F1TYM1

Latest Tweets

1
2
3
4
5
6

Latest Ransomware and Zero Day

The Big Feed

  • Orthanc Server Vulnerability Poses Risk to Medical Data, Healthcare Operations

    A critical vulnerability found in Orthanc servers can pose a serious risk to medical data and healthcare operations. The post Orthanc Server Vulnerability Poses Risk to Medical Data, Healthcare Operations appeared first on SecurityWeek.

  • Microsoft Expands Copilot Bug Bounty Program, Increases Payouts

    Microsoft has added more Copilot consumer products to its bug bounty program and is offering higher rewards for medium-severity vulnerabilities. The post Microsoft Expands Copilot Bug Bounty Program, Increases Payouts appeared first on SecurityWeek.

  • HPE Says Personal Information Stolen in 2023 Russian Hack

    HPE is notifying an unknown number of individuals that Russian hackers accessed their personal information in a December 2023 attack. The post HPE Says Personal Information Stolen in 2023 Russian Hack appeared first on SecurityWeek.

  • Indiana Man Sentenced to 20 Years in Prison for Hacking, $37 Million Crypto Theft

    Evan Light was sentenced to 20 years in federal prison for hacking an investment holdings company and stealing $37 million in cryptocurrency. The post Indiana Man Sentenced to 20 Years in Prison for Hacking, $37 Million Crypto Theft appeared first on SecurityWeek.

  • ⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [10 February]

    In cybersecurity, the smallest crack can lead to the biggest breaches. A leaked encryption key, an unpatched software bug, or an abandoned cloud storage bucket—each one seems minor until it becomes the entry point for an attack. This week, we’ve seen cybercriminals turn overlooked weaknesses into major security threats, proving once again that no system…

  • Don’t Overlook These 6 Critical Okta Security Configurations

    Given Okta’s role as a critical part of identity infrastructure, strengthening Okta security is essential. This article covers six key Okta security settings that provide a strong starting point, along with recommendations for implementing continuous monitoring of your Okta security posture. With over 18,000 customers, Okta serves as the cornerstone of identity governance and security…

  • Quishing via QR Codes Emerging As a Top Attack Vector Used by Hackers

    QR codes have become an integral part of our digital lives, offering quick access to websites, services, and even payment systems. However, their widespread use has also made them a prime target for scammers. A new threat, known as “quishing,” involves using fake QR codes to redirect users to fraudulent websites, steal personal data, and…

  • Ransomware Payments Dropped By 35%, As Victims Refusing To Pay

    In a significant shift in the ransomware landscape, payments to attackers have decreased by approximately 35% year-over-year. This decline is attributed to increased law enforcement actions, improved international collaboration, and a growing trend among victims to refuse ransom demands. Ransomware Payment Totals (Source – Chainalysis) Here below we have mentioned all the key developments in…

  • Ethereum shorts on CME increased 500% in 3 months

    Hedge funds have ramped their short positions on Ethereum, setting a new record on the Chicago Mercantile Exchange (CME). This surge in short bets comes despite a notable increase in capital flowing into spot Ethereum exchange-traded funds (ETFs). Over the past week, the nine US spot Ethereum ETFs saw net inflows of $420.06 million, significantly…

  • Server Attack Stops the Presses at US Newspaper Chain

    They publish 77 newspapers in 26 U.S. states, according to Wikipedia. But this week a “cybersecurity event” at the newspapers’ parent company “disrupted systems and networks,” according to an article at one of their news sites which quotes an email sent to employees by the publishing company’s CEO. “We have notified law enforcement of the…

  • Media giant Lee Enterprises confirms cyberattack as news outlets report ongoing disruption

    The newspaper owner said it was determining what data, if any, was stolen. © 2024 TechCrunch. All rights reserved. For personal use only.

  • British military drops basic training to fast track recruitment of ‘cyber warriors’

    The British government is dropping the traditional fitness and weapons training for specialist cyber military recruits in order to address a cyber skills shortage within His Majesty’s Armed Forces, including in its arm for offensive operations in the National Cyber Force.

  • Cybersecurity guidance for AI systems, supply chains highlight risks of poisoning, extraction, evasion attacks

    Canadian and French cybersecurity agencies have jointly released comprehensive guidance advocating for a risk-based strategy to foster trusted artificial intelligence (AI) systems and secure AI supply chains. This initiative affects various sectors, including defence, energy, healthcare, and finance, highlighting the pervasive impact of AI across industries. While the adoption of AI offers significant opportunities for…

  • DHS warns Chinese-made internet cameras pose espionage threat to US critical infrastructure

    The U.S. Department of Homeland Security (DHS) has reportedly issued a bulletin warning that internet-connected cameras manufactured in China could potentially be exploited for espionage targeting the nation’s critical infrastructure installations. According to the bulletin, these cameras usually lack data encryption and secure configuration settings, leaving them vulnerable to cyber threats. Additionally, the cameras are…

  • Elon Musk’s rapid unscheduled disassembly of the US government

    We all know who’s really in charge. Almost 250 years after the Declaration of Independence, America has gotten herself a new king. His name is Elon Musk. “Wait a minute,” you may be saying. “What about President Donald Trump?” Trump ran, much like Silvio Berlusconi before him, primarily to avoid prosecutions. He has never liked…

  • First look at the ‘world’s thinnest’ foldable

    When closed, there is no thinner foldable phone in the world than the Oppo Find N5. In just ten days time, Oppo will launch the Find N5, the world’s thinnest book-style foldable. I just spent a few minutes with the device and what follows are my early impressions. Oppo is careful to use that “book-style”…

  • Hacking a News Website — CVE-2023–38205: Adobe ColdFusion Access Control Bypass

    Free Link:- https://medium.com/@securityinsights/5f1050c9b6f9?source=friends_link&sk=08b45e12796b69baff0c014ad3821b52Continue reading on System Weakness »

  • How I Found Reflected XSS Vulnerability on Australian Government. [CVE-2022–35653]

    🚨 Important: I didn’t hack anything. I just used Recon with some Automation the right way.What is CVE 2022–35653A reflected XSS issue was identified in the Moodle LTI module. The vulnerability exists due to insufficient sanitization of user-supplied data in the LTI module. A remote attacker can trick the victim into following specially crafted links and…

  • RFC 9700 for OAuth 2.0 Explained

    This write up intends to explain RFC 9700 and brief about the threatsThe OAuth 2.0 security best practices outlined in RFC 9700 provide several mitigation strategies for common threats:Core Security MechanismsExact Redirection URI Matching: Authorization servers must use exact string matching for client redirection URIs, except for localhost URIs of native apps.CSRF Prevention: Clients must use the state…

  • Guarding the Stack: Comprehensive Techniques for Buffer Overflow Prevention.

    So, in the last blog we went over Buffer Overflow, what they are, how they work etc. Now lets talk about what are some preventive measures that are enforced to protect this Buffer overflow vulnerability. These range from Runtime protections enforced by CPU manufactures to using secure functions in C or C++. Another way of…

Post
Filter
Apply Filters
Close