lemmydev2

joined 10 months ago
sorted by: new top controversial old
1
SolarWinds fixes hardcoded credentials flaw in Web Help Desk (www.bleepingcomputer.com)
 

SolarWinds has released a hotfix for a critical Web Help Desk vulnerability that allows attackers to log into unpatched systems using hardcoded credentials. [...]

2
OpenAI Scans for Honeypots. Artificially Malicious? Action Abuse?, (Thu, Aug 22nd) (isc.sans.edu)
 

For a whille now, I have seen scans that contain the pattern "%%target%%" in the URL. For example, today this particular URL is popular:

1
New NGate Android malware uses NFC chip to steal credit card data (www.bleepingcomputer.com)
 

A new Android malware named NGate can steal money from payment cards by relaying to an attacker's device the data read by the near-field communication (NFC) chip. [...]

3
CrowdStrike deja vu as 'performance issue' leaves systems sluggish (go.theregister.com)
 

Not related to the massive outage in July, security biz spokesperson told us Some IT administrators suffered a moment of deja vu on Thursday morning as CrowdStrike blamed a cloud service issue for performance problems and lagging boot times affecting some of European customers.…

6
Ex-bank CEO gets 24 years after falling for crypto scam, causing bank collapse (arstechnica.com)
 

Former bank CEO ignored warnings that he was being scammed while tanking bank.

11
Phrack hacker zine publishes new edition after three years (www.bleepingcomputer.com)
 

Phrack #71 has been released online and is available to read for free. This issue is the first to be released since 2021, marking a new chapter in the influential online magazine's history. [...]

35
Google can’t defend shady Chrome data hoarding as “browser agnostic,” court says (arstechnica.com)
 

Court reverses Google win in case from Chrome users who chose not to sync data.

2
'Styx Stealer' Blows Its Own Cover With Sloppy OpSec Mistake (www.darkreading.com)
 

An individual in Turkey is behind a new information stealer that researchers have recently observed in multiple attacks.

32
Microsoft Says Maligned Recall Feature Is Returning to Copilot+ PCs, Eventually (gizmodo.com)
 

The feature will make its way out to Windows beta testers in October, and Microsoft claims security is its ‘top priority.’

46
Telecom will pay $1 million over deepfake Joe Biden robocall (www.theverge.com)
 
    Photo by Brandon Bell / Getty Images

A telecom company that transmitted the deepfake robocall of President Joe Biden’s voice has agreed to pay $1 million to resolve an enforcement action from the Federal Communications Commission, the agency announced. Lingo Telecom relayed a fake Biden message to New Hampshire voters in January, urging them not to turn out for the Democratic primary. The FCC identified political consultant Steve Kramer as the person behind the generative AI calls and previously proposed Kramer pay a separate $6 million fine. Under the new settlement with Lingo, the FCC said the company will need to strictly adhere to its caller ID authentication rules, including “know your customer” principles. The FCC will also require Lingo to “more thoroughly verify the...

Continue reading…
21
A backdoor in millions of Shanghai Fudan Microelectronics RFID cards allows cloning (securityaffairs.com)
 

A flaw in millions of RFID cards manufactured by Shanghai Fudan Microelectronics allows these contactless cards to be cloned instantly. Researchers from security firm Quarkslab discovered a backdoor in millions of RFID cards manufactured by the Chinese chip manufacturer Shanghai Fudan Microelectronics. The experts announced the discovery of a hardware backdoor and successfully cracked its […]

17
Deadbeat dad faked his own death by hacking government databases (go.theregister.com)
 

Hoped to dodge child support payments, now faces 81 months inside – and a bigger bill than ever A US man has been sentenced to 81 months in jail for faking his own death by hacking government systems and officially marking himself as deceased.…

view more: next ›