Bleeping Computer
APRIL 2, 2022
Two teenagers from the UK charged with helping the Lapsus$ extortion gang have been released on bail after appearing in the Highbury Corner Magistrates Court court on Friday morning. [.].
Security Affairs
APRIL 2, 2022
GitLab has addressed a critical vulnerability, tracked as CVE-2022-1162 (CVSS score of 9.1), that could allow remote attackers to take over user accounts. The CVE-2022-1162 vulnerability is related to the set of hardcoded static passwords during OmniAuth-based registration in GitLab CE/EE. “A hardcoded password was set for accounts registered using an OmniAuth provider (e.g.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Bleeping Computer
APRIL 2, 2022
Yesterday, American Express users across the world including US, UK, and Europe, experienced widespread outages lasting hours, and some users continue to. BleepingComputer was able to briefly reproduce issues right before Amex confirmed partially restoring services. [.].
Security Affairs
APRIL 2, 2022
Anonymous claims to have hacked the Russian Orthodox Church ‘s charitable wing and leaked 15 GB of alleged stolen data. Anonymous continues to target Russian government entities and private businesses, this week the group claimed to have hacked the private firms Thozis Corp and Marathon Group owned by oligarchs. Now the collective announced the hack of the Russian Orthodox Church’s charitable wing and leaked 15GB of data along with 57,000 emails.
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
WIRED Threat Level
APRIL 2, 2022
Plus: Lapsus$ teens hit with charges, Wyze's security screwup, and Russia's cyber rampage.
Security Affairs
APRIL 2, 2022
The Ukrainian Defense Ministry’s Directorate of Intelligence leaked personal data belonging to 620 alleged Russian FSB agents. The Ukrainian Defense Ministry’s Directorate of Intelligence has leaked the alleged personal data of 620 Russian FSB officers. Personal details leaked by the Ukrainian body include names, phone numbers, addresses, vehicle license plates, SIM cards, date and location of birth, signatures, and passport numbers.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Security Affairs
APRIL 2, 2022
The City of London Police charged two of the seven teenagers who were arrested for their alleged role in the LAPSUS$ data extortion gang. The duo has been released on bail after appearing in the Highbury Corner Magistrates Court court on Friday. The City of London Police charged two of the seven teenagers recently arrested by the UK police for their alleged membership in the Lapsus$ extortion gang.
Security Boulevard
APRIL 2, 2022
Background On March 30, 2022, Praetorian published remediation details for a remote code execution vulnerability for Spring Core on JDK9+ (CVE-2022-22965). A patch for vulnerable systems is now available and Praetorian has notified those affected through our Chariot offering. Hunting Opportunities Covering all our bases this early in the disclosure timeline can be a significant […].
Security Affairs
APRIL 2, 2022
Operators behind the Mirai-based distributed denial-of-service (DDoS) botnet Beastmode (aka B3astmode) added exploits for Totolink routers. The Mirai -based distributed denial-of-service (DDoS) botnet Beastmode (aka B3astmode) now includes exploits for Totolink routers. Like most DDOS botnets, Beastmode attempt to infect other devices by launching brute-forcing attacks or exploiting multiple vulnerabilities.
Security Boulevard
APRIL 2, 2022
Our thanks to Purdue University’s The Center for Education and Research in Information Assurance and Security (CERIAS) for publishing their illuminating security symposiums, seminars, talks, and presentations on the Schools’ YouTube channel. Permalink. The post Purdue University’s CERIAS 2021 Security Symposium – Santiago Torres-Arias’ ‘Practical Software Supply Chain Security And Transparency’ appeared first on Security Boulevard.
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
Security Boulevard
APRIL 2, 2022
Our thanks to Purdue University’s The Center for Education and Research in Information Assurance and Security (CERIAS) for publishing their illuminating security symposiums, seminars, talks, and presentations on the Schools’ YouTube channel. And, to Jack Daniel , co-founder of Security BSides , our sincere gratitude for your continuous efforts on behalf of the Security Community.
Expert insights. Personalized for you.
127 
Let's personalize your content