There have been multiple accounts created with the sole purpose of posting advertisement posts or replies containing unsolicited advertising.

Accounts which solely post advertisements, or persistently post them may be terminated.

securitynews

This magazine is from a federated server and may be incomplete. Browse more on the original instance.

0nekoneko7 OP , in International Malware Takedown Seized 100+ Servers
@0nekoneko7@lemmy.world avatar
maculata , in International Malware Takedown Seized 100+ Servers

I wonder who does the graphics / logos for these operations, and why.

delirious_owl , in CISA warns of actively exploited Linux privilege elevation flaw
@delirious_owl@discuss.online avatar

The high-severity flaw tracked as CVE-2024-1086 was first disclosed on January 31, 2024

While most Linux distrobutions pushed out fixes fairly quickly, Red Hat had not pushed out a fix until March

autotldr Bot , in US senator claims UnitedHealth's CEO, board appointed 'unqualified' CISO

This is the best summary I could come up with:


Wyden lambasted UHG in a letter sent to Lina Khan and Gary Gensler, chairs of the FTC and SEC respectively, imploring the regulators to investigate the healthcare company’s many failures leading up to the ransomware attack that downed services across the US.

Martin was hired by UHG in 2020 originally as its exec veep of enterprise tech after previously holding the role of acting CEO at GE Digital.

One such critic is Tom Kellermann, SVP of cyber strategy at Contrast Security, who previously told The Register: "I’m blown away by the fact that they weren’t using multi-factor authentication.

Wyden went on to say that even with MFA not being deployed across the entirety of UHG’s IT estate, it probably isn’t the only cybersecurity failing that turned it from an organization that was merely targeted by cybercriminals, to one that was floored by ransomware.

In calling for a full regulatory investigation, Wyden pointed to two historical cases that led to sanctions against companies that were found to have taken a lax approach to data security.

“Accordingly, I urge the FTC and SEC to investigate UHG’s numerous cybersecurity and technology failures, to determine if any federal laws under your jurisdiction were broken, and, as appropriate, hold these senior officials accountable.”


The original article contains 809 words, the summary contains 208 words. Saved 74%. I’m a bot and I’m open source!

autotldr Bot , in BreachForums returns just weeks after FBI-led takedown

This is the best summary I could come up with:


Additionally, the souk, where ransomware operators and other miscreants trade pilfered information, showed profile pics of admins Baphomet and ShinyHunters behind bars, which several infosec spectators took to mean that both had been cuffed.

Meanwhile, there has been no official statement from the US Department of Justice or the FBI about the takedown — which is unusual, compared to other high-profile cybercrime busts over the past couple of years.

This particular dark-web souk has been an ongoing thorn in the side for police over the past couple of years, with BreachForums taking over after a similar operation shut down RaidForums in 2022.

“The reconstitution of Breach Forums is not surprising,” said Austin Berglas, also a former FBI agent who now works as global head of professional services at BlueVoyant.

Ensuring that all personnel with access are in custody and offline, identifying and seizing critical infrastructure to include the removal of the entire financial, technical, and communication network is necessary to dismantle and severely limit the ability to reconstitute," he told The Register.

Berglas is a former assistant special agent in charge of the FBI’s New York Office Cyber Branch, and during his tenure the bureau dismantled LulzSec, a group linked to Anonymous, and arrested its leader Sabu in June 2011.


The original article contains 566 words, the summary contains 209 words. Saved 63%. I’m a bot and I’m open source!

coffinwood , in Russian Hackers Use Legit Remote Monitoring Software to Spy on Ukraine and Allies

The info graphic looks like the 🥴 emoji

Arbiter , in Russian Hackers Use Legit Remote Monitoring Software to Spy on Ukraine and Allies

Remote monitoring software is just spyware you control.

0nekoneko7 OP , in Pakistan’s Islamabad’s Safe City Authority Online System Down After Hack
@0nekoneko7@lemmy.world avatar

“While the system’s firewall did issue an alert upon detecting the intrusion, the absence of backup servers and contingency plans forced a complete shutdown of the affected software and applications.”

https://lemmy.world/pictrs/image/9093dcee-dab1-4544-905e-48e333a4629f.jpeg

EmperorHenry , in Cybercriminals Exploit Cloud Storage For SMS Phishing Scams
@EmperorHenry@infosec.pub avatar

yet another reason why it should be mandatory for all cloud storage services to be E2EE

kn33 ,

How would that help?

EmperorHenry ,
@EmperorHenry@infosec.pub avatar

If everyone’s storage is encrypted with a different key it will be significantly harder to steal shit.

But it seems this post was about phishing scams.

hitmyspot , in Hacker defaces spyware app’s site, dumps database and source code

Also worth noting that Wyndham hotels were leaking guest data by using it.

applepie ,

Sounds like some strong executive leadership strikes again

littlebluespark , in Google Patches Fourth Chrome Zero-Day in Two Weeks
@littlebluespark@lemmy.world avatar

Thafuq is anyone using that spyware still? 🤷🏼‍♂️ Play stupid games…

Maeve , in Hacker defaces spyware app’s site, dumps database and source code

May this spyware never return

scrubbles , in Google Patches Fourth Chrome Zero-Day in Two Weeks
@scrubbles@poptalk.scrubbles.tech avatar

We dumped all of our decades tenured senior engineers and outsourced everything to cheap alternatives, and now things are breaking?!

Potatos_are_not_friends , in Hacker defaces spyware app’s site, dumps database and source code

Chaotic neutral

RealFknNito ,
@RealFknNito@lemmy.world avatar

Many shades of gray hats.

maculata , in State hackers turn to massive ORB proxy networks to evade detection
  1. Cut all the internet cables to China and torch their satellites.
  2. Fuck that website and the unclosable fucking ads.
  • All
  • Subscribed
  • Moderated
  • Favorites
  • random
  • [email protected]
  • lifeLocal
  • goranko
  • All magazines