Bleeping Computer

Trojanized Tor browsers target Russians with crypto-stealing malware

Trojanized Tor installations are typically promoted as "security-strengthened" versions of the official vendor, Tor Project, or pushed to users in countries where Tor is prohibited, making it harder to download the official version.

WiFi protocol flaw allows attackers to hijack network traffic

The first vendor to acknowledge the impact of the WiFi protocol flaw is Cisco, admitting that the attacks outlined in the paper may be successful against Cisco Wireless Access Point products and Cisco Meraki products with wireless capabilities.

Crown Resorts confirms ransom demand after GoAnywhere breach

While Crown Resorts confirmed that it is being extorted by Clop, who claims to have stolen data from its networks, it says there is no evidence of the data breach impacting customers.

Russia’s Rostec allegedly can de-anonymize Telegram users

This is according to a report by Russian media the Bell and Medusa, who investigated the matter after a series of arrests of anonymous Telegram channel owners and bloggers in 2022.

Bitter APT Targets Chinese Nuclear Energy Organizations With Spoofed Emails

In the new campaign found by Intezer, Bitter sends emails pretending to be from the Embassy of Kyrgyzstan in Beijing to various Chinese nuclear energy companies and academics related to that field.

Inaudible Ultrasound Attack can Stealthily Control Your Phone, Smart Speaker

American university researchers have developed a novel attack called "Near-Ultrasound Inaudible Trojan" (NUIT) that can launch silent attacks against devices powered by voice assistants, like smartphones, smart speakers, and other IoTs.

Australian police arrest four BEC actors who stole $1.7 million

The losses for victims range between $2,500 and $500,000, which the syndicate laundered using a massive network of 180 bank accounts, many of which were opened in South African banks using stolen identities.

CloudPanel installations use the same SSL certificate private key

Self-hosted web administration solution CloudPanel was found to have several security issues, including using the same SSL certificate private key across all installations and unintentional overwriting of firewall rules to default to weaker settings.

GitHub.com rotates its exposed private SSH key

In a succinct blog post published today, GitHub acknowledged discovering this week that the RSA SSH private key for GitHub.com had been ephemerally exposed in a public GitHub repository.

Microsoft fixes Acropalypse privacy bug in Windows 11 Snipping Tool

As first spotted by Windows enthusiast Xeno, Microsoft released Windows 11 Snipping Tool version 11.2302.20.0 yesterday to Windows Insiders in the Canary channel via the Microsoft Store.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags