The Mystery of ‘Jia Tan,’ the XZ Backdoor Mastermind
The thwarted XZ Utils supply chain attack was years in the making. Now, clues suggest nation-state hackers were behind the persona that inserted the malicious code.
Security Latest – Read More
IntelBroker Leaks Alleged National Security Data Tied to US Contractor Acuity Inc.
By Waqas
The leaked data was previously being sold by the IntelBroker hacker for just $3,000 in Monero (XMR) cryptocurrency.
This is a post from HackRead.com Read the original post: IntelBroker Leaks Alleged National Security Data Tied to US Contractor Acuity Inc.
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
CVE and NVD – A Weak and Fractured Source of Vulnerability Truth
MITRE is unable to compile a list of all new vulnerabilities, and NIST is unable to subsequently, and consequently, provide an enriched database of all vulnerabilities. What went wrong, and what can be done?
The post CVE and NVD – A Weak and Fractured Source of Vulnerability Truth appeared first on SecurityWeek.
SecurityWeek – Read More
Highly sensitive files mysteriously disappeared from EUROPOL headquarters
The disappearance of the personal files of EUROPOL officials poses a serious risk to the impacted individuals and the agency’s operations, including its investigations. EUROPOL notified the impacted individuals and the EDPS.
Cyware News – Latest Cyber News – Read More
Why Cybersecurity Is a Whole-of-Society Issue
Working together and integrating cybersecurity as part of our corporate and individual thinking can make life harder for hackers and safer for ourselves.
darkreading – Read More
Threat Actors Deliver Malware via YouTube Video Game Cracks
Many types of video games appear to be targeted to younger users including games popular with children, a group that is less likely to be able to identify malicious content and risky online behaviors.
Cyware News – Latest Cyber News – Read More
Critical Vulnerability Found in LayerSlider Plugin Installed on a Million WordPress Sites
A critical SQL injection vulnerability in the LayerSlider WordPress plugin allows attackers to extract sensitive information.
The post Critical Vulnerability Found in LayerSlider Plugin Installed on a Million WordPress Sites appeared first on SecurityWeek.
SecurityWeek – Read More
Scathing Federal Report Rips Microsoft for Shoddy Security, Insincerity in Response to Chinese Hack
Cyber Safety Review Board, said “a cascade of errors” by Microsoft let state-backed Chinese cyber operators break into email accounts of senior U.S. officials.
The post Scathing Federal Report Rips Microsoft for Shoddy Security, Insincerity in Response to Chinese Hack appeared first on SecurityWeek.
SecurityWeek – Read More
Earth Freybug Uses UNAPIMON for Unhooking Critical APIs
The adversarial collective is known to rely on a combination of living-off-the-land binaries (LOLBins) and custom malware to realize its goals. Also adopted are techniques like DLL hijacking and API unhooking.
Cyware News – Latest Cyber News – Read More