Elon Musk’s DOGE teem memeber was fired by cybersecurity firm for leaking company secrets Edward Coristine, a 19-year-old member of Elon Musk’s squad that’s criss-crossing US government agencies, was fired from an internship after he was accused of sharing information with a competitor. “Edward has been terminated for leaking internal information to the competitors,” said…
A sophisticated cyberattack campaign is targeting organizations that still rely on Active Directory Federation Services (ADFS) for authentication across applications and services. The phishing campaign is exploiting Microsoft Active Directory Federation Services (ADFS) to bypass multifactor authentication (MFA) and take over user accounts, allowing threat actors to commit further malicious activities across networks that depend…
Hackers target Chrome browser extensions 16 extensions being compromised Exposed over 600,000 users to data exposure and credential theft The attack targeted publishers of browser extensions on the Chrome Web Store via a phishing campaign Hackers used their access permissions to insert malicious code into legitimate extensions in order to steal cookies and user access…
Pegasus Spyware Manufacturer NSO Group Found Liable in WhatsApp Lawsuit, Violated US State and Federal Hacking Laws The bnanned NSO Group’s infamous Pegasus spyware, is in more trouble as WhatsApp has prevailed over it in court. The Meta-owned messaging app accused the Israel-based spyware firm of exploiting a bug in its platform to leverage its attacks,…
Junior Barros De Oliveira, a 29-year-old resident of Curitiba, Brazil, has been indicted in the United States for orchestrating an extortion scheme involving data stolen from the computer systems of a Brazilian subsidiary of a New Jersey-based company. U.S. Attorney Philip R. Sellinger announced the charges after the indictment was unsealed in Newark federal court. Allegations of…
The penalty adds to a series of GDPR fines against Meta, bringing the total to $3 billion. Meta has been fined $263.5 million (€251 million) by Ireland’s Data Protection Commission (DPC) for a 2018 Facebook security breach that exposed the sensitive data of 29 million users globally. The breach exploited a vulnerability in Facebook’s “view…
The U.S. government on Tuesday unsealed charges against a Chinese national for allegedly breaking into thousands of Sophos firewall devices globally in 2020. Guan Tianfeng (aka gbigmao and gxiaomao), who is said to have worked at Sichuan Silence Information Technology Company, Limited, has been charged with conspiracy to commit computer fraud and conspiracy to commit…
As per NETSCOUT 1H2024 Threat Intelligence Report released findings from its 1H2024 DDoS Threat Intelligence Report , citing a dramatic 43% increase in the number of application-layer attacks and a 30% increase in volumetric attacks, especially in Europe and the Middle East. Attack duration varied with 70% lasting less than 15 minutes. The escalation of attacks involves…
Cyber researchers discovered on a new remote access trojan and information stealer used by Iranian state-sponsored actors to conduct reconnaissance of compromised endpoints and execute malicious commands. The malware was first documented late last month by U.S. and Israeli cybersecurity agencies, describing it as an “exploitation tool for gathering information about an end point and running remote…
CISA recently warned that attackers are exploiting a critical missing authentication vulnerability in Palo Alto Networks Expedition, a migration tool that can help convert firewall configuration from Checkpoint, Cisco, and other vendors to PAN-OS. This security flaw, tracked as CVE-2024-5910, was patched in July, and threat actors can remotely exploit it to reset application admin credentials on Internet-exposed Expedition…
