lemmydev2

joined 2 years ago
sorted by: new top controversial old
1
Microsoft revokes 200+ certificates abused by Vanilla Tempest in fake Teams campaign (securityaffairs.com)
 

Microsoft revoked 200+ certificates used by Vanilla Tempest to sign fake Teams installers spreading Oyster backdoor and Rhysida ransomware. Microsoft revoked over 200 certificates used by the cybercrime group Vanilla Tempest (aka VICE SPIDER and Vice Society) to sign fake Teams installers spreading the Oyster backdoor and Rhysida ransomware. The threat actor has been active […]

1
Europol dismantles SIM box operation renting numbers for cybercrime (www.bleepingcomputer.com)
 

European law enforcement in an operation codenamed 'SIMCARTEL' has dismantled an illegal SIM-box service that enabled more than 3,200 fraud cases and caused at least 4.5 million euros in losses. [...]

1
SpaceX’s Secret ‘Starshield’ Satellites Caught Using Unauthorized Frequencies (gizmodo.com)
 

The Starshield constellation was caught using an unauthorized frequency to send data to Earth.

1
How I Almost Got Hacked By A 'Job Interview' (blog.daviddodda.com)
 

Comments

1
How I Reversed Amazon's Kindle Web Obfuscation Because Their App Sucked (blog.pixelmelt.dev)
 

Comments

1
Hackers Dox Hundreds of DHS, ICE, FBI, and DOJ Officials (www.404media.co)
 

Scattered LAPSUS$ Hunters—one of the latest amalgamations of typically young, reckless, and English-speaking hackers—posted the apparent phone numbers and addresses of hundreds of government officials, including nearly 700 from DHS.

1
Auction house Sotheby's finds its data on the block after cyberattack (www.theregister.com)
 

Alert says financial account information lifted from systems Auction house Sotheby's says it was breached on July 24, and those behind the intrusion stole an unspecified amount of data, including Social Security numbers and financial account information.…

1
77% of security leaders say they'd fire staff who fall for phishing scams, even though they've done the same thing (www.itpro.com)
 

A new report uncovers worrying complacency amongst IT and security leaders

1
LinkPro Linux Rootkit Uses eBPF to Hide and Activates via Magic TCP Packets (thehackernews.com)
 

An investigation into the compromise of an Amazon Web Services (AWS)-hosted infrastructure has led to the discovery of a new GNU/Linux rootkit dubbed LinkPro, according to findings from Synacktiv. "This backdoor features functionalities relying on the installation of two eBPF [extended Berkeley Packet Filter] modules, on the one hand to conceal itself, and on the other hand to be remotely

1
Hackers exploit Cisco SNMP flaw to deploy rootkit on switches (www.bleepingcomputer.com)
 

Threat actors exploited a recently patched remote code execution vulnerability (CVE-2025-20352) in older, unprotected Cisco networking devices to deploy a Linux rootkit and gain persistent access. [...]

1
Vulnerability scores, huh, what are they good for? Almost nothing (www.theregister.com)
 

CVE and CVSS systems suffer from misaligned incentives and inconsistency Aram Hovespyan, co-founder and CEO of security biz Codific, says that the rating systems for identifying security vulnerabilities and assessing threat risk need to be overhauled.…

1
Nation-state hackers deliver malware from “bulletproof” blockchains (arstechnica.com)
 

Malicious payloads stored on Ethereum and BNB blockchains are immune to takedowns.

view more: next ›