Verizon Communications is warning that an insider data breach impacts almost half its workforce, exposing sensitive employee information. […]
Beware: Fake Facebook Job Ads Spreading ‘Ov3r_Stealer’ to Steal Crypto and Credentials
Threat actors are leveraging bogus Facebook job advertisements as a lure to trick prospective targets into installing a new Windows-based stealer malware codenamed Ov3r_Stealer.
“This malware is designed to steal credentials and crypto wallets and send those to a Telegram channel that the threat actor monitors,” Trustwave SpiderLabs said in a report shared with The Hacker News.
Ov3r_Stealer
“This malware is designed to steal credentials and crypto wallets and send those to a Telegram channel that the threat actor monitors,” Trustwave SpiderLabs said in a report shared with The Hacker News.
Ov3r_Stealer
Experts Detail New Flaws in Azure HDInsight Spark, Kafka, and Hadoop Services
Three new security vulnerabilities have been discovered in Azure HDInsight’s Apache Hadoop, Kafka, and Spark services that could be exploited to achieve privilege escalation and a regular expression denial-of-service (ReDoS) condition.
“The new vulnerabilities affect any authenticated user of Azure HDInsight services such as Apache Ambari and Apache Oozie,” Orca security
“The new vulnerabilities affect any authenticated user of Azure HDInsight services such as Apache Ambari and Apache Oozie,” Orca security
CISA Announces Renewal of the Information and Communications Technology Supply Chain Risk Management Task Force
How a $10B Enterprise Customer Drastically Increased their SaaS Security Posture with 201% ROI by Using SSPM
SaaS applications are the darlings of the software world. They enable work from anywhere, facilitate collaboration, and offer a cost-effective alternative to owning the software outright. At the same time, the very features that make SaaS apps so embraced – access from anywhere and collaboration – can also be exploited by threat actors.
Recently, Adaptive Shield commissioned a Total Economic
Recently, Adaptive Shield commissioned a Total Economic
Hackers Exploit Job Boards in APAC, Steal Data of Millions of Job Seekers
Employment agencies and retail companies chiefly located in the Asia-Pacific (APAC) region have been targeted by a previously undocumented threat actor known as ResumeLooters since early 2023 with the goal of stealing sensitive data.
Singapore-headquartered Group-IB said the hacking crew’s activities are geared towards job search platforms and the theft of resumes, with as many as 65
Singapore-headquartered Group-IB said the hacking crew’s activities are geared towards job search platforms and the theft of resumes, with as many as 65
Recent SSRF Flaw in Ivanti VPN Products Undergoes Mass Exploitation
A recently disclosed server-side request forgery (SSRF) vulnerability impacting Ivanti Connect Secure and Policy Secure products has come under mass exploitation.
The Shadowserver Foundation said it observed exploitation attempts originating from more than 170 unique IP addresses that aim to establish a reverse shell, among others.
The attacks exploit CVE-2024-21893 (CVSS
The Shadowserver Foundation said it observed exploitation attempts originating from more than 170 unique IP addresses that aim to establish a reverse shell, among others.
The attacks exploit CVE-2024-21893 (CVSS
U.S. Imposes Visa Restrictions on those Involved in Illegal Spyware Surveillance
The U.S. State Department said it’s implementing a new policy that imposes visa restrictions on individuals who are linked to the illegal use of commercial spyware to surveil civil society members.
“The misuse of commercial spyware threatens privacy and freedoms of expression, peaceful assembly, and association,” Secretary of State Antony Blinken said. “Such targeting has been
“The misuse of commercial spyware threatens privacy and freedoms of expression, peaceful assembly, and association,” Secretary of State Antony Blinken said. “Such targeting has been
Microsoft Outlook December updates trigger ICS security alerts
Microsoft is investigating an issue that triggers Outlook security alerts when trying to open .ICS calendar files after installing December 2023 Patch Tuesday Office security updates. […]
US announces visa ban on those linked to commercial spyware
Secretary of State Antony J. Blinken announced today a new visa restriction policy that will enable the Department of State to ban those linked to commercial spyware from entering the United States. […]