🚨 CISA KEV 1[−]
15 Apr KEVCISA Adds Multiple D-Link NAS Device Bugs to its Known Exploited Vulnerabilities CatalogAccording to BOD 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, FCEB agencies have to address the identified vulnerabilities by the due date to protect their networks against attacks exploiting the flaws in the catalog.SECURITYAFFAIRS.COM
🐛 COMMON VULNERABILITIES AND EXPOSURES 5[−]
15 AprPalo Alto Networks Releases Urgent Fixes for Exploited PAN-OS VulnerabilityPalo Alto Networks has released hotfixes to address a maximum-severity security flaw impacting PAN-OS software that has come under active exploitation in the wild. Tracked as CVE-2024-3400 (CVSS score: 10.0), the critical vulnerability is a case of command injection in …THEHACKERNEWS.COM
15 AprPalo Alto Networks Releases Fixes for Firewall Zero-Day as First Attribution Attempts EmergePalo Alto Networks has started releasing hotfixes for the firewall zero-day CVE-2024-3400, which some have linked to North Korea’s Lazarus. The post Palo Alto Networks Releases Fixes for Firewall Zero-Day as First Attribution Attempts Emerge appeared first on SecurityWeek .SECURITYWEEK.COM
15 AprMicrosoft .NET, .NET Framework, & Visual Studio Vulnerable To RCE AttacksA new remote code execution vulnerability has been identified to be affecting multiple Microsoft products including .NET, .NET Framework and Visual Studio. This vulnerability has been assigned CVE-2024-21409, and its severity has been given as 7.3 (High). This vulnerability is as…GBHACKERS.COM
15 AprUpdate: Palo Alto Networks Fixes Zero-Day Exploited to Backdoor FirewallsThis maximum severity security flaw (CVE-2024-3400) affects PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 firewalls with device telemetry and GlobalProtect (gateway or portal) enabled.BLEEPINGCOMPUTER.COM
15 AprQuick Palo Alto Networks Global Protect Vulnerablity Update (CVE-2024-3400), (Mon, Apr 15th)This is a quick update to our initial diary from this weekend [ CVE-2024-3400 ].
ISC.SANS.EDU
⚠️ VULNERABILITY DISCLOSURE 20[−]
15 AprUS Claims to Have Recovered $1.4bn in COVID FraudThe COVID-19 Fraud Enforcement Task Force (CFETF) was set up in 2021 to tackle what is believed to be fraud on a vast scale, taking advantage of generous government loans and relief payments during the pandemic.INFOSECURITY-MAGAZINE.COM
15 AprRussia Tops Global Cybercrime Index, New Study RevealsRussia is the most significant source of global cybercrime and serves as the top hub for digital threat actors worldwide, according to the newly released World Cybercrime Index.BANKINFOSECURITY.COM
15 AprUS Data Breach Reports Surge 90% Annually in Q1The first three months of 2024 saw 841 publicly reported “data compromises” – up 90% on the same period last year, according to the Identity Theft Resource Center (ITRC).INFOSECURITY-MAGAZINE.COM
15 AprUpdate: Hackers Deploy Python Backdoor in Palo Alto Zero-Day AttackThreat actors have been exploiting the newly disclosed zero-day flaw in Palo Alto Networks PAN-OS software dating back to March 26, 2024, nearly three weeks before it came to light yesterday.THEHACKERNEWS.COM
15 Apr6 bad cybersecurity habits that put SMBs at riskSmall and medium businesses (SMBs) have increased their digital footprint, embracing remote work, employing more internet-connected devices, and adopting new tools and technologies. They now find themselves a more attractive target to cyber criminals, and behind the headline-maki…CSOONLINE.COM
15 AprOpen-source scanner can identify risky Microsoft SCCM configurationsOne of the researchers that recently compiled a knowledge base of common misconfigurations and attack techniques impacting Microsoft System Center Configuration Manager (SCCM), has developed an open-source scanner to help administrators more easily identify those weaknesses in th…CSOONLINE.COM
15 AprCybercriminal Campaign Spreads Infostealers, Highlighting Risks to Web3 GamingThe campaign targets Web3 gamers, exploiting their potential lack of cyber hygiene in the pursuit of profits. It represents a significant cross-platform threat, utilizing a variety of malware to compromise users' systems.RECORDEDFUTURE.COM
15 AprZambia arrests 77 people in swoop on “scam” call centreLaw enforcement officers in Zambia have arrested 77 people at a call centre company they allege had employed local school-leavers to engage in scam internet users around the world. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
