Anyone who works in computer security knows that they should have two-factor authentication (2FA) enabled on their accounts. 2FA provides an additional layer of security. A hacker might be able to guess, steal, or brute force the password on your accounts – but they won’t be able to gain access unless they also have a […]
Cyber News
The compromise of Mandiant’s X (formerly Twitter) account last week was likely the result of a “brute-force password attack,” attributing the hack to a drainer-as-a-service (DaaS) group. “Normally, [two-factor authentication] would have mitigated this, but due to some team transitions and a change in X’s 2FA policy, we were not adequately protected,” the threat intelligence […]
Cyber News
A pair of zero-day flaws identified in Ivanti Connect Secure (ICS) and Policy Secure have been chained by suspected China-linked nation-state actors to breach less than 10 customers. Cybersecurity firm Volexity, which identified the activity on the network of one of its customers in the second week of December 2023, attributed it to a hacking […]
Cyber News
Cisco has released software updates to address a critical security flaw impacting Unity Connection that could permit an adversary to execute arbitrary commands on the underlying system. Tracked as CVE-2024-20272 (CVSS score: 7.3), the vulnerability is an arbitrary file upload bug residing in the web-based management interface and is the result of a lack of […]
Cyber News
The safety team at Twitter has responded to the high profile hack of the SEC Twitter account, which made headlines around the world. And what do they have to say? Well, in a nutshell – “it’s not our fault. They lost control of their mobile phone number and didn’t have 2FA enabled.”
Cyber News
Chuck Norris gives a helping hand to a mysterious cryptocurrency CEO who may have separated investors from over a billion dollars, generative AI creates a nightmare for those wanting to Know Their Customer, and a determined journalist finally gets their revenge on a sneaky Airbnb scammer. All this and much more is discussed in the […]
Cyber News
The official Twitter account of the US Securities and Exchange Commission (SEC) was hacked yesterday, with scammers posting an unauthorised message to its 660,000+ followers. The false message – which has since been deleted – claimed that the SEC had approved the listing and trading of spot bitcoin ETFs, and caused the market price of […]
Cyber News
A new Mirai-based botnet called NoaBot is being used by threat actors as part of a crypto mining campaign since the beginning of 2023. “The capabilities of the new botnet, NoaBot, include a wormable self-spreader and an SSH key backdoor to download and execute additional binaries or spread itself to new victims,” Akamai security researcher […]
Cyber News
Security researchers say that there has been a “resurgence” in email scams related to notorious sex offender Jeffrey Epstein.
Cyber News