New York Times source code stolen using exposed GitHub token
    June 8, 2024   01:10 PM   0 Internal source code and data belonging to The New York Times was leaked on the 4chan message board after being stolen from the company's GitHub repositories in January 2024, The Times confirmed to BleepingComputer. As first seen by VX-Underground, the internal data was leaked on Thursday by an anonymous user who posted a torrent to a 273GB archive containing the stolen data. "Basically all source code belonging to The New...
    By AFFA 2024-06-08 21:06:32 0 25
    TikTok fixes zero-day bug used to hijack high-profile accounts
    June 4, 2024   05:57 PM   0 Over the past week, attackers have hijacked high-profile TikTok accounts belonging to multiple companies and celebrities, exploiting a zero-day vulnerability in the social media's direct messages feature. Zero-day vulnerabilities are security flaws with no official patch or public information detailing the underlying weakness. After being compromised, user accounts belonging to Sony, CNN, and Paris Hilton had to be taken down to...
    By AFFA 2024-06-05 16:54:41 0 50
    US dismantles 911 S5 botnet used for cyberattacks, arrests admin
    May 29, 2024   01:14 PM   0 911 S5 seizure banner The U.S. Justice Department and international partners dismantled the 911 S5 proxy botnet and arrested 35-year-old Chinese national YunHe Wang, its administrator, in Singapore. "Working with our international partners, the FBI conducted a joint, sequenced cyber operation to dismantle the 911 S5 Botnet—likely the world's largest botnet ever," said FBI Director Christopher Wray. "We...
    By AFFA 2024-05-30 18:44:56 0 50
    Hackers target Check Point VPNs to breach enterprise networks
    May 27, 2024   02:19 PM   0 Threat actors are targeting Check Point Remote Access VPN devices in an ongoing campaign to breach enterprise networks, the company warned in a Monday advisory. Remote Access is integrated into all Check Point network firewalls. It can be configured as a client-to-site VPN for access to corporate networks via VPN clients or set up as an SSL VPN Portal for web-based access. Check Point says the attackers are targeting...
    By AFFA 2024-05-27 19:20:30 0 58
    New BiBi Wiper version also destroys the disk partition table
    May 20, 2024   12:06 PM   0 A new version of the BiBi Wiper malware is now deleting the disk partition table to make data restoration harder, extending the downtime for targeted victims. BiBi Wiper attacks on Israel and Albania are linked to a suspected Iranian hacking group named 'Void Manticore' (Storm-842), which is believed to be affiliated with Iran's Ministry of Intelligence and Security (MOIS). BiBi Wiper...
    By AFFA 2024-05-20 20:01:31 0 60
    Owner of Incognito dark web drugs market arrested in New York
    May 20, 2024   03:36 PM   0 The owner and operator of Incognito Market, a dark web marketplace for selling illegal narcotics online, was arrested at the John F. Kennedy Airport in New York on May 18. This illegal drug market was used to sell more than $100 million worth of narcotics, including over 1,000 kilograms (kgs) of illicit drugs, including 295 kgs of methamphetamines, 364 kgs of cocaine, 112 kgs of amphetamine, and 92 kgs of ecstasy (MDMA). Since it...
    By AFFA 2024-05-20 19:58:03 0 64
    The Post Millennial hack leaked data impacting 26 million people
    May 11, 2024   11:17 AM   0 Have I Been Pwned has added the information for 26,818,266 people whose data was leaked in a recent hack of The Post Millennial conservative news website. The Post Millennial is a conservative Canadian online news magazine belonging to the Human Events Media Group, which also operates the American 'Human Events' news platform. Earlier this month, both news platforms were hacked, with their sites' front pages...
    By AFFA 2024-05-11 19:33:57 0 64
    Dell warns of data breach 49 million customers allegedly affected
    As the database is no longer being sold, there is a good chance a threat actor is attempting to monetize it in some way through attacks. Therefore, be wary of any physical mailings or emails you receive that claim to be from Dell asking you to install software, change passwords, or perform some other potentially risky action. If you receive an email or physical mailing, you should instead contact Dell directly to confirm it is legitimate.
    By AFFA 2024-05-09 18:37:57 0 46
    AT&T delays Microsoft 365 email delivery due to spam wave
    May 9, 2024   01:58 PM   0 AT&T's email servers are blocking connections from Microsoft 365 due to a "high volume" spam wave originating from Microsoft's service. Starting on Monday, AT&T customers began reporting they could no longer receive email from Microsoft 365 email addresses. When Microsoft 365 customers attempted to email an address at @att.com, @sbcglobal.net, or @bellsouth.com, AT&T servers would refuse the connection and not accept...
