KP Snacks giant hit by Conti ransomware, deliveries disrupted
KP Snacks, a major producer of popular British snacks has been hit by the Conti ransomware group affecting distribution to leading supermarkets. [...]
Showing only posts by Ax Sharma. Show all posts.
British Council exposed more than 100,000 files with student records
More than 100,000 files with student records belonging to British Council were found exposed online. An unsecured Microsoft Azure blob found on the internet by cybersecurity firm revealed student IDs, names, usernames and email addresses, and other personal information. [...]
Let's Encrypt is revoking lots of SSL certificates in two days
Let's Encrypt will begin revoking certain SSL/TLS certificates issued within the last 90 days starting January 28, 2022. The move could impact millions of active Let's Encrypt certificates. [...]
Google Drive flags nearly empty files for 'copyright infringement'
Users were left startled as Google Drive's automated detection systems flagged a nearly empty file for copyright infringement. The file, according to one Drive user, contained nothing other than just the digit "1" within. [...]
Canada's foreign affairs ministry hacked, some services down
The Canadian government department for foreign and consular relations, Global Affairs Canada was hit by a cyberattack last week. While critical services remain accessible, access to some online services is currently not available, as government systems continue to recover from the attack. [...]
483 Crypto.com accounts compromised in $34 million hack
Crypto.com has confirmed that a multi-million dollar cyberattack led to the compromise of 483 of its customer accounts. Although, the company's CEO stresses that customer funds are not at risk. Crypto.com is reportedly the world's third-largest cryptocurrency trading platform. [...]
Crypto.com confirms 483 accounts hacked, $34 million withdrawn
Crypto.com has confirmed that a multi-million dollar cyberattack led to the compromise of 483 of its customer accounts. Although, the company's CEO stresses that customer funds are not at risk. Crypto.com is reportedly the world's third-largest cryptocurrency trading platform. [...]
Firefox Relay gets added to disposable email blocklist, angers users
The maintainers of a "disposable email service" blocklist have decided to add Firefox Relay to the list, leaving many users of the service upset. Firefox Relay is a privacy-centric email service that enables users to protect their real email addresses and hence limit spam. [...]
npm dependency is breaking some React apps today — here's the fix
Tons of users are reporting their Facebook Create React App builds are failing since yesterday. The cause has been traced down to a dependency used by create-react-app, the latest version of which is breaking developers' apps. [...]
Dev corrupts NPM libs 'colors' and 'faker' breaking thousands of apps
Users of popular open-source libraries 'colors' and 'faker' were left stunned after they saw their applications, using these libraries, printing gibberish data and breaking. Some surmised if the NPM libraries had been compromised, but it turns out there's more to the story. [...]
Microsoft Skype challenge: Can you solve this puzzle 10 times?
New Skype users report frustration after being presented with a captcha that requires them to solve a complex puzzle ten times before signing up for the service. [...]
Microsoft Skype makes you solve a complex captcha 10 times to sign up
New Skype users report frustration after being presented with a captcha that requires them to solve a complex puzzle ten times before signing up for the service. [...]
Don't copy-paste commands from webpages — you can get hacked
Programmers, sysadmins, security researchers, and tech hobbyists copying-pasting commands from web pages into a console or terminal risk having their system compromised. Wizer's Gabriel Friedlander demonstrates an obvious, simple yet stunning trick that'll make you think twice before copying-pasting text from web pages. [...]
Uber ignores vulnerability that lets you send any email from Uber.com
A vulnerability in Uber's email system allows just about anyone to send emails on behalf of Uber. Uber is aware of the flaw but has decided not to fix it for now. [...]
Popular Q&A app Curious Cat loses domain, posts bizarre tweets
Popular social networking and anonymous Q&A app, Curious Cat has lost control of its domain. Soon after the platform announced losing control of their domain, a series of bizarre events and support responses have confused the app users who are now unable to trust Curious Cat. [...]
Twitter account of FBI's fake chat app, ANOM seen trolling today
The Twitter account previously associated with the ANOM chat app is posting frivolous tweets this week. ANOM was a fake encrypted messaging platform created as part of a global sting operation led by the U.S. FBI, Australian Federal Police (AFP), and other law enforcement agencies to catch criminals …
Fintech firm hit by log4j hack refuses to pay $5 million ransom
One of the largest Vietnamese crypto trading platforms, ONUS, recently suffered a cyber attack on its payment system running a vulnerable Log4j version. Soon enough, threat actors approached ONUS to extort $5 million and threatened to publish the customer data should ONUS refuse to comply. [...]
Log4j 2.17.1 out now, fixes new remote code execution bug
Apache has released another Log4j version, 2.17.1 fixing a newly discovered remote code execution (RCE) vulnerability in 2.17.0, tracked as CVE-2021-44832. Prior to today, 2.17.0 was the most recent version of Log4j and deemed the safest release to upgrade to, but that advice …
Upgraded to log4j 2.16? Surprise, there's a 2.17 fixing DoS
Yesterday, BleepingComputer summed up all the log4j and logback CVEs known thus far. Ever since the critical log4j zero-day saga began last week, security experts have time and time again recommended version 2.16 as the safest release to be on. That changes today with version 2.17.0 …
All Log4j, logback bugs we know so far, and why you MUST ditch 2.15
Everyone's heard of the critical log4j zero-day by now. Dubbed 'Log4Shell' and 'Logjam,' the vulnerability has set the internet on fire. Below we summarize the four or more CVEs identified thus far, and pretty good reasons to ditch log4j version 2.15.0 for 2.16.0. [...]
Firefox users can't reach Microsoft.com — here's what to do
Those using the Mozilla Firefox web browser are left unable to access Microsoft.com domain. Tests by BleepingComputer confirm the issue relates to SSL certificate validation errors. Below we explain what can you do to remedy the issue. [...]
Malicious PyPI packages with over 10,000 downloads taken down
The Python Package Index (PyPI) registry has removed three malicious Python packages aimed at exfiltrating environment variables and dropping trojans on the infected machines. These malicious packages are estimated to have generated over 10,000 downloads and mirrors put together, according to the researchers' report. [...]
Nordic Choice Hotels hit by Conti ransomware, no ransom demand yet
Nordic Choice Hotels has now confirmed a cyber attack on its systems from the Conti ransomware group. Although there is no indication of card or payment information being affected, information pertaining to guest bookings was potentially leaked. [...]
As Twitter removes blue badges for many, phishing targets verified accounts
A new phishing campaign has been targeting verified Twitter accounts, as seen by BleepingComputer. The phishing campaign follows Twitter's recent removal of the checkmark from a number of verified accounts, citing that these were ineligible for the legendary status, and verified in error. [...]
New Twitter phishing campaign targets verified accounts
A new phishing campaign has been targeting verified Twitter accounts, as seen by BleepingComputer. The phishing campaign follows Twitter's recent removal of the checkmark from a number of verified accounts, citing that these were ineligible for the legendary status, and verified in error. [...]
« newer articles | page 7 | older articles »