Uncategorized

Indonesian Cybercriminals Exploit AWS for Profitable Crypto Mining Operations

Indonesian Cybercriminals Exploit AWS for Profitable Crypto Mining Operations 22/05/2023 at 19:33 By A financially motivated threat actor of Indonesian origin has been observed leveraging Amazon Web Services (AWS) Elastic Compute Cloud (EC2) instances to carry out illicit crypto mining operations. Cloud security company’s Permiso P0 Labs, which first detected the group in November 2021, […]

Indonesian Cybercriminals Exploit AWS for Profitable Crypto Mining Operations Read More »

Bad Magic’s Extended Reign in Cyber Espionage Goes Back Over a Decade

Bad Magic’s Extended Reign in Cyber Espionage Goes Back Over a Decade 22/05/2023 at 17:16 By New findings about a hacker group linked to cyber attacks targeting companies in the Russo-Ukrainian conflict area reveal that it may have been around for much longer than previously thought. The threat actor, tracked as Bad Magic (aka Red Stinger), has

Bad Magic’s Extended Reign in Cyber Espionage Goes Back Over a Decade Read More »

U.K. Fraudster Behind iSpoof Scam Receives 13-Year Jail Term for Cyber Crimes

U.K. Fraudster Behind iSpoof Scam Receives 13-Year Jail Term for Cyber Crimes 22/05/2023 at 11:47 By A U.K. national responsible for his role as the administrator of the now-defunct iSpoof online phone number spoofing service has been sentenced to 13 years and 4 months in prison. Tejay Fletcher, 35, of Western Gateway, London, was awarded the sentence

U.K. Fraudster Behind iSpoof Scam Receives 13-Year Jail Term for Cyber Crimes Read More »

KeePass Exploit Allows Attackers to Recover Master Passwords from Memory

KeePass Exploit Allows Attackers to Recover Master Passwords from Memory 22/05/2023 at 09:47 By A proof-of-concept (PoC) has been made available for a security flaw impacting the KeePass password manager that could be exploited to recover a victim’s master password in cleartext under specific circumstances. The issue, tracked as CVE-2023-32784, impacts KeePass versions 2.x for Windows,

KeePass Exploit Allows Attackers to Recover Master Passwords from Memory Read More »

PyPI Repository Under Attack: User Sign-Ups and Package Uploads Temporarily Halted

PyPI Repository Under Attack: User Sign-Ups and Package Uploads Temporarily Halted 21/05/2023 at 12:58 By The maintainers of Python Package Index (PyPI), the official third-party software repository for the Python programming language, have temporarily disabled the ability for users to sign up and upload new packages until further notice. “The volume of malicious users and

PyPI Repository Under Attack: User Sign-Ups and Package Uploads Temporarily Halted Read More »

Meet ‘Jack’ from Romania! Mastermind Behind Golden Chickens Malware

Meet ‘Jack’ from Romania! Mastermind Behind Golden Chickens Malware 20/05/2023 at 14:47 By The identity of the second threat actor behind the Golden Chickens malware has been uncovered courtesy of a fatal operational security blunder, cybersecurity firm eSentire said. The individual in question, who lives in Bucharest, Romania, has been given the codename Jack. He

Meet ‘Jack’ from Romania! Mastermind Behind Golden Chickens Malware Read More »

Notorious Cyber Gang FIN7 Returns Cl0p Ransomware in New Wave of Attacks

Notorious Cyber Gang FIN7 Returns Cl0p Ransomware in New Wave of Attacks 20/05/2023 at 10:33 By The notorious cybercrime group known as FIN7 has been observed deploying Cl0p (aka Clop) ransomware, marking the threat actor’s first ransomware campaign since late 2021. Microsoft, which detected the activity in April 2023, is tracking the financially motivated actor under its

Notorious Cyber Gang FIN7 Returns Cl0p Ransomware in New Wave of Attacks Read More »

Samsung Devices Under Active Exploitation! CISA Warns of Critical Flaw

Samsung Devices Under Active Exploitation! CISA Warns of Critical Flaw 20/05/2023 at 07:48 By The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned of active exploitation of a medium-severity flaw affecting Samsung devices. The issue, tracked as CVE-2023-21492 (CVSS score: 4.4), impacts select Samsung devices running Android versions 11, 12, and 13. The South Korean electronics giant

Samsung Devices Under Active Exploitation! CISA Warns of Critical Flaw Read More »

Atlanta TSA allows Georgia residents to use mobile driver’s license

Atlanta TSA allows Georgia residents to use mobile driver’s license 19/05/2023 at 18:35 By Hartsfield-Jackson Atlanta International Airport will roll out technology allowing Georgia residents to use a mobile driver’s license during security. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source

Atlanta TSA allows Georgia residents to use mobile driver’s license Read More »

Privacy Sandbox Initiative: Google to Phase Out Third-Party Cookies Starting 2024

Privacy Sandbox Initiative: Google to Phase Out Third-Party Cookies Starting 2024 19/05/2023 at 16:31 By Google has announced plans to officially flip the switch on its twice-delayed Privacy Sandbox initiatives as it slowly works its way to deprecate support for third-party cookies in Chrome browser. To that end, the search and advertising giant said it intends to

Privacy Sandbox Initiative: Google to Phase Out Third-Party Cookies Starting 2024 Read More »

Developer Alert: NPM Packages for Node.js Hiding Dangerous TurkoRat Malware

Developer Alert: NPM Packages for Node.js Hiding Dangerous TurkoRat Malware 19/05/2023 at 14:31 By Two malicious packages discovered in the npm package repository have been found to conceal an open source information stealer malware called TurkoRat. The packages – named nodejs-encrypt-agent and nodejs-cookie-proxy-agent – were collectively downloaded approximately 1,200 times and were available for more than

Developer Alert: NPM Packages for Node.js Hiding Dangerous TurkoRat Malware Read More »

Dr. Active Directory vs. Mr. Exposed Attack Surface: Who’ll Win This Fight?

Dr. Active Directory vs. Mr. Exposed Attack Surface: Who’ll Win This Fight? 19/05/2023 at 14:31 By Active Directory (AD) is among the oldest pieces of software still used in the production environment and can be found in most organizations today. This is despite the fact that its historical security gaps have never been amended. For

Dr. Active Directory vs. Mr. Exposed Attack Surface: Who’ll Win This Fight? Read More »

Searching for AI Tools? Watch Out for Rogue Sites Distributing RedLine Malware

Searching for AI Tools? Watch Out for Rogue Sites Distributing RedLine Malware 19/05/2023 at 10:55 By Malicious Google Search ads for generative AI services like OpenAI ChatGPT and Midjourney are being used to direct users to sketchy websites as part of a BATLOADER campaign designed to deliver RedLine Stealer malware. “Both AI services are extremely popular but

Searching for AI Tools? Watch Out for Rogue Sites Distributing RedLine Malware Read More »

WebKit Under Attack: Apple Issues Emergency Patches for 3 New Zero-Day Vulnerabilities

WebKit Under Attack: Apple Issues Emergency Patches for 3 New Zero-Day Vulnerabilities 19/05/2023 at 07:50 By Apple on Thursday rolled out security updates to iOS, iPadOS, macOS, tvOS, watchOS, and the Safari web browser to address three new zero-day flaws that it said are being actively exploited in the wild. The three security shortcomings are listed below

WebKit Under Attack: Apple Issues Emergency Patches for 3 New Zero-Day Vulnerabilities Read More »

Scroll to Top