Security News

American financial services holding company Globe Life says attackers may have accessed consumer and policyholder data after breaching one of its web portals.The insurance company believes that taking down the affected web portal will not significantly impact its operations.

Chinese threat actors are targeting ThinkPHP applications vulnerable to CVE-2018-20062 and CVE-2019-9082 to install a persistent web shell named Dama. The web shell enables further exploitation of the breached endpoints, such as enlisting them as part of the attackers' infrastructure to evade detection in subsequent operations.

The owner and operator of Incognito Market, a dark web marketplace for selling illegal narcotics online, was arrested at the John F. Kennedy Airport in New York on May 18. "LIN had ultimate control over more than one thousand vendors, more than 200,000 customers, and at least one other employee who assisted LIN in the management of the site," according to the indictment [PDF].

With the browser becoming the most prevalent workspace in the enterprise, it is also turning into a popular attack vector for cyber attackers. From account takeovers to malicious extensions to...

Europol, the European Union's law enforcement agency, confirmed that its Europol Platform for Experts portal was breached and is now investigating the incident after a threat actor claimed they stole For Official Use Only documents containing classified data."No operational information is processed on this EPE application. No core systems of Europol are affected and therefore, no operational data from Europol has been compromised."

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

ReNgine is an open-source automated reconnaissance framework for web applications that focuses on a highly configurable and streamlined recon process. ReNgine was developed to overcome the constraints of conventional reconnaissance tools.

Reddit is investigating a major outage blocking users worldwide from accessing the social network's websites and mobile apps. Mobile users also report seeing an "Error: Choose failed Missing field 'user id'" error or an outage icon with the Reddit alien logo on the mobile app.

Advertising presented to you on this service can be based on limited data, such as the website or app you are using, your non-precise location, your device type or which content you are interacting with. Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests.

Since June 2023, Sophos X-Ops has discovered 19 junk gun ransomware variants - cheap, independently produced, and crudely constructed - on the dark web. "Over the past two months some of the biggest players in the ransomware ecosystem have disappeared or shut down, and, in the past, we've also seen ransomware affiliates vent their anger over the profit-sharing scheme of RaaS. Nothing within the cybercrime world stays static forever, and these cheap versions of off-the-shelf ransomware may be the next evolution in the ransomware ecosystem-especially for lower-skilled cyber attackers simply looking to make a profit rather than a name for themselves," Budd concluded.