Computer Security Articles – RSS Reader for Computer Security Articles

Credit to Author: Mike Adams| Date: Wed, 06 Nov 2024 17:00:00 +0000

As part of Microsoft’s ongoing efforts to support security modernization and the Zero Trust principles, we’ve launched Zero Trust Workshop, an online self-service resource. Read our latest blog post for details.

The post Zero Trust Workshop: Advance your knowledge with an online resource appeared first on Microsoft Security Blog.

Security Wired

Russia Is Going All Out on Election Day Interference

November 6, 2024 admin 0 Comments Politics, politics / disinformation, politics / global elections, Security / Cyberattacks and Hacks, Security / National Security, Security / Security News

Credit to Author: Lily Hay Newman, Tess Owen| Date: Tue, 05 Nov 2024 21:04:35 +0000

Along with other foreign influence operations—including from Iran—Kremlin-backed campaigns to stoke division and fear have gone into overdrive.

MalwareBytes Security

8 security tips for small businesses

November 6, 2024 admin 0 Comments backups, BYOD, credentials, Education, encryption, Firewall, password manager, patch, PII, podcast, small businesses, Supply chain, update, VPN, wfh

Small businesses have the same security problems as big corporations, but not the budget or staff to match. Here are some tips to help.

MalwareBytes Security

Update your Android: Google patches two zero-day vulnerabilities

November 6, 2024 admin 0 Comments 2024-11-05, Android, cve-2024-38408, cve-2024-43047, cve-2024-43091, cve-2024-43093, news, security bulletin

Google has released patches for two zero-days and a lot of other high level vulnerabilities.

Security Sophos

Bengal cat lovers in Australia get psspsspss’d in Google-driven Gootloader campaign

November 6, 2024 admin 0 Comments gootloader, JavaScript, loader, search engine poisoning, security operations, seo poisoning, threat research

Credit to Author: gallagherseanm| Date: Wed, 06 Nov 2024 11:30:41 +0000

The Internet is full of cats—and in this case, malware-delivering fake cat websites used for very targeted search engine optimization.

Security Wired

Man Arrested for Snowflake Hacking Spree Faces US Extradition

November 5, 2024 admin 0 Comments Security, Security / Cyberattacks and Hacks, Security / Security News

Credit to Author: Matt Burgess, Andy Greenberg| Date: Tue, 05 Nov 2024 18:36:22 +0000

Alexander “Connor” Moucka was arrested this week by Canadian authorities for allegedly carrying out a series of hacks that targeted Snowflake’s cloud customers. His next stop may be a US jail.

Security Wired

Flaw in Right-Wing ‘Election Integrity’ App Exposes Voter-Suppression Plan and User Data

November 5, 2024 admin 0 Comments politics / global elections, Security, Security / Privacy, Security / Security News

Credit to Author: Dhruv Mehrotra| Date: Tue, 05 Nov 2024 16:56:22 +0000

A bug that WIRED discovered in True the Vote’s VoteAlert app revealed user information—and an election worker who wrote about carrying out an illegal voter-suppression scheme.

Independent Krebs

Canadian Man Arrested in Snowflake Data Extortions

November 5, 2024 admin 0 Comments A Little Sunshine, advance auto parts, alexander antonin moucka, at&t breach, Atomwaffen Division, austin larsen, bharat sanchar nigam ltd, Breadcrumbs, connor riley moucka, court, intelsecrets, irdev, john erin binns, judische, kiberphant0m, leak society, lending tree, Mandiant, Ne'er-Do-Well News, rapelash, satori, SIM swapping, snowflake, ticketmaster, unc5537, Verizon, waifu

Credit to Author: BrianKrebs| Date: Tue, 05 Nov 2024 17:10:04 +0000

A 26-year-old man in Ontario, Canada has been arrested for allegedly stealing data from and extorting more than 160 companies that used the cloud data service Snowflake. On October 30, Canadian authorities arrested Alexander Moucka, a.k.a. Connor Riley Moucka of Kitchener, Ontario, on a provisional arrest warrant from the United States. Bloomberg first reported Moucka’s alleged ties to the Snowflake hacks on Monday. At the end of 2023, malicious hackers learned that many large companies had uploaded huge volumes of sensitive customer data to Snowflake accounts that were protected with little more than a username and password (no multi-factor authentication required). After scouring darknet markets for stolen Snowflake account credentials, the hackers began raiding the data storage repositories used by some of the world’s largest corporations.

← Previous