‘PathWiper’ Attack Hits Critical Infrastructure In Ukraine
Cisco Talos researchers observed the new wiper malware in a destructive attack against an unnamed critical infrastructure organization.
darkreading – Read More
Digital Forensics Firm Cellebrite to Acquire Corellium
Cellebrite, a controversial digital forensics firm, is set to acquire virtualization vendor Corellium in a $170 million deal.
darkreading – Read More
Cisco Warns of Credential Vuln on AWS, Azure, Oracle Cloud
The vulnerability, with a 9.9 CVSS score on a 10-point scale, results in different Cisco ISE deployments all sharing the same credentials as long as the software release and cloud platform remain the same.
darkreading – Read More
Misconfigured HMIs Expose US Water Systems to Anyone with a Browser
Censys researchers follow some clues and find hundreds of control-room dashboards for US water utilities on the public internet.
The post Misconfigured HMIs Expose US Water Systems to Anyone with a Browser appeared first on SecurityWeek.
SecurityWeek – Read More
Ross Ulbricht Got a $31 Million Donation From a Dark Web Dealer, Crypto Tracers Suspect
Crypto-tracing firm Chainalysis says the mysterious 300-bitcoin donation to the pardoned Silk Road creator appears to have come from someone associated with a different defunct black market: AlphaBay.
Security Latest – Read More
Backdoored Malware Reels in Newbie Cybercriminals
Sophos researchers found this operation has similarities or connections to many other campaigns targeting GitHub repositories dating back to August 2022.
darkreading – Read More
Unsecured Database Exposes Data of 3.6 Million Passion.io Creators
A massive data leak has put the personal information of over 3.6 million app creators, influencers, and entrepreneurs…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Iran-linked hackers target Kurdish and Iraqi officials in long-running cyberespionage campaign
The group has been operating since at least 2017, initially breaching systems belonging to the Kurdistan Regional Government and have expanded their reach to the Central Government of Iraq as well as a telecommunications provider in Uzbekistan.
The Record from Recorded Future News – Read More
Popular Chrome Extensions Leak API Keys, User Data via HTTP and Hardcoded Credentials
Cybersecurity researchers have flagged several popular Google Chrome extensions that have been found to transmit data in HTTP and hard-code secrets in their code, exposing users to privacy and security risks.
“Several widely used extensions […] unintentionally transmit sensitive data over simple HTTP,” Yuanjing Guo, a security researcher in the Symantec’s Security Technology and Response
The Hacker News – Read More
Cybercriminals are stealing business Salesforce data with this simple trick – don’t fall for it
The goal is to steal large amounts of confidential data in an attempt to extort the victims. Here’s how it works.
Latest stories for ZDNET in Security – Read More