93Articles
8Categories
2024-05-29Date
🚨 CISA KEV 1[−]
29 May KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its  Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2024-4978 Justice AV Solutions (JAVS) Viewer Installer Embedded Malicious Code Vulnerability These types of vulnerabilities are frequent attac…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 3[−]
29 MayCheck Point VPNs exploited to breach enterprise networksCybersecurity provider Check Point has advised its VPN customers to patch the Security Gateways service immediately to prevent threat actors from gaining initial access to enterprise networks through vulnerable VPN configurations. The company has released an advisory to help fix …CSOONLINE.COM
29 MayCVE-2024-23108: Fortinet FortiSIEM 2nd Order Command Injection Deep-Divesubmitted by kid to cybersecurity 1 points | 0 comments https://www.horizon3.ai/attack-research/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/HORIZON3.AI
29 May KEVCheck Point Warns of Zero-Day Attacks on its VPN Gateway ProductsCheck Point is warning of a zero-day vulnerability in its Network Security gateway products that threat actors have exploited in the wild. Tracked as CVE-2024-24919, the issue impacts CloudGuard Network, Quantum Maestro, Quantum Scalable Chassis, Quantum Security Gateways, and Qu…THEHACKERNEWS.COM
⚠️ VULNERABILITY DISCLOSURE 19[−]
29 MayCybersecurity at a crossroads: Time to shift to an architectural approachAccording to ESG research, 45% of cybersecurity professionals believe that security operations are more difficult today than they were two years ago, while another 11% claim that things are about the same. When asked why they felt this way, security pros pointed to a growing atta…CSOONLINE.COM
29 MayRepeated cyberattacks on court systems raise security concerns for the USThrough a statement issued last month , Jackson County, Missouri, confirmed that a ransomware attack was responsible for the disruption of several county services, including the shutting down of the Assessment, Collection, and Recorder of Deeds offices at all county locations. Ja…CSOONLINE.COM
29 MayBreachForums Returns Just Weeks After FBI Seizure - Honeypot or Blunder?The online criminal bazaar BreachForums has been resurrected merely two weeks after a U.S.-led coordinated law enforcement action dismantled and seized control of its infrastructure. Cybersecurity researchers and dark web trackers Brett Callow, Dark Web Informer, and FalconFeeds …THEHACKERNEWS.COM
29 MayStrengthening Data Security to Protect ConsumersSam Kaplan recently had the privilege of testifying on Strengthening Data Security to Protect Consumers before a Senate Commerce Subcommittee hearing. The post Strengthening Data Security to Protect Consumers appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
29 MayCheck Point releases emergency fix for VPN zero-day exploited in attacksCheck Point has released hotfixes for a VPN zero-day vulnerability exploited in attacks to gain remote access to firewalls and attempt to breach corporate networks. [...]BLEEPINGCOMPUTER.COM
29 MayDigital trust gap leaves organizations vulnerableA significant digital trust “acknowledgment-action gap” exists in organizations and it’s holding back stronger protections for customers, stakeholders and partners, the latest ISACA State of Digital Trust 2024 report has found. A total of 87% of respondents said digital trust was…CSOONLINE.COM
29 MayCriminals Abuse Cloud Storage Platforms to Host Phishing SitesThreat actors are abusing cloud storage platforms to host phishing sites that can more easily evade detection by security scanners, according to researchers at Enea. Criminals are exploiting numerous cloud services, including Google Cloud, AWS, IBM Cloud, and others.KNOWBE4.COM
29 MayRetrieving Deleted Files on the Commodore C64 in 1987When I was a sophomore in high school, from 1987 to 1988, my friend Paul and I had Commodore C64 computers. There was a new graphical user interface called GEOS that had transformed the way we interacted with our computers. We used the C64 to play games but also write papers for …TAOSECURITY.BLOGSPOT.COM
29 MayCheck Point VPN zero-day exploited in attacks since April 30Threat actors have been exploiting a high-severity Check Point Remote Access VPN zero-day since at least April 30, stealing Active Directory data needed to move laterally through the victims' networks in successful attacks. [...]BLEEPINGCOMPUTER.COM
