News
-
Hackers Use DNS Tunneling to Scan and Track Victims
Palo Alto Networks warns threat actors are using DNS tunneling techniques to probe for network vulnerabilities Read More
-
FCC Names and Shames First Robocall Threat Actor
In a first, the FCC has designated “Royal Tiger” as a malicious robocall threat group Read More
-
Prison for cybersecurity expert selling private videos from inside 400,000 homes
A Korean cybersecurity expert has been sentenced to prison for illegally accessing and distributing private photos and videos from vulnerable “wallpad” cameras in 400,000 private households. Read more in my article on the Hot for Security blog. Read More
-
Critical Vulnerabilities in Cinterion Modems Exposed
The flaws include CVE-2023-47610, a security weakness within the modem’s SUPL message handlers Read More
-
Mallox Ransomware Deployed Via MS-SQL Honeypot Attack
Analyzing Mallox samples, Sekoia identified two distinct affiliates using different approaches Read More
-
How to Stop Phone Spoofing
From impersonating police officers in Pennsylvania to employees of the City of San Antonio, scammers have been impersonating officials nationwide in order to scam people. A nurse in New York even lost her life savings to a spoofing scam. Phone spoofing is a technique used by callers to disguise their true identity and phone number…
-
Ascension Ransomware Attack Diverts Ambulances, Delays Appointments
A ransomware attack on US private healthcare provider Ascension has disrupted patient care, with several hospitals currently on diversion Read More
-
How Did Authorities Identify the Alleged Lockbit Boss?
Last week, the United States joined the U.K. and Australia in sanctioning and charging a Russian man named Dmitry Yuryevich Khoroshev as the leader of the infamous LockBit ransomware group. LockBit’s leader “LockBitSupp” claims the feds named the wrong guy, saying the charges don’t explain how they connected him to Khoroshev. This post examines the…
-
LLMs’ Data-Control Path Insecurity
Back in the 1960s, if you played a 2,600Hz tone into an AT&T pay phone, you could make calls without paying. A phone hacker named John Draper noticed that the plastic whistle that came free in a box of Captain Crunch cereal worked to make the right sound. That became his hacker name, and everyone…
-
2024 RSA Recap: Allow us to Reintroduce Ourselves
The 2024 RSA Conference has officially wrapped, and this year’s event served as the perfect backdrop for us to make our re-introduction to the industry. Introducing LevelBlue, the Trusted Cybersecurity Advisors On day one of RSA, we officially announced the launch of LevelBlue, formerly known as AT&T Cybersecurity. Signifying an exciting new start for the…