a prominent cybersecurity research group, via their official social…
ViperSoftX variant spotted abusing .NET runtime to disguise data theft
Freeware AutoIt also used to hide entire PowerShell environments in scripts A rapidly-changing infostealer malware known as ViperSoftX has evolved to become more dangerous, according to security researchers at threat detection vendor Trellix.… This article has been indexed from The…
ViperSoftX Malware Disguises as eBooks on Torrents to Spread Stealthy Attacks
The sophisticated malware known as ViperSoftX has been observed being distributed as eBooks over torrents. “A notable aspect of the current variant of ViperSoftX is that it uses the Common Language Runtime (CLR) to dynamically load and run PowerShell commands,…
Microsoft asks employees in China to use iPhones and abandon Android phones
Microsoft, the American technology giant, has issued an email request to all its employees in China to stop using Android phones for office communication and switch to iPhones loaded with genuine iOS. This initiative is believed to be part of…
Strengthening Corporate Cyber Defenses Against Botnets
In today’s interconnected digital landscape, the threat posed by botnets continues to evolve, presenting significant challenges to corporate cybersecurity. Botnets, networks of compromised devices controlled by malicious actors, can be utilized for various malicious activities, including distributed denial-of-service (DDoS) attacks,…
Mitigate the Security Challenges of Telecom 5G IoT Microservice Pods Architecture Using Istio
Deploying microservices in a Kubernetes cluster is critical in 5G Telecom. However, it also introduces significant security risks. While firewall rules and proxies provide initial security, the default communication mechanisms within Kubernetes, such as unencrypted network traffic and lack of…
Securing Your Machine Identities Means Better Secrets Management
In 2024, GitGuardian released the State of Secrets Sprawl report. The findings speak for themselves; with over 12.7 million secrets detected in GitHub public repos, it is clear that hard-coded plaintext credentials are a serious problem. Worse yet, it is a…
Diversifying cyber teams to tackle complex threats
Technologies such as GenAI, ML and IoT are giving threat actors new tools that make it easier to target consumers and organizations. From Savvy Seahorse which lures victims into investment scams, to a self-replicating AI worm that uses the likes…
How companies increase risk exposure with rushed LLM deployments
In this Help Net Security interview, Jake King, Head of Threat & Security Intelligence at Elastic, discusses companies’ exposure to new security risks and vulnerabilities as they rush to deploy LLMs. King explains how LLMs pose significant risks to data…
Lessons Learned From Exposing Unusual XSS Vulnerabilities
Misunderstood browser APIs are often at the core of many web security issues. With the rapid expansion of web APIs, keeping up with security best practices can be challenging. In this post, we’ll explore a few common mistakes developers make…
BunkerWeb: Open-source Web Application Firewall (WAF)
BunkerWeb is an open-source Web Application Firewall (WAF) distributed under the AGPLv3 free license. The solution’s core code is entirely auditable by a third party and the community. “The genesis of BunkerWeb comes from the following problem: every time someone…