American fast food chain Chick-fil-A has confirmed that over 71,000 customers' accounts were breached in a months-long credential stuffing attack, allowing threat actors to use stored rewards balances and access personal information. [...]
...moreSummary
Total Articles Found: 38
Top sources:
Top Keywords:
- Security: 26
- Software: 11
- Microsoft: 5
- Google: 5
- Technology: 3
Top Authors
- Lawrence Abrams: 38
Top Articles:
- YouTube-dl GitHub repos taken down by RIAA via DMCA takedown
- ICQ messenger shuts down after almost 28 years
- Firefox Addons Being Disabled Due to an Expired Certificate
- 10% of All Macs Shlayered, Malware Cocktail Served
- New DFSCoerce NTLM Relay attack allows Windows domain takeover
- Gmail hit by a second outage within a single day
- Microsoft's IE Zero-day Fix is Breaking Windows Printing
- Adobe is telling Windows 10 users to uninstall Flash Player
- It's finally over! Time to uninstall Adobe Flash Player
- Tesla owners unable to unlock cars due to server errors
Chick-fil-A confirms accounts hacked in months-long "automated" attack
LastPass: DevOps engineer hacked to steal password vault data in 2022 breach
LastPass revealed more information on a "coordinated second attack," where a threat actor accessed and stole data from the Amazon AWS cloud storage servers for over two months. [...]
...moreHacker claims to be selling Twitter data of 400 million users
A threat actor claims to be selling public and private data of 400 million Twitter users scraped in 2021 using a now-fixed API vulnerability. They're asking $200,000 for an exclusive sale. [...]
...moreFake Microsoft Exchange ProxyNotShell exploits for sale on GitHub
Scammers are impersonating security researchers to sell fake proof-of-concept ProxyNotShell exploits for newly discovered Microsoft Exchange zero-day vulnerabilities. [...]
...moreMFA Fatigue: Hackers’ new favorite tactic in high-profile breaches
Hackers are more frequently using social engineering attacks to gain access to corporate credentials and breach large networks. One component of these attacks that is becoming more popular with the rise of multi-factor authentication is a technique called MFA Fatigue. [...]
...moreNew DFSCoerce NTLM Relay attack allows Windows domain takeover
A new Windows NTLM relay attack called DFSCoerce has been discovered that uses MS-DFSNM, Microsoft's Distributed File System, to completely take over a Windows domain. [...]
...moreCritical Atlassian Confluence zero-day actively used in attacks
Hackers are actively exploiting a new Atlassian Confluence zero-day vulnerability tracked as CVE-2022-26134 to install web shells, with no fix available at this time. [...]
...moreNIST updates guidance for defending against supply-chain attacks
The National Institute of Standards and Technology (NIST) has released updated guidance on securing the supply chain against cyberattacks. [...]
...moreTesla owners unable to unlock cars due to server errors
Some Tesla owners worldwide are unable to unlock their cars or communicate with it using the app due to problems with the company's servers. [...]
...moreGoogle patches 10th Chrome zero-day exploited in the wild this year
Google has released Chrome 93.0.4577.82 for Windows, Mac, and Linux to fix eleven security vulnerabilities, two of them being zero-days exploited in the wild. [...]
...moreNew PetitPotam attack allows take over of Windows domains
A new NTLM relay attack called PetitPotam has been discovered that allows threat actors to take over a domain controller, and thus an entire Windows domain. [...]
...moreNSA: Russian GRU hackers use Kubernetes to run brute force attacks
Published: 2021-07-01 15:00:00
Popularity: 113
Author: Lawrence Abrams
Keywords:
The National Security Agency (NSA) warns that Russian nation-state hackers are conducting brute force attacks to access US networks and steal email and files. [...]
...moreTor Browser fixes vulnerability that tracks you using installed apps
The Tor Project has released Tor Browser 10.0.18 to fix numerous bugs, including a vulnerability that allows sites to track users by fingerprinting the applications installed on their devices. [...]
...moreAdobe issues security updates for 41 vulnerabilities in 10 products
Adobe has released a giant Patch Tuesday security update release that fixes vulnerabilities in ten applications, including Adobe Acrobat, Reader, and Photoshop. [...]
...moreTelegram privacy feature failed to delete self-destructing video files
Telegram has fixed a security issue where self-destructing audio and video recording were not being deleted from user's macOS devices as expected. [...]
...moreApple fixes SUDO root privilege escalation flaw in macOS
Apple has fixed a sudo vulnerability in macOS Big Sur, Catalina, and Mojave, allowing any local user to gain root-level privileges. [...]
...moreThe Great Suspender Chrome extension's fall from grace
Google has forcibly uninstalled the immensely popular 'The Great Suspender' extension from Google Chrome and classified it as malware. [...]
...moreMicrosoft: DPRK hackers 'likely' hit researchers with Chrome exploit
Today, Microsoft disclosed that they have also been monitoring the targeted attacks against vulnerability researchers for months and have attributed the attacks to a DPRK group named 'Zinc.' [...]