29 MayBeyond Outages: How Strata’s Identity Continuity Technology is Transforming IAM - Gerr... - IDV24 #1In today’s increasingly complex cloud environments, ensuring continuous access to identity services is critical for maintaining business operations and security. Gerry Gebel, VP of Product and Standards at Strata Identity, will discuss the recently announced Identity Continuity p…YOUTUBE.COM
29 MayKYB – Increasing KYB Coverage through linking Consumer and Business Data - Tarvinder S... - IDV24 #1Several recent trends underscore the increasing importance of Know Your Business (KYB) practices in today's business landscape. One significant trend is the rise in financial crimes, including money laundering, fraud, and terrorist financing. Technological advancements have trans…YOUTUBE.COM
29 MayFlaw in TP-Link Gaming Router Allows Remote AttacksUnsanitized Inputs Leads to Remote Code Execution A gaming Wi-Fi router contained a zero-day that allowed a remote unauthenticated attacker to execute arbitrary code - a flaw that a static analysis cybersecurity firm attributed to insecure coding practices. Routers are a perennia…DATABREACHTODAY.CO.UK
29 MayWhy a Broadcom-Zscaler Deal Makes Sense - and Why It Doesn'tIs There Anything to Anonymous Reports About Talks of a $38B Broadcom-Zscaler Deal? Reports last weekend that technology behemoth Broadcom had started discussions to acquire zero trust pioneer Zscaler for $38 billion raised eyebrows throughout the cybersecurity industry. The surp…DATABREACHTODAY.CO.UK
29 MayUnlocking Business Value: Navigating Identity Program Challenges with Expert Insights ... - IDV24 #1Enterprises often struggle with achieving business value in identity programs. This is typically the result of technology choices that require a disproportionately greater amount of effort and focus and underestimating the workforce required for organizational change management. …YOUTUBE.COM
29 May KEVThe iShield Key Experience – What is different about this FIDO2 security dongle? - Kev... - IDV24 #1FIDO security keys are not new in the authentication workflow. They have been around now for 10 years. What is new is the combination of the most secure multi-factor authentication method not only for logical but also for physical access control with the highest FIPS140-3 securit…YOUTUBE.COM
29 MayThe Problem Isn’t Access, It’s Actions - Tim Prendergast - IDV24 #1Traditional approaches to access management are no longer sufficient to safeguard enterprise security. Tim will explain why the most effective approach to modern enterprise security requires a Zero Trust model that extends beyond just access to encompass every action, no matter h…YOUTUBE.COM
29 MayHow AAG is Going Beyond Traditional IGA to Secure Real Enterprise Risk - Damon Tompkins - IDV24 #1Traditional IGA solutions are not risk-focused by design, and as audit and compliance focus continues to expand beyond core ERP systems and into line of business apps and point solutions, organizations must plan holistically how to address risk across their application landscape.…YOUTUBE.COM
29 MayMultiple Vulnerabilities in Fortinet FortiSIEM Could Allow for Remote Code ExecutionMultiple vulnerabilities have been discovered in Fortinet FortiSIEM which could allow for remote code execution. FortiSIEM is a multi-tenant SIEM that offers real-time infrastructure and user awareness for precise threat detection, analysis, and reporting. Successful exploitation…CISECURITY.ORG
📢 SECURITY ADVISORIES 8[−]
29 MayNew Research Warns About Weak Offboarding Management and Insider RisksA recent study by Wing Security found that 63% of businesses may have former employees with access to organizational data, and that automating SaaS Security can help mitigate offboarding risks.  Employee offboarding is typically seen as a routine administrative task, but it …THEHACKERNEWS.COM
29 MayHouse bill would ban Chinese connected vehicles over security concernsU.S. Rep. Elissa Slotkin will introduce a bill to Congress that would limit or ban the introduction of connected vehicles built by Chinese companies if found to pose a threat to national security. The bill comes as the trade war between the U.S. and China heightens in the afterma…TECHCRUNCH.COM
29 MayUS dismantles 911 S5 botnet used for cyberattacks, arrests adminThe U.S. Justice Department and international partners dismantled the 911 S5 proxy botnet and arrested 35-year-old Chinese national YunHe Wang, its administrator. [...]BLEEPINGCOMPUTER.COM
