-
BeanVPN leaks 25 million user records
PRIVACY PRIVACY The cache of 18.5GB connection logs allegedly contained more than 25 million records Read More
-
SAP Patches Critical NetWeaver and ABAP Platform Vulnerabilities
PRIVACY PRIVACY SAP confirmed most of the vulnerabilities have now available fixes, and advised companies to update their systems as soon as possible. Read More
-
New peer-to-peer botnet Panchan hijacks Linux servers
PRIVACY PRIVACY Researchers warn of a new worm that’s infecting Linux servers by brute-forcing and stealing SSH credentials. The hijacked servers are joined in a botnet and are used to mine cryptocurrency by loading mining programs directly in memory with no files on disk. Dubbed Panchan by researchers from Akamai, the malware is written in…
-
US Researchers Spot New Hertzbleed Flaw Affecting AMD and Intel CPUs
PRIVACY PRIVACY New side-channel attacks reportedly use frequency side channels to extract cryptographic keys Read More
-
M1 Chip Vulnerability
PRIVACY PRIVACY This is a new vulnerability against Apple’s M1 chip. Researchers say that it is unpatchable. Researchers from MIT’s Computer Science and Artificial Intelligence Laboratory, however, have created a novel hardware attack, which combines memory corruption and speculative execution attacks to sidestep the security feature. The attack shows that pointer authentication can be defeated…
-
DDoS-for-hire service which bombarded websites with attacks earns man two years in prison
PRIVACY PRIVACY The US authorities have sentenced a man to 24 months in a federal prison after he was found to have run a DDoS-for-hire service that knocked websites off the internet. Read more in my article on the Hot for Security blog. Read More
-
Can global recruitment solve the cybersecurity hiring problem?
PRIVACY PRIVACY This blog was written by an independent guest blogger. It’s well known that there’s a pervasive cybersecurity skills shortage. The problem has multiple ramifications. Current cybersecurity teams often deal with consistently heavy workloads and don’t have time to deal with all issues appropriately. The skills shortage also means people who need cybersecurity talent…
-
How to mitigate Active Directory attacks that use the KrbRelayUp toolset
PRIVACY PRIVACY Those of you with on-premises Active Directory (AD) need to be aware of a new way to abuse Kerberos in your network. KrbRelayUp is a bundle of tools that streamlines the use of some features in Rubeus, KrbRelay, SCMUACBypass, PowerMad/SharpMad, Whisker, and ADCSPwn. Attackers use the toolset to impersonate an administrator via resource-based…
-
BNPL Fraud Alert as Account Takeovers Surge
PRIVACY PRIVACY Buy now, pay later services represent an increasingly attractive target Read More
-
Privacy Watchdog Boosts Legal Funds by Keeping Millions in Fines
PRIVACY PRIVACY Information Commissioner’s Office says extra money is essential Read More