...moreIt's finally over! Time to uninstall Adobe Flash Player
It's over, kaput, done. Adobe Flash Player is officially non-functional, and it's time to uninstall the program once and for all. [...]
...moreAdobe is telling Windows 10 users to uninstall Flash Player
Published: 2020-12-30 22:35:33
Popularity: 694
Author: Lawrence Abrams
Keywords:
With the Flash Player officially reaching the end of life tomorrow, Adobe has started to display alerts on Windows computers recommending that users uninstall Flash Player. [...]
...moreGmail hit by a second outage within a single day
Gmail is suffering its second outage in 24 hours, with users able to access their email but unable to send to other Gmail users or are experiencing unexpected behavior. [...]
...moreYouTube-dl GitHub repos taken down by RIAA via DMCA takedown
The Recording Industry Association of America, Inc. (RIAA) has taken down the popular Youtube-dl GitHub repositories using a DMCA takedown notice. [...]
...moreWindows Zerologon PoC exploits allow domain takeover. Patch Now!
Researchers have released exploits for the Windows Zerologon CVE-2020-1472 vulnerability that allow an attacker to take control of a Windows domain. Install patches now! [...]
...moreCenturyLink routing issue led to outages on Hulu, Steam, Discord, more
A CenturyLink BGP routing mistake has led to a ripple effect across the Internet that led to outages for numerous Internet-connected services such as Cloudflare, Amazon, Garmin, Steam, Discord, Blizzard, and many more. [...]
...moreBusiness technology giant Konica Minolta hit by new ransomware
Business technology giant Konica Minolta was hit with a ransomware attack at the end of July that impacted services for almost a week, BleepingComputer has learned. [...]
...moreuBlock Origin ad blocker now blocks port scans on most sites
A recent update to an ad block filter list now allows the uBlock Origin extension to block most of the known sites that perform port scans of your local Windows computer. [...]
...moreGoogle reenables FTP support in Chrome due to pandemic
After disabling FTP support in Google Chrome 81, Google has decided to reenable it again to prevent outages and difficulties in accessing information during the Coronavirus pandemic. [...]
...moreMicrosoft's IE Zero-day Fix is Breaking Windows Printing
Published: 2020-01-26 17:35:12
Popularity: 769
Author: Lawrence Abrams
Keywords:
Microsoft's temporary fix for a recently disclosed Internet Explorer zero-day vulnerability is causing numerous problems in Windows, including breaking printing for some users. [...]
...more10% of All Macs Shlayered, Malware Cocktail Served
Many people think that malware only targets Windows and that Macs are safe, but a new report shows how a single Apple malware called Shlayer has attacked over 10% of all Apple computers monitored by an antivirus company. [...]
...moreGoogle Achieves Its Goal of Erasing the WWW Subdomain From Chrome
With the release of Chrome 79, Google completes its goal of erasing www from browser by no longer allowing Chrome users to automatically show the www trivial subdomain in the address bar. [...]
...moreDisney+ Now Works in Linux After DRM Tweak
Published: 2019-12-05 21:16:59
Popularity: 61
Author: Lawrence Abrams
Keywords:
Linux users can now stream shows and movies from the Disney+ streaming service after Disney lowering the level of their DRM requirements. [...]
...moreHacker Selling User Info Stolen From Prostitution Forums
Popular prostitution and escort forums in the Netherlands and Italy have suffered data breaches that exposed the usernames, email addresses, and hashed passwords for their registered members. [...]
...moreRobinhood Brokerage Firm Alerts of Passwords Stored in Clear Text
The Robinhood stock trading site is alerting users that passwords were stored in their system in human readable format, otherwise known as clear text. While no foul play was detected, this could have allowed employees or unauthorized users to view an account's password. [...]
...moreGoogle Chrome Canary Flag Makes The Browser a Colorful Mess
Google is testing a new feature in the Chrome Canary builds that allows you to change the colors used by various user interface elements of the browser. This allows users to make the browser and its New Tab Page a colorful mess that some may find amusing, while others find painful. [...]
...moreMozilla Makes Firefox its Own Brand Name, Releases New Logos
Mozilla has announced that "Firefox" is becoming its own brand name that encompasses the Firefox Browser, Firefox Send, Firefox Lockwise, and Firefox Monitor products. Along with this new umbrella name, Mozilla has released redesigned icons that represent the future of this brand. [...]
...moreFirefox Addons Being Disabled Due to an Expired Certificate
Mozilla Firefox users are discovering that all of their addons were suddenly disabled. It turns out that this is being caused by an expired intermediary certificate used to sign Mozilla addons. [...]
...moreICQ messenger shuts down after almost 28 years
🤖: "Goodbye then"
The ICQ messaging app is shutting down on June 26th, marking the end of a much-beloved communication application. [...]
...moreCisco takes DevHub portal offline after hacker publishes stolen data
🤖: "Security breach"
Cisco confirmed today that it took its public DevHub portal offline after a threat actor leaked "non-public" data, but it continues to state that there is no evidence that its systems were breached. [...]
...more