π 10 Billion Passwords Leaked on Hacking Forum π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
A Cybernews investigation found that nearly 10 billion unique passwords have been posted on a popular hacking forum, putting users worldwide at risk of account compromises.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
10 Billion Passwords Leaked on Hacking Forum
Cybernews found that nearly 10 billion unique passwords have been posted on a popular hacking forum, putting users worldwide at risk of account compromise
π΅οΈββοΈ Cyber-Insurance Prices Plummet as Market Competition Grows π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Now may be a good time to find good deals on insurance coverage for ransomware and security incidents.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Cyber-Insurance Prices Plummet as Market Competition Grows
Now may be a good time to find good deals on insurance coverage for ransomware and security incidents.
π΅οΈββοΈ Identity Orchestration Is Gaining Traction π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Identity orchestration products are increasingly projected to be introduced to the market in the next couple of years. Market trends and benefits of identity orchestration are explored.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Identity Orchestration Is Gaining Traction
Identity orchestration products are increasingly projected to be introduced to the market in the next couple of years. Market trends and benefits of identity orchestration are explored.
π΅οΈββοΈ 10B Passwords Pop Up on Dark Web 'RockYou2024' Release π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The passwords, dumped on a cyberunderground forum on July 4 by a hacker called "ObamaCare," were collected from a variety of older and more recent breaches.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
10B Passwords Pop Up on Dark Web 'RockYou2024' Release
The passwords, dumped on a cyber-underground forum on July 4 by a hacker called "ObamaCare," were collected from a variety of older and more recent breaches.
π΅οΈββοΈ 'CloudSorcerer' Leverages Cloud Services in Cyber-Espionage Campaign π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The newly discovered APT's main weapon is a malware tool that can change behavior depending on the process in which it is running.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
'CloudSorcerer' Leverages Cloud Services in Cyber-Espionage Campaign
The newly discovered APT's main weapon is a malware tool that can change behavior depending on the process in which it is running.
π¦Ώ OpenAI Secrets Stolen in 2023 After Internal Forum Was Hacked π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Last year, hackers breached an online forum used by OpenAI employees and stole confidential information about the firms AI systems.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
OpenAI Secrets Stolen in 2023 After Internal Forum Was Hacked
Last year, hackers breached an online forum used by OpenAI employees and stole confidential information about the firmβs AI systems.
ποΈ Cybersecurity Agencies Warn of China-linked APT40's Rapid Exploit Adaptation ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity agencies from Australia, Canada, Germany, Japan, New Zealand, South Korea, the U.K., and the U.S. have released a joint advisory about a Chinalinked cyber espionage group called APT40, warning about its ability to coopt exploits for newly disclosed security flaws within hours or days of public release. "APT40 has previously targeted organizations in various countries, including.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Trojanized jQuery Packages Found on npm, GitHub, and jsDelivr Code Repositories ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Unknown threat actors have been found propagating trojanized versions of jQuery on npm, GitHub, and jsDelivr in what appears to be an instance of a "complex and persistent" supply chain attack. "This attack stands out due to the high variability across packages," Phylum said in an analysis published last week. "The attacker has cleverly hidden the malware in the seldomused 'end' function of.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Just a Fifth of Manufacturers Have Strongest Anti-Phishing Protection π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Study confirms most manufacturers with DMARC dont have it configured to most secure policy.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Just a Fifth of Manufacturers Have Strongest Anti-Phishing Protection
Study confirms most manufacturers with DMARC donβt have it configured to most secure policy
π Ticketmaster Extortion Continues, Threat Actor Claims New Ticket Leak π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Tickets to Foo Fighters, Aerosmith, Pink and Usher gigs have been leaked by a threat actor trying to extort Ticketmaster.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Ticketmaster Extortion Continues, Threat Actor Claims New Ticket Leak
Tickets to Foo Fighters, Aerosmith, Pink and Usher gigs have been leaked by a threat actor trying to extort Ticketmaster
π¦
Regional Transport Office themed phishing campaign targets Android users in India π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Key Takeaways Cyble Research Intelligence Labs has observed a recent surge in phishing campaigns targeting banking users in India. Cybercriminals have shifted their focus from SMS to WhatsApp for distributing phishing messages, expanding themes from credit card rewards and KYC updates to utility bills and government schemes. The admin panel hosted on the Command and Control server mentioned the APK support via WhatsApp, suggesting the use of MalwareasaServiceMaaS. Recent malware strains lack launcher activities, making them stealthier as the app icon does not appear on the app drawer. In this analysis, were investigating a new campaign impersonating the Regional Transport Office RTO. This campaign uses fake APKs to lure victims into installing malware and focu...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
Phishing Campaign Targets Android Users In India
Discover how a phishing campaign impersonating India's RTO targets Android users, leveraging malware to steal SMS and contact data.
