Category: security
This commonly-used Ubuntu tool can be hijacked to spread malware
Hackers can abuse Ubuntu’s “command-not-found” package suggestion system to deliver malware to users, researchers are saying. The attack surface is relatively large, and there are multiple ways threat actors can abuse the feature. This is according to a new report from cybersecurity researchers Aqua Nautilus, which notes how when a…
Read More
Thousands of DoD personnel may have had their private data leaked — US government admits 20,000 could be affected
A year after a cybersecurity incident, the US Department of Defense (DOD) has begun notifying affected individuals about exactly what happened. In February 2023, cybersecurity researcher Anurag Sen discovered a US government email server that sat without a proper password to protect its content – essentially, leaking sensitive information to…
Read More
Facebook Marketplace accounts leaked online — thousands of users possible affected, so secure your account now
Hundreds of thousands of Facebook Marketplace users have had their personal information stolen and posted on a dark web forum, putting them at serious risk of phishing, identity theft, and other cybercrime. According to a BleepingComputer report, a known data leaker with the alias IntelBroker posted a new thread on…
Read More
Facebook Marketplace accounts leaked online — thousands of users possibly affected, so secure your account now
Hundreds of thousands of Facebook Marketplace users have had their personal information stolen and posted on a dark web forum, putting them at serious risk of phishing, identity theft, and other cybercrime. According to a BleepingComputer report, a known data leaker with the alias IntelBroker posted a new thread on…
Read More
A new Windows Defender zero-day is already being exploited to drop dangerous malware
Hackers are exploiting a zero-day vulnerability in Windows Defender SmartScreen to infect crypto traders with malware. Researchers from Trend Micro revealed a threat actor going by Water Hydra (AKA DarkCasino) abused the zero-day, now tracked as CVE-2024-21412, in attacks conducted on New Year’s Eve 2023. Microsoft has since released a…
Read More
A new Microsoft Azure hacking campaign is targeting high-end executives
Hackers are going after highly-positioned professionals, including senior executives, with targeted phishing and cloud account takeover attacks, new research has claimed. A report from Proofpoint outlined a new campaign to compromise Microsoft Azure environments and cloud accounts since late November 2023. The unnamed threat actors were seen to be distributing…
Read More