Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Transitioning to memory-safe languages: Challenges and considerations In this Help Net Security interview, Omkhar Arasaratnam, General Manager at the Open Source Security Foundation (OpenSSF), discusses…
Category: EN
Dark Web Market Admin Gets 42 Months Prison for Selling Login Passwords
Sandu Boris Diaconu, a 31-year-old Moldovan national, has been sentenced to 42 months in federal prison for his role in operating a notorious dark web marketplace known as E-Root. The sentencing was carried out by U.S. Senior District Judge James…
StopCrypt Ransomware Utilizing Multi-Stage Shellcodes To Attack Windows
A new variant of StopCrypt ransomware has been discovered. It executes multi-stage shellcodes before launching a final payload containing the file encryption code. This malware uses several techniques, such as detection evasion, a time-delaying loop of 600 million iterations, and…
eSIM Vulnerabilities: SIM Swappers Exploit Flaws, Hijack Phone Numbers
According to a new report, SIM-swapping crimes are rising worldwide, mainly committed by eSIM (Embedded Subscriber Identity Modules) users. eSIMs are digitally stored SIM cards that are embedded using software into devices. As a result, hackers are now attempting…
Obfuscated Hexadecimal Payload, (Sat, Mar 16th)
This PE file contains an obfuscated hexadecimal-encoded payload. When I analyze it with base64dump.py searching for all supported encodings, a very long payload is detected: This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original…
Green Technology Innovations: Sustainable Solutions
Intrigued to uncover the hidden truths of green tech innovations? Stay tuned to unravel the enigmatic world of sustainable solutions. The post Green Technology Innovations: Sustainable Solutions appeared first on Security Zap. This article has been indexed from Security Zap…
France Travail data breach impacted 43 Million people
Unemployment agency France Travail (Pôle Emploi) recently suffered a data breach that could impact 43 million people. On August 2023, the French government employment agency Pôle emploi suffered a data breach and notified 10 million individuals impacted by the security…
Red Hat OpenShift Service on AWS obtains FedRAMP “Ready” designation
We’re pleased to announce that the Red Hat FedRAMP offering, which includes Red Hat OpenShift Service on AWS (ROSA), has obtained the “Ready” designation from the FedRAMP Joint Authorization Board (JAB). This means that Red Hat is now listed on…
Understanding the 2024 Cloud Security Landscape
With technology and data growing at an unprecedented pace, cloud computing has become a no-brainer answer for enterprises worldwide to foster growth and innovation. As we swiftly move towards the second quarter of 2024, predictions by cloud security reports highlight…
Scranton School District in Pennsylvania suffered a ransomware attack
School districts continue to be under attack, schools in Scranton, Pennsylvania, are suffering a ransomware attack. This week, schools in Scranton, Pennsylvania, experienced a ransomware attack, resulting in IT outages. The Scranton School District is working with third-party forensic specialists…
Hackers Claim Accessing 740GB of Data from Viber Messaging App
By Waqas Hackers claim to have breached Viber, stealing 740GB of data, including source code, and are now demanding ransom of 8 Bitcoin. This is a post from HackRead.com Read the original post: Hackers Claim Accessing 740GB of Data from…
Cybersecurity Specialists Caught Moonlighting as Dark Web Criminals
A recent study conducted by the Chartered Institute of Information Security (CIISec) has uncovered a concerning trend in the cybersecurity field. The study reveals that many cybersecurity professionals, facing low pay and high stress, are resorting to engaging in…
The Surge of FakeBat Malware in Search-Based Malvertising Campaigns
In recent months, cybersecurity researchers have observed a concerning surge in search-based malvertising campaigns, with documented incidents nearly doubling compared to previous periods. Amidst this uptick in online threats, one particular malware variant has captured the attention of experts:…
Exploitation of Windows SmartScreen Bypass Flaw Facilitates Deployment of DarkGate RAT
The operators behind the DarkGate malware have been taking advantage of a recently patched flaw in Windows SmartScreen through a phishing scheme. This campaign involves circulating counterfeit Microsoft software installers to spread the malicious code. Researchers from Trend Micro,…
Decoding the data dilemma: Strategies for effective data deletion in the age of AI
Why navigating the intricacies of data deletion requires a strategic approach around legal, cybersecurity and financial implications. This article has been indexed from Security News | VentureBeat Read the original article: Decoding the data dilemma: Strategies for effective data deletion…
USENIX Security ’23 – Pushed By Accident: A Mixed-Methods Study On Strategies Of Handling Secret Information In Source Code Repositories
Authors/Presenters: Alexander Krause, Jan H. Klemmer, Nicolas Huaman, Dominik Wermke, Yasemin Acar, Sascha Fahl Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events…
How to Identify & Monitor Insider Threat Indicators [A Guide]
How Your Life Events Invite Cyber & Physical Threats The post How to Identify & Monitor Insider Threat Indicators [A Guide] appeared first on Security Boulevard. This article has been indexed from Security Boulevard Read the original article: How to…
International Initiative Targets Cybercrime
The Cybercrime Atlas initiative has shifted into its operational phase in 2024, marking a significant milestone in global cybersecurity efforts. Originating from discussions at the RSA Conference two years prior, the initiative aims to dismantle cybercriminal networks by mapping…
Change Healthcare Detects Ransomware Attack Vector
The cyberattack’s widespread destruction underscores how threat actors can do significant damage by targeting a relatively unknown vendor that serves a vital operational function behind the scenes. The AlphV ransomware group disrupted basic operations to the critical systems of…
Unraveling Evolv Technology’s Alleged UK Government Testing Controversy
Evolv Technology, a prominent player in the field of AI-driven weapons-scanning technology, has found itself embroiled in controversy following revelations about its testing claims with the UK government. The company’s scanners, heralded as “intelligent” detectors capable of identifying concealed…