lemmydev2

Easy to exploit, not yet exploited, not widely patched – pick three As many as 300,000 servers or devices on the public internet are thought to be vulnerable right now to the recently disclosed Loop Denial-of-Service technique that works against some UDP-based application-level services.…

Just 35.5M names, addresses, emails, phone numbers … no biggie Clothing and footwear giant VF Corporation is letting 35.5 million of its customers know they may find themselves victims of identity theft following last year's security breach.…

Cybersecurity researchers have found a number of GitHub repositories offering cracked software that are used to deliver an information stealer called RisePro. The campaign, codenamed gitgub, includes 17 repositories associated with 11 different accounts, according to G DATA. The repositories in question have since been taken down by the Microsoft-owned subsidiary. "The repositories look

Plus: The operator of a dark-web cryptocurrency “mixing” service is found guilty, and a US senator reveals that popular safes contain secret backdoors.

Bloomberg.com: Two of the UK's biggest supermarket chains, Tesco and Sainsbury's, were hit with technical issues on Saturday; Sainsbury's blames a software update  —  Two of the UK's biggest supermarket chains - Tesco and Sainsbury's - were hit with technical issues on Saturday.

How Your Life Events Invite Cyber & Physical Threats The post How to Identify & Monitor Insider Threat Indicators [A Guide] appeared first on Security Boulevard.

James O'Donnell / MIT Technology Review: Self-driving startup Waabi unveils Copilot4D, a generative AI model trained on lidar data to predict traffic flow around a vehicle 5-10 seconds into the future  —  Waabi says its new model can anticipate how pedestrians, trucks, and bicyclists move using lidar data.

A former manager at a telecommunications company in New Jersey pleaded guilty to conspiracy charges for accepting money to perform unauthorized SIM swaps that enabled an accomplice to hack customer accounts. [...]

Moldovan national Sandu Boris Diaconu has been sentenced to 42 months in prison for operating E-Root, a major online marketplace that sold access to hacked computers worldwide. [...]

Don't Let the Quest for Data Lead You to Amplify What Criminals Might Be ClaimingFor the love of humanity, please stop playing into ransomware groups' hands by treating their data leak blogs as reliable sources of information and then using them to build lists of who's amassed the most victims. That's not what data leak sites actually document.

Annie Palmer / CNBC: How Amazon refund fraud gangs, which promote their schemes on Reddit, TikTok, and Telegram, are exploiting lenient refund policies at the company  —  - Refund fraud groups, organized like businesses, are exploiting lenient refund policies, robbing retailers of billions of dollars, experts told CNBC.

12.8 million new secrets occurrences were leaked publicly on GitHub in 2023, +28% compared to 2022, according to GitGuardian. Remarkably, the incidence of publicly exposed secrets has quadrupled since the company started reporting in 2021. Companies need to manage sensitive information exposure The growing number of code repositories on GitHub, with 50 million new repositories added in the past year (+22%), increases the risk of both accidental and deliberate exposure of sensitive information. This reality … More → The post 90% of exposed secrets on GitHub remain active for at least five days appeared first on Help Net Security.