29 MayFBI Says It Dismantled 'Likely the World's Largest Botnet'US-Led Operation Disrupts 911 S5 Botnet in Global Crackdown FBI Director Christopher Wray said the U.S. led an internationally coordinated effort to disrupt and dismantle what may be one of the world's largest malicious botnet services, which had accrued 19 million IP addresses b…DATABREACHTODAY.CO.UK
29 MayEU's New AI Office Is Set to Begin Operating in JuneThe Office Will Oversee the Implementation of the European Union's AI Act The European AI Office, which is tasked with implementing the AI Act, the first-ever binding regulation on artificial intelligence, is set to begin operating next month. The office will be headed by Lucilla…DATABREACHTODAY.CO.UK
🔥 INCIDENT REPORTING 16[−]
29 MayBreachForums returns just weeks after FBI-led takedownsubmitted by 0nekoneko7 to securitynews 2 points | 1 comments https://www.theregister.com/2024/05/28/breachforums_back_online/THEREGISTER.COM
29 MayCyber Security Today, May 29, 2024 - A new North Korean ransomware gang spotted, and moreThis episode reports on ransomware news, US sanctions against Chinese citizens for running a botnet, and moreCYBERSECURITYTODAY.LIBSYN.COM
29 MayINE Security Enables CISOs to Secure Board Support for Cybersecurity TrainingIf there is a single theme circulating among Chief Information Security Officers (CISOs) right now, it is the question of how to get stakeholders on board with more robust cybersecurity training protocols. There are key points debated about why you should provide cybersecurity tr…GBHACKERS.COM
29 MayPersonal Information of 44,000 Compromised in First American CyberattackFirst American will notify 44,000 individuals that their personal information was stolen in a December 2023 ransomware attack. The post Personal Information of 44,000 Compromised in First American Cyberattack appeared first on SecurityWeek .SECURITYWEEK.COM
29 MayMicrosoft Uncovers 'Moonstone Sleet' — New North Korean Hacker GroupA never-before-seen North Korean threat actor codenamed Moonstone Sleet has been attributed as behind cyber attacks targeting individuals and organizations in the software and information technology, education, and defense industrial base sectors with ransomware and bespoke malwa…THEHACKERNEWS.COM
29 MayPakistani 'Transparent Tribe' APT Aims for Cross-Platform Impactsubmitted by kid to cybersecurity 1 points | 0 comments https://www.darkreading.com/cyberattacks-data-breaches/pakistani-transparent-tribe-apt-aims-for-cross-platform-impactDARKREADING.COM
29 MayNew Endpoint Protection Platform by Cigent Blocks Ransomware at the Data LevelThe two primary components to the solution are to encrypt company data at all times, and to decrypt only when the file is required for use. The post New Endpoint Protection Platform by Cigent Blocks Ransomware at the Data Level appeared first on SecurityWeek .SECURITYWEEK.COM
29 MayRSAC Fireside Chat: Rich threat intel, specialized graph database fuel HYAS’ Protective DNSThe capacity to withstand network breaches, and minimize damage, is a key characteristic of digital resiliency. Related: Selecting a Protective DNS One smart way to do this is by keeping an eagle eye out for rogue command and control (C2) … (more…) The post RSAC Fireside Ch…LASTWATCHDOG.COM
29 MayThe most dangerous CVEs of 2023 and 2024: fix these todayThe most commonly hacked applications and services in 2023 and Q1 2024KASPERSKY.COM
29 MayGoing going gone! Ransomware attack grabs Christie’s client data for a stealThe world-renowned auction house Christie's has confirmed that it has fallen victim to a ransomware attack, seemingly orchestrated by a Russia-linked cybercriminal gang. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
29 MayCyber Psychological Warfare: Hacking Operational TechnologyEven the Threat of Disruption Plays Into Attackers' Hands, Says Ian Thornton-Trump Defenders of operational technology environments should look beyond the technical controls and incident response plans they've put in place. They also need to consider how attackers might undermine…DATABREACHTODAY.CO.UK
29 MayCooler Master hit by data breach exposing customer informationComputer hardware manufacturer Cooler Master has suffered a data breach after a threat actor breached the company's website and claimed to steal the Fanzone member information of 500,000 customers. [...]BLEEPINGCOMPUTER.COM
