Authors/Presenters:Athanasios Avgetidis, Omar Alrawi, Kevin Valakuzhy, Charles Lever, Paul Burbage, Angelos D. Keromytis, Fabian Monrose, Manos Antonakakis Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from…
Category: EN
Russia-linked Midnight Blizzard stole email of more Microsoft customers
Microsoft warned more customers about email theft linked to the previously reported Midnight Blizzard hacking campaign. The Russia-linked cyberespionage group Midnight Blizzard continues to target Microsoft users to steal other emails, warn the IT giant. The company is identifying more…
Kadokawa Group Hit by Major Ransomware Attack
Kadokawa Group, the parent company of renowned game developer FromSoftware, has fallen victim to a gruesome ransomware attack. The Japanese conglomerate, known for its diverse involvement in book publishing, the video-sharing service Niconico, and various other media enterprises, revealed…
Pipeline Hijacking: GitLab’s Security Wake-Up Call
A major vulnerability exists in some versions of GitLab Community and Enterprise Edition products, which might be exploited to run pipelines as any user. GitLab is a prominent web-based open-source software project management and task tracking tool. There are an…
Phishing And The Threats of QR Codes
Cybercriminals have always been adept at abusing the latest technological developments in their attacks, and weaponizing QR codes is one of their most recent strategies. QR codes have grown in popularity as a method for digital information sharing due…
Montgomery County, Md.’s Chatbot Shows GenAI in Action
I’m always looking for best practices and examples to share around government AI and cyber projects. Monty 2.0 is certainly praiseworthy and a GenAI project to watch and learn from. The post Montgomery County, Md.’s Chatbot Shows GenAI in Action…
Kimsuky Unleashes TRANSLATEXT Malware on South Korean Academic Institutions
An investigation has found that a North Korea-linked threat actor, known as Kimsuky, has been involved in the use of a malicious Google Chrome extension to steal sensitive information to collect information as part of an ongoing intelligence collection…
TeamViewer’s Corporate Network Compromised in Suspected APT Hack
iTeamViewer, a remote access software company, has announced that its corporate environment was compromised in a cyberattack. According to the company, the breach was detected on Wednesday, June 26, 2024, and is believed to have been carried out by…
37signals Boosts Profits by Over $1 Million by Exiting Cloud Computing
This year, software company 37signals has made headlines with its decision to leave cloud computing, resulting in a significant profit boost of over $1 million (£790,000). This move highlights a growing trend among businesses reassessing the value of cloud…
Russia-linked group APT29 likely breached TeamViewer’s corporate network
Russia-linked APT group, reportedly APT29, is suspected to be behind a hack of TeamViewer ‘s corporate network. TeamViewer discovered that a threat actor has breached its corporate network and some reports attribute the intrusion to the Russia-linked APT group APT29…
Security Affairs newsletter Round 478 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Infosys McCamish Systems…
Week in review: MOVEit auth bypass flaws quitely fixed, open-source Rafel RAT targets Androids
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Progress quietly fixes MOVEit auth bypass flaws (CVE-2024-5805, CVE-2024-5806) Progress Software has patched one critical (CVE-2024-5805) and one high-risk (CVE-2024-5806) vulnerability in MOVEit, its widely…
USENIX Security ’23 – A Plot is Worth a Thousand Words: Model Information Stealing Attacks via Scientific Plots
Authors/Presenters:Boyang Zhang and Xinlei He, Yun Shen, Tianhao Wang, Yang Zhang Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events situated at the…
Staying Ahead of Adversarial AI with Incident Response Automation
< div class=”cf be fw fx fy fz”> Staying Ahead of Adversarial AI with Incident Response Automation 5 min read·Just now — A Security Engineering Commentary from industry insider Rohan Bafna , SecOps Engineer. The security operations (SecOps) community constantly…
The biggest data breaches in 2024: 1B stolen records and rising
Some of the largest, most damaging breaches of 2024 already account for over a billion stolen records. © 2024 TechCrunch. All rights reserved. For personal use only. This article has been indexed from Security News | TechCrunch Read the original…
Infosys McCamish Systems data breach impacted over 6 million people
Infosys McCamish Systems (IMS) revealed that the 2023 data breach following the LockBit ransomware attack impacted 6 million individuals. IMS specializes in providing business process outsourcing (BPO) and information technology (IT) services specifically tailored for the insurance and financial services…
GitHub Artifact Attestations sign and verify software artifacts
GitHub’s Artfact Attestations, for guaranteeing the integrity of artifacts built inside the GitHub Actions CI/CD platform, is now generally available. General availability was announced June 25. By using Artifact Attestations in GitHub Actions workflows, developers can improve security and protect…
Why You Should Mask Your Email Address
In today’s digital age, entering your real email address into a website is a risky move. It’s all too common for websites to sell your information to data brokers, who then use it for marketing, targeted ads, or even…
Apology Accepted: Ken Griffin’s Tax Records and the IRS
A Case of Privacy Breach and Unintended Disclosure In an unprecedented turn of events, the Internal Revenue Service (IRS) recently issued a public apology to billionaire investor Ken Griffin. The reason? Leaked tax records that exposed sensitive financial information, including…
Virtual Escape; Real Reward: Introducing Google’s kvmCTF
Marios Pomonis, Software Engineer < div> Google is committed to enhancing the security of open-source technologies, especially those that make up the foundation for many of our products, like Linux and KVM. To this end we are excited to announce…