FBI: Look out, crooks stole $1.3b in cryptocurrency in just three months this year
The FBI has urged people to be cautious and heavily research a DeFi - decentralized finance - provider before putting your money into it, after more than a billion dollars was stolen from these providers in three months. In an alert this week, quoting numbers from blockchain research firm Chainalysis, the Feds said $1.3 billion in cryptocurrencies were siphoned in total between January and March 2022 alone, and 97 percent of that was lifted from DeFi outfits. READ MORE...
Neopets says hackers had access to its systems for 18 months
Neopets has released details about the recently disclosed data breach incident that exposed personal information of more than 69 million members. Findings of the investigation launched on July 20, 2022 revealed that attackers had access to the Neopets IT systems from January 3, 2021 until July 19, 2022. The company learned about the breach only after a hacker offered to sell a Neopets database for four bitcoins. READ MORE...
Belarusian hacktivists try NFTs to support antigovernment campaign
The Belarusian Cyber Partisans, a hacktivist collective working to topple the autocratic leadership of Belarus, listed a series of digital "passports" related to Belarusian President Aleksandr Lukashenko and his associates as NFTs for sale Tuesday, hoping to raise money for continued actions against the government. The "passports" were mock-ups based on information from the national passport database the group hacked in 2021, the Cyber Partisans said. READ MORE...
Closing the Security Gap Opened by the Rise of No-Code Tools
As part of the digital transformation reshaping the global business landscape, no-code/low-code tools are on the rise. Gartner projects the use of no-code/low-code tools will grow from almost 25% of applications in 2020 to 70% in 2025. In a recent Dark Reading survey of 136 IT professionals on the state of no-code/low-code tools and implementation in their businesses, only 39% said they don't use no-code/low-code tools or intend to use them in the near future. READ MORE...
Google Fixes 24 Vulnerabilities With New Chrome Update
Google's first stable channel version of Chrome 105 for Windows, Mac, and Linux, released this week, contained fixes for 24 vulnerabilities in previous versions of the software, including one "critical" flaw and eight that the company rated as being of "high" severity. A plurality - nine - of the security issues that Google addressed with Chrome 105 were so-called use-after-free vulnerabilities, or flaws that allow attackers to use previously freed memory spaces to execute malicious code, etc. READ MORE...
Over 900K Kubernetes clusters are misconfigured! Is your cluster a target?
Kubernetes is an amazing platform for managing containers at scale. However, a recent study found that over 900,000 Kubernetes clusters are vulnerable to attack because they are misconfigured! This means that your Kubernetes cluster could be a target for malicious actors if it is not properly secured. In this blog post, we will discuss how to secure your Kubernetes cluster and protect it from attack. READ MORE...
Microsoft finds TikTok vulnerability that allowed one-click account compromises
Microsoft said on Wednesday that it recently identified a vulnerability in TikTok's Android app that could allow attackers to hijack accounts when users did nothing more than click on a single errant link. The software maker said it notified TikTok of the vulnerability in February and that the China-based social media company has since fixed the flaw, which is tracked as CVE-2022-28799. READ MORE...
Here's how 5 mobile banking apps put 300,000 users' digital fingerprints at risk
Massive amounts of private data - including more than 300,000 biometric digital fingerprints used by five mobile banking apps - have been put at risk of theft due to hard-coded Amazon Web Services credentials, according to security researchers. Symantec's Threat Hunter Team said it discovered 1,859 publicly available apps, both Android and iOS, containing baked-in AWS credentials. That means if someone were to look inside the apps, they would have found the credentials in the code. READ MORE...
- ...in 1875, science fiction author Edgar Rice Burroughs, the creator of Tarzan of the Apes and John Carter of Mars, is born in Chicago, IL.
- ...in 1950, German automotive designer Porsche releases the 356, the first automobile to be independently manufactured and sold by the company following WWII.
- ...in 1952, Ernest Hemingway's Pulitzer-prize winning novel "The Old Man and the Sea" is first published.
- ...in 1985, a joint French-American expedition locates the wreckage of the RMS Titanic on the bottom of the North Atlantic.