29 MayRx Benefits Firm Notifying 2.8 Million of Data Theft HackThe Breach Notice Raises the Question of Whether Sav-Rx Paid a Ransom A Nebraska firm that provides medication benefits management and pharmacy services is notifying more than 2.8 million individuals of an October 2023 hacking incident involving the potential theft of their perso…DATABREACHTODAY.CO.UK
29 MayWhat You Need to Know and How to Respond to the New Wave of GenAI Identity Attacks - D... - IDV24 #1Cyberattacks, fraud and breaches, we’ve all studied them, and we are all aware that identity is under attack. And if we thought it was bad up until now, we haven't fully seen the impact of GenAI based identity attacks. Going beyond just Deepfakes, GenAI-powered malicious services…YOUTUBE.COM
🕵️ THREAT INTELLIGENCE 28[−]
29 MayIs that It? Finding the Unknown: Correlations Between Honeypot Logs & PCAPs [Guest Diary], (Tue, May 28th)[This is a Guest Diary by Joshua Jobe, an ISC intern as part of the SANS.edu BACS program] ISC.SANS.EDU
29 MayISC Stormcast For Wednesday, May 29th, 2024 https://isc.sans.edu/podcastdetail/9000, (Wed, May 29th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
29 MayNetflix Paid Out Over $1 Million via Bug Bounty ProgramNetflix has paid out more than $1 million for vulnerabilities found in its products since the launch of its bug bounty program in 2016. The post Netflix Paid Out Over $1 Million via Bug Bounty Program appeared first on SecurityWeek .SECURITYWEEK.COM
29 MayPrivacy Implications of Tracking Wireless Access PointsBrian Krebs reports on research into geolocating routers: Apple and the satellite-based broadband service Starlink each recently took steps to address new research into the potential security and privacy implications of how their services geolocate devices. Researchers from the U…SCHNEIER.COM
29 MayU.S. Sanctions Cybercrime Network Behind Massive Residential Proxy Bothnet Servicesubmitted by kid to cybersecurity 1 points | 0 comments https://cybersecuritynews.com/u-s-cybercrime-proxy/CYBERSECURITYNEWS.COM
29 MayZendata Emerges From Stealth With Data Security, AI Governance SolutionsData security and AI governance company Zendata has emerged from stealth mode with $2 million in seed funding. The post Zendata Emerges From Stealth With Data Security, AI Governance Solutions appeared first on SecurityWeek .SECURITYWEEK.COM
29 MayNew North Korean Threat Actor Engaging in Espionage, Revenue Generation AttacksMicrosoft dives into the tactics, techniques, and procedures of North Korean threat actor Moonstone Sleet. The post New North Korean Threat Actor Engaging in Espionage, Revenue Generation Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
29 MayEurope’s Cybersecurity Chief Says Disruptive Attacks Have Doubled in 2024, Sees Russia Behind ManyDisruptive digital attacks – many traced to Russia-backed groups – have doubled in the European Union in 2024 and are also targeting election-related services, according to the EU’s top cybersecurity official. The post Europe’s Cybersecurity Chief Says Disruptive Attacks Have Dou…SECURITYWEEK.COM
29 MayPhishing with Cloudflare Workers: Transparent Phishing and HTML SmugglingPhishing campaigns are abusing Cloudflare workers in two ways, where one injects malicious content hidden by HTML smuggling, similar to Azorult malware.  The other uses Cloudflare Workers as a transparent proxy to steal login credentials for services like Microsoft, Gmail, a…GBHACKERS.COM
29 MayKiteshield Packer is Being Abused by Linux Cyber Threat ActorsResearchers analyzed a batch of suspicious ELF files with low antivirus detection rates, which used anti-debugging techniques, obfuscation, and encryption, suggesting a sophisticated attacker.  The files turned out to be known malware packed with Kiteshield. This packer evad…GBHACKERS.COM
29 MayGoodbye phishing? Descope’s nOTP authentication offers WhatsApp alternative to SMSThis week, US startup Descope is announcing what it claims is a new way to authenticate to websites via WhatsApp that doesn’t require the end user to do much at all. For the last decade, the online world has tried to solve the problem of password insecurity by migrating to multi-…CSOONLINE.COM
29 MayUS Sanctions Three Chinese Men for Operating 911 S5 BotnetThe US government has announced sanctions against three Chinese nationals accused of creating and operating the 911 S5 proxy botnet. The post US Sanctions Three Chinese Men for Operating 911 S5 Botnet appeared first on SecurityWeek .SECURITYWEEK.COM
