~hackernews | Bookmarks (14)

clear filters

infosec ×

US Post Office phishing sites get as much traffic as the real one

bleepingcomputer.com

Security researchers analyzing phishing campaigns that target United States Postal Service (USPS) saw that the traffic...
Security researchers analyzing phishing campaigns that target United States Postal Service (USPS) saw that the traffic to the fake domains is typically similar to what the legitimate site records and it is even higher during holidays. Phishing operations typically target people's sensitive information (account crede...

infosec phishing security shipping smishing
1
Okta warns of "unprecedented" credential stuffing attacks on customers

bleepingcomputer.com

Okta warns of an "unprecedented" spike in credential stuffing attacks targeting its identity and access management...
Okta warns of an "unprecedented" spike in credential stuffing attacks targeting its identity and access management solutions, with some customer accounts breached in the attacks. Threat actors use credential stuffing to compromise user accounts by trying out in an automated manner lists of usernames and passwords ty...

account takeover attack credential stuffing infosec okta
1
Mitre says state hackers breached its network via Ivanti zero-days

bleepingcomputer.com

The MITRE Corporation says that a state-backed hacking group breached its systems in January 2024 by...
The MITRE Corporation says that a state-backed hacking group breached its systems in January 2024 by chaining two Ivanti VPN zero-days. The incident was discovered after suspicious activity was detected on MITRE's Networked Experimentation, Research, and Virtualization Environment (NERVE), an unclassified collaborat...

breach infosec ivanti mitre security
1
Can You Grok It – Hacking together my own dev tunnel service

0xda.de

My friend sent me a tunnel link where he had to manually set it up with...
My friend sent me a tunnel link where he had to manually set it up with socat and his nginx ingress controller in his k8s cluster. He made an offhand comment about needing a better way to setup tunnels and it got me thinking. This post is the result of a long night of hacking away at my own tunnel solution. If you w...

dade hacking infosec programming security
2
Notepad++ wants your help in "parasite website" shutdown

bleepingcomputer.com

The Notepad++ project is seeking the public's help in taking down a copycat website that closely...
The Notepad++ project is seeking the public's help in taking down a copycat website that closely impersonates Notepad++ but is not affiliated with the project. Although, at the time of writing, the lookalike website takes visitors to the official Notepad++ downloads page, there is some concern that it could pose sec...

infosec lookalike notepad++open source phishing
1
International Monetary Fund email accounts hacked in cyberattack

bleepingcomputer.com

The International Monetary Fund (IMF) disclosed a cyber incident on Friday after unknown attackers breached 11...
The International Monetary Fund (IMF) disclosed a cyber incident on Friday after unknown attackers breached 11 IMF email accounts earlier this year. This international financial institution, funded by 190 member countries, is also a major United Nations financial agency headquartered in Washington, D.C. According to...

computer security cyber attack cyber incident imf infosec
1
Tor's new WebTunnel bridges mimic HTTPS traffic to evade censorship

bleepingcomputer.com

censorship https infosec security tor
1
FBI: U.S. lost record $12.5B to online crime in 2023

bleepingcomputer.com

FBI's Internet Crime Complaint Center (IC3) has released its 2023 Internet Crime Report, which recorded a...
FBI's Internet Crime Complaint Center (IC3) has released its 2023 Internet Crime Report, which recorded a 22% increase in reported losses compared to 2022, amounting to a record of $12.5 billion. The number of relevant complaints submitted to the FBI in 2023 reached 880,000, 10% higher than the previous year, with t...

cybercrime fbi financial theft ic3 infosec
1
Bitwarden's new auto-fill option adds phishing resistance

bleepingcomputer.com

The Bitwarden open-source password management service has introduced a new inline auto-fill menu that addresses the...
The Bitwarden open-source password management service has introduced a new inline auto-fill menu that addresses the risk of user credentials being stolen through malicious form fields. The issue was highlighted nearly a year ago when Flashpoint analysts demonstrated that it was possible for attackers to inject rogue...

bitwarden infosec password manager passwords security
1
UK to replace physical biometric immigration cards with e-visas

bleepingcomputer.com

By 2025, Britain is set to ditch physical immigration status documents such as Biometric Residence Permits...
By 2025, Britain is set to ditch physical immigration status documents such as Biometric Residence Permits (BRPs) and Biometric Residence Cards (BRCs) in a bid to make its borders digital, which is in-line with developed countries like Australia. Understand what the new Home Office development means for existing BRP...

gov.uk great britain immigration infosec security
1
Americans lost record $10B to fraud in 2023, FTC warns

bleepingcomputer.com

The U.S. Federal Trade Commission (FTC) says Americans lost over $10 billion to scammers in 2023,...
The U.S. Federal Trade Commission (FTC) says Americans lost over $10 billion to scammers in 2023, marking a 14% increase in reported losses compared to the previous year. To put this into context, Chainalysis says ransomware gangs also had a record year, with ransomware payments having reached over $1.1 billion in 2...

fraud infosec scam security usa
1
AnyDesk says hackers breached its production servers

bleepingcomputer.com

AnyDesk confirmed today that it suffered a recent cyberattack that allowed hackers to gain access to...
AnyDesk confirmed today that it suffered a recent cyberattack that allowed hackers to gain access to the company's production systems. BleepingComputer has learned that source code and private code signing keys were stolen during the attack. AnyDesk is a remote access solution that allows users to remotely access co...

anydesk code signing certificate cyberattack infosec security
1
Cloudflare hacked using auth tokens stolen in Okta attack

bleepingcomputer.com

Cloudflare disclosed today that its internal Atlassian server was breached by a suspected 'nation state attacker'...
Cloudflare disclosed today that its internal Atlassian server was breached by a suspected 'nation state attacker' who accessed its Confluence wiki, Jira bug database, and Bitbucket source code management system. The threat actor first gained access to Cloudflare's self-hosted Atlassian server on November 14 and then...

breach cloudflare computer security infosec okta
1
Framework discloses data breach after accountant gets phished

bleepingcomputer.com

Framework Computer disclosed a data breach exposing the personal information of an undisclosed number of customers...
Framework Computer disclosed a data breach exposing the personal information of an undisclosed number of customers after Keating Consulting Group, its accounting service provider, fell victim to a phishing attack. The California-based manufacturer of upgradeable and modular laptops says a Keating Consulting accounta...

computer security data breach framework infosec phishing
1

~hackernews | Bookmarks (14)

Tags

Domains

US Post Office phishing sites get as much traffic as the real one

Okta warns of "unprecedented" credential stuffing attacks on customers

Mitre says state hackers breached its network via Ivanti zero-days

Can You Grok It – Hacking together my own dev tunnel service

Notepad++ wants your help in "parasite website" shutdown

International Monetary Fund email accounts hacked in cyberattack

Tor's new WebTunnel bridges mimic HTTPS traffic to evade censorship

FBI: U.S. lost record $12.5B to online crime in 2023

Bitwarden's new auto-fill option adds phishing resistance

UK to replace physical biometric immigration cards with e-visas

Americans lost record $10B to fraud in 2023, FTC warns

AnyDesk says hackers breached its production servers

Cloudflare hacked using auth tokens stolen in Okta attack

Framework discloses data breach after accountant gets phished