Update your Android: Google patches two zero-day vulnerabilities
Google has released patches for two zero-days and a lot of other high level vulnerabilities.
Read moreBengal cat lovers in Australia get psspsspss’d in Google-driven Gootloader campaign
Credit to Author: gallagherseanm| Date: Wed, 06 Nov 2024 11:30:41 +0000
The Internet is full of cats—and in this case, malware-delivering fake cat websites used for very targeted search engine optimization.
Read moreCanadian Man Arrested in Snowflake Data Extortions
Credit to Author: BrianKrebs| Date: Tue, 05 Nov 2024 17:10:04 +0000
A 26-year-old man in Ontario, Canada has been arrested for allegedly stealing data from and extorting more than 160 companies that used the cloud data service Snowflake. On October 30, Canadian authorities arrested Alexander Moucka, a.k.a. Connor Riley Moucka of Kitchener, Ontario, on a provisional arrest warrant from the United States. Bloomberg first reported Moucka’s alleged ties to the Snowflake hacks on Monday. At the end of 2023, malicious hackers learned that many large companies had uploaded huge volumes of sensitive customer data to Snowflake accounts that were protected with little more than a username and password (no multi-factor authentication required). After scouring darknet markets for stolen Snowflake account credentials, the hackers began raiding the data storage repositories used by some of the world’s largest corporations.
Read moreWarning: Hackers could take over your email account by stealing cookies, even if you have MFA
The FBI has issued a warning that cybercriminals are taking over email accounts via stolen session cookies, whether or not someone has set up MFA.
Read moreHow Microsoft Defender for Office 365 innovated to address QR code phishing attacks
Credit to Author: Ramya Chitrakar| Date: Mon, 04 Nov 2024 17:00:00 +0000
This blog examines the impact of QR code phishing campaigns and the innovative features of Microsoft Defender for Office 365 that help combat evolving cyberthreats.
The post How Microsoft Defender for Office 365 innovated to address QR code phishing attacks appeared first on Microsoft Security Blog.
Read moreWhy your vote can’t be “hacked,” with Cait Conley of CISA (Lock and Code S05E23)
This week on the Lock and Code podcast, we speak with Cait Conley about CISA’s election security measures and why your vote can’t be hacked.
Read moreCity of Columbus breach affects around half a million citizens
A ransomware attack against the City of Columbus, Ohio—which drew public scrutiny following the city government’s attempt to silence a researcher…
Read moreCrooks bank on Microsoft’s search engine to phish customers
If you searched for your bank’s login page via Bing recently, you may have visited a fraudulent website enabling criminals to get your credentials and even your two-factor security code.
Read moreInside the Massive Crime Industry That’s Hacking Billion-Dollar Companies
Credit to Author: Joseph Cox| Date: Mon, 04 Nov 2024 11:00:00 +0000
When you download a piece of pirated software, you might also be getting a piece of infostealer malware, and entering a highly complex hacking ecosystem that’s fueling some of the biggest breaches on the planet.
Read moreFake LockBit, Real Damage: Ransomware Samples Abuse Amazon S3 to Steal Data
Credit to Author: Jaromir Horejsi| Date: Wed, 16 Oct 2024 00:00:00 +0000
This article uncovers a Golang ransomware abusing Amazon S3 for data theft, and masking as LockBit to further pressure victims. The discovery of hard-coded AWS credentials in these samples led to AWS account suspensions.
Read more