Identity Thieves Bypassed Experian Security to View Credit Reports
Identity thieves have been exploiting a glaring security weakness in the website of Experian, one of the big three consumer credit reporting bureaus. Normally, Experian requires that those seeking a copy of their credit report successfully answer several multiple choice questions about their financial history. But until the end of 2022, Experian's website allowed anyone to bypass these questions and go straight to the consumer's report. READ MORE...
Serbia Slammed With DDoS Attacks
The Serbian Ministry of the Interior reported over the weekend being targeted by at least five separate distributed denial-of-service (DDoS) attacks in 48 hours, intended to hobble the country's IT infrastructure. Working together, the Ministry of Internal Affairs and Telecom Serbia were able to fend off the DDoS attacks. "All attacks were repelled and the Ministry's bases were protected and safe," the statement said. READ MORE...
Microsoft: Kubernetes clusters hacked in malware campaign via PostgreSQL
The Kinsing malware is now actively breaching Kubernetes clusters by leveraging known weaknesses in container images and misconfigured, exposed PostgreSQL containers. While these tactics aren't novel, Microsoft's Defender for Cloud team reports they have seen an uptick lately, indicating that the threat actors are actively looking for specific entry points. Kinsing is a Linux malware with a history of targeting containerized environments for crypto mining. READ MORE...
Crypto-inspired Magecart skimmer surfaces via digital crime haven
Online criminals rarely reinvent the wheel, especially when they don't have to. From ransomware to password stealers, there are a number of toolkits available for purchase on various underground markets that allow just about anyone to get a jumpstart. During one of our crawls, we spotted a skimmer using the 'Mr.SNIFFA' framework that targets e-commerce sites and their customers. READ MORE...
Latest Firmware Flaws in Qualcomm Snapdragon Need Attention
A security company is leading coordinated vulnerability disclosure of multiple high-severity vulnerabilities in the Qualcomm Snapdragon chipset. The vulnerabilities were identified in the Unified Extensible Firmware Interface (UEFI) firmware reference code and impacts ARM-based laptops and devices using Qualcomm Snapdragon chips, according to Binarly Research. READ MORE...
John Deere relents, says farmers can fix their own tractors after all
Farmers now have the right to repair their John Deere tractors themselves or through independent third parties, ending a lengthy battle with the agricultural machinery company. On Saturday, John Deere and the American Farm Bureau Federation (AFBF) signed a memorandum of understanding (MOU) outlining the company's responsibilities to provide diagnostic tools and software outside of the company's official authorized repair centers. READ MORE...
- ...in 1776, writer Thomas Paine publishes his pamphlet "Common Sense," setting forth his arguments in favor of American independence.
- ...in 1927, director Fritz Lang's classic science fiction film "Metropolis" is released in Germany.
- ...in 1943, folk singer Jim Croce ("Bad, Bad Leroy Brown", "Time in a Bottle") is born in South Philadelphia, PA.
- ...in 1946, the US Army Signal Corps successfully conducts Project Diana, bouncing radio waves off of the Moon and receiving the reflected signals.
- ...in 1949. professional boxer, two-time heavyweight champion, and electric grill spokesman George Foreman is born in Marshall, TX.
