Security Boulevard

APRIL 15, 2024

A former Amazon engineer who scammed more than $12 million from two decentralized cryptocurrencies exchanges in 2022 was sentenced to three years in prison in a case that the U.S. Justice Department (DOJ) called the first conviction for hacking a “smart contract.”

Engineering 125

Engineering Hacking Cryptocurrency Scams 125

Security Affairs

OCTOBER 16, 2022

Threat actors have compromised hundreds of servers exploiting critical flaw CVE-2022-41352 in Zimbra Collaboration Suite (ZCS). Last week, researchers from Rapid7 warned of the exploitation of unpatched zero-day remote code execution vulnerability, tracked as CVE-2022-41352 , in the Zimbra Collaboration Suite. reported Rapid7. “We

Hacking 121

Hacking Antivirus Telecommunications Engineering 121

Bleeping Computer

APRIL 12, 2024

Former Amazon security engineer Shakeeb Ahmed was sentenced to three years in prison for hacking two cryptocurrency exchanges in July 2022 and stealing over $12 million. [.]

Engineering 109

Engineering Hacking Cryptocurrency 109

Graham Cluley

MAY 31, 2023

RaidForums, the notorious hacking and data leak forum seized and shut down by the authorities back in April 2022, is - perhaps surprisingly - at the centre of another cybersecurity breach.

Hacking 122

Hacking Cybersecurity Data breaches 122

The State of Security

SEPTEMBER 22, 2022

The capacity was reduced, but the Hack Lab was still plenty busy and we loved having everyone come by and visit our table and play with the gear. The post SecTor 2022: The IoT Hack Lab is Back! Last year, it was great to be back at SecTor after everything was canceled in 2020. appeared first on The State of Security.

IoT 78

IoT Hacking Internet Internet 78

Security Affairs

FEBRUARY 26, 2024

Recently the leak of a collection of files apparently stolen from the Chinese government hacking contractor, I-Soon, exposed Chinese hacking capabilities. Recently someone has leaked on GitHub [ 1 , 2 ] a collection of files apparently stolen from the Chinese hacking firm, I-Soon.

Hacking 112

Hacking Government Spyware Marketing 112

Krebs on Security

AUGUST 29, 2023

According to recent figures from the managed security firm Reliaquest , QakBot is by far the most prevalent malware “loader” — malicious software used to secure access to a hacked network and help drop additional malware payloads. Today’s operation is not the first time the U.S.

Hacking 247

Hacking Malware Ransomware Government 247

Krebs on Security

SEPTEMBER 14, 2022

Worst in terms of outright scariness is CVE-2022-37969 , which is a “privilege escalation” weakness in the Windows Common Log File System Driver that allows attackers to gain SYSTEM-level privileges on a vulnerable host. .” CVE-2022-32984 is a problem in the deepest recesses of the operating system (the kernel).

Spyware 177

Spyware Cyber threats Security Defenses Cyber Attacks 177

Security Affairs

APRIL 22, 2024

Microsoft reported that the Russia-linked APT28 group (aka “ Forest Blizzard ”, “ Fancybear ” or “ Strontium ” used a previously unknown tool, dubbed GooseEgg, to exploit the Windows Print Spooler flaw CVE-2022-38028. The vulnerability CVE-2022-38028 was reported by the U.S.

Government 117

Government Education Phishing Malware 117

Bleeping Computer

DECEMBER 15, 2023

Former Amazon security engineer Shakeeb Ahmed pleaded guilty this week to hacking and stealing over $12.3 million from two cryptocurrency exchanges in July 2022. [.]

Engineering 119

Engineering Hacking Cryptocurrency 119

We Live Security

DECEMBER 27, 2022

The past year has seen no shortage of disruptive cyberattacks – here’s a round-up of some of the worst hacks and breaches that have impacted a variety of targets around the world in 2022. The post 2022 in review: 10 of the year’s biggest cyberattacks appeared first on WeLiveSecurity.

Hacking 143

Hacking Cybersecurity 143

Security Affairs

DECEMBER 9, 2022

On the third day of the Zero Day Initiative’s Pwn2Own Toronto 2022 hacking competition, participants earned more than $250,000. Another successful exploit in the SOHO SMASHUP category @ #P2OToronto #Pwn2Own pic.twitter.com/8Qty12wmU1 — Zero Day Initiative (@thezdi) December 9, 2022. Pierluigi Paganini.

Hacking 121

Hacking Mobile Information Security 121

Security Boulevard

JANUARY 20, 2023

Explore the FTX crypto scam of 2022 & other large crypto scams/hacks. The post Top Crypto Scandals: FTX Crypto Scam and Other Notable Hacks in 2022 appeared first on Security Boulevard. Learn about the ecosystems targeted, tactics used & tips to protect yourself.

