July 4, 2024 at 03:37AM Twilio confirmed a data breach where hackers leaked 33 million phone numbers and account IDs associated with Authy. However, Twilio found no evidence of access to its systems and advised users to update security measures. The breach could lead to phishing and smishing attacks, urging heightened awareness among Authy users. … Read more
July 3, 2024 at 09:57AM Censys reports over 380,000 internet-exposed hosts with JavaScript scripts referencing the suspended polyfill.io domain. Following its suspension for malicious activities, over 100,000 websites were affected, prompting industry responses. Censys now identifies 384,773 hosts still referencing the domain. Further concerns arise about other potentially compromised domains controlled by the same threat … Read more
June 26, 2024 at 03:11PM The domain polyfill[.]io, used by over 100,000 websites for JavaScript code, has been compromised, serving malicious code like dynamic payloads and leading users to porn and betting sites. The sale of the domain to a Chinese organization has raised security concerns. Website owners are urged to remove references to the … Read more
May 24, 2024 at 04:31PM Researchers at security firm Rapid7 discovered a backdoor in Justice AV Solutions (JAVS) audio-visual software used in over 10,000 courtrooms. The backdoor, suspected to be part of a supply chain attack, enabled attackers full system access. Rapid7 urges affected users to reinstall, reset credentials, and upgrade to a secure version … Read more
May 24, 2024 at 09:24AM Thousands of computers are at risk of complete takeover due to a backdoor injected into the Justice AV Solutions (JAVS) Viewer v8.3.7 installer distributed from official servers. The backdoor, discovered by Rapid7, provides attackers with full control over affected systems. Rapid7 recommends updating to version 8.3.8 and re-imaging affected endpoints … Read more
May 9, 2024 at 11:30AM Dell recently cautioned about a data breach where a threat actor claimed to have acquired information for about 49 million customers via a breached Dell portal. The stolen data includes names, physical addresses, Dell hardware and order details. Though Dell reassures minimal risk as no financial data was accessed, customers … Read more
May 8, 2024 at 01:31PM The FBI warns of Storm-0539, a hacking group targeting retail employees’ personal and work devices with phishing attacks. Once infiltrated, the attackers move laterally through the network to compromise gift card business processes and generate fraudulent gift cards. To defend against these attacks, the FBI advises corporations to review incident … Read more
April 28, 2024 at 10:30AM Okta has reported a significant increase in credential stuffing attacks, facilitated by residential proxy services and stolen credentials. Cisco also cautioned of a surge in brute-force attacks targeting various devices. These attacks appear to originate from TOR exit nodes and anonymizing services. Okta recommends enforcing strong passwords, enabling two-factor authentication, … Read more
April 16, 2024 at 11:24AM Security researchers have uncovered a “credible” takeover attempt targeting the OpenJS Foundation, resembling a recent incident aimed at the open-source XZ Utils project. The incident involved suspicious emails urging updates to JavaScript projects and calls to designate new maintainers. This highlights the risks of supply chain attacks and the need … Read more
April 4, 2024 at 07:03PM Visa issued a security alert warning about increased detections of the JsOutProx malware targeting financial institutions in South and Southeast Asia, the Middle East, and Africa. The malware provides remote access and can execute various malicious activities. Mitigation actions and indicators of compromise were recommended, and the campaign involved phishing … Read more