I added hover over text, it messed up some of the formatting. But whatever, I gotta go write my TPS report.<h2>Krebs on Security</h2>2024-04-30 - <a href="https://krebsonsecurity.com/2024/04/man-who-mass-extorted-psychotherapy-patients-gets-six-years/" title="A 26-year-old Finnish man was sentenced to more than six years in prison today after being convicted of hacking into an online psychotherapy clinic, leaking tens of thousands of patient therapy records, and attempting to extort the clinic and patients.">Man Who Mass-Extorted Psychotherapy Patients Gets Six Years</a><br>2024-04-29 - <a href="https://krebsonsecurity.com/2024/04/fcc-fines-major-u-s-wireless-carriers-for-selling-customer-location-data/" title="The U.S. Federal Communications Commission (FCC) today levied fines totaling nearly $200 million against the four major carriers -- including AT&#038;T, Sprint, T-Mobile and Verizon -- for illegally sharing access to customers' location information without consent.">FCC Fines Major U.S. Wireless Carriers for Selling Customer Location Data</a><br><h2>Dark Reading</h2><h2>The Hacker News [ THN ] - Best Security Blog</h2>2024-05-02 - <a href="https://thehackernews.com/2024/05/popular-android-apps-like-xiaomi-wps.html" title="Several popular Android applications available in&nbsp;Google&nbsp;Play Store are susceptible to a path traversal-affiliated vulnerability that could be exploited by a malicious app to overwrite arbitrary files in the vulnerable&nbsp;app's&nbsp;home directory.
"The implications of this vulnerability pattern include arbitrary code execution and token theft, depending on an&nbsp;application’s&nbsp">Popular Android Apps Like Xiaomi, WPS Office Vulnerable to File Overwrite Flaw</a><br>2024-05-02 - <a href="https://thehackernews.com/2024/05/ukrainian-revil-hacker-sentenced-to-13.html" title="A Ukrainian national has been sentenced to more than 13 years in prison and ordered to pay $16 million in restitution for carrying out thousands of ransomware attacks and extorting victims.
Yaroslav Vasinskyi (aka Rabotnik), 24, along with his co-conspirators&nbsp;part&nbsp;of the&nbsp;REvil ransomware group&nbsp;orchestrated more than 2,500 ransomware attacks and demanded ransom payments in">Ukrainian REvil Hacker Sentenced to 13 Years and Ordered to Pay $16 Million</a><br>2024-05-02 - <a href="https://thehackernews.com/2024/05/when-is-one-vulnerability-scanner-not.html" title="Like antivirus software, vulnerability scans rely on a database of known weaknesses.
That’s why websites like VirusTotal exist, to give cyber practitioners a chance to see whether a malware sample&nbsp;is detected&nbsp;by multiple virus scanning engines, but this&nbsp;concept hasn’t existed in the vulnerability management space.
The benefits of using multiple scanning engines 
Generally speaking">When is One Vulnerability Scanner Not Enough?</a><br>2024-05-02 - <a href="https://thehackernews.com/2024/05/dropbox-discloses-breach-of-digital.html" title="Cloud storage services provider Dropbox&nbsp;on Wednesday disclosed&nbsp;that Dropbox Sign (formerly HelloSign) was breached by unidentified threat actors, who&nbsp;accessed emails, usernames, and general account settings associated with all users of the digital signature product.
The company, in&nbsp;a filing with the U.S. Securities and Exchange Commission (SEC), said it became aware of the ">Dropbox Discloses Breach of Digital Signature Service Affecting All Users</a><br>2024-05-02 - <a href="https://thehackernews.com/2024/05/new-goldoon-botnet-targets-d-link.html" title="A never-before-seen botnet called&nbsp;Goldoon&nbsp;has&nbsp;been observed&nbsp;targeting D-Link routers with a nearly decade-old critical security flaw&nbsp;with the goal of using&nbsp;the compromised devices for further attacks.
The vulnerability in question is&nbsp;CVE-2015-2051&nbsp;(CVSS score: 9.8), which affects D-Link DIR-645 routers and allows remote attackers to&nbsp;execute arbitrary">New "Goldoon" Botnet Targets D-Link Routers With Decade-Old Flaw</a><br>2024-05-02 - <a href="https://thehackernews.com/2024/05/cisa-warns-of-active-exploitation-of.html" title="The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has&nbsp;added&nbsp;a critical flaw impacting GitLab to its Known Exploited Vulnerabilities (KEV) catalog, owing to active exploitation in the wild.
