The researcher’s role in investigating the scam led to a grand jury subpoena, highlighting the potential legal risks faced by ethical hackers and defenders involved in similar work.
A new phishing campaign detected by Perception Point and reported by Akamai is targeting Booking.com users and is a prime example of the lengths threat actors will go to for a payday. This attack exemplifies the alarming threat levels the hospitality sector as a whole faces in 2023 as threat actors leverage InfoStealer malware compromised […]
Sep 29, 2023THNArtificial Intelligence / Malware Malicious ads served inside Microsoft Bing’s artificial intelligence (AI) chatbot are being used to distribute malware when searching for popular tools. The findings come from Malwarebytes, which revealed that unsuspecting users can be tricked into visiting booby-trapped sites and installing malware directly from Bing Chat conversations. Introduced by Microsoft […]
Cybercrime , Fraud Management & Cybercrime , Governance & Risk Management Proposed Class Action Claim Against Amerita Linked to Larger PharMerica Breach Marianne Kolbasuk McGee (HealthInfoSec) • September 28, 2023 Image: Shutterstock Specialty infusion company Amerita is facing a proposed federal class action lawsuit in the wake of a March cyberattack on its […]
Sep 29, 2023THNServer Security / Vulnerability Progress Software has released hotfixes for a critical security vulnerability, alongside seven other flaws, in the WS_FTP Server Ad hoc Transfer Module and in the WS_FTP Server manager interface. Tracked as CVE-2023-40044, the flaw has a CVSS score of 10.0, indicating maximum severity. All versions of the software are […]
Sep 29, 2023THNVulnerability / Network Security Cisco is warning of attempted exploitation of a security flaw in its IOS Software and IOS XE Software that could permit an authenticated remote attacker to achieve remote code execution on affected systems. The medium-severity vulnerability is tracked as CVE-2023-20109, and has a CVSS score of 6.6. It impacts […]
More than 3.8 billion records have been exposed after digital protection firm DarkBeam left an interface containing the exposed records unprotected. The leak was discovered on September 18 by CEO of cyber security news site SecurityDiscovery, Bob Diachenko, who alerted DarkBeam to the leak. The digital protection firm immediately addressed the vulnerability and closed the leak […]
Last updated 28 September, 2023 We’ve teamed up with Hercules to offer you the chance to WIN one of three Hercules DJControl Inpulse T7 motorised jogwheel DJ controllers. The Hercules DJControl Inpulse T7 brings motorised-jogwheel DJing to the masses, and packs in all the features you’ll need to learn and perform impressive routines with either […]
Sep 28, 2023THNSupply Chain / Malware A new malicious campaign has been observed hijacking GitHub accounts and committing malicious code disguised as Dependabot contributions with an aim to steal passwords from developers. “The malicious code exfiltrates the GitHub project’s defined secrets to a malicious C2 server and modify any existing javascript files in the attacked […]