Cybersecurity company Censys has identified over 380,000 hosts that are still referencing the malicious polyfill.io domain. Censys reported that over 380,000 internet-exposed hosts are still referencing the malicious polyfill.io domain. The polyfill.io domain was suspended last week following multiple reports of malicious activity. The domain Polyfill.io was used to host JavaScript code that added modern […]
...moreSummary
Total Articles Found: 20
Top sources:
Top Keywords:
- Cyber Crime: 20
- Breaking News: 19
- Hacking: 18
- hacking news: 17
- Security News: 17
Top Authors
Top Articles:
- WikiLeaks' Julian Assange Sentenced to 50 Weeks in UK Jail
- Garmin allegedly paid for a decryptor for WastedLocker ransomware
- Scranos – A Cross Platform, Rootkit-Enabled Spyware rapidly spreading
- New strain of Cerberus Android banking trojan can steal Google Authenticator codes
- Watch out, sextortion scammers are using a new tactic
- OnionPoison: malicious Tor Browser installer served through a popular Chinese YouTube channel
- Threat actors exploit Atlassian Confluence bug in cryptomining campaigns
- Ticketmaster confirms data breach impacting 560 million customers
- Quishing, an insidious threat to electric car owners
- Polyfill.io Supply Chain Attack: 384,773 hosts still embedding a polyfill JS script linking to the malicious domain
Polyfill.io Supply Chain Attack: 384,773 hosts still embedding a polyfill JS script linking to the malicious domain
Published: 2024-07-05 11:32:00
Popularity: 16
Author: Pierluigi Paganini
Keywords:
LLM Says: ""JS attack detected""
Hackers leak 170k Taylor Swift’s ERAS Tour Barcodes
Published: 2024-07-05 13:24:55
Popularity: 10
Author: Pierluigi Paganini
Keywords:
LLM Says: "Taylor's code cracked"
The threat actor Sp1d3rHunters leaked valid Taylor Swift ’s ERAS Tour barcodes threatening to leak more data and blackmailing Ticketmaster. A threat actor that goes online with the moniker Sp1d3rHunters leaked 170,000 valid barcodes for Taylor Swift’s ERAS Tour for free. The bar codes are valid for the upcoming concerts of Taylor Swift in Miami, […]
...moreOnionPoison: malicious Tor Browser installer served through a popular Chinese YouTube channel
Published: 2022-10-05 06:25:44
Popularity: 30
Author: Pierluigi Paganini
Keywords:
OnionPoison: researchers reported that an infected Tor Browser installer has been distributed through a popular YouTube channel. Kaspersky researchers discovered that a trojanized version of a Windows installer for the Tor Browser has been distributed through a popular Chinese-language YouTube channel. The campaign, named OnionPoison, targeted users located in China, where the Tor Browser website […] The post OnionPoison: malicious Tor Browser installer served through a popular Chinese YouTube channel appeared first on Security Affairs.
...moreCrooks stole $375k from Premint NFT, it is one of the biggest NFT hacks ever
Published: 2022-07-17 19:24:43
Popularity: 15
Author: Pierluigi Paganini
Keywords:
Threat actors hacked the popular NFT platform, Premint NFT and stole 314 NFTs. The popular NFT platform, Premint NFT, was hacked, the threat actors compromised its official website and stole 314 NFTs. According to the experts from blockchain security firm CertiK, this is one of the biggest NFT hacks on record. The analysis of the […] The post Crooks stole $375k from Premint NFT, it is one of the biggest NFT hacks ever appeared first on Security Affairs.
...moreNew Checkmate ransomware target QNAP NAS devices
Published: 2022-07-08 07:23:07
Popularity: 12
Author: Pierluigi Paganini
Keywords:
Taiwanese vendor QNAP wars of a new strain of ransomware, dubbed Checkmate, that is targeting its NAS devices. The Taiwanese vendor QNAP is warning of a new family of ransomware targeting its NAS devices using weak passwords. Threat actors are targeting devices exposed online with the SMB service enabled, they perform brute-force attacks against accounts […] The post New Checkmate ransomware target QNAP NAS devices appeared first on Security Affairs.