Tracked as&nbsp;CVE-2023-7028&nbsp;(CVSS score: 10.0), the maximum severity vulnerability could facilitate account takeover by sending password reset emails to an unverified email">CISA Warns of Active Exploitation of Severe GitLab Password Reset Vulnerability</a><br>2024-05-02 - <a href="https://thehackernews.com/2024/05/new-cuttlefish-malware-hijacks-router.html" title="A new malware called&nbsp;Cuttlefish&nbsp;is targeting small office and home office (SOHO) routers&nbsp;with the&nbsp;goal&nbsp;of stealthily monitoring&nbsp;all traffic through the devices and gather authentication data from HTTP GET and POST requests.
"This malware is modular, designed primarily to steal authentication material found in web requests that transit the router from the adjacent">New Cuttlefish Malware Hijacks Router Connections, Sniffs for Cloud Credentials</a><br>2024-05-01 - <a href="https://thehackernews.com/2024/05/bitcoin-forensic-analysis-uncovers.html" title="A forensic analysis of a graph dataset containing transactions on the Bitcoin blockchain has revealed clusters associated with illicit activity and money laundering, including detecting&nbsp;criminal proceeds sent to a crypto exchange and previously unknown wallets belonging to a Russian darknet market.
The&nbsp;findings&nbsp;come from Elliptic in collaboration with&nbsp;researchers from the&">Bitcoin Forensic Analysis Uncovers Money Laundering Clusters and Criminal Proceeds</a><br>2024-05-01 - <a href="https://thehackernews.com/2024/05/android-malware-wpeeper-uses.html" title="Cybersecurity researchers have discovered a previously undocumented malware targeting Android devices that uses compromised WordPress sites as relays for its actual command-and-control (C2) servers for detection evasion.
The malware, codenamed&nbsp;Wpeeper, is an ELF binary that leverages the HTTPS protocol to secure its C2 communications.
"Wpeeper is a typical backdoor Trojan for Android">Android Malware Wpeeper Uses Compromised WordPress Sites to Hide C2 Servers</a><br>2024-05-01 - <a href="https://thehackernews.com/2024/05/everyones-expert-how-to-empower-your.html" title="There’s a natural human desire to avoid threatening scenarios.&nbsp;The irony, of course, is if you hope to attain any semblance of security,&nbsp;you’ve got to&nbsp;remain prepared to confront those&nbsp;very&nbsp;same threats.
As a decision-maker for your organization, you know this well. But no matter how many experts or trusted cybersecurity tools your organization has a standing guard,">How to Make Your Employees Your First Line of Cyber Defense</a><br>2024-05-01 - <a href="https://thehackernews.com/2024/05/zloader-malware-evolves-with-anti.html" title="The authors behind the resurfaced&nbsp;ZLoader&nbsp;malware have added a feature&nbsp;that was&nbsp;originally&nbsp;present in the Zeus banking trojan that&nbsp;it's based&nbsp;on, indicating that it's&nbsp;being actively developed.
"The latest version, 2.4.1.0, introduces a feature to prevent execution on machines that differ from the original infection," Zscaler ThreatLabz researcher Santiago">ZLoader Malware Evolves with Anti-Analysis Trick from Zeus Banking Trojan</a><br>2024-05-01 - <a href="https://thehackernews.com/2024/05/ex-nsa-employee-sentenced-to-22-years.html" title="A former employee of the U.S. National Security Agency (NSA) has been sentenced to nearly 22 years (262 months) in prison for attempting to transfer classified documents to Russia.
"This sentence should serve as a stark warning to all those entrusted with protecting national defense information that there are consequences to betraying that trust,"&nbsp;said&nbsp;FBI Director Christopher Wray.">Ex-NSA Employee Sentenced to 22 Years for Trying to Sell U.S. Secrets to Russia</a><br>2024-04-30 - <a href="https://thehackernews.com/2024/04/millions-of-malicious-imageless.html" title="Cybersecurity researchers have discovered multiple campaigns targeting&nbsp;Docker Hub&nbsp;by planting millions of malicious "imageless" containers over the past five years,&nbsp;once again&nbsp;underscoring how open-source registries could pave the way for supply chain attacks.
