Security News

Bob Paddock April 28, 2023 3:32 PM. At a past company I worked at the company had its first ever mass layoff of 28 people. As we were waiting for the government paper pushers to come in, we figured out that the common denominator between us all was, that we had all used the companies health insurance sometime in the last few years.

Some might consider these actions cheating, while the acting player would argue that there was no rule that said the action couldn't be performed. How do we address these situations, and close those loopholes? We make new rules that specifically address the loophole action.

You want to commit suicide, but it's a mortal sin: your soul goes straight to hell, forever. That will get you executed, but if you confess your sins to a priest beforehand you avoid hell.

An emerging Python-based credential harvester and a hacking tool named Legion is being marketed via Telegram as a way for threat actors to break into various online services for further exploitation. The malware is suspected to be linked to another malware family called AndroxGh0st that was first documented by cloud security services providerLacework in December 2022.

Car thieves are injecting malicious software into a car’s network through wires in the headlights (or taillights) that fool the car into believing that the electronic key is nearby. News articles.

If your company's security is vulnerable due to the tight job market or affordability concerns, you may want to consider learning or having someone learn about pen testing and ethical hacking. It's probably not as difficult as you think, and The Complete Ethical Hacking Bootcamp 2023: Zero to Mastery Certification Bundle is currently on sale for just $45. This bundle contains 11 courses across more than 150 hours and has modules for all skill levels.

Researchers at Russian cybersecurity firm Kaspersky today revealed that they identified a small number of cryptocurrency-focused firms as at least some of the victims of the 3CX software supply-chain attack that's unfolded over the past week. Kaspersky declined to name any of those victim companies, but it notes that they're based in "Western Asia.".

The threat actor known as Arid Viper has been observed using refreshed variants of its malware toolkit in its attacks targeting Palestinian entities since September 2022. Also known by the names APT-C-23 and Desert Falcon, the hacking group has been linked to attacks aimed at Palestine and the Middle East at least since 2014.

Mandiant analysts who disclosed the activities of APT43 for the first time assess with high confidence that the threat actors are state-sponsored, aligning their operational goals with the North Korean government's geopolitical aims. The researchers have been tracking APT43 since late 2018 but have disclosed more specific details about the threat group only now.

The U.S. Cybersecurity & Infrastructure Security Agency has released a new open-source incident response tool that helps detect signs of malicious activity in Microsoft cloud environments. Known as the 'Untitled Goose Tool' and developed in collaboration with Sandia, a U.S. Department of Energy national laboratory, this Python-based utility can dump telemetry information from Azure Active Directory, Microsoft Azure, and Microsoft 365 environments.