Security
Germany plans to decriminalize whitehat hacking
The German government has proposed draft legislation that would exclude ethical hacking aimed at finding security vulnerabilities from criminal prosecution. Golem.de reports that this would reduce legal risks for cybersecurity researchers.
Read more about Germany plans to decriminalize whitehat hacking
FBI alert: cybercriminals are posing as US officials and requesting sensitive data
The FBI has warned of an uptick in fraudulent emergency data requests. Cybercriminals masquerading as law enforcement (or other officials using compromised governmental emails) are increasingly abusing easy access to sensitive data.
Read more about FBI alert: cybercriminals are posing as US officials and requesting sensitive data
RansomHub dethrones LockBit as top ransomware cartel
LockBit’s reign of terror has waned following a law enforcement crackdown. However, a new contender has quickly filled the gap. RansomHub, which emerged in February, claimed nearly a fifth of all ransomware victims in September, 2024.
Read more about RansomHub dethrones LockBit as top ransomware cartel
Okta allowed passwordless logins for exceptionally long usernames
Access management giant Okta has disclosed a bizarre vulnerability that could have allowed users to access accounts without a password.
Read more about Okta allowed passwordless logins for exceptionally long usernames
Chinese hackers hijacked thousands of TP-Link WiFi routers for covert cyberattacks
A covert Chinese botnet, relying on compromised TP-Link routers, commits stealthy password-spraying attacks, only attempting to access accounts once per day.
Read more about Chinese hackers hijacked thousands of TP-Link WiFi routers for covert cyberattacks
Cybercriminals steal cookies to get into your accounts: how to stay safe
Cybercriminals are stealing cookies, specifically Remember Me cookies, to bypass multi-factor authentication and access users’ emails, the FBI has warned.
Read more about Cybercriminals steal cookies to get into your accounts: how to stay safe
Recovering deleted files: digital forensics for the everyday person
I believe the everyday person should know how to recover deleted files or messages. That way, you don’t have to hire someone or say goodbye to important or sentimental data.
Read more about Recovering deleted files: digital forensics for the everyday person
Germany and Spain hit with stealthy attacks: Strela Stealer evolves
Employees in Germany and Spain face a new insidious campaign that delivers a mail credential stealer called Strela Stealer. This malware has greatly improved since it was first discovered two years ago.
Read more about Germany and Spain hit with stealthy attacks: Strela Stealer evolves
What keeps cybersecurity professionals up at night? It’s not AI… yet
Emerging technology like artificial intelligence (AI) and quantum computing raise legitimate cybersecurity concerns, but experts say that the real issue is still phishing and ransomware.
Read more about What keeps cybersecurity professionals up at night? It’s not AI… yet
Ex-Disney worker hacks food menu software, alters peanut allergen warnings, FBI says
An ex-Disney employee hacked into the resort’s restaurant software, removed peanut allergy warnings on certain menu items, and cyberstalked co-workers, the FBI said.
Read more about Ex-Disney worker hacks food menu software, alters peanut allergen warnings, FBI says
Hackers making users look like cybercriminals: dev gets bombarded with abuse complaints
Late at night, your mailbox starts filling with alerts about a potential security issue – your server seems to be connecting to various machines on the internet and you need to resolve “any potential issues” fast. But there are no issues – your IP is spoofed by an external attacker with unclear motives.
Read more about Hackers making users look like cybercriminals: dev gets bombarded with abuse complaints
Timely Cybernews intervention helps protect PayDo customers’ financial data
In an ongoing race, cybercriminals and security researchers relentlessly scan the web for vulnerabilities, each driven by different motivations. Cybernews was the first to discover an unprotected instance containing financial customer data, and our timely intervention helped protect customers of PayDo, a payment processor. Here are the lessons learned.
Read more about Timely Cybernews intervention helps protect PayDo customers’ financial data
Foreign agencies allegedly using underwater lighthouses to spy on China
China has supposedly discovered that spy intelligence agencies from unknown countries have infiltrated its waters and planted special devices used to spy on the country.
Read more about Foreign agencies allegedly using underwater lighthouses to spy on China
Attackers can hijack WiFi using Philips Smart Lighting devices, researchers warn
Think twice before you throw out your old smart light bulbs. Hackers can extract their firmware, which stores WiFi credentials in plain text.
Read more about Attackers can hijack WiFi using Philips Smart Lighting devices, researchers warn
Cozy Bear launches massive spear-phishing campaign, hijacking remote access
Russian threat actor Cozy Bear has unleashed a highly targeted and sophisticated malicious campaign, targeting over 100 organizations in critical sectors, Microsoft warns. The attackers send carefully crafted emails to trick users into opening a Remote Desktop Protocol (RDP) configuration file, leading to compromise.
Read more about Cozy Bear launches massive spear-phishing campaign, hijacking remote access
FBI names four most common scams before US general election
The Federal Bureau of Investigation (FBI) has issued a warning to the public about scammers perpetrating four types of fraud schemes before the US general election.
Read more about FBI names four most common scams before US general election
The price of getting a driver‘s license? Your personal data
Hundreds of thousands of future motorists had their personal details leaked online after over 400,000 Brazilian driver‘s license permits were left open in an unprotected storage bucket.
Read more about The price of getting a driver‘s license? Your personal data
Remote work is putting your data at risk: security tips you can’t ignore
According to an Upwork study, 22% of the US workforce is expected to be working remotely by 2025. With remote...
Read more about Remote work is putting your data at risk: security tips you can’t ignore
Despite patches, Windows can still be downgraded to vulnerable versions
Microsoft made significant strides to strengthen its Windows kernel against compromise. Yet, hackers with administrator privileges can still replace the kernel itself, making the whole system vulnerable.
Read more about Despite patches, Windows can still be downgraded to vulnerable versions
China hacks Verizon to target Trump/Vance communications, new report says
US officials on Friday said Chinese-affiliated hackers were able to infiltrate the nation’s commercial telecommunications infrastructure – and now several media outlets are reporting the bad actors may have gotten their hands on the phone records of Trump, running mate JD Vance, and possibly Harris campaign staffers.
Read more about China hacks Verizon to target Trump/Vance communications, new report says