15 AprFatalRAT Targets Cryptocurrency Users With DLL Side-loading TechniquesThis campaign’s strategic inclusion of a clipper module alongside FatalRAT hints at a targeted approach towards cryptocurrency users, amplifying data interception capabilities with the addition of a keylogger module.THECYBEREXPRESS.COM
15 Apr KEVPalo Alto Networks fixes zero-day exploited to backdoor firewallsPalo Alto Networks has started releasing hotfixes for a zero-day vulnerability that has been actively exploited since March 26th to backdoor PAN-OS firewalls. [...]BLEEPINGCOMPUTER.COM
15 AprUpstream Security Gets Cisco Investment to Protect Connected Vehicles and DevicesUpstream Security, an Israeli auto cybersecurity startup, said on Wednesday it received an undisclosed investment from Cisco Investments as demand grows for internet-connected vehicles and other devices.FINANCE.YAHOO.COM
15 AprCritical Vulnerability in Delinea Secret Server Allows Auth Bypass, Admin AccessOrganizations with on-prem installations of Delinea Secret Server are urged to update them immediately, to plug a critical vulnerability that may allow attackers to bypass authentication, gain admin access and extract secrets.HELPNETSECURITY.COM
15 AprCyderes Acquires Ipseity Security to Enhance IAMGlobal cybersecurity services provider Cyderes has acquired Ipseity Security, a Canadian company specializing in identity and access management (IAM). The financial terms of the deal were not disclosed.CHANNELE2E.COM
15 AprUS Cyber Command Expanded 'Hunt Forward' Operations in 2023A secretive U.S. cyber military force ramped up global operations in 2023, executing more than double the average number of "hunt forward" campaigns than the previous five years, according to the head of U.S. Cyber Command.BANKINFOSECURITY.COM
15 AprPalo Alto Networks Releases Fixes For Firewall Zero-Day As Attribution Attempts EmergePACKETSTORMSECURITY.COM
15 AprIntel and Lenovo BMCs Contain Unpatched Lighttpd Server FlawA security flaw impacting the Lighttpd web server used in baseboard management controllers (BMCs) has remained unpatched by device vendors like Intel and Lenovo, new findings from Binarly reveal. While the original shortcoming was discovered and patched by the Lighttpd …THEHACKERNEWS.COM
15 AprJoint Guidance on Deploying AI Systems SecurelyToday, the National Security Agency’s Artificial Intelligence Security Center (NSA AISC) published the joint Cybersecurity Information Sheet Deploying AI Systems Securely in collaboration with CISA, the Federal Bureau of Investigation (FBI), the Australian Signals Directorate’s A…CISA.GOV
15 AprLikely State Hackers Exploiting Palo Alto Firewall Zero-DayCompany Released a Hotfix to the Command Injection Vulnerability Firewall appliance manufacturer Palo Alto Networks rushed out a hotfix Friday to a command injection vulnerability present in its custom operating system after security researchers spotted a campaign to exploit the …DATABREACHTODAY.CO.UK
15 AprFrom Idea to Success: How to Operationalize a Startup from Zero to Exit - Seth Spergel - BSW #346Startup founders dream of success, but it's much harder than it looks. As a former founder, I know the challenges of cultivating an idea, establishing product market fit, growing revenue, and finding the right exit. Trust me, it doesn't always end well. In this interview, we welc…YOUTUBE.COM
15 AprMicrosoft recognized as a Leader in the Forrester Wave™: Workforce Identity Platform, Q1 2024We're thrilled to announce that Forrester has recognized Microsoft as a Leader in the Forrester Wave™: Workforce Identity Platforms, Q1 2024 report. We’re proud of this recognition, which we believe reflects our commitment to delivering advanced solutions that cater to the evolv…MICROSOFT.COM
📋 SECURITY BULLETINS 2[−]
15 AprFramework’s software and firmware have been a mess, but it’s working on themNew features, security updates, and Linux support are all on a long to-do list.ARSTECHNICA.COM
15 AprFramework’s software and firmware have been a mess, but it’s working on themNew features, security updates, and Linux support are all on a long to-do list.ARSTECHNICA.COM
📢 SECURITY ADVISORIES 14[−]
