New Findings Challenge Attribution in Denmark’s Energy Sector Cyberattacks

The cyber attacks targeting the energy sector in Denmark last year may not have had the involvement of the Russia-linked Sandworm hacking group, new findings from Forescout show.
The intrusions, which targeted around 22 Danish energy organizations in May 2023, occurred in two distinct waves, one which exploited a security flaw in Zyxel firewall (CVE-2023-28771) and a

The Hacker News – ​Read More

Unravelling Retirement Banking Scams and How To Protect Yourself

By Uzair Amir

In the labyrinth of financial scams, one of the most insidious is the retirement banking scam. Imagine a…

This is a post from HackRead.com Read the original post: Unravelling Retirement Banking Scams and How To Protect Yourself

Hackread – Latest Cybersecurity News, Press Releases & Technology Today – ​Read More

Critical RCE Vulnerability Uncovered in Juniper SRX Firewalls and EX Switches

Juniper Networks has released updates to fix a critical remote code execution (RCE) vulnerability in its SRX Series firewalls and EX Series switches.
The issue, tracked as CVE-2024-21591, is rated 9.8 on the CVSS scoring system.
“An out-of-bounds write vulnerability in J-Web of Juniper Networks Junos OS SRX Series and EX Series allows an unauthenticated, network-based attacker to cause a

The Hacker News – ​Read More

29-Year-Old Ukrainian Cryptojacking Kingpin Arrested for Exploiting Cloud Services

A 29-year-old Ukrainian national has been arrested in connection with running a “sophisticated cryptojacking scheme,” netting them over $2 million (€1.8 million) in illicit profits.
The person was apprehended in Mykolaiv, Ukraine, on January 9 by the National Police of Ukraine with support from Europol and an unnamed cloud service provider following “months of intensive collaboration.”
“A cloud

The Hacker News – ​Read More

A Bloody Pig Mask Is Just Part of a Wild New Criminal Charge Against eBay

Plus: Chinese officials tracked people using AirDrop, Stuxnet mole’s identity revealed, AI chatbot hacking, and more.

Security Latest – ​Read More

Fertility Test Lab Will Pay $1.25M to Settle Breach Lawsuit

The settlement includes reimbursement for out-of-pocket losses, credit monitoring, identity theft insurance, and a cash settlement payment for affected individuals, with an additional payment for California residents.

Cyware News – Latest Cyber News – ​Read More

APIs are Increasingly Becoming Attractive Targets

APIs are being used more than ever by businesses to build and provide better sites, apps, and services to consumers. However, if APIs are not managed or secured properly, they can be exploited by hackers to steal sensitive information.

Cyware News – Latest Cyber News – ​Read More

Purple Teaming and the Role of Threat Categorization

Purple team assessments, where red and blue teams collaborate, can provide a more comprehensive approach to security assessments, but they need to evolve to account for the multitude of attack technique variants.

Cyware News – Latest Cyber News – ​Read More

New Financial Fraud APK Campaign Discovered

A new family of malicious Android Package Kit (APK) files has been discovered targeting Chinese users. The attackers pose as law enforcement officials and claim the victim’s phone number or bank account is involved in financial fraud.

Cyware News – Latest Cyber News – ​Read More

SEC X Account Hack Draws Senate Outrage

Senators from both parties called the Securities and Exchange Commission’s lack of MFA “inexcusable” and demand investigation into the regulator’s cybersecurity lapse.

darkreading – ​Read More