Summary

Total Articles Found: 22

Top sources:

Top Keywords:

Top Authors

Top Articles:

  • LastPass: hackers breached the computer of a DevOps engineer in a second attack
  • Global Espionage Campaign Used Software Supply Chain Hack To Compromise Targets, Including US Gov
  • Roblox breached: Internal documents posted online by unknown attackers
  • Polish State Websites Hacked and Used to Spread False Info
  • Adobe Patches Reader Vulnerability Exploited in the Wild
  • Threat actors exploit Atlassian Confluence bug in cryptomining campaigns
  • Ticketmaster confirms data breach impacting 560 million customers
  • Quishing, an insidious threat to electric car owners
  • A Year After Death, McAfee's Corpse Still in Spanish Morgue
  • Polyfill.io Supply Chain Attack: 384,773 hosts still embedding a polyfill JS script linking to the malicious domain

Polyfill.io Supply Chain Attack: 384,773 hosts still embedding a polyfill JS script linking to the malicious domain

🤖: ""JS attack detected""

Cybersecurity company Censys has identified over 380,000 hosts that are still referencing the malicious polyfill.io domain. Censys reported that over 380,000 internet-exposed hosts are still referencing the malicious polyfill.io domain. The polyfill.io domain was suspended last week following multiple reports of malicious activity. The domain Polyfill.io was used to host JavaScript code that added modern […]

...more

Hackers leak 170k Taylor Swift’s ERAS Tour Barcodes

🤖: "Taylor's code cracked"

The threat actor Sp1d3rHunters leaked valid Taylor Swift ’s ERAS Tour barcodes threatening to leak more data and blackmailing Ticketmaster. A threat actor that goes online with the moniker Sp1d3rHunters leaked 170,000 valid barcodes for Taylor Swift’s ERAS Tour for free. The bar codes are valid for the upcoming concerts of Taylor Swift in Miami, […]

...more

LastPass: hackers breached the computer of a DevOps engineer in a second attack

Threat actors hacked the home computer of a DevOp engineer, they installed a keylogger as part of a sophisticated cyber attack. Password management software firm LastPass disclosed a “second attack,” a threat actor used data stolen from the August security breach and combined it with information available from a third-party data breach. Then the attackers […] The post LastPass: hackers breached the computer of a DevOps engineer in a second attack appeared first on Security Affairs.

...more

Rackspace Hit With Lawsuits Over Ransomware Attack

Published: 2022-12-12 12:21:29

Popularity: 12

Author: Eduard Kovacs

Keywords:

  • NEWS & INDUSTRY
  • Incident Response
  • Cybercrime
  • Management & Strategy
  • At least two lawsuits have been filed against Texas-based cloud company Rackspace over the recently disclosed ransomware attack. read more

    ...more

    Python, JavaScript Developers Targeted With Fake Packages Delivering Ransomware

    Published: 2022-12-12 12:46:57

    Popularity: 10

    Author: Ionut Arghire

    Keywords:

  • NEWS & INDUSTRY
  • Virus & Malware
  • Malware
  • Cybercrime
  • Phylum security researchers warn of a new software supply chain attack relying on typosquatting to target Python and JavaScript developers. read more

    ...more

    Roblox breached: Internal documents posted online by unknown attackers

    Published: 2022-07-19 11:12:11

    Popularity: 53

    Author: Christopher Boyd

    Keywords:

  • Cybercrime
  • compromise
  • data
  • employee
  • hack
  • roblox
  • 🤖: ""Hacked and Exposed""

    We take a look at reports that internal Roblox employee documents have been leaked by an as-yet unknown attacker. The post Roblox breached: Internal documents posted online by unknown attackers appeared first on Malwarebytes Labs.

    ...more

    New Checkmate ransomware target QNAP NAS devices

    Taiwanese vendor QNAP wars of a new strain of ransomware, dubbed Checkmate, that is targeting its NAS devices. The Taiwanese vendor QNAP is warning of a new family of ransomware targeting its NAS devices using weak passwords. Threat actors are targeting devices exposed online with the SMB service enabled, they perform brute-force attacks against accounts […] The post New Checkmate ransomware target QNAP NAS devices appeared first on Security Affairs.

    ...more

    A Year After Death, McAfee's Corpse Still in Spanish Morgue

    Published: 2022-06-23 18:22:23

    Popularity: 18

    Author: AFP

    Keywords:

  • NEWS & INDUSTRY
  • Tracking & Law Enforcement
  • Cybercrime
  • The body of software entrepreneur John McAfee remained at a morgue in Spain Thursday a year after his death as a legal case filed by his family, who do not believe he committed suicide, is yet to be resolved. read more

    ...more

    Exploited Vulnerability Patched in WordPress Plugin With Over 1 Million Installations

    Published: 2022-06-17 12:00:51

    Popularity: 13

    Author: Ionut Arghire

    Keywords:

  • NEWS & INDUSTRY
  • Vulnerabilities
  • Cybercrime
  • More than one million WordPress websites were potentially impacted by a critical Ninja Forms plugin vulnerability that appears to have been exploited in the wild. With over one million installations, the popular Ninja Forms plugin helps administrators add customizable forms to their WordPress sites. read more

    ...more

    Lapsus$ extortion gang leaked the source code for some Microsoft projects

    The Lapsus$ extortion group claims to have hacked Microsoft ‘s internal Azure DevOps server and leaked the source code for some projects. Microsoft recently announced that is investigating claims that the Lapsus$ cybercrime gang breached their internal Azure DevOps source code repositories and stolen data. On Sunday, the Lapsus$ gang announced to have compromised Microsoft’s Azure DevOps […] The post Lapsus$ extortion gang leaked the source code for some Microsoft projects appeared first on Security Affairs.