"Over four million of the repositories in Docker Hub are imageless and have no content except for the repository">Millions of Malicious 'Imageless' Containers Planted on Docker Hub Over 5 Years</a><br>2024-04-30 - <a href="https://thehackernews.com/2024/04/us-government-releases-new-ai-security.html" title="The U.S. government has unveiled new security guidelines aimed at bolstering critical infrastructure against artificial intelligence (AI)-related threats.
"These guidelines are informed by the whole-of-government effort to assess AI risks across all sixteen critical infrastructure sectors, and address threats both to and from, and involving AI systems," the Department of Homeland Security (DHS)&">U.S. Government Releases New AI Security Guidelines for Critical Infrastructure</a><br>2024-04-30 - <a href="https://thehackernews.com/2024/04/considerations-for-operational.html" title="Operational Technology (OT)&nbsp;refers to the hardware and software used to change, monitor, or control the enterprise's physical devices, processes, and events. Unlike traditional Information Technology (IT) systems, OT systems directly impact the physical world. This unique characteristic of OT brings additional cybersecurity considerations not typically present in conventional IT security">Considerations for Operational Technology Cybersecurity</a><br>2024-04-30 - <a href="https://thehackernews.com/2024/04/new-uk-law-bans-default-passwords-on.html" title="The U.K. National Cyber Security Centre (NCSC) is calling on&nbsp;manufacturers of smart devices&nbsp;to comply with new legislation&nbsp;that prohibits them from using default passwords, effective April 29, 2024.
"The law, known as the&nbsp;Product Security and Telecommunications Infrastructure act&nbsp;(or PSTI act), will help consumers to choose smart devices that have been designed to">New U.K. Law Bans Default Passwords on Smart Devices Starting April 2024</a><br>2024-04-29 - <a href="https://thehackernews.com/2024/04/google-prevented-228-million-malicious.html" title="Google on Monday revealed that almost 200,000 app submissions to its Play Store for Android were either rejected or remediated to address issues with access to sensitive data such as location or SMS messages over the past year.
The tech giant also said it blocked 333,000 bad accounts from the app storefront in 2023 for attempting to distribute malware or for repeated policy violations.
"In 2023,">Google Prevented 2.28 Million Malicious Apps from Reaching Play Store in 2023</a><br>2024-04-29 - <a href="https://thehackernews.com/2024/04/china-linked-muddling-meerkat-hijacks.html" title="A previously undocumented cyber threat dubbed&nbsp;Muddling Meerkat&nbsp;has&nbsp;been observed&nbsp;undertaking sophisticated domain name system (DNS) activities in a likely effort to evade security measures and conduct&nbsp;reconnaissance&nbsp;of networks&nbsp;across the world&nbsp;since October 2019.
Cloud security firm Infoblox described the threat actor as likely affiliated with the">China-Linked 'Muddling Meerkat' Hijacks DNS to Map Internet on Global Scale</a><br>2024-04-29 - <a href="https://thehackernews.com/2024/04/navigating-threat-landscape.html" title="It&nbsp;comes as&nbsp;no surprise that today's cyber threats are orders of magnitude more complex than those of the past.&nbsp;And the&nbsp;ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this&nbsp;non-stop&nbsp;challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many">Navigating the Threat Landscape: Understanding Exposure Management, Pentesting, Red Teaming and RBVM</a><br>2024-04-29 - <a href="https://thehackernews.com/2024/04/new-r-programming-vulnerability-exposes.html" title="A security vulnerability has&nbsp;been discovered&nbsp;in the R programming language that could be exploited by a threat actor to create a malicious RDS (R Data Serialization) file such that it results in code execution when loaded and referenced.
The flaw, assigned the CVE identifier CVE-2024-27322 (CVSS score: 8.8), "involves the use of promise objects and lazy evaluation in R," AI application">New R Programming Vulnerability Exposes Projects to Supply Chain Attacks</a><br>2024-04-29 - <a href="https://thehackernews.com/2024/04/sandbox-escape-vulnerabilities-in.html" title="Multiple critical security flaws have been disclosed in the Judge0 open-source online code execution system&nbsp;that&nbsp;could be exploited to&nbsp;obtain code execution&nbsp;on the target system.
