Computer Security Articles
RSS Reader for Computer Security Articles
Author: admin
UK Secret Order Demands That Apple Give Access to Users’ Encrypted Data
Credit to Author: Lily Hay Newman| Date: Sat, 08 Feb 2025 11:30:00 +0000
Plus: Benjamin Netanyahu gives Donald Trump a golden pager, Hewlett Packard Enterprise blames Russian government hackers for a breach, and more.
Read MoreACLU Warns DOGE’s ‘Unchecked’ Access Could Violate Federal Law
Credit to Author: Dell Cameron| Date: Fri, 07 Feb 2025 21:43:33 +0000
The ACLU says it stands ready to sue for access to government records that detail DOGE’s access to sensitive personnel data.
Read MoreTeen on Musk’s DOGE Team Graduated from ‘The Com’
Credit to Author: BrianKrebs| Date: Sat, 08 Feb 2025 00:32:53 +0000
Wired reported this week that a 19-year-old working for Elon Musk’s so-called Department of Government Efficiency (DOGE) was given access to sensitive US government systems even though his past association with cybercrime communities should have precluded him from gaining the necessary security clearances to do so. As today’s story explores, the DOGE teen is a former denizen of ‘The Com,’ an archipelago of Discord and Telegram chat channels that function as a kind of distributed cybercriminal social network for facilitating instant collaboration.
Read More20 Million OpenAI accounts offered for sale
A cybercriminal calling themselves emirking is offering 20 million OpenAI accounts for sale on a Dark Web forum
Read MoreChinese-Speaking Group Manipulates SEO with BadIIS
Credit to Author: Ted Lee| Date: Fri, 07 Feb 2025 00:00:00 +0000
This blog post details our analysis of an SEO manipulation campaign targeting Asia. We also share recommendations that can help enterprises proactively secure their environment.
Read MoreI file Scalable Vector Graphics rappresentano una nuova minaccia di phishing
Credit to Author: Andrew Brandt| Date: Thu, 06 Feb 2025 09:59:16 +0000
Il formato dei file SVG può ospitare codice HTML, script e malware dannosi
Read MoreCode injection attacks using publicly disclosed ASP.NET machine keys
Credit to Author: Microsoft Threat Intelligence| Date: Thu, 06 Feb 2025 18:00:00 +0000
Microsoft Threat Intelligence observed limited activity by an unattributed threat actor using a publicly available, static ASP.NET machine key to inject malicious code and deliver the Godzilla post-exploitation framework. In the course of investigating, remediating, and building protections against this activity, we observed an insecure practice whereby developers have incorporated various publicly disclosed ASP.NET machine keys from publicly accessible resources, such as code documentation and repositories, which threat actors have used to launch ViewState code injection attacks and perform malicious actions on target servers.
The post Code injection attacks using publicly disclosed ASP.NET machine keys appeared first on Microsoft Security Blog.
Read More