Fri.May 31, 2024

article thumbnail

International Malware Takedown Seized 100+ Servers

Tech Republic Security

‘Operation Endgame’ is an ongoing, law enforcement effort to disrupt botnets, malware droppers and malware-as-a-service.

Malware 192
article thumbnail

Mysterious Cyber Attack Took Down 600,000+ Routers in the U.S.

The Hacker News

More than 600,000 small office/home office (SOHO) routers are estimated to have been bricked and taken offline following a destructive cyber attack staged by unidentified cyber actors, disrupting users' access to the internet. The mysterious event, which took place between October 25 and 27, 2023, and impacted a single internet service provider (ISP) in the U.S.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

ShinyHunters is selling data of 30 million Santander customers

Security Affairs

The threat actor ShinyHunters claims breach of Santander and is offering for sale bank data, including information for 30 million customers. A notorious threat actor ShinyHunters is offering a huge trove of data allegedly stolen from the Santander Bank for sale. ShinyHunters claims to have stolen information for 30 million customers, employees, and bank account data.

Banking 136
article thumbnail

OpenAI, Meta, TikTok Disrupt Multiple AI-Powered Disinformation Campaigns

The Hacker News

OpenAI on Thursday disclosed that it took steps to cut off five covert influence operations (IO) originating from China, Iran, Israel, and Russia that sought to abuse its artificial intelligence (AI) tools to manipulate public discourse or political outcomes online while obscuring their true identity.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Over 600,000 SOHO routers were destroyed by Chalubo malware in 72 hours 

Security Affairs

The Chalubo trojan destroyed over 600,000 SOHO routers from a single ISP, researchers from Lumen Technologies reported. Between October 25 and October 27, 2023, the Chalubo malware destroyed more than 600,000 small office/home office (SOHO) routers belonging to the same ISP. Black Lotus did not name the impacted ISP, however, Bleeping Computer speculates the attack is linked to the Windstream outage that occurred during the same timeframe.

Malware 132
article thumbnail

Russian Hackers Target Europe with HeadLace Malware and Credential Harvesting

The Hacker News

The Russian GRU-backed threat actor APT28 has been attributed as behind a series of campaigns targeting networks across Europe with the HeadLace malware and credential-harvesting web pages.

Malware 139

More Trending

article thumbnail

Microsoft Warns of Surge in Cyber Attacks Targeting Internet-Exposed OT Devices

The Hacker News

Microsoft has emphasized the need for securing internet-exposed operational technology (OT) devices following a spate of cyber attacks targeting such environments since late 2023. "These repeated attacks against OT devices emphasize the crucial need to improve the security posture of OT devices and prevent critical systems from becoming easy targets," the Microsoft Threat Intelligence team said.

article thumbnail

LilacSquid APT Unveiled: A Stealthy Campaign Targeting Global Industries

Penetration Testing

Cisco Talos, the threat intelligence and research arm of Cisco, has exposed a sophisticated espionage-focused threat actor known as LilacSquid (UAT-4820). This advanced persistent threat (APT) group has been operating under the radar since... The post LilacSquid APT Unveiled: A Stealthy Campaign Targeting Global Industries appeared first on Penetration Testing.

article thumbnail

How to tell if a VPN app added your Windows device to a botnet

Malwarebytes

On May 29, 2024, the US Department of Justice (DOJ) announced it had dismantled what was likely the world’s largest botnet ever. This botnet, called “911 S5,” infected systems at over 19 million IP addresses across more than 190 countries. The main sources of income for the operators, who stole a billions of dollars across a decade, came from committing pandemic and unemployment fraud, and by selling access to child exploitation materials.

VPN 120
article thumbnail

Snowflake account hacks linked to Santander, Ticketmaster breaches

Bleeping Computer

A threat actor claiming recent Santander and Ticketmaster breaches says they stole data after hacking into an employee's account at cloud storage company Snowflake. However, Snowflake disputes these claims, saying recent breaches were caused by poorly secured customer accounts. [.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Beyond Threat Detection – A Race to Digital Security

The Hacker News

Digital content is a double-edged sword, providing vast benefits while simultaneously posing significant threats to organizations across the globe. The sharing of digital content has increased significantly in recent years, mainly via email, digital documents, and chat.

article thumbnail

Ticketmaster confirms massive breach after stolen data for sale online

Bleeping Computer

Live Nation has confirmed that Ticketmaster suffered a data breach after its data was stolen from a third-party cloud database provider, which is believed to be Snowflake. [.

article thumbnail

GUEST ESSAY: Taking a systematic approach to achieving secured, ethical AI model development

The Last Watchdog

AI has the potential to revolutionize industries and improve lives, but only if we can trust it to operate securely and ethically. Related: The key to the GenAI revolution By prioritizing security and responsibility in AI development, we can harness its power for good and create a safer, more unbiased future. Developing a secured AI system is essential because artificial intelligence is a transformative technology, expanding its capabilities and societal influence.

article thumbnail

Internet Safety Month: Keep Your Online Experience Safe and Secure

Webroot

What is Internet Safety Month? Each June, the online safety community observes Internet Safety Month as a time to reflect on our digital habits and ensure we’re taking the best precautions to stay safe online. It serves as a reminder for everyone—parents, teachers, and kids alike—to be mindful of our online activities and to take steps to protect ourselves.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Stalkerware app pcTattletale announces it is ‘out of business’ after suffering data breach and website defacement

Graham Cluley

US spyware vendor pcTattletale has shut down its operations following a serious data breach that exposed sensitive information about its customers, as well as data stolen from some of their victims. pcTattletale was promoted as "employee and child monitoring software" designed to "protect your business and family." Of course, what it actually was, was a way to surreptitiously spy upon other people's phones and computers - secretly viewing everything they did.

article thumbnail

Cyber Attacks Unpacked: Recent fraud Incidents and Impact (25th to 31st May, 2024)

Quick Heal Antivirus

“Investment is subject to market risk please read the offer document carefully before investment”, we all have literally. The post Cyber Attacks Unpacked: Recent fraud Incidents and Impact (25th to 31st May, 2024) appeared first on Quick Heal Blog.

article thumbnail

Introducing the Open Supply-Chain Information Modeling (OSIM) Technical Committee

Cisco Security

OSIM is a great advancement towards a more secure and resilient supply chain ecosystem. OSIM is a great advancement towards a more secure and resilient supply chain ecosystem.