The three&nbsp;flaws, all critical&nbsp;in nature,&nbsp;allow an "adversary with sufficient access to perform a sandbox escape and obtain root permissions on the host machine," Australian">Sandbox Escape Vulnerabilities in Judge0 Expose Systems to Complete Takeover</a><br>2024-04-28 - <a href="https://thehackernews.com/2024/04/okta-warns-of-unprecedented-surge-in.html" title="Identity and access management (IAM) services provider Okta has warned of a spike in the "frequency and scale" of credential stuffing attacks aimed at online services.
These unprecedented attacks, observed over the last month, are said to be facilitated by "the broad availability of residential proxy services, lists of previously stolen credentials ('combo lists'), and scripting tools," the">Okta Warns of Unprecedented Surge in Proxy-Driven Credential Stuffing Attacks</a><br><h2>Schneier on Security</h2>2024-05-02 - <a href="https://www.schneier.com/blog/archives/2024/05/the-uk-bans-default-passwords.html" title="<p>The UK is the first country to <a href="https://therecord.media/united-kingdom-bans-defalt-passwords-iot-devices">ban default passwords</a> on IoT devices.</p>
<blockquote><p>On Monday, the United Kingdom became the first country in the world to ban default guessable usernames and passwords from these IoT devices. Unique passwords installed by default are still permitted.</p>
<p>The <a href="https://www.legislation.gov.uk/ukpga/2022/46/contents/enacted">Product Security and Telecommunications Infrastructure Act 2022</a> (PSTI) introduces new minimum-security standards for manufacturers, and demands that these companies are open with consumers about how long their products will receive security updates for.</p></blockquote>
<p>The UK may be the first country, but as far as I know, California is the first jurisdiction. It ...</p>">The UK Bans Default Passwords</a><br>2024-04-30 - <a href="https://www.schneier.com/blog/archives/2024/05/ai-voice-scam.html" title="<p>Scammers <a href="https://www.theguardian.com/technology/2024/apr/28/bbc-presenters-likeness-used-in-advert-after-firm-tricked-by-ai-generated-voice">tricked</a> a company into believing they were dealing with a BBC presenter. They faked her voice, and accepted money intended for her.</p>">AI Voice Scam</a><br>2024-04-29 - <a href="https://www.schneier.com/blog/archives/2024/04/whatsapp-in-india.html" title="<p>Meta has threatened to <a href="https://thewire.in/law/disappearing-messages-whatsapp-says-will-leave-india-is-forced-to-break-encryption">pull WhatsApp</a> out of India if the courts try to force it to break its end-to-end encryption.</p>">WhatsApp in India</a><br>2024-04-29 - <a href="https://www.schneier.com/blog/archives/2024/04/whale-song-code.html" title="<p>During the Cold War, the US Navy tried to make a <a href="https://www.twz.com/8778/the-u-s-navy-tried-to-turn-whale-songs-into-secret-code">secret code</a> out of whale song.</p>
<blockquote><p>The basic plan was to develop coded messages from recordings of whales, dolphins, sea lions, and seals. The submarine would broadcast the noises and a computer&#8212;the Combo Signal Recognizer (CSR)&#8212;would detect the specific patterns and decode them on the other end. In theory, this idea was relatively simple. As work progressed, the Navy found a number of complicated problems to overcome, the bulk of which centered on the authenticity of the code itself.</p>
<p>The message structure couldn&#8217;t just substitute the moaning of a whale or a crying seal for As and Bs or even whole words. In addition, the sounds Navy technicians recorded between 1959 and 1965 all had natural background noise. With the technology available, it would have been hard to scrub that out. Repeated blasts of the same sounds with identical extra noise would stand out to even untrained sonar operators...