...moreFFDroider, a new information-stealing malware disguised as Telegram app
Published: 2022-04-11 20:47:50
Popularity: 8
Author: Pierluigi Paganini
Keywords:
Cybersecurity researchers spotted a new Windows information-stealing malware, named FFDroider, designed to steal credentials and cookies. Cybersecurity researchers from Zscaler ThreatLabz warn of a new information-stealing malware, named FFDroider, that disguises itself as the popular instant messaging app Telegram. The malware was derived to siphon credentials and cookies from infected machines. “Recently, ThreatLabz identified a novel windows […] The post FFDroider, a new information-stealing malware disguised as Telegram app appeared first on Security Affairs.
...moreLapsus$ extortion gang leaked the source code for some Microsoft projects
Published: 2022-03-22 09:56:53
Popularity: 16
Author: Pierluigi Paganini
Keywords:
The Lapsus$ extortion group claims to have hacked Microsoft ‘s internal Azure DevOps server and leaked the source code for some projects. Microsoft recently announced that is investigating claims that the Lapsus$ cybercrime gang breached their internal Azure DevOps source code repositories and stolen data. On Sunday, the Lapsus$ gang announced to have compromised Microsoft’s Azure DevOps […] The post Lapsus$ extortion gang leaked the source code for some Microsoft projects appeared first on Security Affairs.
...moreHundreds of thousands of routers exposed to Eternal Silence campaign via UPnP
Published: 2022-01-31 19:30:15
Popularity: 16
Author: Pierluigi Paganini
Keywords:
A hacking campaign, tracked as Eternal Silence, is abusing UPnP to compromise routers and use them to carry out malicious activities. Researchers from Akamai have spotted a malicious campaign, tracked as ‘Eternal Silence,’ that is abusing Universal Plug and Play (UPnP) to turn routers into a proxy server used to carry out a broad range […] The post Hundreds of thousands of routers exposed to Eternal Silence campaign via UPnP appeared first on Security Affairs.
...moreTelegram is becoming the paradise of cyber criminals
Published: 2021-09-27 07:56:11
Popularity: None
Author: Pierluigi Paganini
Keywords:
Telegram is becoming an essential platform for cybercriminal activities, crooks use it but and sell any kind of stolen data and hacking tools. Many experts believe that the popular Telegram app is an efficient alternative to dark web marketplaces, its channels are used by hacking communities and cybercriminals to buy and sell stolen data, accesses […] The post Telegram is becoming the paradise of cyber criminals appeared first on Security Affairs.
...moreApproximatively 1,500 businesses impacted by the ransomware attack that hit Kaseya
Published: 2021-07-06 12:47:07
Popularity: 11
Author: Pierluigi Paganini
Keywords:
Kaseya confirmed that the REvil supply-chain ransomware attack hit fewer than 60 of its customers and their customers. Software provider Kaseya announced that fewer than 60 of its customers and less than 1,500 businesses have been impacted by the recent supply-chain ransomware attack. Up to 1,500 downstream organizations, which were customers of MSPs using Kaseya VSA management […] The post Approximatively 1,500 businesses impacted by the ransomware attack that hit Kaseya appeared first on Security Affairs.
...moreSiloscape, first known malware that drops a backdoor into Kubernetes clusters
Published: 2021-06-07 19:16:04
Popularity: None
Author: Pierluigi Paganini
Keywords:
Siloscape is a new strain of malware that targets Windows Server containers to execute code on the underlying node and spread in the Kubernetes cluster. Researchers from Palo Alto Networks have spotted a piece of malware that targets Windows Server containers to execute code on the underlying node and then drop a backdoor into Kubernetes […] The post Siloscape, first known malware that drops a backdoor into Kubernetes clusters appeared first on Security Affairs.
...moreUNC2447 cybercrime gang exploited SonicWall Zero-Day before it was fixed
Published: 2021-04-30 16:25:58
Popularity: None
Author: Pierluigi Paganini
Keywords:
UNC2447 cybercrime gang exploited a zero-day in the Secure Mobile Access (SMA), addressed by SonicWall earlier this year, before the vendor released a fix. Researchers from FireEye’s Mandiant revealed that a sophisticated cybercrime gang tracked as UNC2447 has exploited a zero-day issue (CVE-2021-20016) in SonicWall Secure Mobile Access (SMA) devices, fixed earlier this year, before […] The post UNC2447 cybercrime gang exploited SonicWall Zero-Day before it was fixed appeared first on Security Affairs.
