Google Is Adding Passkey Support for Its Most Vulnerable Users
Google is bringing the password-killing “passkey” tech to its Advanced Protection Program users more than a year after rolling them out broadly.
Security Latest – Read More
Google Targets Passkey Support to High-Risk Execs, Civil Society
The tech giant has rolled out passkey support for account authentication within its Advanced Protection Program to complement existing compatibility with FIDO2 hardware keys.
darkreading – Read More
Crypto Analysts Expose HuiOne Guarantee’s $11 Billion Cybercrime Transactions
Cryptocurrency analysts have shed light on an online marketplace called HuiOne Guarantee that’s widely used by cybercriminals in Southeast Asia, particularly those linked to pig butchering scams.
“Merchants on the platform offer technology, data, and money laundering services, and have engaged in transactions totaling at least $11 billion,” Elliptic said in a report shared with The Hacker News.
The Hacker News – Read More
The $11 Billion Marketplace Enabling the Crypto Scam Economy
Deepfake scam services. Victim data. Electrified shackles for human trafficking. Crypto tracing firm Elliptic found all were available for sale on an online marketplace linked to Cambodia’s ruling family.
Security Latest – Read More
ViperSoftX Malware Disguises as eBooks on Torrents to Spread Stealthy Attacks
The sophisticated malware known as ViperSoftX has been observed being distributed as eBooks over torrents.
“A notable aspect of the current variant of ViperSoftX is that it uses the Common Language Runtime (CLR) to dynamically load and run PowerShell commands, thereby creating a PowerShell environment within AutoIt for operations,” Trellix security researchers Mathanraj Thangaraju and Sijo Jacob
The Hacker News – Read More
New OpenSSH Vulnerability Discovered: Potential Remote Code Execution Risk
Select versions of the OpenSSH secure networking suite are susceptible to a new vulnerability that can trigger remote code execution (RCE).
The vulnerability, tracked as CVE-2024-6409 (CVSS score: 7.0), is distinct from CVE-2024-6387 (aka RegreSSHion) and relates to a case of code execution in the privsep child process due to a race condition in signal handling. It only impacts versions 8.7p1
The Hacker News – Read More
Houthi-Aligned APT Targets Mideast Militaries With ‘GuardZoo’ Spyware
Simple malware and simple TTPs play against a backdrop of complex geopolitical conflict in the Arab world.
darkreading – Read More
Microsoft Patch Tuesday: Microsoft Patches 142 Critical Vulnerabilities
Microsoft plugs critical security holes in July Patch Tuesday! 142 vulnerabilities patched, including actively exploited zero-days and remote…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
5 Tips to Minimize the Costly Effects of Data Exfiltration
The more sensitive data an organization collects, the more at risk it is to a cyberattack. Here’s how to limit the damage.
darkreading – Read More
Cloud-Based Investigations Platform Targets Complexity in Incident Response
Software-as-a-service company Command Zero launches with a platform for investigating cybersecurity incidents that aims to minimize the grunt work.
darkreading – Read More