12Articles
4Categories
2024-08-03Date
⚠️ VULNERABILITY DISCLOSURE 4[−]
3 AugHackers Exploit Misconfigured Jupyter Notebooks with Repurposed Minecraft DDoS ToolCybersecurity researchers have disclosed details of a new distributed denial-of-service (DDoS) attack campaign targeting misconfigured Jupyter Notebooks. The activity, codenamed Panamorfi by cloud security firm Aqua, utilizes a Java-based tool called mineping to launch a TCP floo…THEHACKERNEWS.COM
3 AugBlack Hat Fireside Chat: ‘Black Girls Hack’ emphasizes diversity as effective force multiplierWhen Tanisha Martin, a veteran software quality assurance analyst, sought to move over to a security team a few years ago, the doors should have been wide open, given the much-ballyhooed cybersecurity skills shortage . Related: Modernizing security training Instead, … (more…LASTWATCHDOG.COM
3 AugLinux kernel impacted by new SLUBStick cross-cache attackA novel Linux Kernel cross-cache attack named SLUBStick has a 99% success in converting a limited heap vulnerability into an arbitrary memory read-and-write capability, letting the researchers elevate privileges or escape containers. [...]BLEEPINGCOMPUTER.COM
3 AugHackers breach ISP to poison software updates with malwareA Chinese hacking group tracked as StormBamboo has compromised an undisclosed internet service provider (ISP) to poison automatic software updates with malware. [...]BLEEPINGCOMPUTER.COM
📢 SECURITY ADVISORIES 2[−]
3 AugCybersecurity Today Week in Review for August 3rd, 2024 with Terry Cutler, David Shipley and host Jim LoveIn this episode of 'Cybersecurity Today: The Week in Review,' host Jim Love discusses critical cybersecurity incidents with guests Terry Cutler, CEO of Cyology Labs, and David Shipley from Beauceron Security. The panel delves into the devastating effects of a ransomware attack on…CYBERSECURITYTODAY.LIBSYN.COM
3 AugCISA Names Lisa Einstein as First Chief AI OfficerEinstein has led CISA’s AI efforts since 2023 as CISA’s Senior Advisor for AI. The post CISA Names Lisa Einstein as First Chief AI Officer appeared first on SecurityWeek .SECURITYWEEK.COM
🕵️ THREAT INTELLIGENCE 3[−]
3 AugGoogle Ads used to distribute Mac malware disguised as 'Loom' appsubmitted by neme to cybersecurity 2 points | 0 comments https://appleinsider.com/articles/24/08/02/google-ads-used-to-distribute-mac-malware-disguised-as-loom-appAPPLEINSIDER.COM
3 AugEndless Microsoft one-time-use code emails.submitted by schizo to cybersecurity 1 points | 0 comments I have a question for the hive mind: what is the point of this, exactly? I mean, I understand the attempt to gain access, and I understand why 2fa codes can be valuable to attempt to phish but that’s like, not the thing h…SH.ITJUST.WORKS
3 AugPassword reset disables 2FAsubmitted by faultypidgeon to cybersecurity 1 points | 0 comments https://kb.mailbox.org/en/private/account-article/how-to-use-two-factor-authentication-2fa I lost my token – what do I do? If you lose your token, it may still be possible to reset your password, provided you set u…KB.MAILBOX.ORG
📡 INFOSEC NEWS 3[−]
3 AugHow the theft of 40M UK voter register records was entirely preventableA scathing rebuke by the U.K. data protection watchdog reveals what led to the compromise of tens of millions of U.K. voters' information. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
3 AugAttacks on Bytecode Interpreters Conceal Malicious Injection ActivityThis type of attack, known as Bytecode Jiu-Jitsu, takes advantage of the fact that interpreters do not require execution privilege for bytecode, making it difficult for security tools to detect.DARKREADING.COM
3 AugDOJ and FTC Sue TikTok for Violating Children's Privacy LawsThe U.S. Department of Justice (DoJ), along with the Federal Trade Commission (FTC), filed a lawsuit against popular video-sharing platform TikTok for "flagrantly violating" children's privacy laws in the country. The agencies claimed the company knowingly permitted children to c…THEHACKERNEWS.COM