“Cyber warfare is as much about psychological strategy as technical prowess.”
― James Scott
-

Study of 281 Free Android VPN Apps Finds Traffic Leaks, Unencrypted Data, and Tracking [email protected] (The Hacker News)
Researchers ran 281 of the most popular free VPN apps on the Google Play Store through a new testing system and found that many fail at the basics people install a VPN for, i.e., keeping their traffic private and secure. The apps flagged with at least one problem have been installed more than 2.4 billion…
-

Hackers Use Fake Microsoft Entra Passkey Enrollment to Gain Microsoft 365 Access [email protected] (The Hacker News)
A threat actor has been targeting organizations spanning multiple sectors with voice-based fake security requests that prompt Microsoft 365 users to enroll a new Entra passkey with an aim to carry out data extortion attacks. The threat actor, tracked by Okta under the moniker O-UNC-066, has deployed a panel-controlled phishing kit that’s capable of targeting…
-

Attackers Exploit ‘Ill Bloom’ Vulnerability to Drain $3.1 Million From Cryptocurrency Wallets [email protected] (The Hacker News)
Security firm Coinspect has disclosed a crypto wallet flaw it calls Ill Bloom, and attackers are already using it. The flaw is in how some wallet software generated its recovery phrase, the words that control the money. When that phrase is made with weak randomness, an attacker can work it out and take everything it controls. Coinspect has…
-

Ransomware Negotiator Gets 70 Months in Prison for Aiding BlackCat Attacks [email protected] (The Hacker News)
A 41-year-old former ransomware negotiator has been sentenced to nearly six years (i.e., 70 months) in prison in the U.S. for their role in conspiring with the now-defunct BlackCat ransomware operators to extort multiple victims and working with two other cybersecurity professionals to target additional victims in 2023. In a sentencing memorandum, federal prosecutors described…
-

Dormant GitHub Accounts Help Attackers Blend In While Mapping Corporate Orgs [email protected] (The Hacker News)
Datadog Security Labs is warning of “several overlapping campaigns” that are systematically enumerating corporate GitHub organizations, repositories, and user accounts through the GitHub API. “Operators rely on automated scraping tooling with custom or legitimate-sounding user agents, leveraging GitHub ‘ghost’ accounts that are often years old, or compromised OAuth tokens and personalRead More
-

New GigaWiper Windows Backdoor Bundles Disk Wiping, Fake Ransomware, and Spyware [email protected] (The Hacker News)
Microsoft has taken apart a destructive Windows backdoor it calls GigaWiper. What stands out is how it is built: not one tool but three older destructive programs bolted into one, offered as commands the operator can choose from. Each is a different way to break a machine: wipe the whole disk, overwrite the Windows drive,…
-

npm 12 Disables Install Scripts by Default to Reduce Supply Chain Risk [email protected] (The Hacker News)
GitHub has officially announced the release of npm version 12 with install scripts disabled by default, along with deprecating granular access tokens (GATs) designed to bypass two-factor authentication (2FA). The Microsoft-owned subsidiary noted that the following npm install behaviors that used to run automatically before have been made opt-in – allowScripts defaults to off, meaningRead More
-
Common MFA mistakes — and how to fix them
Attackers have adapted their techniques to circumvent an organization’s MFA controls. When they succeed, it’s usually because MFA wasn’t properly set up or managed.Read More
-

ThreatsDay: Cloud Bucket Hijacking, Windows LPE Chain, Global Fraud Bust + 17 More Stories [email protected] (The Hacker News)
Most security mess starts as admin work. A link gets clicked. A tool gets trusted. A bucket name gets reused. A setting stays loose because nobody wants to touch it. This week is full of that kind of damage. Not loud. Not clever. Just small gaps doing big jobs. The worst part is how normal it…
-

AI Attacks Move in Minutes. Join This Webinar on Building a Defense That Keeps Up [email protected] (The Hacker News)
AI has changed how fast attacks move. Work that once took an attacker days now takes minutes. Using models like Mythos, attackers write tailored bait, pick targets, test what lands, and jump to the next host before your team clears the first alert. That is the gap, and it is not your fault. The tools…
“Security used to be an inconvenience sometimes, but now it’s a necessity all the time.”
― Martina Navratilova