95
article thumbnail

Europol identifies 8 cybercriminals tied to malware loader botnets

Bleeping Computer

Europol and German law enforcement have revealed the identities of eight cybercriminals linked to the various malware droppers and loaders disrupted as part of the Operation Endgame law enforcement operation. [.

Malware 93
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Top-Paying Tech Jobs Highlight New Roles, Cybersecurity Tie-ins

SecureWorld News

I ran across this fascinating post on ClearanceJobs, the largest career network for professionals with federal government security clearance, listing the " 10 Highest Paying Tech Jobs in 2024 and Beyond." What caught my eye were two things: 1) The number of these jobs that did not exist 10, five, or even one or two years ago; and 2) How many of the roles are tied to cybersecurity—directly or indirectly.

article thumbnail

DMM Bitcoin warns that hackers stole $300 million in Bitcoin

Bleeping Computer

Japanese bitcoin exchange DMM Bitcoin is warning that 4,502.9 Bitcoin (BTC), or approximately $308 million (48.2 billion yen), has been stolen from one of its wallets today, making it the most significant cryptocurrency heist of 2024. [.

article thumbnail

AsukaStealer Malware Targets Browsers and Crypto Wallets for $80 a Month

Penetration Testing

A new and sophisticated malware named AsukaStealer has emerged on the cybercrime scene, offering its malicious services for a surprisingly low monthly fee of $80. This C++ based malware, marketed on a Russian-language forum,... The post AsukaStealer Malware Targets Browsers and Crypto Wallets for $80 a Month appeared first on Penetration Testing.

article thumbnail

ShinyHunters claims Santander breach, selling data for 30M customers

Bleeping Computer

A threat actor known as ShinyHunters is claiming to be selling a massive trove of Santander Bank data, including information for 30 million customers, employees, and bank account data, two weeks after the bank reported a data breach. [.

Banking 86
article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

New Execution Technique in ClearFake Campaign

Digital Shadows

ReliaQuest reveals new ClearFake campaign tricks users into running malicious PowerShell. Learn to block IoCs, limit PowerShell, and educate users against this evolving threat.

article thumbnail

The NSA advises you to turn your phone off and back on once a week - here's why

Zero Day

Powering off your phone regularly, disabling Bluetooth when it's not needed, and using only trusted accessories are just some of the NSA's security recommendations.

76
article thumbnail

What happens when facial recognition gets it wrong – Week in security with Tony Anscombe

We Live Security

A facial recognition system misidentifies a woman in London as a shoplifter, igniting fresh concerns over the technology's accuracy and reliability

article thumbnail

Ticketmaster Breached? Data of Over 500 Million Customers For Sale

Heimadal Security

Ticketmaster has been breached and the data of over 500 million customers is listed for sale. A threat actor known as ShinyHunters is selling on the recently revived BreachForums hacking forum what they claim is the personal and financial information of Ticketmaster customers. The listing goes for $500,000. Details About the Breach: What Information Was […] The post Ticketmaster Breached?

Hacking 70
article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

4 Ways Technology Can Help Your Marketing Efforts

SecureBlitz

In this post, I will show you 4 ways technology can help your marketing efforts. In the rapidly evolving digital world, using technology in marketing campaigns is essential to success and is no longer optional. Businesses that want to remain ahead of the competition need to adopt cutting-edge techniques and products that not only grab […] The post 4 Ways Technology Can Help Your Marketing Efforts appeared first on SecureBlitz Cybersecurity.

article thumbnail

Chalubo Malware Wreaks Havoc: Half a Million Routers Permanently Disabled

Penetration Testing

A destructive cyberattack, dubbed “The Pumpkin Eclipse” by Lumen Technologies’ Black Lotus Labs, has knocked out over 600,000 small office/home office (SOHO) routers, leaving a significant portion of an internet service provider’s (ISP) customers... The post Chalubo Malware Wreaks Havoc: Half a Million Routers Permanently Disabled appeared first on Penetration Testing.

article thumbnail

Four Takeaways From the 2023 Data Protection Commission Annual Report

BH Consulting

In 2023, the DPC was responsible for handling 87 per cent of all GDPR-related fines in Europe, totalling €1.55 billion. But with many of the largest cases undergoing appeals, the actual amount of fines paid was a fraction of that. In reality, the report shows that the amount paid to the Irish regulator was just €1.375 million. That’s just one of the many findings that caught my eye from the Data Protection Commission’s annual report for 2023.

article thumbnail

Immersive Labs Study Reveals AI Prompt Injection Vulnerability in Bots

eSecurity Planet

Generative artificial intelligence presents dilemmas for security teams as they determine how to use it in ways that benefit their business without creating vulnerabilities. Immersive Labs, a Bristol, England-based cybersecurity firm that focuses on user training, recently performed a study involving GenAI prompt injection attacks on chatbots. It released a report of the results and found that 88% of participants were able to trick a bot into exposing passwords.

article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.