Author: nlqip
Image: MidjourneyTwo suspects were arrested in Miami this week and charged with conspiracy to steal and launder over $230 million in cryptocurrency using crypto exchanges and mixing services. The two defendants, 20-year-old Malone Lam (aka “Greavys,” “Anne Hathaway,” and “$$$”) and 21-year-old Jeandiel Serrano (aka “Box,” “VersaceGod,” and “@SkidStar”) were arrested Wednesday night by FBI…
Read More
The vendor disclosed that a ‘limited’ number of customers have been attacked through exploits of the flaw affecting its Cloud Service Appliance. Ivanti disclosed Thursday it’s aware of attacks against some customers through exploitation of a newly discovered, critical-severity vulnerability affecting its Cloud Service Appliance (CSA) gateway. It’s the second flaw in Ivanti’s CSA gateway…
Read More
Microsoft is testing a new feature in the Edge browser called the “extension performance detector,” which warns you when browser extensions cause performance issues on web pages you visit. When browser extensions are installed, they commonly process pages visited to perform additional functionality. However, this can also use a lot of memory, which can cause…
Read More
In an interview with CRN, Sophos CEO Joe Levy discusses the future of the Windows kernel and endpoint security after attending the recent Microsoft-hosted summit of EDR vendors. Microsoft continues to signal it has no intention of restricting Windows kernel access to endpoint security vendors in the wake of the massive CrowdStrike-caused outage in July,…
Read More
Many GitHub users this week received a novel phishing email warning of critical security holes in their code. Those who clicked the link for details were asked to distinguish themselves from bots by pressing a combination of keyboard keys that causes Microsoft Windows to download password-stealing malware. While it’s unlikely that many programmers fell for…
Read More
Internet intelligence firm GreyNoise reports that it has been tracking large waves of “Noise Storms” containing spoofed internet traffic since January 2020. However, despite extensive analysis, it has not concluded its origin and purpose. […] Source link lol
Read More
The Tor Project is attempting to assure users that the network is still safe after a recent investigative report warned that law enforcement from Germany and other countries are working together to deanonymize users through timing attacks. The team behind the specialized web browser claims that adequate protections are in place for those using the…
Read MoreCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-8963 Ivanti Cloud Services Appliance (CSA) Path Traversal Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk…
Read More
Introduction Welcome to the August 2024 installment of the Sensor Intelligence Series, our monthly summary of vulnerability intelligence based on distributed passive sensor data. Last month, we observed the scanning for CVE-2017-9841 fell sharply, and this month is no different, with scanning for that vulnerability falling another 79% from July’s rate. Overall, it’s down 97.4%…
Read MoreVMware released a security advisory addressing vulnerabilities in the VMware Cloud Foundation and the vCenter Server. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following VMware security advisory and apply the necessary updates: Source link lol
Read More