A sophisticated backdoor designed to undermine SSH authentication has been discovered in the widely-used xz Utils compression library. Security researchers averted a potential supply chain disaster when the malicious code was found in beta releases of Fedora Rawhide and Debian’s testing and experimental branches. A recently discovered backdoor in the xz Utils compression tool (versions […]
Category Archives: Security
Auto Added by WPeMatico
Security researchers have observed Red Hat and Ubuntu systems being attacked by a Linux version of the DinodasRAT (also known as XDealer) that may have been operating since 2022. […]
AT&T has finally confirmed it is impacted by a data breach affecting 73 million current and former customers after initially denying the leaked data originated from them. […]
Security researchers found a new version of the Vultur banking trojan for Android that includes more advanced remote control capabilities and an improved evasion mechanism. […]
29
Mar
Mar
In the rapidly evolving landscape of generative AI, business leaders are trying to strike the right balance between innovation and risk management. Prompt injection attacks have emerged as a significant challenge, where malicious actors try to manipulate an AI system into doing something outside its intended purpose, such as producing harmful content or exfiltrating confidential […]
An infostealer malware campaign has reportedly collected millions of logins from users of various gaming websites, including players that use cheats, pay-to-cheat services. […]
29
Mar
Mar
Welcome to Cyber Security Today. This is the Week in Review for the week ending Friday, March 29th, 2024. From Toronto, I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com and TechNewsday.com in the U.S. In a few minutes David Shipley of Beauceron Security will be here to discuss recent news. That includes a U.S. […]
Today, Red Hat warned users to immediately stop using systems running Fedora development versions because of a backdoor found in the latest XZ data compression tools and libraries. […]
29
Mar
Mar
PyPI repository shuts to stop malicious uploads, a plea to developers to stop creating apps with SQL vulnerabilities, and more. Welcome to Cyber Security Today. It’s Friday, March 29th, 2024. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com and TechNewsday.com in the U.S. I’ve reported before that threat actors are increasingly uploading malicious code […]
A Little Sunshine, Adam Kidan, Brett Sholtis, Empire Workforce Solutions, Krebs, LancasterOnline.com, Latest Warnings, multi-persona phishing, Ne'er-Do-Well News, News, phishing, proofpoint, Ryan Kalember, Security, thread hijacking, Tom Murse, Web Fraud 2.0
Thread Hijacking: Phishes That Prey on Your Curiosity
28
Mar
Mar
Thread hijacking attacks. They happen when someone you know has their email account compromised, and you are suddenly dropped into an existing conversation between the sender and someone else. These missives draw on the recipient’s natural curiosity about being copied on a private discussion, which is modified to include a malicious link or attachment. Here’s […]