Security
Millions of email services still sending passwords unencrypted in plain text
Around 3.3 million servers are running POP3/IMAP email services without encryption (TLS) enabled, the Shadowserver Foundation, a nonprofit security organization, has discovered. Most of these servers reside in the US, Germany, and Poland.
Read more about Millions of email services still sending passwords unencrypted in plain text
Torturing hackers in prison: surviving as an act of protest
At the height of my glory days as a computer hacker myself, little did I know I would eventually find myself experiencing and surviving prison life.
Read more about Torturing hackers in prison: surviving as an act of protest
Bad Likert Judge attack bypasses AI safety measures with at least 60% success rate
A clever jailbreaking technique can manipulate AI assistants into producing hate, harassment malware, and content on indiscriminate weapons and other illegal activities. Researchers simply asked the chatbots to judge and score the harmfulness of provided prompts according to a scale and then to provide an example for the worst-case scenario.
Read more about Bad Likert Judge attack bypasses AI safety measures with at least 60% success rate
Senior officials' laptops compromised in China-linked US Treasury hack
New information reveals the PRC-backed hackers responsible for last month’s hack of the US Treasury Department were able to gain access to the laptops of some senior officials. This is as CISA now says other federal agencies were spared in the breach.
Read more about Senior officials' laptops compromised in China-linked US Treasury hack
Double-clickjacking: attackers can steal user accounts unnoticed
The time between two mouse clicks is enough for hackers to swap web pages and trick victims into accidentally authorizing access or money transfers.
Read more about Double-clickjacking: attackers can steal user accounts unnoticed
Chinese threat actors hacked the US Treasury
The US Treasury Department said on Monday that Chinese-linked hackers were able to gain access to ‘unclassified documents’ after compromising the agency’s networks earlier this month.
Read more about Chinese threat actors hacked the US Treasury
Security pros overestimate MFA: 6 techniques hackers are using to bypass it
Hackers have found multiple ways to bypass multifactor authentication (MFA), while nine out of ten security professionals still believe that MFA provides complete protection against account takeover, cybersecurity firm warns.
Read more about Security pros overestimate MFA: 6 techniques hackers are using to bypass it
Securing VoIP calls from eavesdropping
VoIP (Voice over Internet Protocol) has become a popular communication tool. However, like many internet-based services, your calls may be...
Read more about Securing VoIP calls from eavesdropping
Schneider Electric's stolen data leaked on dark web
Cybercriminals claim that Schneider Electric has refused to pay a ransom in baguettes.
Read more about Schneider Electric's stolen data leaked on dark web
25 Chrome extensions with over 2M users breached: hackers are after user data
The ongoing hacking spree has compromised at least 25 Chrome extensions, potentially affecting over two million users. Cyberhaven, a data protection company, fell victim to the attack.
Read more about 25 Chrome extensions with over 2M users breached: hackers are after user data
WiFi hackers can bypass WPA3 security by exploiting its weakest link: the user
The WPA3 security standard makes WiFi access points more secure, protecting passwords from offline dictionary attacks. However, researchers have devised a clever man-in-the-middle attack that tricks users into entering their password when reconnecting.
Read more about WiFi hackers can bypass WPA3 security by exploiting its weakest link: the user
A solution to a $5B problem to be unveiled at CES 2025: it involves selfies
A selfie may now determine if a company’s transactions are going to the right hands.
Read more about A solution to a $5B problem to be unveiled at CES 2025: it involves selfies
Cl0p ransomware hits over 60 companies using Cleo platform
Cl0p ransomware has listed 63 organizations on its dark web victim site. The gang has recently been leveraging critical vulnerabilities affecting Cleo software, including Cleo Harmony, Cleo VLTrader, and Cleo LexiCom.
Read more about Cl0p ransomware hits over 60 companies using Cleo platform
Finland suspects Russian involvement in fresh damage to multiple undersea cables
Finnish authorities investigate Russia's involvement in the damage to two undersea electric cables and four data cables linking Finland and Estonia on Christmas Day – the third incident to take place in the Baltic Sea in just over a month.
Read more about Finland suspects Russian involvement in fresh damage to multiple undersea cables
Dorking: the art of exploring hidden directories
Hackers publish lists of the most interesting Google dorks, which are constantly being updated as new Google search queries are realized, producing new results.
Read more about Dorking: the art of exploring hidden directories
Why you're most likely to get hacked today
It’s the most wonderful time of the year… for you, and for the hackers targeting you.
Read more about Why you're most likely to get hacked today
Fatal teen stabbing spurs one-year TikTok ban in Albania, marking a first in Europe
The stabbing death of a teenage boy – killed by a fellow classmate after an argument on TikTok – has triggered a full one-year ban of the Chinese-owned video app in Albania, the first European nation to take such measures.
Read more about Fatal teen stabbing spurs one-year TikTok ban in Albania, marking a first in Europe
Court finds Pegasus spyware maker NSO Group liable for hacking 1,400 WhatsApp users
Before 2020, approximately 1,400 mobile devices were infected with Pegasus malware, which was used to surveil WhatsApp users. Last week, the US district court found NSO Group accountable for violating key computer crime laws, marking a major victory for WhatsApp and spyware victims.
Read more about Court finds Pegasus spyware maker NSO Group liable for hacking 1,400 WhatsApp users
Top LockBit developer arrested, awaiting extradition to US
The notorious LockBit ransomware gang continues to crumble. The US has charged Rostislav Panev, 51, for acting as a developer of LockBit since its inception around 2019.
Read more about Top LockBit developer arrested, awaiting extradition to US
A hacker’s perspective on the computer fraud and abuse act
When you think of ‘malicious code,’ what’s the first thing that comes to mind? If you guessed malware, you’re correct.
Read more about A hacker’s perspective on the computer fraud and abuse act
