🐛 COMMON VULNERABILITIES AND EXPOSURES 1[−]
11 MayPoC Released for Critical PuTTY Private Key Recovery VulnerabilitySecurity researchers have published a Proof-of-Concept (PoC) exploit for a critical vulnerability in the widely used PuTTY SSH and Telnet client. The flaw, CVE-2024-31497, allows attackers to recover private keys generated with the NIST P-521 elliptic curve in PuTTY versions 0.68…GBHACKERS.COM
⚠️ VULNERABILITY DISCLOSURE 5[−]
11 MayCVE/FIRST VulnCon 2024 - 44 talkssubmitted by ashar to security_cpe 1 points | 0 comments https://www.first.org/_/e/_logos/sponsor-cve_r-wd.svg The purpose of the conference is to collaborate with various vulnerability management and cybersecurity professionals to develop forward leaning ideas that can be taken …FIRST.ORG
11 MayHardly Strictly Securitysubmitted by ashar to security_cpe 1 points | 0 comments https://framerusercontent.com/images/ScOp3CAXGVIpa2GvcCOgS3AffZw.svg Hardly Strictly Security is the only cybersecurity conference focused on leveraging the power of open source. This one day, single track virtual event wil…FRAMERUSERCONTENT.COM
11 MayAttack Makes Autonomous Vehicle Tech Ignore Road SignsResearchers have developed a technique called "GhostStripe" that can exploit the camera-based computer vision systems of autonomous vehicles, causing them to fail to recognize road signs, making it very risky for Tesla and Baidu Apollo vehicles.THEREGISTER.COM
11 MayEuropol confirms web portal breach, says no operational data stolenEuropol, the European Union's law enforcement agency, confirmed that its Europol Platform for Experts (EPE) portal was breached and is now investigating the incident after a threat actor claimed they stole For Official Use Only (FOUO) documents containing classified data. [...]BLEEPINGCOMPUTER.COM
11 MayRSA Conference 2024 - 14 Keynotessubmitted by ashar to security_cpe 1 points | 0 comments RSAC 2024 West Stage KeynotesINFOSEC.PUB
📢 SECURITY ADVISORIES 2[−]
11 MayBSides Lancashire 2024 - 19 talkssubmitted by ashar to security_cpe 2 points | 0 comments https://www.bsideslancashire.org/wp-content/uploads/2022/11/LancsLogo.png BSides Lancashire 2024 Schedule The talk videos from BSides Lancashire 2024BSIDESLANCASHIRE.ORG
11 MayCISA: Black Basta ransomware breached over 500 orgs worldwideCISA and the FBI said today that Black Basta ransomware affiliates breached over 500 organizations between April 2022 and May 2024. [...]BLEEPINGCOMPUTER.COM
🔥 INCIDENT REPORTING 2[−]
11 MayLockBitSupp Denies Identification of Group ‘Admin’, Opens Contest to Find Named Dmitry Yuryevichsubmitted by 0nekoneko7 to securitynews 1 points | 0 comments https://thecyberexpress.com/lockbitsupp-denies-being-dmitry-khoroshev/THECYBEREXPRESS.COM
11 MayThe Post Millennial hack leaked data impacting 26 million peopleHave I Been Pwned has added the information for 26,818,266 people whose data was leaked in a recent hack of The Post Millennial conservative news website. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 3[−]
11 MayHackCar – Attack AND Defense Playground For Automotive SystemModern cars have microcontrollers that use the Controller Area Network (CAN) to perform safety and luxury functions. However, vehicle hijacking can occur through message injection attacks because the CAN network lacks the security of drive-by-wire systems such as speed cont…GBHACKERS.COM
11 May'The Mask' Espionage Group Resurfaces After 10-Year HiatusAn advanced persistent threat (APT) group that has been missing in action for more than a decade has suddenly resurfaced in a cyber-espionage campaign targeting organizations in Latin America and Central Africa.DARKREADING.COM
11 MayFIN7 Hacker Group Leverages Malicious Google Ads to Deliver NetSupport RATThe financially motivated threat actor known as FIN7 has been observed leveraging malicious Google ads spoofing legitimate brands as a means to deliver MSIX installers that culminate in the deployment of NetSupport RAT. "The threat actors used m…THEHACKERNEWS.COM
📡 INFOSEC NEWS 1[−]
11 MayScammers found planting online betting ads on Indian government websitesSome Indian government websites have allowed scammers to plant advertisements capable of redirecting visitors to online betting platforms. TechCrunch discovered around four dozen “gov.in” website links associated with Indian states, including Bihar, Goa, Karnataka, Ke…TECHCRUNCH.COM