Google Voice Disruption Caused by Expired TLS Certificates
Google has affirmed that a Google Voice malfunction that had impacted the majority of telephone service users this month was...
Security
Database of 21 million users of popular VPN services leaked
The database contains email addresses, passwords and usernames of Russian users. This information can be used by hackers to obtain...
Fake-Sms – A Simple Command Line Tool Using Which You Can Skip Phone Number Based SMS Verification By Using A Temporary Phone Number That Acts Like A Proxy
A simple command line tool using which you can skip phone number based SMS verification by using a temporary phone...
OWASP ASST (Automated Software Security Toolkit) – A Novel Open Source Web Security Scanner
OWASP ASST (Automated Software Security Toolkit) | A Novel Open Source Web Security Scanner. Note: AWSS is the older name...
French multinational dairy Lactalis hit by a cyber attack
French multinational dairy products corporation Lactalis discloses cyberattack, but claimed that had no evidence of a data breach. France-based dairy...
Alleged China-linked APT41 group targets Indian critical infrastructures
Recorded Future researchers uncovered a campaign conducted by Chinese APT41 group targeting critical infrastructure in India. Security researchers at Recorded...
Distributor of Asian food JFC International hit by Ransomware
JFC International, a major wholesaler and distributor of Asian food products in the United States, was hit by ransomware. JFC...
Gootkit delivery platform Gootloader used to deliver additional payloads
The Javascript-based infection framework for the Gootkit RAT was enhanced to deliver a wider variety of malware, including ransomware. Experts...
Oxfam – 1,834,006 breached accounts
In January 2021, Oxfam Australia was the victim of a data breach which exposed 1.8M unique email addresses of supporters...
Ticketcounter – 1,921,722 breached accounts
In August 2020, the Dutch ticketing service Ticketcounter inadvertently published a database backup to a publicly accessible location where it...
Defending online anonymity and speech with Eva Galperin: Lock and Code S02E03
This week on Lock and Code, we discuss the top security headlines generated right here on Labs. In addition, we...
Tether says it is a Victim of a 500 BTC Ransom
Only days after the conclusion of its long-running fight with the Office of the Attorney General of New York, Tether...
Microsoft Lures Populate Half of Credential-Swiping Phishing Emails
According to the sources nearly half of the emails, phishing attacks in the year 2020 aimed to swipe credentials...
Russian Hackers Sabotaging Critical U.S Infrastructure
Among every state-sponsored hacking group that has attacked the U.S power grid, and went beyond to compromise American Electric Utilities,...
US Senate’s Selection Committe Raises Some Serious Concerns Regarding SolarWinds Attack
The US Senate’s select committee has blamed Russia for the massive intelligence operation that infiltrated SolarWinds, a Texas-based software company,...
Nation States Are Using Cyber Crime Groups to Carry Attacks: States Blackberry Threat Report 2021
Nation-states are employing cybercriminals for hacking activities to perpetrate assaults in order to conceal their own presence. An e-security report...
Mobile malware evolution 2020
These statistics are based on detection verdicts of Kaspersky products received from users who consented to providing statistical data. The...
Halogen – Automatically Create YARA Rules From Malicious Documents
Halogen is a tool to automate the creation of yara rules against image files embedded within a malicious document.Halogen helppython3...
StandIn – A Small .NET35/45 AD Post-Exploitation Toolkit
StandIn is a small AD post-compromise toolkit. StandIn came about because recently at xforcered we needed a .NET native solution...
How to Achieve and Maintain Continuous Cloud Compliance
This blog is part of an ongoing series sharing key takeaways from Rapid7’s 2020 Cloud Security Executive Summit. Interested in...
Intern caused ‘solarwinds123’ password leak, former SolarWinds CEO says
Top executives of the software firm SolarWinds blamed an intern for having used a weak password for several years, exposing...
ByteDance agreed to pay $92M in US privacy Settlement for TikTok data collection
ByteDance, the company behind TikTok, agreed to pay $92 million in a settlement to U.S. users for illegal data collection....
NSA embraces the Zero Trust Security Model
The National Security Agency (NSA) published a document to explain the advantages of implementing a zero-trust model. The National Security...
EU leaders aim at boosting defense and security, including cybersecurity
During a video conference of the members of the European Council, EU leaders agreed on a new strategy aimed at boosting...
