Security
Headlines
HeadlinesLatestCVEs

Tag

#intel

You Pay More When Companies Get Hacked

Plus: Google delays the end of cookies (again), EU officials were targeted with Pegasus spyware, and more of the top security news.

Wired
Open in Source
#web#android#apple#google#microsoft#intel#asus#ibm#chrome#firefox
Microsoft Links Raspberry Robin USB Worm to Russian Evil Corp Hackers

Microsoft on Friday disclosed a potential connection between the Raspberry Robin USB-based worm and an infamous Russian cybercrime group tracked as Evil Corp. The tech giant said it observed the FakeUpdates (aka SocGholish) malware being delivered via existing Raspberry Robin infections on July 26, 2022. Raspberry Robin, also called QNAP Worm, is known to spread from a compromised system via

CVE-2022-34528: Vuls/BOF_in_D-Link DSL-3782.md at main · 1160300418/Vuls

D-Link DSL-3782 v1.03 and below was discovered to contain a stack overflow via the function getAttrValue.

ICYMI: Dark Web Happenings Edition With Evil Corp., MSP Targeting & More

Dark Reading's digest of other "don't-miss" stories of the week — including a Microsoft alert connecting disparate cybercrime activity together, and an explosion of Luca Stealer variants after an unusual Dark Web move.

911 Proxy Service Implodes After Disclosing Breach

911[.]re, a proxy service that since 2015 has sold access to hundreds of thousands of Microsoft Windows computers daily, announced this week that it is shutting down in the wake of a data breach that destroyed key components of its business operations. The abrupt closure comes ten days after KrebsOnSecurity published an in-depth look at 911 and its connections to shady pay-per-install affiliate programs that secretly bundled 911’s proxy software with other titles, including “free” utilities and pirated software.

Security Teams Overwhelmed With Bugs, Bitten by Patch Prioritization

The first half of the year saw more than 11,800 reported security vulnerabilities, but figuring out which ones to patch first remains a thankless job for IT teams.

Big Questions Remain Around Massive Shanghai Police Data Breach

Why was PII belonging to nearly 1 billion people housed in a single, open database? Why didn't anyone notice it was downloaded?

Malicious npm Packages Scarf Up Discord Tokens, Credit Card Info

The campaign uses four malicious packages to spread "Volt Stealer" and "Lofy Stealer" malware in the open source npm software package repository.

Dahua IP Camera Vulnerability Could Let Attackers Take Full Control Over Devices

Details have been shared about a security vulnerability in Dahua's Open Network Video Interface Forum (ONVIF) standard implementation, which, when exploited, can lead to seizing control of IP cameras.  Tracked as CVE-2022-30563 (CVSS score: 7.4), the "vulnerability could be abused by attackers to compromise network cameras by sniffing a previous unencrypted ONVIF interaction and replaying the

Telegram and Discord Bots Delivering Infostealing Malware

By Deeba Ahmed Intel471 researchers have warned users about how cybercriminals are converting popular apps against them. A new report from… This is a post from HackRead.com Read the original post: Telegram and Discord Bots Delivering Infostealing Malware