15 AprCISA Makes its "Malware Next-Gen" Analysis System Publicly AvailableMalware Next-Gen was originally designed to allow U.S. federal, state, local, tribal, and territorial government agencies to submit suspicious files and receive automated malware analysis through static and dynamic analysis tools.BLEEPINGCOMPUTER.COM
15 AprNIST Seeks Input on Cyber Risk Management DraftThe public draft – titled Incident Response Recommendations and Considerations for Cybersecurity Risk Management: A CSF 2.0 Community Profile, was published by NIST on April 3. The agency is seeking public comments on the draft through May 20.MERITALK.COM
15 AprCISA Issues Emergency Directive After Midnight Blizzard Microsoft Hitssubmitted by kid to cybersecurity 1 points | 0 comments https://www.darkreading.com/cyberattacks-data-breaches/cisa-emergency-directive-after-midnight-blizzard-microsoft-hits CISA has issued an emergency directive in response to Midnight Blizzard, or Cozy Bear, a Russian threat a…DARKREADING.COM
15 AprSam Bankman-Fried, Fraud and the Future of CryptoPolicy Expert Ari Redbord Details SBF Case Standouts, Illicit Crypto Ecosystem As the Sam Bankman-Fried courtroom saga continues, crypto policy expert Ari Redbord discusses the sentencing's impact of the FTX founder on the ecosystem and regulations, what lies ahead for the indust…DATABREACHTODAY.CO.UK
15 AprIdaho’s Higher Ed Leaders Participate in CISA-Led Cybersecurity ExerciseHigher education leaders from across Idaho gathered for a CISA-Led Cybersecurity Exercise.CISA.GOV
15 AprCISA Plays Important Role in Northwest Economic SummitRegion 10 Protective Security Chief, Allen Chung presented at the recent Asian American, Native Hawaiian, Pacific Islander (AANHPI) Economic Summit.CISA.GOV
🔥 INCIDENT REPORTING 18[−]
15 AprLightSpy Malware Attacking Android and iOS UsersA new malware known as LightSpy has been targeting Android and iOS users. This sophisticated surveillance tool raises alarms across the cybersecurity community due to its extensive capabilities to exfiltrate sensitive user data. LightSpy is a modular malware implant designed to i…GBHACKERS.COM
15 AprPopular Rust Crate liblzma-sys Compromised with XZ Utils Backdoor Filesliblzma-sys, which has been downloaded over 21,000 times, provides Rust developers with bindings to the liblzma implementation, an underlying library that is part of the XZ Utils data compression software. The impacted version in question is 0.3.2.THEHACKERNEWS.COM
15 AprCyberattacks Cost Financial Firms $12 Billion, Says IMFFinancial services firms have been hit with $12bn in losses over the last two decades as a result of cyber attacks, according to a recently published report from the International Monetary Fund (IMF).FINEXTRA.COM
15 AprCyber Security Today, April 15, 2024 - Act fast to a plug hole in Palo Alto Networks firewall, Canadian comedy festival loses over $800K in email scam, and moreThis episode reports on a new anti-ransomware strategy, and moreCYBERSECURITYTODAY.LIBSYN.COM
15 AprHacker dumps data of 2.8 million Giant Tiger customersA threat actor has reportedly claimed responsibility for a March 2024 data breach that affected the Canadian retail chain Giant Tiger, which compromised 2.8 million customer records. The breach, which Giant Tiger confirms happened on March 4, happened because of a cybersecurity i…CSOONLINE.COM
15 AprMuddled Libra Shifts Focus to SaaS and Cloud for Extortion and Data Theft AttacksThe threat actor known as Muddled Libra has been observed actively targeting software-as-a-service (SaaS) applications and cloud service provider (CSP) environments in a bid to exfiltrate sensitive data. "Organizations often store a variety of data in SaaS applications …THEHACKERNEWS.COM
15 AprCisco Duo warns third-party data breach exposed SMS MFA logsCisco Duo's security team warns that hackers stole some customers' VoIP and SMS logs for multi-factor authentication (MFA) messages in a cyberattack on their telephony provider. [...]BLEEPINGCOMPUTER.COM
15 AprDaixin ransomware gang claims attack on Omni HotelsThe Daixin Team ransomware gang claimed a recent cyberattack on Omni Hotels & Resorts and is now threatening to publish customers' sensitive information if a ransom is not paid. [...]BLEEPINGCOMPUTER.COM