29 MayTranscend Raises $40 Million for Data Privacy PlatformSan Francisco data privacy startup Transcend secures 40 million in a Series B funding round that brings the total raised to $90 million. The post Transcend Raises $40 Million for Data Privacy Platform appeared first on SecurityWeek .SECURITYWEEK.COM
29 MayVulnerabilities in Eclipse ThreadX Could Lead to Code ExecutionVulnerabilities in the real-time IoT operating system Eclipse ThreadX before version 6.4 could lead to denial-of-service and code execution. The post Vulnerabilities in Eclipse ThreadX Could Lead to Code Execution appeared first on SecurityWeek .SECURITYWEEK.COM
29 MayCyberRiskTV Studio at Identiverse 2024Check out the live stream and content coverage at https://securityweekly.com/IDV #Identiverse #Identiverse2024 #Identity #IAM #PAMYOUTUBE.COM
29 MayCybercriminals Target Hajj PilgrimsCriminals are launching a variety of scams targeting Muslims around the world who are planning on making the Hajj pilgrimage to Mecca, according to researchers at Resecurity.KNOWBE4.COM
29 MayThreat Actor Void Manticore Uses Cyber Weapon “Wipers” to Destroy Data and SystemsThis Pro-Hamas hacktivist group has updated their payload arsenal to include updated versions of their BiBi Wiper malware, and two new wiper variants.KNOWBE4.COM
29 MayHow to deploy WPA3 for enhanced wireless securityWPA3 is the latest iteration of the Wi-Fi Protected Access (WPA) standard, succeeding WPA2, which has been the de facto security protocol for wireless networks for nearly two decades. This new standard addresses the security vulnerabilities inherent in WPA2, while adding some bra…NETWORKWORLD.COM
29 MayNews Alert: DNSFilter joins the WeProtect Global Alliance to help protect children onlineWashington D.C., May 29, 2024, PRNewswire — DNSFilter announced today that it has joined the WeProtect Global Alliance to help prevent the spread of child sex abuse material (CSAM) online. This partnership will help further WeProtect’s mission and work toward … …LASTWATCHDOG.COM
29 MayAI vs AI: Fighting Deepfakes With Biometric AuthenticationExperts Recommend Multimodal Biometrics as Mitigation Strategy for AI-Based Attacks While AI has spurred the growth of authentication controls, it has also enabled voice cloning and video deepfakes to become much more convincing. Fraud fighters are looking at adopting a multifact…DATABREACHTODAY.CO.UK
29 MayIs your SSO on point, or is it more like Single Sign-Oh-no? - Chris Simmons - IDV24 #1From wrestling with integration complexities to managing unexpected glitches, the realities of SSO implementation can produce very different results than what you want. Are users actually using SSO to login or are they still using the direct logins they gained before enabling SSO…YOUTUBE.COM
29 MayHacker Heroes - Josh Corman - PSW VaultMaking The World A More Secure Place: Joshua Corman's Journey and Insights Welcome to an insightful podcast episode featuring Joshua Corman, a prominent figure in the realm of cybersecurity. With a wealth of experience and a keen understanding of the evolving threat landscape, Jo…YOUTUBE.COM
29 MayThe Future of Identity Management: Transitioning from Operational to Intelligent Plat ... - IDV24 #1With identity being the new security perimeter, identity platforms are now an integral part of the core security stack. Inherently these platforms are complex and it takes months and years for organizations to realize the business value. And this is going to get worse. The sheer …YOUTUBE.COM
29 MayMost Effective Tactics to Combat Account and Platform Fraud - Mark Batchelor - IDV24 #1Digital businesses are under attack from account and platform fraud, including Account Takeover (ATO), account opening fraud, and many variations of fraudulent account scams, impersonations, transactions and collusions. Learn best practices to stop fraud with better detection and…YOUTUBE.COM
29 MayUS Army Unveils $1B Modern Software Development InitiativeArmy Seeking Public Input on $1 Billion Software Modernization Contract Vehicle The U.S. Army is seeking public input on a software development procurement vehicle that aims to enable the rapid development and deployment of secure, modern software as the military branch reforms i…DATABREACHTODAY.CO.UK
29 MayAustralian Industries Need OT-IT Convergence to Beat AttacksIT and OT Teams Rarely Talk and When They Do, They Rarely Agree On Anything Australian critical infrastructure organizations must enable greater convergence between their information technology and operational technology teams to better respond to cybersecurity threats to their O…DATABREACHTODAY.CO.UK
