A large-scale phishing campaign that attempted to target over 10,000 organizations since September 2021 used adversary-in-the-middle (AiTM) phishing sites to steal passwords, hijack a user’s sign-in session, and skip the authentication process, even if the user had enabled multifactor authentication (MFA).
Campaign that steals email has targeted at least 10,000 organizations since September.
BERLIN (AP) — The European Central Bank said Tuesday that its president, Christine Lagarde, was targeted in a hacking attempt but no information was compromised. The attempt took place “recently,” the Frankfurt-based central bank for the 19 countries that use the euro said in an emailed response to a query about a report by Business Insider.
In January 2022, a new browser hijacker/adware campaign named ChromeLoader (also known as Choziosi Loader and ChromeBack) was discovered. Despite using simple malicious advertisements, the malware became widespread, potentially leaking data from thousands of users and organizations.
Learn more about Dragos's discovery of an exploit introduced through password "cracking" software that targets industrial engineers and operators.
Vice Society is a little-known double extortion group that exfiltrates its victims' data and threatens its victims to leak their information.
KillNet will continue to grow as the war in Ukraine continues, but the group is limited in its capabilities.
If I can shop and bank online, why can’t I vote online? David Jefferson explained in 2011 why internet voting is so difficult to make secure, I summarized again in 2021 why internet voting is still inherently insecure, and many other experts have explained it too. Still, several countries and several U.S. states have offered e-voting to some of their citizens. In many cases they plunge forward without much consideration of whether their e-voting system is really secure, or whether it could be hacked to subvert democracy. It’s not enough just to take the software vendor’s word for it.
Open-source code runs on every computer on the planet—and keeps America’s critical infrastructure going. DARPA is worried about how well it can be trusted
Researchers have found a way to use the web's basic functions to identify who visits a site—without the user detecting the hack.
Francine Jeanprêtre, ancienne conseillère nationale et conseillère d’Etat vaudoise, a été dénoncée à la police après avoir été filmée par une Tesla qu’elle aurait endommagée sur un parking. Selon les autorités fédérales, cette pratique est illégale
Microsoft uncovered a vulnerability in macOS that could allow specially crafted codes to escape the App Sandbox and run unrestricted on the system. We shared these findings with Apple, and fix for this vulnerability, now identified as CVE-2022-26706, was included in the security updates on May 16, 2022.
As civil society and media organisations expose EU Member States' use of the Pegasus commercial spyware, one of the most high-profile spying scandals of recent years is coming to light in Europe.
Negli ultimi mesi il gruppi cyber e altre organizzazioni vicine al governo del paese hanno tempestato di attacchi i siti delle nazioni che si sono schierati a favore di Kiev
12.07.2022 - Security researchers from the ETH Zürich have discovered a serious security vulnerability in Intel and AMD microprocessors. The vulnerability, called Retbleed, potentially allows an attacker to access any memory area. Initial countermeasures have already been defined. The NCSC has assigned the internationally valid CVE identifiers for the vulnerability of both manufacturers.
We take a look at reports that verified Twitter accounts are being targeted by scammers with claims of hate speech.
Experts are asking who is behind Predatory Sparrow, the group which says it started a fire in an Iranian factory.
Raspberry Robin involves a worm that spreads over USB devices or shared folders, leveraging compromised QNAP (Network Attached Storage or NAS) devices as stagers and an old but still effective method of using “LNK” shortcut files to lure its victims...
Aux Etats-Unis, l’identification des propriétaires de voitures via leur plaque d’immatriculation est un secteur commercial à part entière, faisant peser un risque sur les femmes désirant avorter. En Suisse, l’identification à la portée de tous peut aussi poser problème
Known as ALPRs, this surveillance tech is pervasive across the US—and could soon be used by police and anti-abortion groups alike.
