Crooks Bypassed Google’s Email Verification to Create Workspace Accounts, Access 3rd-Party Services  - Google says it recently fixed an authentication weakness that allowed crooks to circumvent the email verification required to create a Google Workspace account, and leverage that to impersonate a domain holder at third-party services that allow logins through Google’s “Sign in with Google” feature....

 FBI, CISA, and Partners Release Advisory Highlighting North Korean Cyber Espionage Activity

+1 from  cisa

 CISA Releases Two Industrial Control Systems Advisories

+2 from  cisa

 Ongoing Cyberattack Targets Exposed Selenium Grid Services for Crypto Mining  - Cybersecurity researchers are sounding the alarm over an ongoing campaign that's leveraging internet-exposed Selenium Grid services for illicit cryptocurrency mining. Cloud security Wiz is tracking the activity under the name SeleniumGreed . The campaign, which is targeting older versions of Selenium...

+1 from  thehackernews

 PKfail Secure Boot bypass lets attackers install UEFI malware  - Hundreds of UEFI products from 10 vendors are susceptible to compromise due to a critical firmware supply-chain issue known as PKfail, which allows attackers to bypass Secure Boot and install malware.

+1 from  bleepingcomputer

 Cyberattacks on the Paris Olympics are inevitable, says PM  - ANSSI, France’s national cybersecurity agency met Thursday prompting French Prime Minister Gabriel Attal to warn the public that cyberattacks during the Paris Olympic games would be ‘inevitable.’

+1 from  cybernews

 LW ROUNDTABLE: CrowdStrike outage reveals long road ahead to achieve digital resiliency  - Last week, CrowdStrike, one of the cybersecurity industry’s most reputable solution providers, inadvertently caused more disruption across the Internet than all the threat actors active online at the time.

 Google fixes Chrome Password Manager bug that hides credentials  - Google has fixed a bug in Chrome's Password Manager that caused user credentials to disappear temporarily for more than 18 hours.

+2 from  bleepingcomputer

 Russian ransomware gangs account for 69% of all ransom proceeds  - Russian-speaking threat actors accounted for at least 69% of all crypto proceeds linked to ransomware throughout the previous year, exceeding $500,000,000.

 Offensive AI: The Sine Qua Non of Cybersecurity  - "Peace is the virtue of civilization. War is its crime. Yet it is often in the furnace of war that the sharpest tools of peace are forged." - Victor Hugo. In 1971, an unsettling message started appearing on several computers that comprised ARPANET, the precursor to what we now know as the Internet. The...

 Critical Flaw in Telerik Report Server Poses Remote Code Execution Risk  - Progress Software is urging users to update their Telerik Report Server instances following the discovery of a critical security flaw that could result in remote code execution. The vulnerability, tracked as CVE-2024-6327 (CVSS score: 9.9), impacts Report Server version 2024 Q2 (10.1.24.514) and earlier....

 US offers $10M for tips on DPRK hacker linked to Maui ransomware attacks  - The U.S. State Department is offering a reward of up to $10 million for information that could lead to the identification or location of a North Korean military hacker.

+1 from  bleepingcomputer

 Meta Removes 63,000 Instagram Accounts Linked to Nigerian Sextortion Scams  - Meta Platforms on Wednesday said it took steps to remove around 63,000 Instagram accounts in Nigeria that were found to target people with financial sextortion scams. "These included a smaller coordinated network of around 2,500 accounts that we were able to link to a group of around 20 individuals,"...

+5 from  thehackernews

 SEXi / APT Inc Ransomware - What You Need To Know  - SEXi? Seriously? What are you talking about this time? Don't worry, I'm not trying to conjure images in your mind of Rod Stewart in his iconic leopard print trousers. Instead, I want to warn you about a cybercrime group that has gained notoriety for attacking VMware ESXi servers since February 2024. Excuse...

 July Windows Server updates break Remote Desktop connections  - Microsoft has confirmed that July's security updates break remote desktop connections in organizations where Windows servers are configured to use the legacy RPC over HTTP protocol in the Remote Desktop Gateway.

+1 from  bleepingcomputer

 Spanish Hackers Bundle Phishing Kits with Malicious Android Apps  - A Spanish-speaking cybercrime group named GXC Team has been observed bundling phishing kits with malicious Android applications, taking malware-as-a-service (MaaS) offerings to the next level. Singaporean cybersecurity company Group-IB, which has been tracking the e-crime actor since January 2023, described...

 U.S. DoJ Indicts North Korean Hacker for Ransomware Attacks on Hospitals  - The U.S. Department of Justice (DoJ) on Thursday unsealed an indictment against a North Korean military intelligence operative for allegedly carrying out ransomware attacks against healthcare facilities in the country and funneling the payments to orchestrate additional intrusions into defense, technology,...

 Deleted GitHub data is forever accessible to anyone, researchers claim  - Microsoft-owned GitHub’s design makes repository data forever available, potentially enabling malicious actors to access sensitive information such as API keys and secrets even after users think they’ve deleted it.

 French police push PlugX malware self-destruct payload to clean PCs  - The French police and Europol are pushing out a "disinfection solution" that automatically removes the PlugX malware from infected devices in France.

+2 from  bleepingcomputer

 Over Half of UK Workers Haven’t Received Training on Avoiding Phishing Scams

 Why Multivendor Cybersecurity Stacks Are Increasingly Obsolete  - Multivendor tech stacks are costly and complex to integrate and manage. Learn more from Cynet about how an All-in-One approach reduces costs for MSPs and SMEs, while offering increased security.