A Mishandled Github Token Exposed Mercedes Benz Source Code
A mishandled GitHub token gave unrestricted access to Mercedes-Benz's internal GitHub Enterprise Service, exposing source code to the public. Mercedes-Benz...
Month: January 2024
Vastaamo Hacker Traced Via Untraceable Monero Transactions Police Says
Julius Aleksanteri Kivimäki, the suspect believed to be behind an attack against one of Finland's largest psychotherapy clinics, Vastaamo, was...
How Smbs Can Lower Their Risk Of Cyberattacks And Data Breaches
The Akira ransomware group is targeting small to medium-sized businesses (SMBs) - 80% of its victims, since March 2023, have been SMBs....
New Linux Glibc Flaw Lets Attackers Get Root On Major Distros
Unprivileged attackers can get root access on multiple major Linux distributions in default configurations by exploiting a newly disclosed local...
Online Ransomware Decryptor Helps Recover Partially Encrypted Files
CyberArk has created an online version of 'White Phoenix,' an open-source ransomware decryptor targeting operations using intermittent encryption. The company announced...
Microsoft Teams Phishing Pushes Darkgate Malware Via Group Chats
New phishing attacks abuse Microsoft Teams group chat requests to push malicious attachments that install DarkGate malware payloads on victims'...
Us Charges Two More Suspects With Draftking Account Hacks
The U.S. Department of Justice arrested and charged two more suspects for their involvement in the hacking of almost 68,000 DraftKings accounts in...
Jenkins Multiple Vulnerabilities
Multiple vulnerabilities were identified in Jenkins. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution,...
FBI: Scammers Are Sending Couriers to Collect Cash From Victims
The FBI has claimed $55m were lost from May to December 2023 to scammers posing as representatives of the government,...
Ransomware Incidents Hit Record High, But Law Enforcement Takedowns Slow Growth
Ransomware incidents surged by 68% in 2023 to reach a record high, according to new data from Corvus Insurance. However,...
UK House of Lords Calls For Legislation on Facial Recognition Tech
The UK parliament’s upper chamber has said it is “deeply concerned” about unaccountable police use of live facial recognition (LFR)...
Rust Payloads Exploiting Ivanti Zero-Days Linked to Sophisticated Sliver Toolkit
Payloads recently found on compromised Ivanti Connect Secure appliances could be from the same, sophisticated threat actor, according to incident...
Orange España Breach: Dark Web Flooded With Operator Credentials
Security researchers have uncovered the presence of hundreds of network operators’ credentials circulating on the dark web in the aftermath of...
Alpha Ransomware Group Launches Data Leak Site on the Dark Web
A new ransomware group called Alpha has recently emerged with the launch of its Dedicated/Data Leak Site (DLS) on the...
Schneider Electric Confirms Data Accessed in Ransomware Attack
Energy firm Schneider Electric has revealed it has fallen victim to a ransomware attack, leading to data from its Sustainability...
Active Exploitation of Multiple Vulnerabilities in Jenkins Products
Jenkins has released security updates addressing multiple vulnerabilities, including a critical (CVE-2024-23897) vulnerability and a high-severity (CVE-2024-23898) vulnerability in their...
CISA: CISA Releases Six Industrial Control Systems Advisories
CISA Releases Six Industrial Control Systems Advisories CISA released six Industrial Control Systems (ICS) advisories on January 23, 2024. These...
CISA: Apple Releases Security Updates for Multiple Products
Apple Releases Security Updates for Multiple Products Apple has released security updates for iOS and iPadOS, macOS, Safari, watchOS, and tvOS....
CISA: Mozilla Releases Security Updates for Thunderbird and Firefox
Mozilla Releases Security Updates for Thunderbird and Firefox Mozilla has released security updates to address vulnerabilities in Thunderbird and Firefox....
CISA: Cisco Releases Security Advisory for Multiple Unified Communications and Contact Center Solutions Products
Cisco Releases Security Advisory for Multiple Unified Communications and Contact Center Solutions Products Cisco released a security advisory to address...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
Brute Ratel C4 Detected – 35[.]72[.]81[.]251:80
The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...
CISA: CISA Releases Two Industrial Control Systems Advisories
CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on January 25, 2024. These...
CISA: Juniper Networks Releases Security Bulletin for J-Web in Junos OS SRX Series and EX Series
Juniper Networks Releases Security Bulletin for J-Web in Junos OS SRX Series and EX Series Juniper Networks released a security...