    By AFFA 2024-05-09 18:34:01 0 60
    FBI warns of gift card fraud ring targeting retail companies
    May 8, 2024   01:25 PM   0 Image: Midjourney The FBI warned retail companies in the United States that a financially motivated hacking group has been targeting employees in their gift card departments in phishing attacks since at least January 2024. Tracked as Storm-0539, this hacking group targets the personal and work mobile devices of retail department staff using a sophisticated phishing kit that enables them to bypass multi-factor authentication. Upon...
    By AFFA 2024-05-08 19:51:49 0 196
    NSA warns of North Korean hackers exploiting weak DMARC email policies
    May 3, 2024   03:16 PM   1 The NSA and FBI warned that the APT43 North Korea-linked hacking group exploits weak email Domain-based Message Authentication Reporting and Conformance (DMARC) policies to mask spearphishing attacks. Together with the U.S. State Department, the two agencies cautioned that the attackers abuse misconfigured DMARC policies to send spoofed emails which appear to come from credible sources such as journalists, academics, and other experts...
    By AFFA 2024-05-04 15:28:01 0 194
    Iranian hackers pose as journalists to push backdoor malware
    May 4, 2024   10:17 AM   0 The Iranian state-backed threat actor tracked as APT42 is employing social engineering attacks, including posing as journalists, to breach corporate networks and cloud environments of Western and Middle Eastern targets. APT42 was first documented by Mandiant in September 2022, who reported that the threat actors were active since 2015, having carried out at least 30 operations in 14 countries. The espionage group,...
    By AFFA 2024-05-04 15:25:03 0 184
    Panda Restaurants discloses data breach after corporate systems hack
    May 1, 2024   01:35 PM   1 Image: Coolcaesar (CC BY-SA 4.0) Panda Restaurant Group, the parent company of Panda Express, Panda Inn, and Hibachi-San, disclosed a data breach after attackers compromised its corporate systems in March and stole the personal information of an undisclosed number of associates. Panda Express is the largest Chinese fast food chain in the United States, with over $3 billion in sales and 47,000 associates working in 2,300...
    By AFFA 2024-05-03 18:18:58 0 191
    New Cuttlefish malware infects routers to monitor traffic for credentials
    May 1, 2024   09:00 AM   0 A new malware named 'Cuttlefish' has been spotted infecting enterprise-grade and small office/home office (SOHO) routers to monitor data that passes through them and steal authentication information. Lumen Technologies' Black Lotus Labs examined the new malware and reports that Cuttlefish creates a proxy or VPN tunnel on the compromised router to exfiltrate data discreetly while bypassing security measures that detect unusual...
    By AFFA 2024-05-01 15:31:13 0 198
    DPRK hacking groups breach South Korean defense contractors
    April 23, 2024   12:56 PM   0 The National Police Agency in South Korea issued an urgent warning today about North Korean hacking groups targeting defense industry entities to steal valuable technology information. The police discovered several instances of successful breaches of defense companies in South Korea involving the hacking groups Lazarus, Andariel, and Kimsuky, all part of the North Korean hacking apparatus. According to the announcement, the...
    By AFFA 2024-04-24 17:49:42 0 106
More Articles
Read More
Russia charges suspects behind theft of 160,000 credit cards
April 2, 2024   11:37 AM   1 Russia's Prosecutor General's Office...
By AFFA 2024-04-02 17:09:06 0 110
Facebook and Instagram outage logs out users, passwords not working
March 5, 2024   11:18 AM   1 Facebook and Instagram users...
By AFFA 2024-03-05 17:08:31 0 202
SECURITY Watch out for "I can't believe he is gone" Facebook phishing posts
January 21, 2024   11:19 AM   3 A widespread Facebook phishing...
By AFFA 2024-01-22 18:52:00 0 249
Microsoft announces deprecation of 1024-bit RSA keys in Windows
March 18, 2024   03:51 PM   0 Microsoft has announced that RSA...
By AFFA 2024-03-19 15:24:49 0 192
RUBYCARP hackers linked to 10-year-old cryptomining botnet
April 9, 2024   11:30 AM   0 Image: Midjourney A Romanian...
By AFFA 2024-04-09 16:45:55 0 76