Graham CLULEY July 15, 2024 Promo Protect all your devices, without slowing them down. Free 30-day trial A group of hacktivists claims to have breached the IT systems of Disney, and stolen a gigantic 1.1 terabytes worth of data from the entertainment giant’s internal Slack messaging channels. The hacking group, which calls itself NullBulge, posted […]
Cyber News
Cybersecurity researchers said they discovered an accidentally leaked GitHub token that could have granted elevated access to the GitHub repositories of the Python language, Python Package Index (PyPI), and the Python Software Foundation (PSF). JFrog, which found the GitHub Personal Access Token, said the secret was leaked in a public Docker container hosted on Docker […]
Cyber News
At least a dozen organizations with domain names at domain registrar Squarespace saw their websites hijacked last week. Squarespace bought all assets of Google Domains a year ago, but many customers still haven’t set up their new accounts. Experts say malicious hackers learned they could commandeer any migrated Squarespace accounts that hadn’t yet been registered, […]
Cyber News
Imagine you could gain access to any Fortune 100 company for $10 or less, or even for free. Terrifying thought, isn’t it? Or exciting, depending on which side of the cybersecurity barricade you are on. Well, that’s basically the state of things today. Welcome to the infostealer garden of low-hanging fruit. Over the last few […]
Cyber News
A threat actor that was previously observed using an open-source network mapping tool has greatly expanded their operations to infect over 1,500 victims. Sysdig, which is tracking the cluster under the name CRYSTALRAY, said the activities have witnessed a tenfold surge, adding it includes “mass scanning, exploiting multiple vulnerabilities, and placing backdoors using multiple [open-source […]
Cyber News
Retail banking institutions in Singapore have three months to phase out the use of one-time passwords (OTPs) for authentication purposes when signing into online accounts to mitigate the risk of phishing attacks. The decision was announced by the Monetary Authority of Singapore (MAS) and the Association of Banks in Singapore (ABS) on July 9, 2024. […]
Cyber News
Cybersecurity researchers have shed light on a new version of a ransomware strain called HardBit that comes packaged with new obfuscation techniques to deter analysis efforts. “Unlike previous versions, HardBit Ransomware group enhanced the version 4.0 with passphrase protection,” Cybereason researchers Kotaro Ogino and Koshi Oyama said in an analysis. “The passphrase needs to be […]
Cyber News
This is a current list of where and when I am scheduled to speak: I’m speaking—along with John Bruce, the CEO and Co-founder of Inrupt—at the 18th Annual CDOIQ Symposium in Cambridge, Massachusetts, USA. The symposium runs from July 16 through 18, 2024, and my session is on Tuesday, July 16 at 3:15 PM. The […]
Cyber News
American telecom service provider AT&T has confirmed that threat actors managed to access data belonging to “nearly all” of its wireless customers as well as customers of mobile virtual network operators (MVNOs) using AT&T’s wireless network. “Threat actors unlawfully accessed an AT&T workspace on a third-party cloud platform and, between April 14 and April 25, […]
Cyber News