A threat actor has allegedly scraped 489 million lines of Instagram user data, including sensitive information, which is now reportedly being sold on the dark web. DarkWebInformer’s official X account revealed the alarming incident, raising concerns over the scale and…
Malicious PyPI Package Steals AWS Credentials
A malicious package on the Python Package Index (PyPi) has been quietly exfiltrating Amazon Web Service credentials from developers for over three years, a new report from cybersecurity researchers at Socket has revealed. The package “fabrice” is a typosquat of the…
Advanced Persistent Teenagers, Okta Bug Allowed Logins Without a Correct Password
In episode 354, we discuss the emergence of the term ‘Advanced Persistent Teenagers’ (APT) as a “new” cybersecurity threat. Recorded just before the election, the hosts humorously predict election outcomes while exploring the rise of teenage hackers responsible for major…
Detect and Destroy APTs with Crystal Eye TDIR
Red Piranha is a leading developer & manufacturer of premium Cyber Security products in Australia. Red Piranha is also an official member of Team Defence Australia that promises to deliver advanced cybersecurity capabilities to its clients. By using automation, world-class…
Threat Actors Allegedly Claim Leak of Harley-Davidson Database
Threat actors known as “888” have allegedly leaked the database of Appleton Harley-Davidson, a prominent dealership affiliated with the iconic motorcycle brand. The breach, first reported by DarkWebInformer on their account on X, has sparked concerns over the safety of…
November 2024 Patch Tuesday forecast: New servers arrive early
Microsoft followed their October precedent set with Windows 11 24H2 and announced Microsoft Server 2025 on the first of November. We were expecting the official announcement at Microsoft Ignite near the end of the month, but with the early release,…
Cybercriminals Use Excel Exploit to Spread Fileless Remcos RAT Malware
Cybersecurity researchers have discovered a new phishing campaign that spreads a new fileless variant of known commercial malware called Remcos RAT. Remcos RAT “provides purchases with a wide range of advanced features to remotely control computers belonging to the buyer,”…
Strategies for CISOs navigating hybrid and multi-cloud security
In this Help Net Security interview, Alex Freedland, CEO at Mirantis, discusses the cloud security challenges that CISOs need to tackle as multi-cloud and hybrid environments become the norm. He points out the expanded attack surfaces, the importance of consistent…
4 reasons why veterans thrive as cybersecurity professionals
Through their past military service, veterans are trained to think like adversaries, often share that mission-driven spirit and excel when working with a team to achieve a larger goal. They develop and champion the unique traits that cybersecurity companies need…
How human ingenuity continues to outpace automated security tools
10% of security researchers now specialize in AI technology as 48% of security leaders consider AI to be one of the greatest risks to their organizations, according to HackerOne. HackerOne’s report combines perspectives from the researcher community, customers, and security…
Setting a security standard: From vulnerability to exposure management
Vulnerability management has been the standard approach to fending off cyber threats for years. Still, it falls short by focusing on a limited number of vulnerabilities, often resolving only 1% to 20% of issues. In 2024, with the average data…
Alleged Snowflake attacker gets busted by Canadians – politely, we assume
Also: Crypto hacks will continue; CoD hacker gets thousands banned, and more in brief One of the suspected masterminds behind the widespread Snowflake breach has been arrested in Canada – but the saga isn’t over, eh. … This article has been…

zipdump & PKZIP Records, (Sun, Nov 10th)
In yesterday's diary entry “zipdump & Evasive ZIP Concatenation” I showed how one can inspect the PKZIP records that make up a ZIP file. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article:…
ISC Stormcast For Monday, November 11th, 2024 https://isc.sans.edu/podcastdetail/9216, (Mon, Nov 11th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Monday, November 11th, 2024…
The Importance of Effective Incident Response
With cybersecurity threats continuously evolving, having a strong incident response (IR) plan is crucial for businesses of all… This article has been indexed from Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News Read the original article: The Importance of…
NIST Updated Standards for a Secure Password
Your internet account passwords are probably among the most guarded pieces of information you retain in your brain. With everything that has recently migrated to the digital realm, a secure password functions as the deadbolt to your private data.. Hackers…
It’s the Senate’s last chance to pass the PRESS Act
The PRESS Act would protect a journalist’s sources, and gained unanimous bipartisan support when passed by the House in January. © 2024 TechCrunch. All rights reserved. For personal use only. This article has been indexed from Security News | TechCrunch…
Bilderkontrolle in Whatsapp: Meta testet neue Funktion zur Erkennung von Fake News
Meta testet in einer Whatsapp-Betaversion die Integration der Google Bilder-Rückwärtssuche. Die Neuerung dient nicht nur dem schnelleren Erkennen von Falschinformation. Dieser Artikel wurde indexiert von t3n.de – Software & Entwicklung Lesen Sie den originalen Artikel: Bilderkontrolle in Whatsapp: Meta testet…
Spam-Anrufe adé: Diese 6 Tipps helfen dir, nervige Anrufer loszuwerden
Spam-Anrufe sind nicht nur nervig. Sie können euch auch schaden, wenn ihr aus Versehen auf die unbekannten Anrufer:innen eingeht. Wie ihr euch am besten gegen Spam-Nummern zur Wehr setzt, erfahrt ihr hier. Dieser Artikel wurde indexiert von t3n.de – Software…
Baguette statt Bitcoin: Hacker fordern 125.000 Dollar in Weißbrot als Lösegeld
Eine Hackergruppe hat bei einer Cyberattacke auf den französischen Konzern Schneider Electric offenbar eine Vielzahl an Daten erbeutet – und stellt jetzt eine kuriose Forderung. Haben die Hacker:innen etwa Hunger? Dieser Artikel wurde indexiert von t3n.de – Software & Entwicklung Lesen…
Growing Use of Winos4.0 Toolkit Poses New Threat to Windows Users
Advanced hacking toolkit Winos4.0 spreads across the globe, security experts warn. Originally reported by Trend Micro, this new toolkit-just like known kits Cobalt Strike and Sliver-was connected to a string of recent cyber attacks in China, having initially spread…
Windows PCs at Risk as SteelFox Malware Targets Driver Vulnerabilities
Several experts have warned that hackers are using malware to attack Windows systems with the intention of mining cryptocurrency and stealing sensitive information from their devices. The latest Kaspersky Security Report claims to have spotted tens of thousands of…
Game Emulation: Keeping Classic Games Alive Despite Legal Hurdles
For retro gaming fans, playing classic video games from decades past is a dream, but it’s tough to do legally. This is where game emulation comes in — a way to recreate old consoles in software, letting people play vintage…

zipdump & Evasive ZIP Concatenation, (Sat, Nov 9th)
On Friday's Stormcast, Johannes talks about Evasive ZIP Concatenation, a technique where 2 (or more) ZIP files are concatenated together to evade detection. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: 
zipdump…