Security News

Finnish law enforcement authorities have announced the takedown of PIILOPUOTI, a dark web marketplace that specialized in illegal narcotics trade since May 2022. "The site operated as a hidden...

Well, you shouldn’t. It may already be hiding vulnerabilities. It's the modular nature of modern web applications that has made them so effective. They can call on dozens of third-party web...

Microsoft said today that the Exchange Web Services API for Exchange Online and Office 365 will be retired in approximately three years. These resources can be retrieved from various sources, including Exchange Online, Exchange Online as part of Office 365, and on-premises editions of Exchange.

Microsoft's Edge browser, known for its innovative features, is now shedding one of its most applauded functions, Web Select. Accessed either via the menu or the Control+Shift+X shortcut, Web Select provided an edge over simple screenshot tools.

Scattered Spider, the crew behind at least one of the recent Las Vegas casino IT security breaches, has already hit some 100 organizations during its so-far brief tenure in the cybercrime scene, according to Mandiant. The Google-owned threat intel firm tracks Scattered Spider as UNC3944.

Initial access brokers are cybercriminals that focus on gaining privileged IT access to corporate environments, which they then auction off on specialized dark web forums. We wanted to better understand how IABs operate, so we did the only natural thing and spent weeks painstakingly translating posts from Russian into English to conduct an in-depth analysis on the corporate access economy.

Customers of cloudy identification vendor Okta are reporting social engineering attacks targeting their IT service desks in attempts to compromise user accounts with administrator permissions. "We don't have visibility into which customers were targeted, but we know that four customers were affected within the three-week period since we've begun tracking these activities," he told The Register.

Google will be extending the Safety check feature within the Chrome browser to alert users when a previously installed extension is no longer available in the Chrome Web Store. Starting in Chrome 117, which is due to be released in September 2023, the browser will highlight if an extension they use has been unpublished by the developer, has been taken down for violating Chrome Web Store policy, or has been labeled as malware.

In this Help Net Security video, Jim Simpson, Director of Threat Intelligence at Searchlight Cyber, discusses threats against the financial sector. Threat actors will invariably target banks, yet by keeping an eye on the dark web, these institutions can identify illegal activities during their initial planning or pre-attack phase.

Read about a new tool advertised on the Dark Web called WormGPT. As artificial intelligence technology such as ChatGPT continues to improve, so does its potential for misuse by cybercriminals. ChatGPT credentials and jailbreak prompts on the Dark Web ChatGPT stolen credentials on the Dark Web.