-
17 votes
-
DarkSide ransomware gang quits after servers, Bitcoin stash seized
17 votes -
Battlestar Galactica Lessons from Ransomware to the Pandemic
4 votes -
Largest fuel pipeline in the United States hit by ransomware attack
31 votes -
Ransomware gang threatens release of DC police records
10 votes -
A closer look at the DarkSide ransomware gang, which was responsible for the recent attack on Colonial Pipeline
15 votes -
EFF Surveillance Self-Defense - Privacy breakdown of mobile phones
18 votes -
How China turned a prize-winning iPhone hack against the Uyghurs
11 votes -
Linux bans the University of Minnesota for sending intentionally buggy patches in the name of research
58 votes -
They told their therapists everything. Hackers leaked it all.
15 votes -
Disclosure of a vulnerability in AI Dungeon that enabled accessing all users' private adventures, scenarios, and posts via its GraphQL API
16 votes -
An update on the UMN affair
10 votes -
After decades of not using them, the Pentagon has given control of millions of IP addresses to a previously unknown company in an effort to identify possible cyber vulnerabilities and threats
17 votes -
5G: The outsourced elephant in the room
12 votes -
A "worst nightmare" cyberattack: The story of the SolarWinds hack
7 votes -
Team Navalny apologizes after database of email addresses registered for planned protest leaks online
7 votes -
Introduction to SQL Injection - SQLi for Beginners
10 votes -
US intelligence community publishes Global Trends 2040: A More Contested World
17 votes -
Rust in the Android platform
7 votes -
Iran and China sign economic and security agreement, challenging US pressure on the state
8 votes -
I now own the Coinhive domain. Here's how I'm fighting cryptojacking and doing good things with content security policies.
15 votes -
The "S" in "IoT" is for Security
29 votes -
Whistleblower alleges Ubiquiti massively downplayed a “catastrophic” incident to minimize the hit to its stock price
18 votes -
Engineer reports data leak to nonprofit, hears from the police
11 votes -
WireGuard bounces off FreeBSD—for now
7 votes -
Tracing paper - A brief history of the secret plan to track every printed page
6 votes -
Norway prevents sale of Rolls-Royce subsidiary Bergen Engines to Russia – government has blocked the sale on the grounds of national security
8 votes -
A comparative analysis of security, privacy, and censorship issues in TikTok and Douyin, both developed by ByteDance
5 votes -
Finding and fixing a rare race-condition in GitHub's session handling
6 votes -
Can we stop pretending SMS is secure now?
17 votes -
Exploiting machine learning models distributed as Python pickle files, and introducing Fickling: a new tool for analyzing and modifying pickle bytecode
3 votes -
Introduction to Malware Analysis — Malware Explained
4 votes -
Hackers break into thousands of security cameras, exposing Tesla, jails, hospitals
16 votes -
New technique reveals centuries of secrets in locked letters
4 votes -
The lead developer of curl analyzed its known security vulnerabilities and determined that half of them are related to it being written in C
12 votes -
HTTP is fundamental to modern development. But like any widespread mature standard, it's got some funky skeletons in the closet.
9 votes -
At least 30,000 US organizations newly hacked via holes in Microsoft’s email software
19 votes -
Friday Security Briefing
Friday Security Briefing Hello there! I hope you're all looking forward to something this weekend. Today's briefing will cover a captivating tale of scheming against financial centers, woes of...
Friday Security Briefing
Hello there! I hope you're all looking forward to something this weekend. Today's briefing will cover a captivating tale of scheming against financial centers, woes of virtual networking, and the possibility of Russia behaving quite unnecessarily.
"Listen, or your tongue will make you deaf." ~ Unattributed proverb
Wall Street targeted by new Capital Call investment email scammers
The tactic of exploiting enterprise email systems remains a successful and active attack vector for bad actors. The emerging development is the use of "capital call" style scam, wherein scammers pretend to have investor or insurance business with the business.
"In an example shared by the researchers, the scam email attached a Capital Call Notice for US $970,357.00 to be deposited into a bank account under the fraudsters’ control."
"If the targeted investor was duped into wiring the funds, then it is likely that money would be quickly moved into other accounts and withdrawn by mules to prevent the payment from being returned to the victim."
The flexibility that cryptocurrencies provide to discreetly rearrange money may actually be disadvantageous for banks in certain situations.
Source: Tripwire, Wall Street targeted by new Capital Call investment email scammers
High severity Linux network security holes found, fixed
(CVE-2021-26708) Alexander Popov of London has discovered five security holes in the Linux kernel's virtual socket implementation. This is concerning, my personal use of virtual networking systems could be a lot more thought out. I do tend to keep my use of libvirt to a minimum but ideally I would be running my virtualization workstation on a separate box optimized for safe practices.
"These holes entered Linux when virtual socket multi-transport support was added. This networking transport facilitates communication between virtual machines (VM) and their host. It's commonly used by guest agents and hypervisor services that need a communications channel that is independent of the VM network configuration. As such, people who are running VMs on the cloud, which is pretty much everyone these days, are especially vulnerable."
Source: ZDNet, High severity Linux network security holes found, fixed
Ukraine: DDoS attacks on govt sites originated from Russia
Ukraine is proposing that information on the threat actors responsible for a DDoS on Ukrainian government websites originated from Russian domains.
However, they did not claim that the threat actors were affiliated with the Russian state.
I am curious about the motivations if this was sanctioned by Russia. Are they testing their capabilities against a softer target in order to learn from the European and American Cyber-Defense response? Perhaps this was a way for Russia to demonstrate it's competency at cyber warfare.
"The National Coordination Center for Cybersecurity (NCCC) at the NSDC states that these DDoS attacks have been massive and have targeted government websites in the defense and security sector."
Possible retaliation?
"Last week, news leaked that Ukrainian law enforcement, in cooperation with the US and French police, arrested alleged Egregor ransomware operation members.
Three days later, the Security Service of Ukraine (SBU) issued a press release about the Egregor arrests and seizing the ransomware group's equipment."
Source: Bleeping Computer, Ukraine: DDoS attacks on govt sites originated from Russia
8 votes -
Bitsquatting windows.com with fourteen domains that are one bitflip away
18 votes -
Gab removes their public Git repository after it reveals their developers adding (and struggling to fix) basic security issues that led to a 70GB data leak
12 votes -
What are security, privacy, and anonymity?
6 votes -
The Great Suspender and the problem of malware being introduced into open-source browser extensions
15 votes -
Researcher hacks over 35 tech firms via package/dependency managers
13 votes -
Firefox 85 cracks down on supercookies
18 votes -
List of emails SponsorBlock's creator has received about inserting malware into the extension
17 votes -
A detailed look into the Stack Exchange network's May 2019 security incident
9 votes -
ADT employee covertly accessed about 200 security cameras he installed to spy on people having sex
9 votes -
Finding vulnerabilities in the calling state machines of video/audio messaging platforms
3 votes -
Becoming physically immune to brute-force attacks
11 votes -
Overthewire: Learn Hacking By Playing Games
9 votes