Who is affected? If you were an OWASP member from 2006 to around 2014 and provided your resume as part of joining OWASP, we advise assuming your resume was part of this breach. * What data was exposed? The resumes contained names, email addresses, phone numbers, physical addresses, and other personally identifiable information.
Facebook snooped on users’ Snapchat traffic in secret project, documents reveal | TechCrunch
A secret program called "Project Ghostbusters" saw Facebook devise a way to intercept and decrypt the encrypted network traffic of Snapchat users to study their behavior.
Website networks in Europe used as tools for Russian information warfare
The Putin regime conducts large-scale propaganda not only through its state media but also through “useful idiots,” who focus on demonizing the US, EU, and NATO and have right- or left-wing views. New “multilingual international media” have emerged that write in a way that suits the Kremlin and spread pro-Russian narratives and disinformation, replacing Russia Today and Sputnik, which have received a ban in Europe.
Infostealers continue to pose threat to macOS users
Jamf Threat Labs dissects ongoing infostealer attacks targeting macOS users. Each with different means of compromising victim’s Macs but with similar aims: to steal sensitive user data.
In 2023, threat actors continued to exploit a variety of vulnerabilities — both newly discovered weaknesses and unresolved issues — to carry out sophisticated attacks on global organizations. The number of documented software vulnerabilities continued to rise, and threat actors were quick to capitalize on new vulnerabilities and leverage recent releases of publicly available vulnerability research and exploit code to target entities. However, while there was a high number of vulnerabilities released in the reporting period, only a handful actually were weaponized in attacks. The ones of most interest are those that threat actors use for exploitation. In this report, we’ll analyze the numbers and types of vulnerabilities in 2023 with a view to understanding attack trends and how organizations can better defend themselves.
Claro Company, the largest telecom operator in Central and South America, disclosed being hit by ransomware. Representatives shared this information in response to the service disruptions in several regions. From the ransom note it becomes clear that the attackers are Trigona ransomware.
CVE-2024-3094 is the new hot one and it’s extremely critical; however, impact should be limited as most normal linux distros are unaffected. Here’s some stuff to know:
From OneNote to RansomNote: An Ice Cold Intrusion - The DFIR Report
In late February 2023, threat actors rode a wave of initial access using Microsoft OneNote files. In this case, we observed a threat actor deliver IcedID using this method. After loading IcedID and establishing persistence, there was no further actions, other than beaconing for over 30 days. The threat actor used Cobalt Strike and AnyDesk to target a file server and a backup server. * The threat actor used FileZilla to exfiltrate data from the network before deploying Nokoyawa ransomware.
Les clients Apple victimes de push bombing pour réinitialiser leur identifiant
C’est un matraquage en règle pour obtenir les identifiants Apple ID auquel ont du faire face certains clients de la marque à la pomme. En effet, une vague de phishing de type « push bombing » ou de « fatigue MFA » a sévi récemment assure le site Krebs on Security. Ces techniques consistent, pour les attaquants, à envoyer de manière répétée des notifications d'authentification à deux acteurs (MFA) sur les terminaux Apple.
AT&T confirms data for 73 million customers leaked on hacker forum
AT&T has finally confirmed it is impacted by a data breach affecting 73 million current and former customers after initially denying the leaked data originated from them.
AT&T says leaked data set impacts about 73 million current, former account holders
Telecom company AT&T(T.N), opens new tab said on Saturday that it is investigating a data set released on the "dark web" about two weeks ago, and said that its preliminary analysis shows it has impacted approximately 7.6 million current account holders and 65.4 million former account holders. The company said the data set appears to be from 2019 or earlier. AT&T said it does not have evidence of unauthorized access to its systems resulting from the incident.
EU bans anonymous crypto payments to hosted wallets
In a recent regulatory development, the European Union (EU) has voted to ban cryptocurrency payments to "hosted wallets" using unidentified self-custody crypto wallets.
Key Lesson from Microsoft's Password Spray Hack: Secure Every Account
In January 2024, Microsoft discovered they'd been the victim of a hack orchestrated by Russian-state hackers Midnight Blizzard (sometimes known as Nobelium). The concerning detail about this case is how easy it was to breach the software giant. It wasn't a highly technical hack that exploited a zero-day vulnerability – the hackers used a simple password spray attack to take control of an old, inactive account. This serves as a stark reminder of the importance of password security and why organizations need to protect every user account.
Details and Lessons Learned From the Ransomware Attack on the British Library
The British Library has shared details on the destructive ransomware attack it experienced in October 2023. Although the attack on the national library of the UK occurred five months ago, the Library’s infrastructure won’t be rebuilt until mid-April 2024, and then the full restoration of systems and data can begin.
This page is short for now but it will get updated as I learn more about the incident. Most likely it will be during the first week of April 2024. The Git repositories of XZ projects are on git.tukaani.org. xz.tukaani.org DNS name (CNAME) has been removed. The XZ projects currently don’t have a home page. This will be fixed in a few days.
Les attaques informatiques contre les ENT continuent dans le Nord ...
La semaine dernière, des menaces d'attentats ont été envoyés aux élèves, aux personnels et aux familles suite au piratage de l'environnement numérique de travail de la région Ile de France. Cette fois, c'est l'académie de Lille qui est touchée, et ce dans un contexte sécuritaire inquiétant.
An online tool offers a service to obfuscate PHP code, but it also silently inserts a backdoor into the code that allows any other PHP code to be executed!
Urgent security alert for Fedora 41 and Fedora Rawhide users
Red Hat Information Risk and Security and Red Hat Product Security learned that the latest versions of the “xz” tools and libraries contain malicious code that appears to be intended to allow unauthorized access.
AI bots hallucinate software packages and devs download them
Not only that but someone, having spotted this reoccurring hallucination, had turned that made-up dependency into a real one, which was subsequently downloaded and installed thousands of times by developers as a result of the AI's bad advice, we've learned. If the package was laced with actual malware, rather than being a benign test, the results could have been disastrous.
Decade-old Linux ‘wall’ bug helps make fake SUDO prompts, steal passwords
A vulnerability has been discovered in the 'util-linux' library that could allow unprivileged users to put arbitrary text on other users' terminals using the 'wall' command.
Jeffrey Epstein's Island Visitors Exposed by Data Broker
A WIRED investigation uncovered coordinates collected by a controversial data broker that reveal sensitive information about visitors to an island once owned by Epstein, the notorious sex offender.