Security

Combating phishing attacks through awareness and simulation

In 2008, I started operating as a hacker for hire. Since the hottest thing on the market is always catching a cheater, I was hired to investigate whether my client’s fiancé was faithful or if he was having secret conversations on a German social networking site.
Read more about Combating phishing attacks through awareness and simulation

Singaporean crypto exchange BingX offers 10% bounty after $44M hack

Following blockchain data analysts' warnings about suspicious outflows from BingX, the cryptocurrency exchange confirmed the breach and offered 10% to hackers. More than $44 million was allegedly stolen.
Read more about Singaporean crypto exchange BingX offers 10% bounty after $44M hack

Popular US car rental company Hertz didn’t spot this access control vulnerability

What looked like a phishing email was just bad cybersecurity practices from a popular US car rental company.
Read more about Popular US car rental company Hertz didn’t spot this access control vulnerability

Linux for kids: teaching the next generation

Education for kids isn't what it used to be, especially regarding the technology we use. We live in a world where exhausted parents have replaced baby pacifiers with smartphones and tablets to keep kids distracted, which doesn’t provide any meaningful mental stimulation beyond hand-eye coordination.
Read more about Linux for kids: teaching the next generation

One-third of the US population’s background info is now public

1
Cybernews exclusive research has revealed that a massive data leak at MC2 Data, a background check firm, affects a staggering amount of US citizens.
Read more about One-third of the US population’s background info is now public

DDoS overtakes ransomware as most active cyber threat in Europe

Almost half of cyberattacks in the European Union are denial of service attacks (DDoS), putting NoName057 at the top of the most active threat actors’ list.
Read more about DDoS overtakes ransomware as most active cyber threat in Europe

Walmart customers accused of drug trafficking in a Google Ads scam

Scammers combined Google Ads with Walmart Lists to trick customers into believing they were trafficking druglord money and now have to pay for the imaginary crime.
Read more about Walmart customers accused of drug trafficking in a Google Ads scam

Iranian hackers lurking in Middle Eastern government and telecom networks, backdoors discovered

The Iranian threat actor UNC1860, affiliated with the country’s Ministry of Intelligence (MOIS), is a collector of specialized tooling and passive backdoors for gaining initial access and remaining in critical networks for prolonged periods, Google’s Mandiant warns.
Read more about Iranian hackers lurking in Middle Eastern government and telecom networks, backdoors discovered

Cashless toll payments end with massive data leak

Nearly a million Colombians and businesses were affected after the GoPass payment app exposed drivers’ sensitive data to anyone on the internet.
Read more about Cashless toll payments end with massive data leak

FBI warns about China-controlled botnet affecting thousands of Americans

The FBI has warned that cyber actors linked to China have compromised over 260,000 internet-connected devices, mostly routers, to create a massive botnet. It’s used for malicious activities, such as distributed denial of service attacks, or as a proxy to conceal identities.
Read more about FBI warns about China-controlled botnet affecting thousands of Americans

Think twice before you click: this captcha might steal your money

Windows users risk losing funds from crypto wallets and other personal data from a new form of attack involving captcha verification.
Read more about Think twice before you click: this captcha might steal your money

Chrome extension hides malware to steal crypto: new operation uncovered

A crude malicious Chrome extension for stealing personal data and crypto can slip through malware detection systems, despite its simplicity. This significant leak provides unique insights into the effectiveness of malicious campaigns and the limitations of current spam and malware detection systems.
Read more about Chrome extension hides malware to steal crypto: new operation uncovered

Russia's cyber proxies pivot to undermining Harris-Walz campaign, Microsoft says

Russian election interference efforts have shifted to spreading “outlandish fake conspiracy theories” about the Harris-Walz campaign, the Microsoft Threat Analysis Center (MTAC) warns.
Read more about Russia's cyber proxies pivot to undermining Harris-Walz campaign, Microsoft says

Hospitals need “tribal approach” to protect against hackers, says expert

Cyberattacks on healthcare institutions can quickly turn deadly. And while larger organizations are starting to adapt to the new cyber reality, smaller local hospitals are mostly left to fend for themselves. Closer collaboration might help to solve the crisis.
Read more about Hospitals need “tribal approach” to protect against hackers, says expert

Millions of vehicle records left open – with no owner in sight

Over three million records, containing detailed information about vehicles and their owners, have been left open online. The weirdest part? There‘s no clear owner of the exposed dataset.
Read more about Millions of vehicle records left open – with no owner in sight

Temu refutes data breach allegations by unknown threat actor trying to profit

Temu, a popular e-commerce marketplace, says that not a single line of data disseminated by an unknown threat actor matches its real records.
Read more about Temu refutes data breach allegations by unknown threat actor trying to profit

RansomHub releases 487GB of data allegedly stolen from Kawasaki

RansomHub, a ransomware newcomer that rose to prominence this year, has claimed a breach of Japanese company Kawasaki and released 487GB of its data publicly.
Read more about RansomHub releases 487GB of data allegedly stolen from Kawasaki

Critical vulnerabilities found in Photoshop, Premiere Pro, and multiple other Adobe products

Threat actors can exploit some of the most popular creative Adobe applications to take over Windows and macOS machines.
Read more about Critical vulnerabilities found in Photoshop, Premiere Pro, and multiple other Adobe products

Sharp increase in blocked YouTube channels linked to Russian influence operations

In July alone, Google terminated almost 13,000 YouTube channels linked to Russian and Chinese coordinated influence operations. The number of terminated Russian channels spiked dramatically in recent months.
Read more about Sharp increase in blocked YouTube channels linked to Russian influence operations

Brazil’s largest forex bank vulnerable to attack

Braza Bank left its systems vulnerable to cyberattacks and accounts takeover, Cybernews research shows.
Read more about Brazil’s largest forex bank vulnerable to attack