Cybersecurity

Cybersecurity kid • 14 hours ago • 100%

TfL requires in-person password resets for 30,000 employees after hack https://www.bleepingcomputer.com/news/security/tfl-requires-in-person-password-resets-for-30-000-employees-after-hack/

Cybersecurity kid • 14 hours ago • 100%

Cybercriminals Exploit HTTP Headers for Credential Theft via Large-Scale Phishing Attacks thehackernews.com

Cybersecurity kid • 14 hours ago • 100%

Windows vulnerability abused braille “spaces” in zero-day attacks https://www.bleepingcomputer.com/news/security/windows-vulnerability-abused-braille-spaces-in-zero-day-attacks/

Cybersecurity BrikoX • 3 days ago • 98%

1.3 million Android-based TV boxes backdoored; researchers still don’t know how arstechnica.com

> Infection corrals devices running AOSP-based firmware into a botnet.

Cybersecurity kid • 4 days ago • 100%

Citrix Workspace App Vulnerable to Privilege Escalation Attacks https://gbhackers.com/citrix-workspace-app-vulnerable/

Cybersecurity BrikoX • 3 days ago • 98%

North Korean hackers target Python devs with malware disguised as coding tests — hack has been underway for a year www.tomshardware.com

> Fake Python job opportunities used to attack programmers

Cybersecurity kid • 3 days ago • 100%

Apple Vision Pro Vulnerability Exposed Virtual Keyboard Inputs to Attackers thehackernews.com

Cybersecurity kid • 4 days ago • 100%

New Linux Malware Campaign Exploits Oracle Weblogic to Mine Cryptocurrency thehackernews.com

Cybersecurity kid • 4 days ago • 97%

Fortinet confirms data breach after hacker claims to steal 440GB of files https://www.bleepingcomputer.com/news/security/fortinet-confirms-data-breach-after-hacker-claims-to-steal-440gb-of-files/

Cybersecurity BrikoX • 5 days ago • 96%

Apple Vision Pro’s Eye Tracking Exposed What People Type www.wired.com

> The Vision Pro uses 3D avatars on calls and for streaming. These researchers used eye tracking to work out the passwords and PINs people typed with their avatars. Archived version: https://web.archive.org/web/20240912100207/https://www.wired.com/story/apple-vision-pro-persona-eye-tracking-spy-typing/

Cybersecurity kid • 4 days ago • 93%

New Vo1d Malware Infects 1.3 Million Android TV Boxes Worldwide thehackernews.com

Cybersecurity kid • 3 days ago • 100%

Ivanti warns high severity CSA flaw is now exploited in attacks https://www.bleepingcomputer.com/news/security/ivanti-warns-high-severity-csa-flaw-is-now-exploited-in-attacks/

Cybersecurity kid • 6 days ago • 98%

Rogue WHOIS server gives researcher superpowers no one should ever have arstechnica.com

Cybersecurity kid • 4 days ago • 100%

Transport for London confirms customer data stolen in cyberattack https://www.bleepingcomputer.com/news/security/transport-for-london-confirms-customer-data-stolen-in-cyberattack/

Cybersecurity BrikoX • 5 days ago • 100%

As quantum computing threats loom, Microsoft updates its core crypto library arstechnica.com

> Two algorithms added so far, two more planned in the coming months.

Cybersecurity kid • 5 days ago • 100%

Amateurish 'CosmicBeetle' Ransomware Stings Turkish SMBs www.darkreading.com

Cybersecurity kid • 1 week ago • 96%

New RAMBO Attack Uses RAM Radio Signals to Steal Data from Air-Gapped Networks thehackernews.com

Cybersecurity kid • 6 days ago • 96%

New PIXHELL Attack Exploits Screen Noise to Exfiltrates Data from Air-Gapped Computers thehackernews.com

Cybersecurity BrikoX • 6 days ago • 100%

Bug Left Some Windows PCs Dangerously Unpatched https://krebsonsecurity.com/2024/09/bug-left-some-windows-pcs-dangerously-unpatched/

> Microsoft Corp. today released updates to fix at least 79 security vulnerabilities in its Windows operating systems and related software, including multiple flaws that are already showing up in active attacks. Microsoft also corrected a critical bug that has caused some Windows 10 PCs to remain dangerously unpatched against actively exploited vulnerabilities for several months this year.