15 AprRansomware Group Claims Theft of Data From Chipmaker NexperiaThe Dark Angels (Dunghill) ransomware group claims to have stolen 1 Tb of data from Nexperia, which is investigating the incident. The post Ransomware Group Claims Theft of Data From Chipmaker Nexperia appeared first on SecurityWeek .SECURITYWEEK.COM
15 AprChipmaker Nexperia confirms breach after ransomware gang leaks dataDutch chipmaker Nexperia confirmed late last week that hackers breached its network in March 2024 after a ransomware gang leaked samples of allegedly stolen data. [...]BLEEPINGCOMPUTER.COM
15 AprMuddled Libra Shifts Focus to SaaS and Cloud for Extortion and Data Theft AttacksThe threat actor known as Muddled Libra has been observed actively targeting software-as-a-service (SaaS) applications and cloud service provider (CSP) environments in a bid to exfiltrate sensitive data.THEHACKERNEWS.COM
15 AprCisco Duo Says Hack at Telephony Supplier Exposed MFA SMS LogsCisco Duo warns that breach exposed phone numbers, phone carriers, metadata and other logs that could lead to downstream social engineering attacks. The post Cisco Duo Says Hack at Telephony Supplier Exposed MFA SMS Logs appeared first on SecurityWeek .SECURITYWEEK.COM
15 AprHacker Customize LockBit 3.0 Ransomware to Attack Orgs WorldwideCybersecurity researchers at Kaspersky have uncovered evidence that cybercriminal groups are customizing the virulent LockBit 3.0 ransomware for targeted attacks against organizations worldwide. This allows the threat actors to tailor the malware for maximum impact and effectiven…GBHACKERS.COM
15 AprA ransomware gang is leaking Change Healthcare’s stolen patient dataThis is the second group to demand a ransom payment from Change Healthcare to prevent the release of stolen patient data in as many months. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
15 AprLaw Firm to Pay $8M to Settle Health Data Hack LawsuitOrrick Herrington Cyberattack Compromised Clients' Data, Affected Nearly 638,000 A global law firm that provides data breach legal services has agreed to an $8 million settlement to resolve a proposed class action lawsuit filed against the firm in the aftermath of its cyberattack…DATABREACHTODAY.CO.UK
15 AprSisense Breach Highlights Rise in Major Supply Chain AttacksExperts Warn of Growing Threat From Supply Chain Attacks After High-Profile Breach Cybersecurity experts are sounding the alarm over a rise in supply chain attacks targeting the interconnected systems of global corporate giants after the top U.S. cyber agency urged Sisense custom…DATABREACHTODAY.CO.UK
15 AprRansomware gang starts leaking alleged stolen Change Healthcare dataThe RansomHub extortion gang has begun leaking what they claim is corporate and patient data stolen from United Health subsidiary Change Healthcare in what has been a long and convoluted extortion process for the company. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 20[−]
15 AprGSMA Releases Mobile Threat Intelligence FrameworkGSM Association’s Fraud and Security Group (FASG) has published the first version of a framework for describing, in a structured way, how adversaries attack and use mobile networks, based on the tactics, techniques, and procedures (TTPs) used.HELPNETSECURITY.COM
15 AprHow to protect IP surveillance cameras from Wi-Fi jamming - Help Net Securitysubmitted by Lanky_Pomegranate530 to cybersecurity 1 points | 0 comments https://www.helpnetsecurity.com/2024/04/15/ip-surveillance-cameras/HELPNETSECURITY.COM
15 AprChinese-Linked LightSpy iOS Spyware Targets South Asian iPhone UsersCybersecurity researchers have discovered a "renewed" cyber espionage campaign targeting users in South Asia with the aim of delivering an Apple iOS spyware implant called LightSpy. "The latest iteration of LightSpy, dubbed 'F_Warehouse,' boasts a modular framework with exte…THEHACKERNEWS.COM
15 AprLightSpy Hackers Indian Apple Device Users to Steal Sensitive DataThe revival of the LightSpy malware campaign has been observed, focusing on Indian Apple device users. This sophisticated mobile spyware, suspected to have origins in China, is being used for espionage, targeting a select group of individuals, including journalists, activists, po…GBHACKERS.COM
15 AprNew Lattice Cryptanalytic TechniqueA new paper presents a polynomial-time quantum algorithm for solving certain hard lattice problems. This could be a big deal for post-quantum cryptographic algorithms, since many of them base their security on hard lattice problems. A few things to note. One, this paper has not y…SCHNEIER.COM
