Technology company Splunk released security updates to address 16 vulnerabilities in Splunk Enterprise and Cloud Platform. Technology company Splunk addressed 16 vulnerabilities in Splunk Enterprise and Cloud Platform, including four high-severity flaws. The vulnerability CVE-2024-36985 is a Remote Code Execution…
Tag: EN
384,000 sites pull code from sketchy code library recently bought by Chinese firm
Over 384,000 websites, including those of major companies and government entities, are still linking to the polyfill[.]io code library that was recently acquired by a Chinese firm and used to perform a supply chain attack. This article has been indexed…
Europol nukes nearly 600 IP addresses in Cobalt Strike crackdown
Private sector helped out with week-long operation – but didn’t touch China Europol just announced that a week-long operation at the end of June dropped nearly 600 IP addresses that supported illegal copies of Cobalt Strike.… This article has been…
United States of America, Independence Day 2024
<a class=” sqs-block-image-link ” href=”https://tile.loc.gov/image-services/iiif/service:gdc:gdcwdl:wd:l_:02:70:5:wdl_02705:00300_2003_001_pr/full/pct:100/0/default.jpg” rel=”noopener” target=”_blank”> <img alt=”” height=”1600″ src=”https://images.squarespace-cdn.com/content/v1/5355d604e4b03c3e9896e131/9a3b7050-c8a8-448d-8043-c91115294dec/United%2BStates%2Bof%2BAmerica%2BDeclaration%2Bof%2BIndependence.jpeg?format=1000w” width=”1348″ /> </a><figcaption class=”image-caption-wrapper”> via our Library of Congress, United States of America The **United States of America**, Declaration of Independence The post United States of America, Independence Day…
Avoid malware while streaming UEFA EURO 2024 and Copa America CONMEBOL
The soccer fever of the UEFA EURO 2024 and Copa America CONMEBOL tournaments rages through Europe and the Americas. Fox Sports, the sports programming division… The post Avoid malware while streaming UEFA EURO 2024 and Copa America CONMEBOL appeared first…
UK’s NCA Leads Major Cobalt Strike Takedown
Global law enforcers have share intelligence leading to the takedown of hundreds of IP addresses hosting Cobalt Strike This article has been indexed from www.infosecurity-magazine.com Read the original article: UK’s NCA Leads Major Cobalt Strike Takedown
Safeguarding the Olympic Data Legacy: Sensitive Information Supply Chain Risks in the Digital Age
As the world eagerly anticipates the Paris 2024 Olympic Games, a less visible but equally crucial competition is underway: the race to protect the vast amounts of sensitive information collected during this global spectacle. With an estimated 3 million spectators…
Over 380,000+ Hosts Embedding Polyfill JS script Linking to Malicious Domain
Over 380,000 web hosts have been found embedding a compromised Polyfill.io JavaScript script, linking to a malicious domain. This supply chain attack has sent shockwaves through the web development community, highlighting the vulnerabilities inherent in widely used open-source libraries. Polyfill.js,…
FakeBat Malware Weaponizing AnyDesk, Zoom, Teams & Chrome
Hackers target and weaponize AnyDesk, Zoom, Teams, and Chrome as these applications are widely used in a multitude of sectors. Not only that, but even these widely used applications also provide access to many users and sensitive information. Cybersecurity researchers…
New ‘Pryx’ Ransomware Hijacked 30,000 University Applications
A new player has emerged on the cybercrime landscape the ransomware group “Pryx.” Pryx has claimed its first attack, announcing that it has compromised the systems of Rowan College at Burlington County (RCBC.edu) and stolen 30,000 university applications. This announcement…
Hackers obtained user data from Twilio-owned 2FA authentication app Authy
Twilio states that threat actors have identified the phone numbers of users of its two-factor authentication app, Authy, TechCrunch reported. Last week, the notorious hacker ShinyHunters claimed to have stolen 33 million phone numbers from Twilio. This week the messaging…
Hackers abused API to verify millions of Authy MFA phone numbers
Twilio has confirmed that an unsecured API endpoint allowed threat actors to access phone numbers of millions of Authy multi-factor authentication users, potentially making them vulnerable to SMS phishing and SIM swapping attacks. This article has been indexed from Cyware…
Infostealer malware logs used to identify child abuse website members
Researchers at Recorded Future’s Insikt Group analyzed infostealer malware logs captured between February 2021 and February 2024. They cross-referenced the credentials with 20 known CSAM domains, identifying 3,324 unique username-password pairs. This article has been indexed from Cyware News –…
Twilio Confirms Data Breach After Hackers Leak 33M Authy User Phone Numbers
Twilio has confirmed a data breach after hackers leaked 33 million phone numbers associated with the Authy app. The post Twilio Confirms Data Breach After Hackers Leak 33M Authy User Phone Numbers appeared first on SecurityWeek. This article has been…
Brazil Halts Meta’s AI Data Processing Amid Privacy Concerns
Brazil’s data protection authority, Autoridade Nacional de Proteção de Dados (ANPD), has temporarily banned Meta from processing users’ personal data to train the company’s artificial intelligence (AI) algorithms. The ANPD said it found “evidence of processing of personal data based…
Threat Actors Selling Shopify Commerce Platform Data on Dark Web
Threat actors have been found selling sensitive data from the Shopify commerce platform on the dark web. This alarming news was first reported by DarkWebInformer on their social media Twitter account, raising significant concerns about the security of e-commerce platforms…
The Metadata Minefield: Protecting All Your Sensitive Data
When determining the sensitivity of data, it’s easy to focus solely on the content itself. However, the metadata associated with… The post The Metadata Minefield: Protecting All Your Sensitive Data appeared first on Symmetry Systems. The post The Metadata Minefield:…
FireTail Unveils Free Access for All to Cutting-Edge API Security Platform
FireTail announces a free version of its enterprise-level API security tools, making them accessible to developers and organizations of all sizes. FireTail’s unique combination of open-source code libraries, inline API call evaluation, security posture management, and centralized audit trails helps…
Ransomware scum who hit Indonesian government apologizes, hands over encryption key
Brain Cipher was never getting the $8 million it demanded anyway Brain Cipher, the group responsible for hacking into Indonesia’s Temporary National Data Center (PDNS) and disrupting the country’s services, has seemingly apologized for its actions and released an encryption…
Ransomware news trending on Google
Recent cyber attacks involving ransomware have garnered significant attention in recent days, with two notable incidents making headlines: Patelco Credit Union, a prominent non-profit organization in the San Francisco Bay Area, confirmed it fell victim to a ransomware attack affecting…