The Tor Project is attempting to assure users that the network is still safe after a recent investigative report warned that law enforcement from Germany and other countries are working together to deanonymize users through timing attacks. […]
Ivanti warns of another critical CSA flaw exploited in attacks
Today, Ivanti warned that threat actors are exploiting another Cloud Services Appliance (CSA) vulnerability in attacks targeting a limited number of customers. […]
Wherever There’s Ransomware, There’s Service Account Compromise. Are You Protected?
Until just a couple of years ago, only a handful of IAM pros knew what service accounts are. In the last years, these silent Non-Human-Identities (NHI) accounts have become one of the most targeted and compromised attack surfaces. Assessments report that compromised service accounts play a key role in lateral movement in over 70% of ransomware attacks. However, there’s an alarming disproportion
FTC exposes massive surveillance of kids, teens by social media giants
A Federal Trade Commission (FTC) staff report has found that social media and video streaming companies have been engaging in widespread user surveillance, particularly of children and teens, with insufficient privacy protections and earning billions of dollars annually by monetizing their data. […]
Google Password Manager now automatically syncs your passkeys
Google announced that starting today, passkeys added to Google Password Manager will automatically sync between Windows, macOS, Linux, Android, and ChromeOS devices for logged-in users. […]
Police dismantles phone unlocking ring linked to 483,000 victims
A joint law enforcement operation has dismantled an international criminal network that used the iServer automated phishing-as-a-service platform to unlock the stolen or lost mobile phones of 483,000 victims worldwide. […]
Hackers Exploit Default Credentials in FOUNDATION Software to Breach Construction Firms
Threat actors have been observed targeting the construction sector by infiltrating the FOUNDATION Accounting Software, according to new findings from Huntress.
“Attackers have been observed brute-forcing the software at scale, and gaining access simply by using the product’s default credentials,” the cybersecurity company said.
Targets of the emerging threat include plumbing, HVAC (heating,
“Attackers have been observed brute-forcing the software at scale, and gaining access simply by using the product’s default credentials,” the cybersecurity company said.
Targets of the emerging threat include plumbing, HVAC (heating,
Watch on Demand: 2024 Attack Surface Management Summit – All Sessions Available
Sessions from SecurityWeek’s 2024 Attack Surface Management are now available to watch on demand.
The post Watch on Demand: 2024 Attack Surface Management Summit – All Sessions Available appeared first on SecurityWeek.
CISA Releases Cyber Defense Alignment Plan for Federal Agencies
CISA has laid out the FOCAL plan, which aligns the collective operational defense capabilities across federal agencies.
The post CISA Releases Cyber Defense Alignment Plan for Federal Agencies appeared first on SecurityWeek.
Germany seizes 47 crypto exchanges used by ransomware gangs
German law enforcement seized 47 cryptocurrency exchange services hosted in the country that facilitated illegal money laundering activities for cybercriminals, including ransomware gangs. […]