Infosec News

InfoSec News 20230327

  • Publicado: Seg, 27/03/2023 - 14:44

Top News

  • New Dark Power ransomware claims 10 victims in its first month

"A new ransomware operation named 'Dark Power' has appeared, and it has already listed its first victims on a dark web data leak site, threatening to publish the data if a ransom is not paid.
The ransomware gang's encryptor has a compilation date of January 29, 2023, when the attacks started.
Furthermore, the operation has not been promoted on any hacker forums or dark web spaces yet; hence it's likely a private project.

InfoSec News 20230324

  • Publicado: Sex, 24/03/2023 - 12:30

Top News

  • GitHub.com rotates its exposed private SSH key

"GitHub has rotated its private SSH key for GitHub.com after the secret was was accidentally published in a public GitHub repository.
The software development and version control service says, the private RSA key was only "briefly" exposed, but that it took action out of "an abundance of caution.""

Link

InfoSec News 20230323

  • Publicado: Qui, 23/03/2023 - 12:16

Top News

  • Facebook accounts hijacked by new malicious ChatGPT Chrome extension

"A trojanized version of the legitimate ChatGPT extension for Chrome is gaining popularity on the Chrome Web Store, accumulating over 9,000 downloads while stealing Facebook accounts.
The extension is a copy of the legitimate popular add-on for Chrome named "ChatGPT for Google" that offers ChatGPT integration on search results. However, this malicious version includes additional code that attempts to steal Facebook session cookies.

InfoSec News 20230322

  • Publicado: Qua, 22/03/2023 - 12:43

Top News

  • Breached hacking forum shuts down, fears it's not 'safe' from FBI

"The notorious Breached hacking forum has shut down after the remaining administrator, Baphomet, disclosed that they believe law enforcement has access to the site's servers.
Breached was a popular hacking and data leak forum notorious for hosting, leaking, and selling data obtained from breached companies, governments, and various organizations. 

InfoSec News 20230321

  • Publicado: Ter, 21/03/2023 - 13:53

Top News

  • File-sharing site Zippyshare shutting down after 17 years

"File-sharing site Zippyshare has announced they are shutting down the site by the end of March 2023 after announcing they can no longer afford to keep the service running.
Zippyshare is a free file-sharing website launched in 2006 that generates revenue through advertisements. The site is one of the largest on the web, receiving over 43 million visits per month, according to Similarweb.

InfoSec News 20230320

  • Publicado: Seg, 20/03/2023 - 13:48

Top News

  • New ‘HinataBot’ botnet could launch massive 3.3 Tbps DDoS attacks

"A new malware botnet was discovered targeting Realtek SDK, Huawei routers, and Hadoop YARN servers to recruit devices into DDoS (distributed denial of service) swarm with the potential for massive attacks.
The new botnet was discovered by researchers at Akamai at the start of the year, who caught it on their HTTP and SSH honeypots, seen exploiting old flaws such as CVE-2014-8361 and CVE-2017-17215.

InfoSec News 20230317

  • Publicado: Sex, 17/03/2023 - 13:12

Top News

  • Google finds 18 zero-day vulnerabilities in Samsung Exynos chipsets

"Project Zero, Google's zero-day bug-hunting team, discovered and reported 18 zero-day vulnerabilities in Samsung’s Exynos chipsets used in mobile devices, wearables, and cars.
The Exynos modem security flaws were reported between late 2022 and early 2023. Four of the eighteen zero-days were identified as the most serious, enabling remote code execution from the Internet to the baseband.

InfoSec News 20230316

  • Publicado: Qui, 16/03/2023 - 12:19

Top News

  • Mozilla Firefox gets built-in Firefox Relay controls

"Mozilla has announced the integration of Firefox Relay, an email protection system that helps users evade trackers and spammers, directly into the Firefox browser.
From now on, whenever a user browses a website that requests them to create an account, Firefox Relay will offer to generate a new email mask or use an existing one.

InfoSec News 20230315

  • Publicado: Qua, 15/03/2023 - 13:05

Top News

  • Microsoft Rolls Out Patches for 80 New Security Flaws — Two Under Active Attack

"Microsoft's Patch Tuesday update for March 2023 is rolling out with remediations for a set of 80 security flaws, two of which have come under active exploitation in the wild."

Link

TLP1 : Green

InfoSec News 20230314

  • Publicado: Ter, 14/03/2023 - 17:03

Top News

  • Microsoft Warns of Large-Scale Use of Phishing Kits to Send Millions of Emails Daily

"An open source adversary-in-the-middle (AiTM) phishing kit has found a number of takers in the cybercrime world for its ability to orchestrate attacks at scale.
Microsoft Threat Intelligence is tracking the threat actor behind the development of the kit under its emerging moniker DEV-1101."

Link

Páginas