...moreGarmin allegedly paid for a decryptor for WastedLocker ransomware
Published: 2020-08-02 13:14:51
Popularity: 422
Author: Pierluigi Paganini
Keywords:
BleepingComputer researchers confirmed that Garmin has received the decryption key to recover their files encrypted with the WastedLocker Ransomware. BleepingComputer first revealed that Garmin has received the decryption key to recover the files encrypted with the WastedLocker Ransomware in the recent attack. On July 23, smartwatch and wearables maker Garmin has shut down several of its services […] The post Garmin allegedly paid for a decryptor for WastedLocker ransomware appeared first on Security Affairs.
...moreNew strain of Cerberus Android banking trojan can steal Google Authenticator codes
Published: 2020-02-27 13:21:26
Popularity: 74
Author: Pierluigi Paganini
Keywords:
LLM Says: "Trojan alert"
Experts found a new version of the Cerberus Android banking trojan that can steal one-time codes generated by the Google Authenticator app and bypass 2FA. Security researchers from ThreatFabric warn of a new Android malware strain can now steal one-time passcodes (OTP) generated through Google Authenticator that is used as part of 2FA to protect online […] The post New strain of Cerberus Android banking trojan can steal Google Authenticator codes appeared first on Security Affairs.
...moreWatch out, sextortion scammers are using a new tactic
Published: 2020-01-02 10:03:14
Popularity: 69
Author: Pierluigi Paganini
Keywords:
Sextortion cybercrimes continue to threaten Internet users, scammers are using new tactics to bypass spam filters and secure email gateways. Sextortion scams continue to evolve to bypass security measures such as spam filters and secure email gateways. Sextortion messages threaten the victims of revealing their private videos while watching adult websites or making virtual sex […] The post Watch out, sextortion scammers are using a new tactic appeared first on Security Affairs.
...moreWikiLeaks' Julian Assange Sentenced to 50 Weeks in UK Jail
Published: 2019-05-01 12:33:45
Popularity: 2126
Author: noreply@blogger.com (Mohit Kumar)
Keywords:
WikiLeaks founder Julian Assange has been sentenced to 50 weeks—for almost a year—in prison by a London court for breaching his bail conditions in 2012 and taking refuge in the Ecuadorian embassy for nearly 7 years. The 47-year-old Assange was arrested last month by London's Metropolitan Police Service after the Ecuadorian government suddenly withdrew his political asylum. Within hours of his
...moreScranos – A Cross Platform, Rootkit-Enabled Spyware rapidly spreading
Published: 2019-04-16 11:30:57
Popularity: 79
Author: Pierluigi Paganini
Keywords:
Scranos is a powerful cross-platform rootkit-enabled spyware discovered while investigating malware posing as legitimate software like video players, drivers and even anti-virus products. The Scranos rootkit malware was first discovered late last year when experts at Bitdefender were analyzing a new password- and data-stealing operation leveraging around a rootkit driver digitally signed with a stolen […] The post Scranos – A Cross Platform, Rootkit-Enabled Spyware rapidly spreading appeared first on Security Affairs.
...moreTicketmaster confirms data breach impacting 560 million customers
Published: 2024-06-01 20:20:13
Popularity: 19
Author: Pierluigi Paganini
Keywords:
LLM Says: "Data gone wrong"
Ticketmaster owner Live Nation confirmed the Ticketmaster data breach that compromised the data of 560 million customers. ShinyHunters, the current administrator of BreachForums, recently claimed the hack of Ticketmaster and offered for sale 1.3 TB of data, including full details of 560 million customers, for $500,000. Stolen data includes names, emails, addresses, phone numbers, ticket sales, […]
...moreThreat actors exploit Atlassian Confluence bug in cryptomining campaigns
Published: 2024-08-30 08:12:43
Popularity: 21
Author: Pierluigi Paganini
Keywords:
LLM Says: "Crypto mining chaos"
Threat actors are actively exploiting a critical flaw in the Atlassian Confluence Data Center and Confluence Server in cryptocurrency mining campaigns. The critical vulnerability CVE-2023-22527 (CVSS score 10.0) in the Atlassian Confluence Data Center and Confluence Server is being actively exploited for cryptojacking campaigns. The vulnerability is a template injection vulnerability that can allow remote […]
...moreQuishing, an insidious threat to electric car owners
Published: 2024-09-05 08:33:20
Popularity: 19
Author: Pierluigi Paganini
Keywords:
LLM Says: ""Charging drama""
Quishing is a type of phishing attack where crooks use QR codes to trick users into providing sensitive information or downloading malware. In recent years, the spread of electric cars has led to an increase in public charging stations. However, new cyber threats have emerged with this growth, including “quishing.” This term, a combination of […]
...more