Author: nlqip
Oct 21, 2024Ravie LakshmananEncryption / Data Protection Cybersecurity researchers have discovered severe cryptographic issues in various end-to-end encrypted (E2EE) cloud storage platforms that could be exploited to leak sensitive data. “The vulnerabilities range in severity: in many cases a malicious server can inject files, tamper with file data, and even gain direct access to plaintext,”…
Read MoreSeveral end-to-end encrypted (E2EE) cloud storage platforms are vulnerable to a set of security issues that could expose user data to malicious actors. Cryptographic analysis from ETH Zurich researchers Jonas Hofmann and Kien Tuong Turong revealed issue with Sync, pCloud, Icedrive, Seafile, and Tresorit services, collectively used by more than 22 million people. The analysis…
Read MoreThe Internet Archive was breached again, this time on their Zendesk email support platform after repeated warnings that threat actors stole exposed GitLab authentication tokens. Since last night, BleepingComputer has received numerous messages from people who received replies to their old Internet Archive removal requests, warning that the organization has been breached as they did…
Read MoreOct 20, 2024Ravie LakshmananVulnerability / Email Security Unknown threat actors have been observed attempting to exploit a now-patched security flaw in the open-source Roundcube webmail software as part of a phishing attack designed to steal user credentials. Russian cybersecurity company Positive Technologies said it discovered last month that an email was sent to an unspecified…
Read MoreA threat actor called “IntelBroker” posted an advertisement on a dark web forum for the sale of information stolen from Cisco. The actor claimed that the data from this breach contains sensitive information such as GitHub projects, source code, credentials, certificates, access to cloud storage buckets, and more. On October 15, 2024 Cisco released a…
Read MoreMicrosoft is using deceptive tactics against phishing actors by spawning realistic-looking honeypot tenants with access to Azure and lure cybercriminals in to collect intelligence about them. With the collected data, Microsoft can map malicious infrastructure, gain a deeper understanding of sophisticated phishing operations, disrupt campaigns at scale, identify cybercriminals, and significantly slow down their activity. The…
Read MoreIt’s true: Google Scholar profile of the renowned former physicist and polymath, Sir Isaac Newton bears a “verified email” note. According to Google Scholar, Isaac Newton is a “Professor of Physics, MIT” with a “Verified email at mit.edu.” The mystery of ‘verified’ scholar Isaac Newton Earlier this week, Jay Cummings, a math professor at California State University, Sacramento, and a…
Read MoreA threat actor advertised 3.4 million pieces of PII data of Pakistani government website “Benazir Income Support Program Government of Pakistan” (bisp.gov.pk). The advertisement shared in a Telegram group. It was claimed that the data included information such as full address, father’s name, mobile number, gender, as can be seen below. Like this: Like Loading… Related…
Read MoreMicrosoft has admitted to a significant lapse in its cloud security logging, leaving customers vulnerable to undetected intrusions for over two weeks. A bug in the company’s internal monitoring system resulted in the loss of critical security logs between September 2nd and 19th. This incident affects several key Microsoft cloud products, including Entra, Sentinel, Defender…
Read MoreAccess Denied You don’t have permission to access “http://cybersecurity.att.com/blogs/security-essentials/celebrating-internet-day-the-tech-trifecta-shaping-our-digital-future” on this server. Reference #18.c7d7ce17.1729332260.24e72338 https://errors.edgesuite.net/18.c7d7ce17.1729332260.24e72338 Source link lol
Read MoreRecent Posts
- Hackers abuse Avast anti-rootkit driver to disable defenses
- Microsoft testing Windows 11 support for third-party passkeys
- Windows 11 24H2 update blocked on PCs with Assassin’s Creed, Star Wars Outlaws
- Windows 10 KB5046714 update fixes bug preventing app uninstalls
- Eight Key Takeaways From Kyndryl’s First Investor Day