DigiCert discovered a bug in how domain ownership was verified, leading to the mass revocation of SSL/TLS certificates. Approximately 0.4% of domain validations conducted between August 2019 and June 2024 are affected.
Cyware News – Latest Cyber News – Read More
Over a million domains are susceptible to takeover by malicious actors by means of what has been called a Sitting Ducks attack.
The powerful attack vector, which exploits weaknesses in the domain name system (DNS), is being exploited by over a dozen Russian-nexus cybercriminal actors to stealthily hijack domains, a joint analysis published by Infoblox and Eclypsium has revealed.
“In a Sitting
The Hacker News – Read More
Security researchers have uncovered the largest ransomware payment ever recorded, amounting to $75m, which was made to the Dark Angels group. This finding was revealed in Zscaler’s ThreatLabz Ransom Report for 2024.
Cyware News – Latest Cyber News – Read More
Joshua Caleb Sutter infiltrated far-right extremist organizations as a confidential FBI informant, all while promoting hateful ideologies that influenced some of the internet’s most violent groups.
Security Latest – Read More
The Kids Online Safety and Privacy Act (KOPSA) combines two bills to enhance protections for children under 17, prohibiting targeted advertising, requiring consent for data collection, and limiting exposure to harmful content.
Cyware News – Latest Cyber News – Read More
In yet another sign that threat actors are always looking out for new ways to trick users into downloading malware, it has come to light that the question-and-answer (Q&A) platform known as Stack Exchange has been abused to direct unsuspecting developers to bogus Python packages capable of draining their cryptocurrency wallets.
“Upon installation, this code would execute automatically,
The Hacker News – Read More
Leading AI players should invest in diversified partnerships to harness everything AI tools can offer.
Latest stories for ZDNET in Security – Read More
Healthcare organizations are jeopardizing patient privacy due to insecure file-sharing practices, according to a report by Metomic. The study found that 25% of publicly shared files in healthcare contain Personally Identifiable Information (PII).
Cyware News – Latest Cyber News – Read More
Shadowserver has observed over 20,000 internet-accessible VMware ESXi instances impacted by an exploited vulnerability.
The post Exploited Vulnerability Could Impact 20k Internet-Exposed VMware ESXi Instances appeared first on SecurityWeek.
SecurityWeek – Read More
The attack targeted C-Edge Technologies, a provider of banking systems for these banks. As a precaution, the National Payment Corporation of India (NPCI) has isolated these banks from the broader payment network to contain the attack.
Cyware News – Latest Cyber News – Read More