Security News > 2024

American cybersecurity firm and Google Cloud subsidiary Mandiant had its X (formerly Twitter) account compromised for more than six hours by an unknown attacker to propagate a cryptocurrency scam....

DriveFS Sleuth automates the investigation of Google Drive File Stream disk artifacts. The tool can parse the disk artifacts and build a filesystem tree-like structure enumerating the synchronized files along with their respective properties.

Open-source tools represent a dynamic force in the technological landscape, embodying innovation, collaboration, and accessibility. In cybersecurity, open-source tools are invaluable assets, empowering organizations to fortify their defenses against evolving threats.

In this Help Net Security video, Greg Ellis, General Manager, Application Security, at Digital.ai, discusses how artificial intelligence is revolutionizing the way applications are developed and...

The research found that consumers hold nuanced perceptions regarding cybersecurity incidents and are often less aware of the role they play in maintaining cyber hygiene within a business. These findings underscore brand trust's important role in the digital landscape - with an overwhelming 75% of consumers expressing their readiness to sever ties with a brand in the aftermath of any cybersecurity issue.

Microsoft has disabled a protocol that allowed the installation of Windows apps after finding that miscreants were abusing the mechanism to install malware. The move came just before Christmas, and seemingly mimicked issues first reported in December 2021, to address a Windows AppX Installer vulnerability in which an attacker could spoof App Installer into installing malicious software.

The Twitter account of American cybersecurity firm and Google subsidiary Mandiant was hijacked earlier today to impersonate the Phantom crypto wallet and share a cryptocurrency scam. "We are aware of the incident impacting the Mandiant X account and are working to resolve the issue," a Mandiant spokesperson told BleepingComputer.

The Twitter account of American cybersecurity firm and Google subsidiary Mandiant was hijacked earlier today to impersonate the Phantom crypto wallet and share a cryptocurrency scam. "We are aware of the incident impacting the Mandiant X account and are working to resolve the issue," a Mandiant spokesperson told BleepingComputer.

One of America's biggest private freight shippers, Estes Express Lines, has told more than 20,000 customers that criminals may have stolen their personal information. "As you may be aware, on October 1, 2023, Estes discovered that an unauthorized threat actor had gained access to a portion of the Company's IT network and deployed ransomware," it said in a letter mailed to 21,184 people [PDF].

Orange Spain suffered an internet outage today after a hacker breached the company's RIPE account to misconfigure BGP routing and an RPKI configuration. "Resource Public Key Infrastructure is a cryptographic method of signing records that associate a BGP route announcement with the correct originating AS number," explains a Cloudflare article on RPKI. By enabling RPKI with a routing body such as ARIN or RIPE, a network can cryptographically certify that only routers under their control can advertise an AS number and their associated IP addresses.