The theft of tax and employment records of 48,000 of Canadians four years ago was the fault of poor IT authentication security, says the country’s privacy commissioner. Attackers employed credential stuffing using previously stolen usernames and passwords to get into the IT systems of the Canada Revenue Agency (CRA) and Employment and Social Development Canada […]
Category Archives: Security
Auto Added by WPeMatico
The Minnesota-based Internet provider U.S. Internet Corp. has a business unit called Securence, which specializes in providing filtered, secure email services to businesses, educational institutions and government agencies worldwide. But until it was notified last week, U.S. Internet was publishing more than a decade’s worth of its internal email — and that of thousands of […]
Adam Barnett, CVE-2024-21351, CVE-2024-21410, CVE-2024-21412, CVE-2024-21413, Immersive Labs, Kevin Breen, Krebs, Latest Warnings, Microsoft Office, News, Patch Tuesday February 2024, Rapid7, Satnam Narang, Security, Security Tools, Tenable, Time to Patch, trend micro, Windows SmartScreen
Fat Patch Tuesday, February 2024 Edition
Microsoft Corp. today pushed software updates to plug more than 70 security holes in its Windows operating systems and related products, including two zero-day vulnerabilities that are already being exploited in active attacks. Top of the heap on this Fat Patch Tuesday is CVE-2024-21412, a “security feature bypass” in the way Windows handles Internet Shortcut […]
Until earlier this week, the support website for networking equipment vendor Juniper Networks was exposing potentially sensitive information tied to customer products, including which devices customers bought, as well as each product’s warranty status, service contracts and serial numbers. Juniper said it has since fixed the problem, and that the inadvertent data exposure stemmed from […]
A Little Sunshine, Aleksei Valerievich Safronov, Congressional Research Service, Constella Intelligence, Djamix, DomainTools.com, GRU, Guardia Civil, Krebs, mark rasch, Mazafaka, Meduza, Ne'er-Do-Well News, News, Russia's War on Ukraine, Security, Stalker
From Cybercrime Saul Goodman to the Russian GRU
In 2021, the exclusive Russian cybercrime forum Mazafaka was hacked. The leaked user database shows one of the forum’s founders was an attorney who advised Russia’s top hackers on the legal risks of their work, and what to do if they got caught. A review of this user’s hacker identities shows that during his time […]
0ktapus, A Little Sunshine, ALPHV ransomware, Ars Technica, BlackCat ransomware, Carter Rohn, CISA, Data Breaches, Elliptic, Emily Hernandez, fbi, FTX, Krebs, Kroll, Ne'er-Do-Well News, News, Nick Bax, Powell SIM Swapping Crew, R$, Robert Powell, Scattered Spider, Security, SIM Swapping, Tom Robinson, Unciphered
Arrests in $400M SIM-Swap Tied to Heist at FTX?
Three Americans were charged this week with stealing more than $400 million in a November 2022 SIM-swapping attack. The U.S. government did not name the victim organization, but there is every indication that the money was stolen from the now-defunct cryptocurrency exchange FTX, which had just filed for bankruptcy on that same day. A graphic […]