27 June 2022
Most trusted, widely-read independent cybersecurity news source for everyone; supported by hackers and IT professionals — Send TIPs to admin@thehackernews.com
-
Critical Security Flaws Identified in CODESYS ICS Automation Software
26 June 2022
CODESYS has released patches to address as many as 11 security flaws that, if successfully exploited, could result in information disclosure and a denial-of-service (DoS) condition, among others.
"These vulnerabilities are simple to exploit, and they can be successfully exploited to cause consequences such as sensitive information leakage, PLCs entering a severe fault state, and arbitrary code
-
What Are Shadow IDs, and How Are They Crucial in 2022?
26 June 2022
Just before last Christmas, in a first-of-a-kind case, JPMorgan was fined $200M for employees using non-sanctioned applications for communicating about financial strategy. No mention of insider trading, naked shorting, or any malevolence. Just employees circumventing regulation using, well, Shadow IT. Not because they tried to obfuscate or hide anything, simply because it was a convenient tool
-
Italy Data Protection Authority Warns Websites Against Use of Google Analytics
26 June 2022
Following the footsteps of Austria and France, the Italian Data Protection Authority has become the latest regulator to find the use of Google Analytics to be non-compliant with E.U. data protection regulations.
The Garante per la Protezione dei Dati Personali, in a press release published last week, called out a local web publisher for using the widely used analytics tool in a manner that
-
Researchers Warn of 'Matanbuchus' Malware Campaign Dropping Cobalt Strike Beacons
26 June 2022
A malware-as-a-service (Maas) dubbed Matanbuchus has been observed spreading through phishing campaigns, ultimately dropping the Cobalt Strike post-exploitation framework on compromised machines.
Matanbuchus, like other malware loaders such as BazarLoader, Bumblebee, and Colibri, is engineered to download and execute second-stage executables from command-and-control (C&C) servers on infected
-
Learn NIST Inside Out With 21 Hours of Training @ 86% OFF
24 June 2022
In cybersecurity, many of the best jobs involve working on government projects. To get a security clearance, you need to prove that you meet NIST standards. Cybersecurity firms are particularly interested in people who understand the RMF, or Risk Management Framework — a U.S. government guideline for taking care of data.
The NIST Cybersecurity & Risk Management Frameworks Course helps you
Computer Security News, Advice and Research
-
OpenSSL issues a bugfix for the previous bugfix
Fortunately, it's not a major bugfix, which means it's easy to patch and can teach us all some useful lessons.
-
S3 Ep88: Phone scammers, hacking bust, and data breach fines [Podcast + Transcript]
Latest epsiode - listen (or read) now!
-
Capital One identity theft hacker finally gets convicted
It took three years, but the Capital One cracker was convicted in the end. Don't get caught out in a data breach of your own!
-
Interpol busts 2000 suspects in phone scamming takedown
Friends don't let friends get scammed. Not everyone knows how typical scams unfold, so here are some real-world examples...
-
S3 Ep87: Follina, AirTags, ID theft and the Law of Big Numbers [Podcast]
Lastest epsiode - listen now!
-
Follina gets fixed – but it’s not listed in the Patch Tuesday patches!
We tried it out to make sure, so you don't have to.
-
Murder suspect admits she tracked cheating partner with hidden AirTag
O! What a tangled web we weave, when first we practise to deceive.
-
You’re invited! Join us for a live walkthrough of the “Follina” story…
Live demo, plain English, no sales pitch, just a chance to watch an attack dissected in safety. Join us if you can!
-
S3 Ep86: The crooks were in our network for HOW long?! [Podcast + Transcript]
Latest episode - listen (or read) now!
-
SSNDOB Market domains seized, identity theft “brokerage” shut down
The online identity "brokerage" SSNDOB Market didn't want people to be in any doubt what it was selling.