Cyber News 123

Goodbye? Attackers Can Bypass ‘Windows Hello’ Strong Authentication

Accenture researcher undercut WHfB’s default authentication using open source Evilginx adversary-in-the-middle (AitM) reverse-proxy attack framework. Accenture researcher undercut WHfB’s default…

Cyber Insight

China’s ‘Evasive Panda’ APT Spies on Taiwan Targets Across Platforms

The cohort’s variety of individual tools covers just about any operating system it could possibly wish to attack. The cohort’s…

Cyber Insight

Phish-Friendly Domain Registry “.top” Put on Notice

The Chinese company in charge of handing out domain names ending in “.top” has been given until mid-August 2024 to…

Cyber Insight

Sprawling CrowdStrike Incident Mitigation Showcases Resilience Gaps

A painful recovery from arguably one of the worst IT outages ever continues, and the focus is shifting to what…

Cyber Insight

Attackers Exploit ‘EvilVideo’ Telegram Zero-Day to Hide Malware

An exploit sold on an underground forum requires user action to download an unspecified malicious payload. An exploit sold on…

Cyber Insight

Chinese Hackers Target Taiwan and US NGO with MgBot Malware

Organizations in Taiwan and a U.S. non-governmental organization (NGO) based in China have been targeted by a Beijing-affiliated state-sponsored hacking…

Cyber Insight

Shocked, Devastated, Stuck: Cybersecurity Pros Open Up About Their Layoffs

Here’s a dose of reality from those on the frontlines and how they’re coping. Here’s a dose of reality from…

Cyber Insight

Wanted: A SBOM Standard to Rule Them All

A unified standard is essential for realizing the full potential of SBOMs in enhancing software supply chain security. A unified…

Cyber Insights

Breaking

Microsoft Warns of Chinese Botnet Exploiting Router Flaws for Credential Theft

Massive Git Config Breach Exposes 15,000 Credentials; 10,000 Private Repos Cloned

New FakeCall Malware Variant Hijacks Android Devices for Fraudulent Banking Calls

Enterprise Identity Threat Report 2024: Unveiling Hidden Threats to Corporate Identities

LiteSpeed Cache Plugin Vulnerability Poses Significant Risk to WordPress Websites

Microsoft Warns of Chinese Botnet Exploiting Router Flaws for Credential Theft

Massive Git Config Breach Exposes 15,000 Credentials; 10,000 Private Repos Cloned

New FakeCall Malware Variant Hijacks Android Devices for Fraudulent Banking Calls

Enterprise Identity Threat Report 2024: Unveiling Hidden Threats to Corporate Identities

Be Mindful of Social Media Privacy

Twitter CEO’s account hacked via SIM-card swap attack

No one is immune to phishing attack

Password – the Gate of Hell of the Digital Age

Microsoft Warns of Chinese Botnet Exploiting Router Flaws for Credential Theft

Massive Git Config Breach Exposes 15,000 Credentials; 10,000 Private Repos Cloned

New FakeCall Malware Variant Hijacks Android Devices for Fraudulent Banking Calls

Enterprise Identity Threat Report 2024: Unveiling Hidden Threats to Corporate Identities

Goodbye? Attackers Can Bypass ‘Windows Hello’ Strong Authentication

China’s ‘Evasive Panda’ APT Spies on Taiwan Targets Across Platforms

Phish-Friendly Domain Registry “.top” Put on Notice

Sprawling CrowdStrike Incident Mitigation Showcases Resilience Gaps

Attackers Exploit ‘EvilVideo’ Telegram Zero-Day to Hide Malware

Chinese Hackers Target Taiwan and US NGO with MgBot Malware

Shocked, Devastated, Stuck: Cybersecurity Pros Open Up About Their Layoffs

Wanted: A SBOM Standard to Rule Them All

You Missed

Microsoft Warns of Chinese Botnet Exploiting Router Flaws for Credential Theft

Massive Git Config Breach Exposes 15,000 Credentials; 10,000 Private Repos Cloned

New FakeCall Malware Variant Hijacks Android Devices for Fraudulent Banking Calls

Enterprise Identity Threat Report 2024: Unveiling Hidden Threats to Corporate Identities