Security News

White Phoenix is a free ransomware recovery tool for situations where files are encrypted with intermittent encryption. Intermittent encryption occurs when ransomware chooses not to encrypt every part of each file but instead encrypts sections, frequently in blocks of a set size or just the start of the targeted files.

After the recent incident involving Orange España and the leakage of credentials from the RIPE NCC portal, which led to a major outage, the cybersecurity community needs to reconsider the digital identity protection for staff engaged in network engineering and IT infrastructure management. Cybersecurity experts outlined the risks originating from Dark Web actors leveraging compromised credentials belonging to ISP/Telcom engineers, Data-Center Technicians, Network Engineers, IT Infrastructure Managers and Outsourcing companies.

Asia In Brief Indian infosec firm CloudSEK last week claimed it found records describing 750 million Indian mobile network subscribers on the dark web, with two crime gangs offering the trove of data for just $3,000. CloudSEK named CYBO CREW affiliates CyboDevil and UNIT8200 as the vendors of a 1.8TB trove, which contains mobile subscribers' names, phone numbers, addresses, and Aadhaar details.

Security researchers looking at more than 10,000 scripts used by the Parrot traffic direction system noticed an evolution marked by optimizations that make malicious code stealthier against security mechanisms. The operators behind Parrot sell the traffic to threat actors, who use it on users visiting infected sites for profiling and redirecting relevant targets to malicious destinations such as phishing pages or locations that deliver malware.

Bad bots are automated programs designed with malicious intent to perform various activities on the internet, often causing harm to individuals, organizations, and online ecosystems. By masquerading as authentic users, bad bots empower bot operators, attackers, unscrupulous competitors, and fraudsters to execute a diverse range of malicious activities.

Cybersecurity researchers are warning of a "notable increase" in threat actor activity actively exploiting a now-patched flaw in Apache ActiveMQ to deliver the Godzilla web shell on compromised...

Leaked credentials from traditional sources are still a prominent and substantial risk to organizations. We monitor more than 14 billion leaked credentials found from dumps across the dark web.

The open-source Bitwarden password manager has announced that all users can now log into their web vaults using a passkey instead of the standard username and password pairs. "This technology sources an encryption key from a passkey in relation to a particular site, which can then be used to reliably encrypt and decrypt data" - Bitwarden.

Link history stores records for 30 days, can be used to recall pages previously read, and excludes links sent in messages. Less prominently mentioned on help pages describing the feature on Facebook and Instagram is, of course, perhaps the real reason for the capability: "We may use link history information from our browser to improve your ads across Meta technologies."

The U.S. Department of Justice (DoJ) said it charged 19 individuals worldwide in connection with the now-defunct xDedic Marketplace, which is estimated to have facilitated more than $68 million in...