Blog
Kinsing Actors Exploiting Recent Linux Flaw to Breach Cloud Environments
The threat actors linked to Kinsing have been observed attempting to exploit the recently disclosed Linux privilege escalation flaw called Looney Tunables as part of a "new experimental campaign" designed to breach cloud environments. "Intriguingly, the attacker is...
NodeStealer Malware Hijacking Facebook Business Accounts for Malicious Ads
Compromised Facebook business accounts are being used to run bogus ads that employ "revealing photos of young women" as lures to trick victims into downloading an updated version of a malware called NodeStealer. "Clicking on ads immediately downloads an archive...
AP News Site Hit by Apparent Denial-of-Service Attack
A hacker group called Anonymous Sudan, which is believed to be linked to Russia, claimed responsibility for the attack on the AP and other news sites, but the connection has not been verified.
48 Malicious npm Packages Found Deploying Reverse Shells on Developer Systems
These packages, disguised to appear legitimate, contain obfuscated JavaScript that can deploy a reverse shell on compromised systems. The packages were published by an npm user named hktalent, with 39 still available for download.
Mortgage and Loan Giant Mr. Cooper Blames Cyberattack for Ongoing Outage
The company is actively investigating the incident to determine if any data has been compromised, but they assure customers that no fees, penalties, or negative credit reporting will be incurred.
Cybersecurity Habits and Behaviors Executives Need to be Aware of
According to a new report, many executives exhibit risky behaviors such as sharing passwords, using easy-to-guess password hacks, and accessing unauthorized work files, posing significant security risks.
Connecticut AG Demands Answers From 23andMe After Data Breach
Connecticut Attorney General William Tong has demanded answers from 23andMe regarding the breach, citing potential risks to individuals with Ashkenazi Jewish and Chinese heritage and questioning the company's compliance with data privacy regulations.
Update: Ace Hardware Says 1,202 Devices Were Hit During Cyberattack
The Ace Hardware CEO reported that out of Ace Hardware's 1,400 servers and 3,500 networked devices, 1,202 were affected by the incident. The restoration process is underway, particularly for the 196 servers crucial for the logistics operations.
Accenture Buys Innotec Security to Expand Footprint in Spain
The integration of Innotec's technology into Accenture's framework will enable the company to provide around-the-clock managed services and drive revenue and headcount growth in the Spanish market.
Researchers Discover 117 Vulnerabilities in Microsoft 365 Apps via the SketchUp 3D Library
By developing a SketchUp fuzzing harness and using a dumb file format fuzzer, 20 unique vulnerabilities, including use-after-free and stack buffer overflow, were discovered in just one month.
FREE GUIDE