29 MayAutomated (PKI) Infrastructure: The AI You Should Be Thinking About - Roni Bliss - IDV24 #1While AI artificial intelligence is up-and-coming, automating your organization's PKI infrastructure is very much a reality, and can help save your IT team on hardware costs and employee costs in the long term. Additionally, a powerful PKI-as-a-Service solution provides the crypt…YOUTUBE.COM
29 May6 insights from Microsoft’s 2024 state of multicloud risk report to evolve your security strategyDiscover the top multicloud security risks across DevOps, runtime environments, identity and access, and data in this new report from Microsoft. The post 6 insights from Microsoft’s 2024 state of multicloud risk report to evolve your security strategy appeared first on Micr…MICROSOFT.COM
🌐 CYBER THREAT LANDSCAPE 7[−]
29 MayBrazilian Banks Targeted by New AllaKore RAT Variant Called AllaSenhaBrazilian banking institutions are the target of a new campaign that distributes a custom variant of the Windows-based AllaKore remote access trojan (RAT) called AllaSenha. The malware is "specifically aimed at stealing credentials that are required to access Brazilian bank accou…THEHACKERNEWS.COM
29 MayIs Your Computer Part of ‘The Largest Botnet Ever?’The U.S. Department of Justice (DOJ) today said they arrested the alleged operator of 911 S5, a ten-year-old online anonymity service that was powered by what the director of the FBI called "likely the world's largest botnet ever." The arrest coincided with the seizure of the 911…KREBSONSECURITY.COM
29 MayCybercriminals pose as "helpful" Stack Overflow users to push malwareCybercriminals are abusing Stack Overflow in an interesting approach to spreading malware—answering users' questions by promoting a malicious PyPi package that installs Windows information-stealing malware. [...]BLEEPINGCOMPUTER.COM
29 MayESET World 2024: Big on prevention, even bigger on AIWhat is the state of artificial intelligence in 2024 and how can AI level up your cybersecurity game? These hot topics and pressing questions surrounding AI were front and center at the annual conference.WELIVESECURITY.COM
📡 INFOSEC NEWS 11[−]
29 MayMSP Perspectives 2024 ReportMSPs rank cyber skills shortage is their biggest cybersecurity risk.SOPHOS.COM
29 MayU.S. Sentences 31-Year-Old to 10 Years for Laundering $4.5M in Email ScamsThe U.S. Department of Justice (DoJ) has sentenced a 31-year-old to 10 years in prison for laundering more than $4.5 million through business email compromise (BEC) schemes and romance scams. Malachi Mullings, 31, of Sandy Springs, Georgia pleaded guilty to the money laundering o…THEHACKERNEWS.COM
29 MayOkta warns of credential stuffing attacks targeting its CORS featureOkta warns that a Customer Identity Cloud (CIC) feature is being targeted in credential stuffing attacks, stating that numerous customers have been targeted since April. [...]BLEEPINGCOMPUTER.COM
29 MayTechnical or Nontechnical? Choosing Your Cybersecurity PathAssess Your Interests, Skills, Educational Background and Career Goals to Decide If you are looking for a career path that combines challenge, impact and growth, cybersecurity offers a wealth of opportunities. And the field is not limited to those with deep technical expertise - …DATABREACHTODAY.CO.UK
29 MayCybercriminals Abuse StackOverflow to Promote Malicious Python PackageCybersecurity researchers have warned of a new malicious Python package that has been discovered in the Python Package Index (PyPI) repository to facilitate cryptocurrency theft as part of a broader campaign. The package in question is pytoileur, which has been downloaded 316 tim…THEHACKERNEWS.COM
29 MayFree Piano phish targets American university students, staffA large-scale phishing campaign is using an unusual lure to earn at least $900,000 by tricking email recipients into believing they're about to receive a baby grand piano for free. [...]BLEEPINGCOMPUTER.COM
29 MayWindows 10 KB5037849 update released with 9 changes or fixesMicrosoft has released the optional KB5037849 Preview cumulative update for Windows 10 22H2 with nine fixes or changes. [...]BLEEPINGCOMPUTER.COM
29 MayWindows 11 KB5037853 update fixes File Explorer issues, 20 bugs​Microsoft has released the May 2024 non-security preview update for Windows 11 versions 22H2 and 23H2, which includes 32 fixes and changes. [...]BLEEPINGCOMPUTER.COM