Scams 62

Scams Hacking Cryptocurrency 62

Security Affairs

DECEMBER 13, 2022

VMware fixed three flaws in multiple products, including a virtual machine escape issue exploited at the GeekPwn 2022 hacking competition. VMware addressed three vulnerabilities in multiple products, including a virtual machine escape flaw, tracked as CVE-2022-31705, that was exploited at the GeekPwn 2022 hacking competition.

Hacking 124

Hacking Authentication Information Security 124

Security Affairs

MAY 22, 2022

The Pwn2Own Vancouver 2022 hacking contest ended, Trend Micro and ZDI awarded a total of $1,155,000 for successful attempts! During the third day of the Pwn2Own Vancouver 2022 hacking competition, white hat hackers demonstrated a working exploit against Microsoft Windows 11 OS. To nominate, please visit:?

Hacking 129

Hacking Cybersecurity Information Security 129

Security Boulevard

DECEMBER 23, 2022

Vulnerable websites are built for beginners who are learning ethical hacking to test their skills. The post 25+ Vulnerable websites to practice your ethical hacking skills appeared first on Cyphere | Securing Your Cyber Sphere. We have mentioned a few of such best sites in our article.

Hacking 62

Hacking Network Security 62

Bleeping Computer

JANUARY 30, 2024

Department of Justice arrested and charged two more suspects for their involvement in the hacking of almost 68,000 DraftKings accounts in a November 2022 credential stuffing attack. [.]

Accountability 91

Accountability Hacking 91

Security Boulevard

OCTOBER 17, 2022

The post BSidesLV 2022 Lucky13 Hire Ground – Tom Eston’s ‘Management Hacking 101: Leading High Performance Teams’ appeared first on Security Boulevard. Our sincere thanks to BSidesLV for publishing their outstanding conference videos on the organization's YouTube channel.

Hacking 76

Hacking Education Information Security Cybersecurity 76

SecureBlitz

MAY 24, 2022

In this post, we will show you the 25 best hacking movies for cybersecurity enthusiasts. The post 25 Best Hacking Movies For Cybersecurity Enthusiasts [2022 List] appeared first on SecureBlitz Cybersecurity. The world of cybersecurity is.

Hacking 64

Hacking Cybersecurity 64

Security Boulevard

NOVEMBER 4, 2022

Our sincere thanks to BSidesPDX 2022 for publishing their outstanding conference videos on the organization's YouTube channel. The post BSidesPDX 2022 – Nate Norton’s ‘Live, Laugh, Lyrical Injection: Hacking Karaoke For Fun And Profit’ appeared first on Security Boulevard.

Hacking 67

Hacking Education Information Security Cybersecurity 67

Security Affairs

DECEMBER 8, 2022

Pwn2Own Toronto 2022 Day Two – Participants demonstrated exploits for smart speaker, smartphone, printer, router, and NAS. On the first day of the Zero Day Initiative’s Pwn2Own Toronto 2022 hacking competition participants earned $400,000 for 26 unique zero-day exploits. SecurityAffairs – hacking, Pwn2Own Toronto 2022 ).

Hacking 98

Hacking Mobile Information Security 98

Security Affairs

MAY 20, 2022

During the second day of the Pwn2Own Vancouver 2022 hacking competition, contestants demonstrated a working exploit for Microsoft Windows 11. During the second day of the Pwn2Own Vancouver 2022 hacking competition, white hat hackers demonstrated a working exploit against Microsoft Windows 11 OS. Pierluigi Paganini.

Hacking 93

Hacking Cybersecurity Information Security 93

Security Affairs

MAY 19, 2022

White hat hackers earned a total of $800,000 on the first day of the Pwn2Own Vancouver 2022, $450,000 for exploits targeting Microsoft Teams. Pwn2Own Vancouver 2022 hacking contest has begun, it is the 15th edition of this important event organized by Trend Micro’s Zero Day Initiative (ZDI). To nominate, please visit:?

Hacking 124

Hacking Cybersecurity Information Security 124

Security Affairs

DECEMBER 14, 2022

Microsoft released December 2022 Patch Tuesday security updates that fix 52 vulnerabilities across its products. Microsoft December 2022 Patch Tuesday security updates fixed two zero-day vulnerabilities; one of the new issues addressed this month is listed as publicly known at the time of release, and one is actively exploited.

Hacking 110

Hacking Information Security 110

Security Boulevard

MARCH 14, 2023

men have been charged with hacking into a U.S. Men Charged in 2022 Hacking of DEA Portal appeared first on Security Boulevard. Drug Enforcement Agency (DEA) online portal that taps into 16 different federal law enforcement databases. The post Two U.S.

