CyberManipal.
Tech news from MIST
Latest
Latest news from CyberManipal, that matters.
Page 3
BREACHES
Half-Billion Compromised Credentials Lurking on Open Cloud Server
3 years ago
Around 586 million sets of credentials had been collected in a compromised cloud storage facility, free for the taking by any cybercrime yahoo who happened to stop by, according to the National Crime Agency’s (NCA) National Cyber Crime Unit in the U.K. The NCA tapped Troy Hunt, creator of the... Read more
Around 586 million sets of credentials had been collected in a compromised cloud storage facility,... Read more
VULNERABILITIES
Hackers Begin Exploiting Second Log4j Vulnerability as a Third Flaw Emerges
3 years ago
Researchers at security firm Praetorian warned of a third separate security weakness in Log4j version 2.15.0, soon after Cloudflare revealed on Wednesday about threat actors actively attempting to exploit a second bug disclosed in the widely used Log4j logging utility making it possible to carry out denial-of-service (DoS) attacks. This... Read more
Researchers at security firm Praetorian warned of a third separate security weakness in Log4j version... Read more
VULNERABILITIES
Log4J—The Latest Cybercrime Storm
3 years ago
Log4j vulnerability has kickstarted a storm in the cyber world. Being famously called "a Fukushima moment for the cybersecurity industry," the security risk is leading to a monumental number of attacks attempting to exploit it. The vulnerability, also known as Log4Shell, was first discovered by LunaSec researchers. Log4Shell is an... Read more
Log4j vulnerability has kickstarted a storm in the cyber world. Being famously called "a Fukushima... Read more
VULNERABILITIES
New Payment Data Stealing Malware Hides in Nginx Process on Linux Servers
3 years ago
A new form of malware that targets Nginx servers has been attacking E-commerce platforms in the U.S., Germany, and France in an attempt to masquerade its presence and slip past detection by security solutions. Nginx, a free and open-source software, is a web server that can also be used as... Read more
A new form of malware that targets Nginx servers has been attacking E-commerce platforms in... Read more
FRAUDS AND SCAMS
Phishing Scam Targets Military Families
3 years ago
Threat researchers at Lookout are helping to take down a phishing campaign that has been targeting members of the United States military and their families. The scammers behind the long-running campaign impersonate military support organizations and personnel to commit advance fee fraud, stealing sensitive personal and financial information for... Read more
Threat researchers at Lookout are helping to take down a phishing campaign that has been... Read more
VULNERABILITIES
Known Bug Being Abused by Iranian Hackers Found in Microsoft's MSHTML
3 years ago
Instagram and Google credentials of Farsi-speaking individuals around the world are being stolen by an Iranian threat actor. The threat group is using a new PowerShell-based stealer, PowerShortShell, for this campaign. PowerShortShell is used for Telegram surveillance and gathering system details from infected devices. Attacker-controlled servers work with... Read more
Instagram and Google credentials of Farsi-speaking individuals around the world are being stolen by... Read more
POLICIES AND REGULATIONS
The Cryptocurrency & Regulation of Official Digital Currency Bill
3 years ago
The Cryptocurrency and Regulation of Official Digital Currency Bill 2021-the authority bill to manage the advanced cash will be presented in the Parliament throughout the winter session that begins on November 29. The authority in-charge of crypto is looking to make a facilitative structure for forming advanced authority cash to... Read more
The Cryptocurrency and Regulation of Official Digital Currency Bill 2021-the authority bill to manage the... Read more
BREACHES
GoDaddy security breach exposes 1.2 million WordPress users' data
3 years ago
The web hosting company Go Daddy recently submitted a filing to the securities and exchange commission on November 22, revealing that an unauthorized third party accessed the email addresses of almost 1.2 million WordPress customers. The Chief Information Security Officer, Demetrius Comes, said that they identified suspicious activity in their... Read more
The web hosting company Go Daddy recently submitted a filing to the securities and exchange... Read more
FRAUDS AND SCAMS
Free Nitro phishing scam
3 years ago
A new type of phishing promoted via Discord messages promises a free Nitro subscription if a user links their steam account, allowing hackers to steal game items or promote other scams. Multiple discord accounts are taking part in conducting these scams, controlled by threat actors, or as automated bots that... Read more
A new type of phishing promoted via Discord messages promises a free Nitro subscription if... Read more
VULNERABILITIES
Squirrel Engine Bug lets attackers hack games and cloud services
3 years ago
Squirrel is an open-source, object-oriented programming language used for scripting video games and in IoT devices and distributed transaction processing platforms such as Enduro/X. Researchers have disclosed an out-of-bounds read vulnerability in the Squirrel programming language that attackers can abuse to break out of the sandbox restrictions and execute... Read more
Squirrel is an open-source, object-oriented programming language used for scripting video games and in... Read more