π’ Peloton faces lawsuit amid claims it allowed marketing firm to train AI on user chat data π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Peloton is accused of allowing marketing firm Drift to read and process data without user consent.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
Peloton faces lawsuit amid claims it allowed marketing firm to train AI on user chat data
Peloton is accused of allowing marketing firm Drift to read and process data without user consent
π¦Ώ Develop Valuable Security and Risk Management Skills for Just $30 Through 7/21 π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
With cyberthreats and cyberattacks always on the rise, developing security and risk management skills could be one of the best moves for your business or career.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Develop Valuable Security and Risk Management Skills for Just $30
With cyberthreats and cyberattacks always on the rise, developing security and risk management skills could be the best move for your business or career.
π¦Ώ Nearly 10 Billion Passwords Leaked in Biggest Compilation of All Time π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Nearly 10 billion passwords have been leaked on a popular hacking forum, according to Cybernews.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Nearly 10 Billion Passwords Leaked in Biggest Compilation of All Time
Nearly 10 billion passwords have been leaked on a popular hacking forum, according to Cybernews.
π¦Ώ The 6 Best Governance, Risk & Compliance (GRC) Tools for 2024 π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Compare the best governance, risk and compliance tools 2024 has to offer. Discover the best GRC solution for your business's needs.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
6 Best Governance, Risk & Compliance (GRC) Tools for 2024
What are the best GRC tools and how much do they cost? Use our guide to compare pricing and features of our recommended GRC platforms.
ποΈ Hackers Exploiting Jenkins Script Console for Cryptocurrency Mining Attacks ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have found that it's possible for attackers to weaponize improperly configured Jenkins Script Console instances to further criminal activities such as cryptocurrency mining. "Misconfigurations such as improperly set up authentication mechanisms expose the 'script' endpoint to attackers," Trend Micro's Shubham Singh and Sunil Bharti said in a technical writeup.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ HUMINT: Diving Deep into the Dark Web ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Clear Web vs. Deep Web vs. Dark Web Threat intelligence professionals divide the internet into three main components Clear Web Web assets that can be viewed through public search engines, including media, blogs, and other pages and sites. Deep Web Websites and forums that are unindexed by search engines. For example, webmail, online banking, corporate intranets, walled gardens, etc. Some.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ GuardZoo Malware Targets Over 450 Middle Eastern Military Personnel ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Military personnel from Middle East countries are the target of an ongoing surveillanceware operation that delivers an Android datagathering tool called GuardZoo. The campaign, believed to have commenced as early as October 2019, has been attributed to a Houthialigned threat actor based on the application lures, commandandcontrol C2 server logs, targeting footprint, and the attack.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Chinese State Actor APT40 Exploits N-Day Vulnerabilities βWithin Hoursβ π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
A joint government advisory warned that the Chinese statesponsored actor APT40 is capable of immediately exploiting newly public vulnerabilities in widely used software.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Chinese State Actor APT40 Exploits N-Day Vulnerabilities βWithin Hoursβ
A joint government advisory warned that the Chinese state-sponsored actor APT40 is capable of immediately exploiting newly public vulnerabilities in widely used software
π Avast Provides DoNex Ransomware Decryptor to Victims π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Researchers at Avast found a flaw in the cryptographic schema of the DoNex ransomware and have been sending out decryptor keys to victims since March 2024.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Avast Provides DoNex Ransomware Decryptor to Victims
Researchers at Avast found a flaw in the cryptographic schema of the DoNex ransomware and have been sending out decryptor keys to victims since March 2024
π΅οΈββοΈ CISA Takedown of Ivanti Systems Is a Wake-up Call π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The exploitation of vulnerabilities in Ivanti's software underscores the need for robust cybersecurity measures and proactive response strategies to mitigate risks and protect critical assets.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
CISA Takedown of Ivanti Systems Is a Wake-up Call
The exploitation of vulnerabilities in Ivanti's software underscores the need for robust cybersecurity measures and proactive response strategies to mitigate risks and protect critical assets.