MrGoat🐐🇮🇱🇺🇦
Orbital Beam Control Tower
🐐✔
Joined Nov 2020
Microsoft still unsure how hackers stole MSA key in 2023 Exchange attack #infosec #technews
https://www.bleepingcomputer.com/news/security/microsoft-still-unsure-how-hackers-stole-msa-key-in-2023-exchange-attack/
WP Fastest Cache plugin bug exposes 600K WordPress sites to attacks
Today, the WPScan team from Automattic disclosed the details of an SQL injection vulnerability, tracked as CVE-2023-6063 and with a high-severity score of 8.6, impacting all versions of the plugin before 1.2.2.
#Infosec
https://www.bleepingcomputer.com/news/security/wp-fastest-cache-plugin-bug-exposes-600k-wordpress-sites-to-attacks/
The U.S. Department of Justice announced today that Federal Bureau of Investigation took down the network and infrastructure of a botnet proxy service called IPStorm.
IPStorm enabled cybercriminals to run malicious traffic anonymously through Windows, Linux, Mac, and Android devices all over the world.
Security News This Week: US Congress Targeted With Predator Spyware
Plus: Hamas raised millions in crypto, Exxon used hacked data, and more.
Golf gear giant Callaway data breach exposes info of 1.1 million
Sourcegraph website breached using leaked admin access token
Forever 21 data breach: hackers accessed info of 500,000
LogicMonitor customers hacked in reported ransomware attacks
Data Loss - Ransomware Attacks kill information stored - HUGE OOF
#InfoSec
#ComputerNews
Akira ransomware targets Cisco VPNs to breach organizations
https://www.bleepingcomputer.com/news/security/akira-ransomware-targets-cisco-vpns-to-breach-organizations/
#InfoSec New HiatusRAT malware attacks target US Defense Department
#ComputerNews
https://www.bleepingcomputer.com/news/security/new-hiatusrat-malware-attacks-target-us-defense-department/
GitHub warns of Lazarus hackers targeting devs with malicious projects
#InfoSec
https://www.bleepingcomputer.com/news/security/github-warns-of-lazarus-hackers-targeting-devs-with-malicious-projects/
FBI seizes 13 more domains linked to DDoS-for-hire services
Android apps digitally signed by China’s third-biggest e-commerce company exploited a zero-day vulnerability that allowed them to surreptitiously take control of millions of end-user devices to steal personal data and install malicious apps, researchers from security firm Lookout have confirmed.
#Infosec
A bored hacktivist browsing an unsecured airline server stumbled upon national security secrets including the FBI's 'no fly' list. She says what she found reveals a 'perverse outgrowth of the surveillance state.'
Microsoft’s new #AI can simulate anyone’s voice with 3 seconds of audio
A new attack method named COVID-bit uses electromagnetic waves to transmit data from air-gapped systems, which are isolated from the internet, over a distance of at least two meters (6.5 ft), where it's captured by a receiver.
The information emanating from the isolated device could be picked up by a nearby smartphone or laptop, even if a wall separates the two.
#InfoSec #DataTheft
https://www.bleepingcomputer.com/news/security/air-gapped-pcs-vulnerable-to-data-theft-via-power-supply-radiation/
If you use LastPass
They have been breached, again.
https://www.npr.org/2022/12/01/1140076375/major-password-manager-lastpass-suffered-a-breach-again
New RansomExx Ransomware Variant Rewritten in the Rust Programming Language
Source 1: https://thehackernews.com/2022/11/new-ransomexx-ransomware-variant.html
42,000 Sites used in
A malicious for-profit group named 'Fangxiao' has created a massive network of over 42,000 web domains that impersonate well-known brands to redirect users to sites promoting adware apps, dating sites, or 'free' giveaways.
#InfoSec Book of Faces fined for DATA scraping in the EU.
https://www.engadget.com/meta-fined-265-million-euros-over-data-scraping-142937633.html
#InfoSec 2021 Dec BirdSite Data Breach. Pretty big.
#Security #DataBreach https://www.bleepingcomputer.com/news/security/54-million-twitter-users-stolen-data-leaked-online-more-shared-privately/
MrGoat🐐🇮🇱🇺🇦
Orbital Beam Control Tower
🐐✔
Joined Nov 2020