Tag: cybersecurity news

GitHub Updates Security Protocol For Operations Over SSH
27Mar By RBNo Comments
News

GitHub Updates Security Protocol For Operations Over SSH

After learning the key was briefly exposed in a public repository, the repository hosting provider GitHub announced it is replacing its current RSA SSH host key with a new one as a precaution. In a post earlier today, GitHub stated, "We quickly took action to control the exposure and started investigating to identify the core cause and consequences." The key replacement is now complete, and users will notice the change over the following 30 minutes. The company stated that the modification was made in order to safeguard customers' Git operations over SSH, especially from potential threat actors seeking to pose as GitHub read more GitHub Updates Security Protocol For Operations Over SSH. Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our...
Read More
New Android Banking Trojan Nexus Promoted As MaaS
23Mar By RBNo Comments
News

New Android Banking Trojan Nexus Promoted As MaaS

A brand-new Android banking Trojan has been found in a number of worldwide harmful activities.  The programme, dubbed "Nexus" by Cleafy security experts, offers functionality to conduct account takeover (ATO) assaults and is advertised as a component of a Malware-as-a-Service (MaaS) subscription. The organisation stated in a Tuesday advisory that "a new Android banking Malware debuted on several hacking forums under the name of Nexus" in January 2023.  ...
Read More
CISA and NSA Enhance Security Framework With New IAM Guide
23Mar By RBNo Comments
News

CISA and NSA Enhance Security Framework With New IAM Guide

A new manual has been released by the National Security Agency (NSA) and the US Cybersecurity and Infrastructure Security Agency (CISA) to help system administrators secure identity and access management (IAM) infrastructure. It's a component of the Enduring Security Framework for organizations (ESF). In order to combat IAM threats, it provides suggested best practices for identity governance, environmental hardening, identity federation/single sign-on, multi-factor authentication (MFA), and IAM auditing and monitoring. CISA and NSA describe a few recent attacks that took advantage read more about CISA and NSA Enhance Security Framework With New IAM Guide. Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our comprehensive coverage of the ...
Read More
Hackers Use NuGet Packages to Target .NET Developers
22Mar By RBNo Comments
News

Hackers Use NuGet Packages to Target .NET Developers

Threat actors have been seen creating malicious packages aimed at .NET developers using the open-source package manager NuGet. The discovery would be the first occurrence in the wild of packages with malicious code detected in NuGet, according to software package management provider JFrog. Shachar Menashe, senior director at JFrog Security Research, said: "For the first time, the NuGet repository formerly assumed to be untouched by malicious code really contains multiple hazardous software read more Hackers Use NuGet Packages to Target .NET Developers. Stay up-to-date with the latest cybersecurity news and increase your cybersecurity awareness through ReconBee.com‘s in-depth coverage of the newest threats, breaches, and solutions.
Read More
Ferrari Reveals Data Breach Ransom Attack
22Mar By RBNo Comments
News

Ferrari Reveals Data Breach Ransom Attack

After a threat organization attempted to blackmail the company, one of the most well-known luxury car manufacturers in the world alerted customers that their personal information may have been stolen. In a brief statement that was released yesterday, Ferrari said that the "ransom demand linked to some client contact details." It asserted to have notified the "necessary authorities" and requested assistance from a private security firm to find out what took place. As a rule Ferrari won't be kept hostage because complying with such demands read more Ferrari Reveals Data Breach Ransom A...
Read More
KillNet Group Uses DDoS Attacks Against Azure Based Healthcare Apps
21Mar By RBNo Comments
News

KillNet Group Uses DDoS Attacks Against Azure Based Healthcare Apps

KillNet, a hacktivist collective with ties to Russia, has been noted attacking Microsoft Azure-hosted healthcare apps for more than three months. The tech behemoth revealed information about the latest effort in a warning sent on Friday. According to the Azure Network Security Team, there were 10 to 20 attacks in November 2022 and 40 to 60 attacks per day in February 2023. The Microsoft technical write-up states, "We tracked attack statistics over the same time period and discovered that DDoS attacks on healthcare firms read more KillNet Group Uses DDoS Attacks Against Azure Based Healthcare Apps. Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our comprehensive coverage of the latest threats, breaches, and solutions.
Read More
Google Exposes 18 Zero Day Flaws in Samsung Exynos Chips
20Mar By RBNo Comments
News

Google Exposes 18 Zero Day Flaws in Samsung Exynos Chips

The Google Project Zero team said it reported 18 zero-day vulnerabilities in Exynos Modems produced by Samsung between late 2022 and early 2023 in a new alert that was released on Thursday. The blog post by Project Zero's director, Tim Willis, claims that four of the flaws (CVE-2023-24033 and three further flaws without a CVE-ID) allowed potential attackers to conduct internet-to-baseband remote code execution (RCE). With just the victim's phone number and these four flaws, an attacker can remotely exploit a phone at the baseband level without any user input read more Google Exposes 18 Zero Day Flaws in Samsung Exynos Chips. Stay up-to-date with the latest cybersecurity news and increase your cybersecurity awareness through ReconBee.com‘s in-depth coverage of the newest threats, ...
Read More
Vishing Campaign Targets Social Security Administration
20Mar By RBNo Comments
News

Vishing Campaign Targets Social Security Administration

Security professionals have issued a warning about a fresh hybrid phishing attempt that poses as the Social Security Administration (SSA) in an effort to convince users to phone a nefarious call center. For at least 160,000 of its clients, Armorblox asserted that the fraudulent emails had been stopped. The timing of the fraudulent communications coincides with tax season. Due to false and suspicious activity, the subject line of the email is written to make the recipient feel anxious read more Vishing Campaign Targets Social Security Administration. Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our comprehensive coverage of the latest threats, breaches, and solutions.
Read More
Chinese SilkLoader Malware Sold to Russian Cyber Criminals
17Mar By RBNo Comments
News

Chinese SilkLoader Malware Sold to Russian Cyber Criminals

A piece of malware designed to load Cobalt Strike beacons onto victim machines has been traced back to both Chinese and Russian threat actors. Finnish security vendor WithSecure claimed in a new report that it detected “SilkLoader” in several human-operated intrusions that were likely the precursor to a ransomware attack. The malware uses DLL sideloading to load the beacons, which are commonly used in such attacks read more Chinese SilkLoader Malware Sold to Russian Cyber Criminals. Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our comprehensive coverage of the latest threats, breaches, and solutions.
Read More
UK Bank Limits Crypto Payments to Smother Fraud
16Mar By RBNo Comments
News

UK Bank Limits Crypto Payments to Smother Fraud

In an effort to lessen their vulnerability to cryptocurrency fraud, NatWest has set a daily and 30-day limit on payments from customer accounts to cryptocurrency exchanges. Customers will not be able to move more than £1000 ($1213) each day or £5000 ($6066) in a month to exchangers, according to the UK lender. Even trustworthy cryptocurrency exchanges, according to NatWest, are used as a launching pad for investments in virtual currency, some of which can result in the loss of "life-changing" sums. The cost-of-living crisis may be a contributing factor to males over 35 making riskier investments read more UK Bank Limits Crypto Payments to Smother Fraud. Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our comprehensive coverage of the ...
Read More
Follow Us on Twitter
Join our community on LinkedIn