Notícias

Two Connecticut men face federal charges for a $3m scheme targeting online gambling platforms

Explore how cybercriminals are targeting the Winter Olympics through phishing, spoofed websites, and DDoS attacks—while uncovering the proactive measures organizers and businesses are taking to safeguard this high-profile international event.

Global Group ransomware is delivered through phishing emails and can encrypt files offline without any internet connection.

Microsoft is investigating an ongoing Exchange Online issue that mistakenly flags legitimate emails as phishing and quarantines them. [...]

Revolut claims social media sites make £3.8bn annually from scam ads targeting European users

Flickr says a flaw at a third-party email provider may have exposed users' names, email addresses, IPs, and account activity. Flickr is a photo-sharing platform owned by SmugMug. It has over 100 million registered users and millions of active photographers. Flickr warned users about a possible data breach caused by a flaw in a third-party […]

I typically go for higher-end multitools, but the NexTool E1 stood out for its durable design and surprisingly affordable price.

I've just released trappsec v0.1 - an experimental open-source framework that helps developers detect attackers who probe API business logic. By embedding realistic decoy routes and honey fields that are difficult to distinguish from real API constructs, attackers are nudged to authenticate — converting reconnaissance into actionable security telemetry. submitted by /u/nikhil-salgaonkar [link] [comments]

Hi folks, I wanted to share a project of mine and get some feedback from the community. Coalmine is a canary management platform I've built to let security admins deploy canary tokens (and objects) easily in there cloud environments. Currently its early alpha and supports S3, GCS, AWS IAM, and GCP Service accounts. The tool provides a webui, CLI and API, allowing you to integrate it with your custom tooling (when its production ready) Example use for API: have your CICD pipelines request an canary token to embed in code, so you can Identify when the source has been exposed and attacks are testing credentials Coalmine - Github submitted by /u/John_Earle [link] [comments]

German security authorities are warning that a likely state-backed hacking group is engaged in attempts at phishing senior political figures, military officials, diplomats, and investigative journalists across Germany and Europe via Signal. The authorities also noted that while these attacks are likely perpetrated by a state-controlled cyber actor, there's nothing stopping non-state actors and financially motivated cybercriminals from using the same approach. The two approaches The attackers are approaching targets directly inside the messaging app … More → The post State-backed phishing attacks targeting military officials and journalists on Signal appeared first on Help Net Security.