Seventh and eighth graders in Malvern, Pa., impersonating their teachers posted disparaging, lewd, racist and homophobic videos in the first known mass attack of its kind in the U.S.

Epic Games recently announced that its sideloaded iOS game store has passed Apple's submission checks, but not without encountering some final obstacles. According to the Fortnite maker, Apple held up the Epic store because its buttons resembled those on the official App Store too closely.Read Entire Article

The cybercriminals behind the Ticketmaster data breach are giving away free Taylor Swift concert tickets.

Internet giant Cloudflare reports that its DNS resolver service, 1.1.1.1, was recently unreachable or degraded for some of its customers because of a combination of Border Gateway Protocol (BGP) hijacking and a route leak. [...]

Ransomware Group Apparently Uses Leaked LockBit Builder Code to Mount AttacksA ransomware group that uses locker malware based on the leaked LockBit 3.0 ransomware builder compromised New Zealand's leading fitness equipment retailer. The DragonForce ransomware group on Tuesday said on its leak site that it stole 5.31 gigabytes of data Elite Fitness.

The amount of cryptocurrency stolen through hacks and network exploits more than doubled to $1.38 billion in the first six months of the year, according to the blockchain intelligence firm TRM.

Elon Musk’s social media platform X is set to be served with a formal warning for failing to combat dangerous content, in the third show of force by European Union regulators against Big Tech in recent weeks.

Hackers compromised Ethereum ‘s mailing list provider and sent phishing messages to the members attempting to drain their crypto funds. Hackers compromised Ethereum’s mailing list provider and on the night of June 23, they sent an email to the 35,794 addresses. The email was sent from the address ‘updates@blog.ethereum.org’ and included a link to a […]

The thing about containerization is that less is always more. When deploying containerized workloads, you need to think about your The post Exploring MicroOS, OpenSUSE’s Immutable Container OS appeared first on The New Stack.

As the use of the cloud continues to be strategically vital to many organizations, cloud resources have become the biggest targets for cyberattacks, with SaaS applications (31%), cloud storage (30%) and cloud management infrastructure (26%) cited as the leading categories of attack, according to Thales. Protecting cloud environments tops security priorities As a result, protecting cloud environments has risen as the top security priority ahead of all other security disciplines. This comes as organizations continue … More → The post 47% of corporate data stored in the cloud is sensitive appeared first on Help Net Security.

Comments

A group of security researchers from the Graz University of Technology have demonstrated a new side-channel attack known as SnailLoad that could be used to remotely infer a user's web activity. "SnailLoad exploits a bottleneck present on all Internet connections," the researchers said in a study released this week. "This bottleneck influences the latency of network packets, allowing an attacker

Cade Metz / New York Times: Sources: in early 2023, a hacker breached OpenAI's internal messaging systems and accessed product details; OpenAI told its staff, but not the public or the FBI  —  A security breach at the maker of ChatGPT last year revealed internal discussions among researchers and other employees, but not the code behind OpenAI's systems.

Hackers are targeting older versions of the HTTP File Server (HFS) from Rejetto to drop malware and cryptocurrency mining software. [...]

New York Times: Researchers say GPS spoofing has impacted 60K+ commercial flights so far in 2024; GPS could become a relic as Chinese, Russian, and European systems modernize  —  The Global Positioning System runs the modern world.  —  But it is under daily attack.  —  This year alone, researchers say …

Brain Cipher was never getting the $8 million it demanded anyway Brain Cipher, the group responsible for hacking into Indonesia's Temporary National Data Center (PDNS) and disrupting the country's services, has seemingly apologized for its actions and released an encryption key to the government.…

Cybercriminals are selling credentials linked to the tournament on underground markets, with some geopolitics playing out in denial-of-service attacks.

Twilio has confirmed that an unsecured API endpoint allowed threat actors to verify the phone numbers of millions of Authy multi-factor authentication users, potentially making them vulnerable to SMS phishing and SIM swapping attacks. [...]

Chicago Pediatrics Center Refused to Pay Ransom to Rhysida Cybercrime GroupA Chicago pediatrics hospital is notifying nearly 800,000 people that their information was compromised in a ransomware attack earlier this year. Cybercrime group Rhysida had demanded a $3.4 million ransom for data it claims to have stolen in the incident. The hospital said it did not pay.

The DDoS attacks have evolved tremendously since 2016, with Mirai-like botnets setting new records. Attack frequency and intensity increased notably in 2023, with 1+ Tbps attacks almost becoming daily by 2024. Cybersecurity researchers at OVHcloud spotted record-breaking DDoS attacks of 840 Mpps and asserted that peaks of ~2.5 Tbps were also observed. Record-Breaking DDoS Attack […] The post Record Breaking DDoS Attack 840 Mpps Attack Spotted appeared first on Cyber Security News.

Despite the growing implementation of security awareness training, recent research indicates that over half of cybersecurity professionals are concerned about security behaviours within their organisations. Key Findings from the Survey A survey conducted by ThinkCyber has revealed significant insights into attitudes towards security awareness training. Participants were asked to identify the security behaviours that posed […] The post Fear and Silence: 50% of Employees Hesitant to Report Security Errors first appeared on IT Security Guru. The post Fear and Silence: 50% of Employees Hesitant to Report Security Errors appeared first on IT Security Guru.

Europol coordinated a joint law enforcement action known as Operation Morpheus, which led to the takedown of almost 600 Cobalt Strike servers used by cybercriminals to infiltrate victims' networks. [...]

The blog post “Linux Defense Evasion Techniques Detected by AhnLab EDR (1)” [1] covered methods where the threat actors and malware strains attacked Linux servers before incapacitating security services such as firewalls and security modules and then concealing the installed malware. This post will cover additional defense evasion techniques against Linux systems not covered in the past post. For example, methods of concealing malware include having the running malware delete itself to not be noticed by an administrator, or deleting... The post Linux Defense Evasion Techniques Detected by AhnLab EDR (2) appeared first on ASEC BLOG.