January 4, 2024 at 01:32PM RIPE, the Regional Internet Registry for Europe, the Middle East, and Central Asia, is investigating a compromised administrator account that disrupted network traffic. The compromise affected some services and potentially other accounts, prompting RIPE to contact affected account holders. Additionally, a threat actor announced unauthorized access to a RIPE administrator … Read more
January 3, 2024 at 02:46PM Orange Spain experienced an internet outage due to a hacker breaching its RIPE account and misconfiguring BGP routing and RPKI settings. This allowed the hacker to divert traffic to malicious destinations. The hacker, known as ‘Snow,’ disabled RPKI, causing a performance issue. Orange Spain is restoring services and investigating the … Read more
December 26, 2023 at 04:09PM GitHub is requiring users to enable two-factor authentication (2FA) by January 19th, 2024, for contributing code on GitHub.com. This measure aims to safeguard accounts and prevent code alteration. Failure to comply will result in limited access to the site. Various 2FA methods are available, and users are encouraged to set … Read more
December 20, 2023 at 02:35PM A new phishing campaign targeting Instagram users involves fake ‘copyright infringement’ emails enticing recipients to input account details and backup codes on phishing pages. The elaborate scheme masquerades as Meta’s portal and requests sensitive information. Despite signs of fraud, the convincing approach poses a serious threat to unsuspecting victims. Users … Read more
December 19, 2023 at 05:51AM Xfinity, a division of Comcast Cable Communications, revealed a security breach where attackers exploited a Citrix server vulnerability, compromising sensitive data of 35,879,455 customers. This includes usernames, hashed passwords, and potentially other personal details. Despite password reset requests, customers were left uncertain. Comcast asserts prompt patching and monitoring for customer … Read more
December 17, 2023 at 04:44PM Summary: Receiving an unprompted one-time passcode (OTP) in an email or text suggests stolen credentials, highlighting the theft of legitimate corporate network access. Cyberattacks exploit these credentials for data theft, espionage, ransomware, and financial fraud. Multi-factor authentication (MFA) enhances security, reducing successful breaches but caution is advised with SMS and … Read more
December 4, 2023 at 04:13PM 23andMe reported a data breach affecting 0.1% of users, resulting from a credential-stuffing attack. Compromised data included personal genetic information. The company has since increased security measures and faces class action lawsuits, expecting to spend $1-2 million due to the breach. Security experts emphasize the need for robust cybersecurity. Clear … Read more
November 28, 2023 at 09:06AM Amir Hossein Golshan, a cybercriminal from Los Angeles, has been sentenced to 96 months in prison for engaging in multiple cybercrime schemes. He caused approximately $740,000 in losses to hundreds of victims through online scams and unauthorized account access. Golshan used SIM swapping to take control of victims’ social media … Read more
November 16, 2023 at 01:15PM Google has released updated USB-A and USB-C models of its Titan security key, which now supports passkeys. These keys are secure authentication devices that can store over 250 unique passkeys and work with various applications. Google aims to replace passwords with passkeys and plans to distribute 100,000 free security keys … Read more