Month: August 2024
Take a Selfie Using a NY Surveillance Camera This site will let you take a selfie with a New York City traffic surveillance camera. Tags: cameras, cars, privacy, surveillance Posted on August 23, 2024 at 7:05 AM • 0 Comments Sidebar photo of Bruce Schneier by Joe MacInnis. Source link lol
Read More
While no active exploitation has been reported yet, SolarWinds is recommending swift patching to stay ahead of the adversaries. Zach Hanley, the vulnerability researcher credited for the discovery of the vulnerability has promised further details. “Reported a critical vulnerability to SolarWinds on Friday after digging into the recent CISA KEV CVE-2024-28986 for WebHelpDesk, amazed they’ve…
Read More
The threat actors behind a recently observed Qilin ransomware attack have stolen credentials stored in Google Chrome browsers on a small set of compromised endpoints. The use of credential harvesting in connection with a ransomware infection marks an unusual twist, and one that could have cascading consequences, cybersecurity firm Sophos said in a Thursday report.…
Read More
Social Engineering – Techniken Social Engineering hat sich für Cyberkriminelle als besonders erfolgreich erwiesen, wenn es darum geht in Unternehmen einzudringen. Sobald ein Angreifer das Passwort eines vertrauenswürdigen Mitarbeiters erbeutet hat, kann er sich damit einloggen und sensible Daten auslesen. Mit einer Zugangskarte oder einem Code, der physischen Zugang gewährt, können Cyberkriminelle sogar noch größeren…
Read More
Each cybersecurity event, whether planned or not, “offers an opportunity for all of us to find ways to build our resiliency muscle and protect our patients,” Wolfe says. “Preparation is key and each downtime event provides an opportunity to discover ways to improve our resiliency. One of the areas my team is focused on is…
Read MoreMS-ISAC ADVISORY NUMBER: 2024-092 DATE(S) ISSUED: 08/23/2024 OVERVIEW: Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated…
Read More
Aug 23, 2024Ravie LakshmananCyber Crime / Ransomware A 33-year-old Latvian national living in Moscow, Russia, has been charged in the U.S. for allegedly stealing data, extorting victims, and laundering ransom payments since August 2021. Deniss Zolotarjovs (aka Sforza_cesarini) has been charged with conspiring to commit money laundering, wire fraud and Hobbs Act extortion. He was…
Read More
Aug 23, 2024Ravie LakshmananEndpoint Security / Data Privacy Cybersecurity researchers have uncovered a new information stealer that’s designed to target Apple macOS hosts and harvest a wide range of information, underscoring how threat actors are increasingly setting their sights on the operating system. Dubbed Cthulhu Stealer, the malware has been available under a malware-as-a-service (MaaS)…
Read More
Hackers have already started to exploit the critical severity vulnerability that affects LiteSpeed Cache, a WordPress plugin used for accelerating response times, a day after technical details become public. The security issue is tracked as CVE-2024-28000 and allows escalating privileges without authentication in all versions of the WordPress plugin up to 6.3.0.1. The vulnerability stems from…
Read More
The attacks The SEC said that in the first attack in September 2022, a threat actor hijacked an email chain between the company, then known as American Stock Transfer & Trust Company, and one of its clients, pretending to be an employee of the client company, instructed American Stock Transfer to issue millions of new…
Read More