Synology, a Taiwanese network-attached storage (NAS) appliance maker, patched two critical zero-days exploited during last week’s Pwn2Own hacking competition within days. […]
DDoS site Dstat.cc seized and two suspects arrested in Germany
The Dstat.cc DDoS review platform has been seized by law enforcement, and two suspects have been arrested after the service helped fuel distributed denial-of-service attacks for years. […]
NCSC Details ‘Pygmy Goat’ Backdoor Planted on Hacked Sophos Firewall Devices
A stealthy network backdoor found on hacked Sophos XG firewall devices is programmed to work on a broader range of Linux-based devices.
The post NCSC Details ‘Pygmy Goat’ Backdoor Planted on Hacked Sophos Firewall Devices appeared first on SecurityWeek.
Inside Iran’s Cyber Playbook: AI, Fake Hosting, and Psychological Warfare
U.S. and Israeli cybersecurity agencies have published a new advisory attributing an Iranian cyber group to targeting the 2024 Summer Olympics and compromising a French commercial dynamic display provider to show messages denouncing Israel’s participation in the sporting event.
The activity has been pinned on an entity that’s known as Emennet Pasargad, which the agencies said has been operating
The activity has been pinned on an entity that’s known as Emennet Pasargad, which the agencies said has been operating
GreyNoise Credits AI for Spotting Exploit Attempts on IoT Livestream Cams
GreyNoise Intelligence says an internal AI tool captured attempts to exploit critical vulnerabilities in commercial livestream IoT cameras.
The post GreyNoise Credits AI for Spotting Exploit Attempts on IoT Livestream Cams appeared first on SecurityWeek.
In Other News: FBI’s Ransomware Disruptions, Recall Delayed Again, CrowdStrike Responds to Bloomberg Article
Noteworthy stories that might have slipped under the radar: FBI conducted over 30 ransomware disruption operations this year, Windows Recall delayed until December, CrowdStrike responds to a Bloomberg article.
The post In Other News: FBI’s Ransomware Disruptions, Recall Delayed Again, CrowdStrike Responds to Bloomberg Article appeared first on SecurityWeek.
Joint ODNI, FBI, and CISA Statement on Russian Election Influence Efforts
Ex-Disney Worker Accused of Hacking Computer Menus to Add Profanities, Errors
A former worker hacked servers at Walt Disney World in order to manipulate menus by changing prices, adding profanities and altering notifications.
The post Ex-Disney Worker Accused of Hacking Computer Menus to Add Profanities, Errors appeared first on SecurityWeek.
US, Israel Describe Iranian Hackers’ Targeting of Olympics, Surveillance Cameras
The US and Israel have published an advisory describing the latest activities of Iranian cyber firm Emennet Pasargad, now called Aria Sepehr Ayandehsazan.
The post US, Israel Describe Iranian Hackers’ Targeting of Olympics, Surveillance Cameras appeared first on SecurityWeek.
Massive Git Config Breach Exposes 15,000 Credentials; 10,000 Private Repos Cloned
Cybersecurity researchers have flagged a “massive” campaign that targets exposed Git configurations to siphon credentials, clone private repositories, and even extract cloud credentials from the source code.
The activity, codenamed EMERALDWHALE, is estimated to have collected over 10,000 private repositories and stored in an Amazon S3 storage bucket belonging to a prior victim. The bucket,
The activity, codenamed EMERALDWHALE, is estimated to have collected over 10,000 private repositories and stored in an Amazon S3 storage bucket belonging to a prior victim. The bucket,