Security Affairs
JANUARY 13, 2024
GitLab addressed two critical flaws impacting both the Community and Enterprise Edition, including a critical zero-click account hijacking vulnerability GitLab has released security updates to address two critical vulnerabilities impacting both the Community and Enterprise Edition. The most critical vulnerability, tracked as CVE-2023-7028 (CVSS score 10), is an account takeover via Password Reset.
Bleeping Computer
JANUARY 13, 2024
A 29-year-old man in Ukraine was arrested this week for using hacked accounts to create 1 million virtual servers used to mine $2 million in cryptocurrency. [.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Security Affairs
JANUARY 13, 2024
The Finish National Cybersecurity Center (NCSC-FI) warns of increased Akira ransomware attacks targeting NAS and tape backup devices of organizations in the country. The Finish National Cybersecurity Center (NCSC-FI) reported an increase in Akira ransomware attacks, targeting organizations in the country. Threat actors are wiping NAS and backup devices.
The Hacker News
JANUARY 13, 2024
Juniper Networks has released updates to fix a critical remote code execution (RCE) vulnerability in its SRX Series firewalls and EX Series switches. The issue, tracked as CVE-2024-21591, is rated 9.8 on the CVSS scoring system.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Security Affairs
JANUARY 13, 2024
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Akira ransomware targets Finnish organizations GitLab fixed a critical zero-click account hijacking flaw Juniper Networks fixed a critical RCE bug in its firewalls and switches Vast Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential
The Hacker News
JANUARY 13, 2024
A 29-year-old Ukrainian national has been arrested in connection with running a “sophisticated cryptojacking scheme,” netting them over $2 million (€1.8 million) in illicit profits. The person was apprehended in Mykolaiv, Ukraine, on January 9 by the National Police of Ukraine with support from Europol and an unnamed cloud service provider following “months of intensive collaboration.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Penetration Testing
JANUARY 13, 2024
In June 2021, the cybersecurity landscape witnessed the emergence of a formidable player: Rimasuta botnet. It’s named after its unique usage of the TEA algorithm and has recently resurfaced in botnet observations. Initially discovered... The post From TEA to ChaCha20: The Evolution of the Rimasuta Botnet appeared first on Penetration Testing.
WIRED Threat Level
JANUARY 13, 2024
Plus: Chinese officials tracked people using AirDrop, Stuxnet mole’s identity revealed, AI chatbot hacking, and more.
Security Boulevard
JANUARY 13, 2024
The U.S. Attorney's office in Delaware charged Olugbenga Lawal with being a major money launderer for a Nigerian-based international criminal organization that specialized in Business Email Compromise (#BEC) and Romance Scam. Lawal was charged with receiving more than $3 million USD (that would be more than ₦2,8 Billion!) and sending funds to Nigeria both through money transfer, but also buy purchasing and shipping more than $600,000 in vehicles.
Security Boulevard
JANUARY 13, 2024
Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events situated at the Anaheim Marriott ; and via the organizations YouTube channel. Permalink The post USENIX Security ’23 – Svetlana Abramova and Rainer Böhme – Anatomy of a High-Profile Data Breach: Dissecting the Aftermath of a Crypto-Wallet Case appeared first on Security Boulevard.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Security Boulevard
JANUARY 13, 2024
In this brief analysis I'll take a look at who's behind GoatRAT in terms of social media activity C&C servers and actual personally identifiable information. Personally identifiable information: hxxp://bit[.]ly/nubankmodulo hxxp://goatrat[.]com/apks/apk20[.]apk Sample MD5s: 6583a9b6b83738e0bf2a261fc04483e18772da3241e467fdef37a8e27b1869a7 9a8e85cf1bbd32c71f0efa42ffedf1a0 hxxp://api[.]goatrat[.]com:3008 Social Media: hxxp://t[.]me/sickoDevz hxxp://t[.]me/goatmalware Web site: hxxp://criminalm
Expert insights. Personalized for you.
137 
Let's personalize your content