    ...more

    Adobe Releases Emergency Patch for Exploited Commerce Zero-Day

    Published: 2022-02-13 18:01:12

    Popularity: 15

    Author: Eduard Kovacs

    Keywords:

  • NEWS & INDUSTRY
  • Virus & Threats
  • Virus & Malware
  • Cybercrime
  • Adobe released an emergency advisory on Sunday to inform Commerce and Magento users of a critical zero-day vulnerability that has been exploited in attacks. read more

    ...more

    Hundreds of thousands of routers exposed to Eternal Silence campaign via UPnP

    A hacking campaign, tracked as Eternal Silence, is abusing UPnP to compromise routers and use them to carry out malicious activities. Researchers from Akamai have spotted a malicious campaign, tracked as ‘Eternal Silence,’ that is abusing Universal Plug and Play (UPnP) to turn routers into a proxy server used to carry out a broad range […] The post Hundreds of thousands of routers exposed to Eternal Silence campaign via UPnP appeared first on Security Affairs.

    ...more

    Telegram is becoming the paradise of cyber criminals

    Telegram is becoming an essential platform for cybercriminal activities, crooks use it but and sell any kind of stolen data and hacking tools. Many experts believe that the popular Telegram app is an efficient alternative to dark web marketplaces, its channels are used by hacking communities and cybercriminals to buy and sell stolen data, accesses […] The post Telegram is becoming the paradise of cyber criminals appeared first on Security Affairs.

    ...more

    Attacks Targeting OMIGOD Vulnerability Ramping Up

    Published: 2021-09-21 03:45:05

    Popularity: 13

    Author: Ionut Arghire

    Keywords:

  • NEWS & INDUSTRY
  • Virus & Threats
  • Malware
  • Vulnerabilities
  • Cybercrime
  • Attackers are increasingly targeting a remote code execution vulnerability in the Open Management Infrastructure (OMI) framework that Microsoft released patches for earlier this month. read more

    ...more

    Recently Patched Confluence Vulnerability Exploited in the Wild

    Published: 2021-09-02 10:47:16

    Popularity: 7

    Author: Eduard Kovacs

    Keywords:

  • NEWS & INDUSTRY
  • Virus & Threats
  • Vulnerabilities
  • Cybercrime
  • Hackers started exploiting a vulnerability in Atlassian’s Confluence enterprise collaboration product just one week after the availability of a patch was announced. read more

    ...more

    Biden Tells Putin Russia Must Crack Down on Cybercriminals

    Published: 2021-07-10 16:22:11

    Popularity: 13

    Author: Associated Press

    Keywords:

  • NEWS & INDUSTRY
  • Cybercrime
  • 🤖: "Russian hackers busted"

    President Joe Biden told Russian President Vladimir Putin in a Friday phone call that he must “take action” against cybercriminals acting in his country and that the U.S. reserves the right to “defend its people and its critical infrastructure” from future attacks, the White House said. read more

    ...more

    Polish State Websites Hacked and Used to Spread False Info

    Published: 2021-03-18 09:46:58

    Popularity: 49

    Author: Associated Press

    Keywords:

  • NEWS & INDUSTRY
  • Cybercrime
  • 🤖: ""Hacked again""

    Two Polish government websites were hacked Wednesday and used briefly to spread false information about a non-existent radioactive threat, in what a Polish government official said had the hallmarks of a Russian cyberattack. read more

    ...more

    Adobe Patches Reader Vulnerability Exploited in the Wild

    Published: 2021-02-09 18:29:39

    Popularity: 24

    Author: Eduard Kovacs

    Keywords:

  • NEWS & INDUSTRY
  • Virus & Threats
  • Vulnerabilities
  • Cybercrime
  • Adobe on Tuesday announced the availability of patches for 50 vulnerabilities across six of its products, including a zero-day vulnerability in Reader that has been exploited in the wild. read more

    ...more

    Global Espionage Campaign Used Software Supply Chain Hack To Compromise Targets, Including US Gov

    Published: 2020-12-14 12:02:05

    Popularity: 64

    Author: Mike Lennon

    Keywords:

  • NEWS & INDUSTRY
  • Incident Response
  • Malware
  • Cybercrime
  • Tampered Versions of SolarWinds Orion IT Monitoring Software Used to Compromise Global Organizations  read more

    ...more

    Ticketmaster confirms data breach impacting 560 million customers

    🤖: "Data gone wrong"

    Ticketmaster owner Live Nation confirmed the Ticketmaster data breach that compromised the data of 560 million customers. ShinyHunters, the current administrator of BreachForums, recently claimed the hack of Ticketmaster and offered for sale 1.3 TB of data, including full details of 560 million customers, for $500,000. Stolen data includes names, emails, addresses, phone numbers, ticket sales, […]

    ...more

    Threat actors exploit Atlassian Confluence bug in cryptomining campaigns

    🤖: "Crypto mining chaos"

    Threat actors are actively exploiting a critical flaw in the Atlassian Confluence Data Center and Confluence Server in cryptocurrency mining campaigns. The critical vulnerability CVE-2023-22527  (CVSS score 10.0) in the Atlassian Confluence Data Center and Confluence Server is being actively exploited for cryptojacking campaigns. The vulnerability is a template injection vulnerability that can allow remote […]

    ...more

    Quishing, an insidious threat to electric car owners

    🤖: ""Charging drama""

    Quishing is a type of phishing attack where crooks use QR codes to trick users into providing sensitive information or downloading malware. In recent years, the spread of electric cars has led to an increase in public charging stations. However, new cyber threats have emerged with this growth, including “quishing.” This term, a combination of […]

    ...more

    end