Security News

U.S. Sentences 31-Year-Old to 10 Years for Laundering $4.5M in Email Scams
2024-05-29 11:50

The U.S. Department of Justice (DoJ) has sentenced a 31-year-old to 10 years in prison for laundering more than $4.5 million through business email compromise (BEC) schemes and romance scams....

New Research Warns About Weak Offboarding Management and Insider Risks
2024-05-29 11:31

A recent study by Wing Security found that 63% of businesses may have former employees with access to organizational data, and that automating SaaS Security can help mitigate offboarding risks. ...

Privacy Implications of Tracking Wireless Access Points
2024-05-29 11:01

Abstract: Wi-Fi-based Positioning Systems are used by modern mobile devices to learn their position using nearby Wi-Fi access points as landmarks. The privacy implications of such massive datasets become more stark when taken longitudinally, allowing the attacker to track devices' movements.

How fraudsters stole $37 million from Coinbase Pro users
2024-05-29 10:40

A convincing phishing page and some over-the-phone social engineering allowed a group of crooks to steal over $37 million from unlucky Coinbase Pro users. Around June 2021, Tomar and his co-conspirators set up a spoofed Coinbase Pro website at CoinbasePro.

Microsoft Uncovers 'Moonstone Sleet' — New North Korean Hacker Group
2024-05-29 10:35

A never-before-seen North Korean threat actor codenamed Moonstone Sleet has been attributed as behind cyber attacks targeting individuals and organizations in the software and information...

10 Best SIEM Tools for 2024
2024-05-29 10:15

IBM Security QRadar SIEM is especially suited to enterprises that are heavily invested in IBM tools and systems, as well as large enterprise deployments. Why I picked IBM Security QRadar SIEM. I picked IBM's QRadar SIEM as a smart choice for companies that have already heavily integrated IBM products and tools into their workflow.

Price Drop: This Complete Ethical Hacking Bundle is Now $40
2024-05-29 10:00

Get a comprehensive, potentially lucrative ethical hacking education with 18 courses on today's top tools and tech. It's a lucrative career, and whether you're looking for ways to protect your business or add another revenue stream, learning ethical hacking could be a smart move.

PoC exploits for critical FortiSIEM command execution flaws released (CVE-2024-23108, CVE-2023-34992)
2024-05-29 09:47

Ai researches have released proof-of-concept exploits for CVE-2024-23108 and CVE-2023-34992, vulnerabilities that allow remote, unauthenticated command execution as root on certain Fortinet FortiSIEM appliances. CVE-2024-23108 and CVE-2024-23109 are OS command injection vulnerabilities in the FortiSIEM supervisor and can be exploited remotely, without authentication, with specially crafted API requests.

BreachForums Returns Just Weeks After FBI Seizure - Honeypot or Blunder?
2024-05-29 07:11

The online criminal bazaar BreachForums has been resurrected merely two weeks after a U.S.-led coordinated law enforcement action dismantled and seized control of its infrastructure. Cybersecurity...

Avoiding the cybersecurity blame game
2024-05-29 04:30

To me, if someone follows procedures exactly but the procedure itself has been poorly designed, apportioning any blame to the individual is both unfair and counterproductive. It's all very well saying, "Don't blame the individual, blame the company".