Cybersecurity kid • 6 days ago • 100%

Microsoft Discloses 4 Zero-Days in September Update www.darkreading.com

Cybersecurity kid • 7 days ago • 100%

U.S. CISA adds SonicWall SonicOS, ImageMagick and Linux Kernel bugs to its Known Exploited Vulnerabilities catalog securityaffairs.com

Cybersecurity kid • 1 week ago • 100%

300K Victims Compromised in Avis Car Rental Breach www.darkreading.com

Cybersecurity kid • 6 days ago • 100%

Quad7 botnet evolves to more stealthy tactics to evade detection securityaffairs.com

Cybersecurity kid • 7 days ago • 97%

Poland thwarted cyberattacks that were carried out by Russia and Belarus securityaffairs.com

Cybersecurity kid • 6 days ago • 100%

New RansomHub Attack Killing Kaspersky’s TDSSKiller To Disable EDR https://gbhackers.com/ransomhub-disables-edr/

Cybersecurity kid • 6 days ago • 100%

DockerSpy: Search for images on Docker Hub, extract sensitive information - Help Net Security www.helpnetsecurity.com

Cybersecurity kid • 7 days ago • 100%

New Android SpyAgent Malware Uses OCR to Steal Crypto Wallet Recovery Keys thehackernews.com

Cybersecurity kid • 6 days ago • 93%

Microsoft to start force-upgrading Windows 22H2 systems next month https://www.bleepingcomputer.com/news/microsoft/microsoft-to-start-force-upgrading-windows-22h2-systems-next-month/

Cybersecurity kid • 7 days ago • 100%

Threat Actors Allegedly Claiming Leak of Capgemini Data https://gbhackers.com/allegedly-claiming-leak-capgemini-data/

Cybersecurity kid • 1 week ago • 100%

Predator spyware operation is back with a new infrastructure securityaffairs.com

Cybersecurity kid • 1 week ago • 92%

Meta fixes easily bypassed WhatsApp ‘View Once’ privacy feature https://www.bleepingcomputer.com/news/security/meta-fixes-easily-bypassed-whatsapp-view-once-privacy-feature/

Cybersecurity kid • 1 week ago • 100%

TIDRONE APT targets drone manufacturers in Taiwan securityaffairs.com

Cybersecurity kid • 1 week ago • 100%

Chinese Hackers Exploit Visual Studio Code in Southeast Asian Cyberattacks thehackernews.com

Cybersecurity BrikoX • 1 week ago • 100%

FreeBSD Gets €686,400 to Boost Security Features www.darkreading.com

> The funds from Germany’s Sovereign Tech Fund will be used to integrate security features such as zero trust capabilities and tools for software bill of materials.

Cybersecurity BrikoX • 1 week ago • 98%

Found: 280 Android apps that use OCR to steal cryptocurrency credentials arstechnica.com

> Optical Character Recognition converts passwords shown in images to machine-readable text. McAfee blog: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/new-android-spyagent-campaign-steals-crypto-credentials-via-image-recognition/

Cybersecurity kid • 2 weeks ago • 100%

Critical Security Flaw Found in LiteSpeed Cache Plugin for WordPress thehackernews.com

Cybersecurity kid • 2 weeks ago • 90%

Chinese 'Tropic Trooper' APT Targets Mideast Governments www.darkreading.com

Cybersecurity kid • 2 weeks ago • 100%

SonicWall Access Control Vulnerability Exploited in the Wild https://gbhackers.com/sonicwall-access-control-vulnerability/

Cybersecurity kid • 2 weeks ago • 94%

Russia APT28 Cyber Attacks German Air Traffic Control www.cybersecurity-insiders.com

Cybersecurity BrikoX • 2 weeks ago • 100%

Zyxel warns of vulnerabilities in a wide range of its products arstechnica.com

> Most serious vulnerabilities carry severity ratings of 9.8 and 8.1 out of a possible 10.