15 AprTwo People Arrested in Australia and US for Development and Sale of Hive RATAuthorities in Australia and the US have arrested and charged two individuals for developing and selling the Hive RAT. The post Two People Arrested in Australia and US for Development and Sale of Hive RAT appeared first on SecurityWeek .SECURITYWEEK.COM
15 AprFormer Security Engineer Sentenced to Prison for Hacking Crypto ExchangesFormer security engineer Shakeeb Ahmed was sentenced to prison for hacking and defrauding cryptocurrency exchanges. The post Former Security Engineer Sentenced to Prison for Hacking Crypto Exchanges appeared first on SecurityWeek .SECURITYWEEK.COM
15 AprWhat’s Next in Cortex — XSIAM for Cloud and Other InnovationsCortex XSIAM introduces new capabilities to help tackle a wide variety of challenges, including new cloud capabilities and feature enhancements. The post What’s Next in Cortex — XSIAM for Cloud and Other Innovations appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
15 AprJuniper Networks Publishes Dozens of New Security AdvisoriesJuniper Networks patches dozens of vulnerabilities in Junos OS, Junos OS Evolved, and other products. The post Juniper Networks Publishes Dozens of New Security Advisories appeared first on SecurityWeek .SECURITYWEEK.COM
15 AprDestructive ICS Malware ‘Fuxnet’ Used by Ukraine Against Russian InfrastructureICS malware Fuxnet allegedly used by Ukrainian Blackjack group to disrupt industrial sensors and other systems belonging to a Moscow infrastructure firm. The post Destructive ICS Malware ‘Fuxnet’ Used by Ukraine Against Russian Infrastructure appeared first on Securit…SECURITYWEEK.COM
15 AprNightVision Raises $5.4 Million for Application Security TestingNightVision, an early stage startup in the application security testing space, has raised $5.4 million in seed funding. The post NightVision Raises $5.4 Million for Application Security Testing appeared first on SecurityWeek .SECURITYWEEK.COM
15 AprMentorship Monday - Discussions for career and learning!submitted by shellsharks to cybersecurity 1 points | 0 comments Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? …INFOSEC.PUB
15 AprChinese-Linked LightSpy iOS Spyware Targets South Asian iPhone UsersCybersecurity researchers have discovered a "renewed" cyber espionage campaign targeting users in South Asia with the aim of delivering an Apple iOS spyware implant called LightSpy.THEHACKERNEWS.COM
15 AprMY TAKE: GenAI revolution — the transformative power of ordinary people conversing with AISan Francisco, Calif. — The amazing digital services we have today wouldn’t have come to fruition without the leading technology and telecom giants investing heavily in R&D. Related: GenAi empowers business I had the chance to attend NTT Research’s Upgrade … (more…LASTWATCHDOG.COM
15 AprNew Foundation Sees Mental Health Tied to Cyber ResilienceMental Health Charter Targets Burnout, Stress Among Cybersecurity Professionals In response to rising stress levels in cybersecurity, industry leaders, including CTO Sarb Sembhi of Virtually Informed, have launched the Mental Health in CyberSecurity Charter and Foundation to focu…DATABREACHTODAY.CO.UK
15 Apr[WARNING] FBI Issues Alert on Major Phishing Campaign That Impersonates US Toll ServicesThe FBI has issued an alert warning of a widespread SMS phishing (smishing) campaign targeting people in several US states with phony notices of unpaid tolls, BleepingComputer reports.KNOWBE4.COM
15 AprYou Really Are Being Surveilled All the Time“If the product is free, you are the product!” No truer words have ever been spoken. But in today’s internet-connected, ad-everywhere world, even if you are paying for the product or service, you are still the product.KNOWBE4.COM
15 AprZero Trust Adoption: Where Are Enterprises Today?Gartner Analyst John Watts Says Enterprises Must Reassess Zero Trust Strategies Enterprises have deliberated on implementing zero trust for years, but vendors are overpromising and under-delivering on zero trust solutions. Gartner Vice President Analyst John Watts discusses the c…DATABREACHTODAY.CO.UK
