The international law enforcement operation, Operation Morpheus, led to the takedown of 593 Cobalt Strike servers used by cybercriminals. This action was a collaborative effort involving multiple countries and private partners.
Cyware News – Latest Cyber News – Read More
Over 384,000 websites, including those of major companies and government entities, are still linking to the polyfill[.]io code library that was recently acquired by a Chinese firm and used to perform a supply chain attack.
Cyware News – Latest Cyber News – Read More
The Cy-Xplorer 2024 report by Orange Cyberdefense reveals a significant rise in cyber extortion, with 60 ransomware groups affecting 4374 victims from Q1 2023 to Q1 2024. SMBs are targeted 4.2 times more than larger enterprises.
Cyware News – Latest Cyber News – Read More
Researchers at Recorded Future’s Insikt Group analyzed infostealer malware logs captured between February 2021 and February 2024. They cross-referenced the credentials with 20 known CSAM domains, identifying 3,324 unique username-password pairs.
Cyware News – Latest Cyber News – Read More
Twilio has confirmed that an unsecured API endpoint allowed threat actors to access phone numbers of millions of Authy multi-factor authentication users, potentially making them vulnerable to SMS phishing and SIM swapping attacks.
Cyware News – Latest Cyber News – Read More
Twilio has confirmed a data breach after hackers leaked 33 million phone numbers associated with the Authy app.
The post Twilio Confirms Data Breach After Hackers Leak 33M Authy User Phone Numbers appeared first on SecurityWeek.
SecurityWeek – Read More
Brazil’s data protection authority, Autoridade Nacional de Proteção de Dados (ANPD), has temporarily banned Meta from processing users’ personal data to train the company’s artificial intelligence (AI) algorithms.
The ANPD said it found “evidence of processing of personal data based on inadequate legal hypothesis, lack of transparency, limitation of the rights of data subjects, and risks to
The Hacker News – Read More
A coordinated law enforcement operation codenamed MORPHEUS has felled close to 600 servers that were used by cybercriminal groups and were part of an attack infrastructure associated with the Cobalt Strike.
The crackdown targeted older, unlicensed versions of the Cobalt Strike red teaming framework between June 24 and 28, according to Europol.
Of the 690 IP addresses that were flagged to
The Hacker News – Read More
Cloud communications provider Twilio has revealed that unidentified threat actors took advantage of an unauthenticated endpoint in Authy to identify data associated with Authy accounts, including users’ cell phone numbers.
The company said it took steps to secure the endpoint to no longer accept unauthenticated requests.
The development comes days after an online persona named ShinyHunters
The Hacker News – Read More
Researchers uncover a way to hack the summer cookout — but firmware updates will stop that grilled meat (or tofu) from turning into an inedible mess.
darkreading – Read More