Sat.Jan 27, 2024

article thumbnail

Weekly Update 384

Troy Hunt

I spent longer than I expected talking about Trello this week, in part because I don't feel the narrative they presented properly acknowledges their responsibility for the incident and in part because I think the impact of scraping in general is misunderstood. I suspect many of us are prone to looking at this in a very binary fashion: if the data is publicly accessible anyway, scraping it poses no risk.

Risk 246
article thumbnail

Pro-Ukraine hackers wiped 2 petabytes of data from Russian research center

Security Affairs

The Main Intelligence Directorate of Ukraine’s Ministry of Defense states that pro-Ukraine hackers wiped 2 petabytes of data from a Russian research center. The Main Directorate of Intelligence of the Ministry of Defense of Ukraine revealed that pro-Ukraine hackers group “BO Team” wiped the database of the Far Eastern Scientific Research Center of Space Hydrometeorology “Planet.” The Russian center processes data received from satellites and also provides relevant p

Malware 145
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

23andMe Failed to Detect Account Intrusions for Months

WIRED Threat Level

Plus: North Korean hackers get into generative AI, a phone surveillance tool that can monitor billions of devices gets exposed, and ambient light sensors pose a new privacy risk.

article thumbnail

Participants earned more than $1.3M at the Pwn2Own Automotive competition

Security Affairs

Bug bounty hunters earned more than $1.3 million for hacking Teslas, infotainment systems, and electric vehicle chargers at the Pwn2Own Automotive competition. The Zero Day Initiative’s Pwn2Own Automotive competition has ended, participants demonstrated 49 zero-day vulnerabilities affecting automotive products earning a total of $1,323,750. The amazing Synacktiv team won the competition and earned a total of $450,000.

Hacking 135
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

The Week in Ransomware - January 26th 2024 - Govts strike back

Bleeping Computer

Governments struck back this week against members of ransomware operations, imposing sanctions on one threat actor and sentencing another to prison. [.

article thumbnail

From Games to Ransom: Albabat’s Deceptive Distribution Method Exposed

Penetration Testing

FortiGuard Labs detected the Albabat ransomware, also known as White Bat. First emerging in November 2023, this financially motivated variant has evolved rapidly, targeting companies and individuals primarily in countries such as Argentina, Brazil,... The post From Games to Ransom: Albabat’s Deceptive Distribution Method Exposed appeared first on Penetration Testing.

More Trending

article thumbnail

ioctlance: detect various vulnerability types in Windows Driver Model (WDM) drivers

Penetration Testing

IOCTLance Presented at CODE BLUE 2023, this project titled Enhanced Vulnerability Hunting in WDM Drivers with Symbolic Execution and Taint Analysis introduces IOCTLance, a tool that enhances its capacity to detect various vulnerability types in Windows Driver... The post ioctlance: detect various vulnerability types in Windows Driver Model (WDM) drivers appeared first on Penetration Testing.

article thumbnail

Kansas City public transportation authority hit by ransomware

Bleeping Computer

The Kansas City Area Transportation Authority (KCATA) announced it was targeted by a ransomware attack on Tuesday, January 23. [.

article thumbnail

Doubling Down on Security: The Critical Role of Two-Factor Authentication

Security Boulevard

Safeguarding our online accounts has never been more crucial. One of the most effective tools at our disposal is Two-Factor Authentication (2FA). Let’s discuss how 2FA adds an essential layer of protection to your digital life. Two-Factor Authentication is a security process in which users provide two different authentication factors to verify themselves.