15 AprFTC Bans Online Mental Health Firm From Sharing Certain DataProposed Action Also Orders Cerebral Inc. to Pay $7M Penalty The FTC has proposed restricting a mental telehealth service firm from sharing consumer data and requiring it to pay a $7 million penalty to settle allegations that the firm used online tracking tools to unlawfully disc…DATABREACHTODAY.CO.UK
15 AprAdapting to the Deluge of Cybersecurity Data - Cyber Defense Magazinesubmitted by Lanky_Pomegranate530 to cybersecurity 2 points | 0 comments https://www.cyberdefensemagazine.com/adapting-to-the-deluge-of-cybersecurity-data/CYBERDEFENSEMAGAZINE.COM
🌐 CYBER THREAT LANDSCAPE 2[−]
15 Apr'eXotic Visit' Spyware Campaign Targets Android Users in India and PakistanThe campaign is said to be highly targeted in nature, with the apps available on Google Play having a negligible number of installs ranging from zero to 45. The apps have since been taken down.THEHACKERNEWS.COM
15 AprNew SteganoAmor attacks use steganography to target 320 orgs globallyA new campaign conducted by the TA558 hacking group is concealing malicious code inside images using steganography to deliver various malware tools onto targeted systems. [...]BLEEPINGCOMPUTER.COM
📡 INFOSEC NEWS 14[−]
15 AprEx-Security Engineer Jailed Three Years for $12.3 Million Crypto Exchange TheftsA former security engineer has been sentenced to three years in prison in the U.S. for charges relating to hacking two decentralized cryptocurrency exchanges in July 2022 and stealing over $12.3 million.THEHACKERNEWS.COM
15 AprMicrosoft lifts Windows 11 block on some Intel systems after 2 yearsMicrosoft has finally lifted a compatibility hold blocking Windows 11 upgrades on systems with Intel 11th Gen Core processors and Intel Smart Sound Technology (SST) audio drivers. [...]BLEEPINGCOMPUTER.COM
15 AprTiming is Everything: The Role of Just-in-Time Privileged Access in Security EvolutionTo minimize the risk of privilege misuse, a trend in the privileged access management (PAM) solution market involves implementing just-in-time (JIT) privileged access. This approach to privileged identity management aims to mitigate the risks associated with prolonged h…THEHACKERNEWS.COM
15 AprAI Copilot: Launching Innovation Rockets, But Beware of the Darkness AheadImagine a world where the software that powers your favorite apps, secures your online transactions, and keeps your digital life could be outsmarted and taken over by a cleverly disguised piece of code. This isn't a plot from the latest cyber-thriller; it's actually been a realit…THEHACKERNEWS.COM
15 AprSophos Guidance on the Digital Operational Resilience Act (DORA)Guidance to support financial entities in the EU impacted by the Digital Operational Resilience Act (DORA).SOPHOS.COM
15 AprEuropean Police Swoop on $685m Cannabis Investment Fraud GangJuicyFields operated as a classic Ponzi scheme between 2020 and July 2022, according to Europol. Promising high returns with little to no risk, the scammers simply used money from new investors to pay returns to earlier ones.INFOSECURITY-MAGAZINE.COM
15 AprCrickets from Chirp Systems in Smart Lock Key LeakThe U.S. government is warning that smart locks securing entry to an estimated 50,000 dwellings nationwide contain hard-coded credentials that can be used to remotely open any of the locks. The lock's maker Chirp Systems remains unresponsive, even though it was first notified abo…KREBSONSECURITY.COM
15 AprCloned Voice Tech Is Coming for Bank AccountsAt many financial institutions, your voice is your password. Tiny variations in pitch, tone and timbre make human voices unique - apparently making them an ideal method for authenticating customers phoning for service.BANKINFOSECURITY.COM
15 AprCrypto miner arrested for skipping on $3.5 million in cloud server billsThe U.S. Department of Justice has announced the arrest and indictment of Charles O. Parks III, known as "CP3O," for allegedly renting large numbers of cloud servers to conduct crypto mining and then skipping out on paying the bills. [...]BLEEPINGCOMPUTER.COM
15 AprMicrosoft will limit Exchange Online bulk emails to fight spamMicrosoft has announced plans to fight spam by imposing a daily Exchange Online bulk email limit of 2,000 external recipients starting January 2025. [...]BLEEPINGCOMPUTER.COM
15 AprBitcoin scams, hacks and heists – and how to avoid themHere’s how cybercriminals target cryptocurrencies and how you can keep your bitcoin or other crypto safeWELIVESECURITY.COM