Infosec News Feed

An aggregated list of cybersecurity publications

2023-06-01 17:17:00 UTC

Dark Reading

Sustained 'Red Deer' Phishing Attacks Impersonate Israel Post, Drop RATs

The "missed package" phishing messages, likely the work of a hacking-for-hire group, bounds into inboxes, bearing ASyncRAT.

2023-06-01 17:00:00 UTC

Dark Reading

Google Drive Deficiency Allows Attackers to Exfiltrate Workspace Data Without a Trace

No activity logging in the free subscription for Google's Web-based productivity suite exposes enterprises to insider and other threats, researchers say.

2023-06-01 17:00:00 UTC

Dark Reading

Where SBOMs Stand Today

It's been two years since Executive Order 14028. By using SBOMs as a standard, organizations can manage software risks, protect their reputation, and improve their cybersecurity posture.

2023-06-01 16:47:00 UTC

Dark Reading

Novel PyPI Malware Uses Compiled Python Bytecode to Evade Detection

In an already fraught environment surrounding the popular Python programming language software package manager, hackers are coming up with new ways to sneak malicious goodies past cybersecurity buffers.

2023-06-01 16:45:00 UTC

Naked Security | Sophos

S3 Ep137: 16th century crypto skullduggery

Lots to learn, clearly explained in plain English... listen now! (Full transcript inside.)

Data Loss Law & Order Podcast Ransomware Vulnerability Bust Crypto Cryptography CVE-2023-32784 Cybercrime KeePass Oauth

2023-06-01 16:15:00 UTC

Krebs on Security

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Code-signing certificates are supposed to help authenticate the identity of software publishers, and provide cryptographic assurance that a signed piece of software has not been altered or tampered with. Both of these qualities make stolen or ill-gotten code-signing certificates attractive to cybercriminal groups, who prize their ability to add stealth and longevity to malicious software. This post is a deep dive on "Megatraffer," a veteran Russian hacker who has practically cornered the underground market for malware focused code-signing certificates since 2015.

Breadcrumbs Ne'er-Do-Well News 165540027 774748@gmail.com Akafitis@gmail.com Code-signing Certificates Constella Intelligence DomainTools.com Featar24 Fitis Flashpoint Glavmed Intel 471 Konstantin Evgenievich Fetisov Megatraffer O.R.Z. Spamit Spampage@yandex.ru

2023-06-01 15:50:00 UTC

Dark Reading

Biometric Bypass: BrutePrint Makes Short Work of Fingerprint Security

Bugs in the biometric protections on Android phones and iPhones allow the limit on the number of tries to unlock the devices with a fingerprint can be bypassed, allowing automated brute-force attacks.

2023-06-01 15:24:00 UTC

HackRead

Amazon fined $31 million over privacy breaches, including snooping on kids

By Habiba Rashid

The case involves Amazon's settlement with the FTC over security and privacy violations committed by its subsidiaries, Ring and Alexa.

This is a post from HackRead.com Read the original post: Amazon fined $31 million over privacy breaches, including snooping on kids

Surveillance Privacy Alexa Amazon FTC IoT Ring Security Spying

2023-06-01 13:32:00 UTC

Dark Reading

SolarWinds Transforms Brand to Signify Ongoing Evolution, Portfolio Expansion, and Customer Empowerment

Refreshed version of iconic SolarWinds logo and vibrant new brand color palette honor company’s historic success while highlighting future vision.

2023-06-01 13:00:00 UTC

Dark Reading

Top MacOS Malware Threats Proliferate: Here Are 6 to Watch

Apple's growing market share — in a shrinking PC market — and the growing use of Golang for malware development is pushing a gradual increase in malicious tools targeting macOS environments.

‹
1
2
3
4
5
6
7
8
9
10
...
2210
2211
›

Tweets by BreachAware

SUPPORT

ABOUT

LEGAL

Infosec News Feed

Get in touch with the BreachAware team