Self-proclaimed 'gay furry hackers' breach nuclear lab; demands research into IRL catgirls
71
votes
Showing only topics with the tag "security.cyber".
Back to normal view
-
-
Nothing’s iMessage app was a security catastrophe, taken down in 24 hours
65 votes -
Microsoft’s Windows Hello fingerprint authentication has been bypassed
41 votes -
Cybersecurity firm CEO pleads guilty to hacking hospitals to boost his company's business
36 votes -
Ransomware gang files SEC complaint over victim’s undisclosed breach
26 votes -
Payments app Zelle begins refunds for imposter scams after Washington pressure
13 votes -
After hack, personally identifiable information records of a large percentage of citizens of India for sale on the dark web. The hack includes biometric data
22 votes -
US sues SolarWinds for fraud over alleged cyber security neglect ahead of 2020 Russian hack of Justice and Homeland Security departments
25 votes -
Immersive Labs "Haunted Halloween" Challenges 2023
Hey everyone! Just wanted to share that Immersive Labs has rolled out their "Haunted Halloween" challenges for 2023. For those unfamiliar, Immersive Labs offers a platform for interactive,...
Hey everyone! Just wanted to share that Immersive Labs has rolled out their "Haunted Halloween" challenges for 2023. For those unfamiliar, Immersive Labs offers a platform for interactive, gamified learning in the realm of cybersecurity. They've been known to host challenges that test and enhance cyber skills.
You can sign up for free using code HAUNTEDHOLLOW to try it out hubs.ly/Q026LTZV0.
Now, I'm not posting this solely out of altruism. I could use some help on the 'Mirrored Mayhem' task.
Spoiler Alert: Details about the challenge below
I've managed to get the RCE. I've crafted a PNG and successfully executed remote code. However, I'm only able to find the 'webapp-token'. I'm at a loss when it comes to the 'user-token' or 'root-token'. The 'whats in the mirror?' file isn't giving me any leads either. I've also got a username/password from it but can't figure out where to use them.Would appreciate any pointers or hints from anyone who's tackled this challenge. Thanks in advance!
4 votes -
Finland faces growing Russian online threat, Finnish security services say – espionage attempts have increased since Ukraine invasion
22 votes -
The dangers of LLM self-exfiltration: AI alignment and cybersecurity challenges
5 votes -
Building automation giant Johnson Controls hit by ransomware attack
8 votes -
Popular thesaurus website used in sneaky cryptojacking scheme
11 votes -
At MGM's hacked casinos in Las Vegas, evidence of the massive ransomware hack is everywhere, if you're looking for it
45 votes -
New SprySOCKS Linux malware used in cyber espionage attacks
12 votes -
WinRAR zero-day exploited since April to hack trading accounts
31 votes -
Cyberattack shutters major NSF-funded telescopes for more than two weeks
18 votes -
Hackers exploited a zero-day flaw in Ivanti's software undetected for at least three months, US and Norwegian cybersecurity agencies warn
14 votes -
Microsoft lost its keys, and the US government got hacked
25 votes -
Apple fixes zero-days used to deploy Triangulation spyware via iMessage
8 votes -
Security expert defeats Lenovo laptop BIOS password with a screwdriver
13 votes -
SolarWinds: The untold story of the boldest supply-chain hack ever
7 votes -
A flock of chickens, held for ransom — Growing cyberattacks on Canada's food system threaten disaster
9 votes -
Belgium launches nationwide safe harbor for ethical hackers
10 votes -
Danish parliament urges lawmakers and employees to remove TikTok on work phones as a cybersecurity measure, saying “there is a risk of espionage”
4 votes -
SolarWinds and market incentives
8 votes -
Never-before-seen malware is nuking data in Russia’s courts and mayors’ offices. CryWiper masquerades as ransomware, but its real purpose is to permanently destroy data.
12 votes -
Erik Prince wants to sell you a “secure” smartphone that’s too good to be true
12 votes -
Ex-Twitter exec blows the whistle, alleging reckless and negligent cybersecurity policies
13 votes -
Finland's parliament hit with cyberattack following US move to admit the country to NATO
7 votes -
Macho cyberwarfare and the long game
2 votes -
Chipmaker Nvidia investigating potential cyberattack
6 votes -
The battle for a powerful cyberweapon: A Times investigation reveals how Israel reaped diplomatic gains around the world from NSO’s Pegasus spyware
4 votes -
Winning the war on ransomware - The DOJ’s task force is changing the landscape around hackers, but will it be enough?
4 votes -
Sinclair Broadcast Group was hit by ransomware over the weekend
13 votes -
Unsecure at any speed?
7 votes -
Norway says cyber attack on parliament carried out from China – attack had utilised a security hole in Microsoft's Exchange software
10 votes -
Sophisticated exploits used to breach fully-patched iPhones of journalists, activists, as detailed by Amnesty International's Security Lab
24 votes -
Swedish Coop supermarkets shut due to US ransomware cyber-attack – the hack targeted Florida-based IT company Kaseya before spreading through corporate networks
8 votes -
NewsBlur Mongo database deleted in ransom attack (and restored)
NewsBlur was down yesterday evening due to its Mongo database getting attacked by a hacker and held for ransom. It’s restored from backup, but there are privacy implications for anyone who had...
NewsBlur was down yesterday evening due to its Mongo database getting attacked by a hacker and held for ransom. It’s restored from backup, but there are privacy implications for anyone who had sensitive private data there. We will likely find out more after the maintainer recovers from a busy night.
There are no good links for this, but it’s being discussed on Hacker News. Since it’s open source, someone described what’s being kept in that database.
(I use NewsBlur, but I don’t think my RSS reading habits are all that sensitive. Others might be in a different situation, though.)
6 votes -
US Department of Justice recovers $2.3 million worth of Bitcoin that Colonial Pipeline paid to ransomware extortionists
17 votes -
One-fifth of US beef capacity wiped out by JBS cyberattack
28 votes -
DarkSide ransomware gang quits after servers, Bitcoin stash seized
17 votes -
Largest fuel pipeline in the United States hit by ransomware attack
31 votes -
Ransomware gang threatens release of DC police records
10 votes -
A closer look at the DarkSide ransomware gang, which was responsible for the recent attack on Colonial Pipeline
15 votes -
After decades of not using them, the Pentagon has given control of millions of IP addresses to a previously unknown company in an effort to identify possible cyber vulnerabilities and threats
17 votes -
A "worst nightmare" cyberattack: The story of the SolarWinds hack
7 votes -
I now own the Coinhive domain. Here's how I'm fighting cryptojacking and doing good things with content security policies.
15 votes -
SolarWinds: New findings from our investigation of SUNBURST
6 votes