Crooks Bypassed Google’s Email Verification to Create Workspace Accounts, Access 3rd-Party Services - Google says it recently fixed an authentication weakness that allowed crooks to circumvent the email verification required to create a Google Workspace account, and leverage that to impersonate a domain holder at third-party services that allow logins through Google’s “Sign in with Google” feature....
Ongoing Cyberattack Targets Exposed Selenium Grid Services for Crypto Mining - Cybersecurity researchers are sounding the alarm over an ongoing campaign that's leveraging internet-exposed Selenium Grid services for illicit cryptocurrency mining. Cloud security Wiz is tracking the activity under the name SeleniumGreed . The campaign, which is targeting older versions of Selenium...
PKfail Secure Boot bypass lets attackers install UEFI malware - Hundreds of UEFI products from 10 vendors are susceptible to compromise due to a critical firmware supply-chain issue known as PKfail, which allows attackers to bypass Secure Boot and install malware.
Cyberattacks on the Paris Olympics are inevitable, says PM - ANSSI, France’s national cybersecurity agency met Thursday prompting French Prime Minister Gabriel Attal to warn the public that cyberattacks during the Paris Olympic games would be ‘inevitable.’
Offensive AI: The Sine Qua Non of Cybersecurity - "Peace is the virtue of civilization. War is its crime. Yet it is often in the furnace of war that the sharpest tools of peace are forged." - Victor Hugo. In 1971, an unsettling message started appearing on several computers that comprised ARPANET, the precursor to what we now know as the Internet. The...
Critical Flaw in Telerik Report Server Poses Remote Code Execution Risk - Progress Software is urging users to update their Telerik Report Server instances following the discovery of a critical security flaw that could result in remote code execution. The vulnerability, tracked as CVE-2024-6327 (CVSS score: 9.9), impacts Report Server version 2024 Q2 (10.1.24.514) and earlier....
Meta Removes 63,000 Instagram Accounts Linked to Nigerian Sextortion Scams - Meta Platforms on Wednesday said it took steps to remove around 63,000 Instagram accounts in Nigeria that were found to target people with financial sextortion scams. "These included a smaller coordinated network of around 2,500 accounts that we were able to link to a group of around 20 individuals,"...
SEXi / APT Inc Ransomware - What You Need To Know - SEXi? Seriously? What are you talking about this time? Don't worry, I'm not trying to conjure images in your mind of Rod Stewart in his iconic leopard print trousers. Instead, I want to warn you about a cybercrime group that has gained notoriety for attacking VMware ESXi servers since February 2024. Excuse...
July Windows Server updates break Remote Desktop connections - Microsoft has confirmed that July's security updates break remote desktop connections in organizations where Windows servers are configured to use the legacy RPC over HTTP protocol in the Remote Desktop Gateway.
Spanish Hackers Bundle Phishing Kits with Malicious Android Apps - A Spanish-speaking cybercrime group named GXC Team has been observed bundling phishing kits with malicious Android applications, taking malware-as-a-service (MaaS) offerings to the next level. Singaporean cybersecurity company Group-IB, which has been tracking the e-crime actor since January 2023, described...
U.S. DoJ Indicts North Korean Hacker for Ransomware Attacks on Hospitals - The U.S. Department of Justice (DoJ) on Thursday unsealed an indictment against a North Korean military intelligence operative for allegedly carrying out ransomware attacks against healthcare facilities in the country and funneling the payments to orchestrate additional intrusions into defense, technology,...
Deleted GitHub data is forever accessible to anyone, researchers claim - Microsoft-owned GitHub’s design makes repository data forever available, potentially enabling malicious actors to access sensitive information such as API keys and secrets even after users think they’ve deleted it.
Why Multivendor Cybersecurity Stacks Are Increasingly Obsolete - Multivendor tech stacks are costly and complex to integrate and manage. Learn more from Cynet about how an All-in-One approach reduces costs for MSPs and SMEs, while offering increased security.