Hacking 52

Hacking Government Accountability Web Fraud 52

Security Boulevard

NOVEMBER 16, 2022

Our sincere thanks to BSidesKC 2022 for publishing their outstanding conference videos on the organization's YouTube channel. The post BSidesKC 2022 – Vincent Matteo’s ‘I Know What You Did Last Summer… I’m Still Hacking Your Small Business’ appeared first on Security Boulevard.

Small Business 70

Small Business Hacking Education Information Security 70

Bleeping Computer

DECEMBER 6, 2022

Contestants have hacked the Samsung Galaxy S22 smartphone twice during the first day of the Pwn2Own Toronto 2022 hacking competition, the 10th edition of the consumer-focused event. [.].

Hacking 142

Hacking 142

Security Affairs

DECEMBER 29, 2022

NCC Group’s Fox-IT research team warns of thousands of Citrix ADC and Gateway endpoints remain vulnerable to two critical vulnerabilities, tracked as CVE-2022-27510 and CVE-2022-27518 (CVSS scores: 9.8), that the company addressed in recent months. Citrix addressed the flaw on November 8, 2022. Pierluigi Paganini.

VPN 97

VPN Internet Internet Authentication 97

Security Affairs

OCTOBER 28, 2022

Apple released updates to backport the recently released security patches for CVE-2022-42827 zero-day to older iPhones and iPads. Apple has released new security updates to backport security patches released this week to address actively exploited CVE-2022-42827 in older iPhones and iPads, addressing an actively exploited zero-day bug.

Hacking 120

Hacking Information Security 120

Security Affairs

DECEMBER 11, 2022

The Pwn2Own Toronto 2022 is ended, and the participants earned a total of $989,750 for 63 unique zero-day exploits. The Zero Day Initiative’s Pwn2Own Toronto 2022 hacking competition has ended and these are the final numbers for the event: $989,750 awarded. — Zero Day Initiative (@thezdi) December 9, 2022.

Hacking 101

Hacking Information Security 101

Google Security

FEBRUARY 22, 2023

Working with security researchers throughout 2022, we have been able to identify and fix over 2,900 security issues and continue to make our products more secure for our users around the world. In 2022 we awarded over $12 million in bounty rewards – with researchers donating over $230,000 to a charity of their choice. Thank you, Rory!

Manufacturing 143

Manufacturing Internet Internet Software 143

Google Security

JUNE 21, 2022

Posted by Jan Keller, Technical Entertainment Manager, Bug Hunters Are you ready to put your hacking skills to the test? The competition kicks off on July 1 2022 6:00 PM UTC and runs through July 3 2022 6:00 PM UTC. It’s Google CTF time! The prize pool stands similar to previous years at more than $40,000.

Hacking 134

Hacking 134

Security Affairs

DECEMBER 13, 2022

LockBit ransomware gang hacked the California Department of Finance and threatens to leak data stolen from its systems. The images published by the gang as proof of the hack include spreadsheets containing financial data, a contract, 2022 budget details, and more. SecurityAffairs – hacking, California).

Hacking 129

Hacking Ransomware Cybersecurity Technology 129

Security Boulevard

OCTOBER 7, 2022

DevOpsDays Chicago returned as an in-person event in 2022. The post DevOpsDays Chicago 2022 – Cloud security, hacking containers, community, and much more… appeared first on Security Boulevard. Read the highlights of this amazing DevOps event, including how many conversations revolved around security and containers.

Hacking 52

Hacking 52

CyberSecurity Insiders

JANUARY 3, 2023

Guardian’s servers were hacked and a file encrypting malware was introduced into the daily computer network in the first week of December 2022. Christmas 2022 proved unfortunate to the IT staff of the daily newspaper, as they had to work 24/7 to bring back the network to normal operations.

Ransomware 121

Ransomware Media Malware Cyber Attacks 121

Security Affairs

MAY 2, 2024

In November 2022, Dropbox announced that threat actors gained unauthorized access to 130 of its source code repositories on GitHub. Pierluigi Paganini Follow me on Twitter: @securityaffairs and Facebook and Mastodon ( SecurityAffairs – hacking, CISA) DropBox is notifying all impacted customers.

Hacking 101

Hacking Authentication Passwords Accountability 101

Security Boulevard

FEBRUARY 23, 2023

Organizations often either have weak credential policies or don’t enforce them, making it easy for attackers to use legitimate credentials to log in—or live off the land—rather than using topflight tools to hack their way into systems.

Hacking 98

Hacking Cyber threats Cybersecurity 98