</p></blockquote>">Whale Song Code</a><br><h2>ThreatPost</h2><h2>Sydney Morning Herald</h2><h2>New York Times</h2>2024-05-02 - <a href="https://www.nytimes.com/2024/05/02/technology/judge-mehta-google-antitrust-closing-arguments.html" title="Judge Amit P. Mehta tried poking holes in the closing arguments of a landmark monopoly case as he weighs a ruling that could reshape tech.">Judge Grills U.S. and Google on Antitrust Claims</a><br>2024-05-02 - <a href="https://www.nytimes.com/2024/05/02/technology/google-antitrust-trial-closing-arguments.html" title="The first tech monopoly trial of the modern internet era is concluding. The judge’s ruling is likely to set a precedent for other attempts to rein in the tech giants that hold sway over information, social interaction and commerce.">Google Antitrust Trial Concludes With Closing Arguments</a><br>2024-05-02 - <a href="https://www.nytimes.com/2024/05/02/business/judge-mehta-google-antitrust.html" title="Amit P. Mehta, a judge in U.S. District Court for the District of Columbia, will issue a landmark antitrust ruling.">The Judge Deciding Google’s Landmark Antitrust Case</a><br>2024-05-01 - <a href="https://www.nytimes.com/2024/05/01/technology/personaltech/ai-voice-assistants.html" title="Meta, Google and others are driving a renaissance for voice assistants, but people have found the technology uncool for more than a decade.">Meta and Google Are Betting on AI Voice Assistants. Will They Take Off?</a><br>2024-05-02 - <a href="https://www.nytimes.com/2024/05/02/business/media/campus-protests-russia-china-iran-us.html" title="America’s adversaries have mounted online campaigns to amplify the social and political conflicts over Gaza flaring at universities, researchers say.">Campus Protests Give Russia, China and Iran Fuel to Exploit U.S. Divide</a><br>2024-04-30 - <a href="https://www.nytimes.com/2024/04/30/technology/amazon-first-quarter-revenue.html" title="The company also reported that profit more than tripled, to $10.4 billion, topping Wall Street expectations.">Amazon Reports $143.3 Billion in Revenue for First Quarter of 2024</a><br>2024-05-01 - <a href="https://www.nytimes.com/2024/04/30/business/tesla-layoffs-supercharger-team.html" title="The carmaker dismissed 500 employees in a unit that was critical to its success and seen as important to the future of electric vehicle sales in the United States.">Tesla Fires Charger Team Amid Hundreds of Layoffs</a><br>2024-04-30 - <a href="https://www.nytimes.com/2024/04/30/technology/binance-founder-changpeng-zhao-sentenced.html" title="Changpeng Zhao, the founder and former chief executive of the Binance cryptocurrency exchange, had pleaded guilty to a money-laundering violation.">Binance Founder Sentenced to 4 Months in Prison</a><br>2024-04-30 - <a href="https://www.nytimes.com/2024/04/30/style/meet-the-men-who-eat-meat-and-only-meat.html" title="With the help of Joe Rogan, a social media trend with staying power emerged from a 2018 book, “The Carnivore Diet.”">Meet the Men Who Eat Meat</a><br>2024-04-30 - <a href="https://www.nytimes.com/2024/04/30/technology/regulators-investigate-carmakers-driver-tracking.html" title="Modern cars are internet-connected and have hundreds of sensors. Lawmakers and regulators have concerns about what’s happening with all that data.">‘Smartphones on Wheels’ Draw Attention From Regulators</a><br>2024-04-30 - <a href="https://www.nytimes.com/2024/04/30/science/killer-asteroids-algorithm.html" title="With the help of Google Cloud, scientists churned through hundreds of thousands of images of the night sky to reveal that the solar system is filled with unseen objects.">Killer Asteroid Hunters Spot 27,500 Overlooked Space Rocks</a><br>2024-04-30 - <a href="https://www.nytimes.com/2024/04/30/business/getir-grocery-delivery-europe-us.html" title="The company had expanded quickly to keep ahead of rivals, but like other pandemic darlings, its business lost steam after lockdowns were eased.">Getir, a Rapid Grocery-Delivery Service, Exits the U.S. and Europe</a><br>2024-04-30 - <a href="https://www.nytimes.com/2024/04/30/style/bumble-dating-apps.html" title="As dissatisfaction with online dating grows, the app that put women in control is shifting course.">Bumble Tells Women They No Longer Have to Make the First Move</a><br>2024-04-30 - <a href="https://www.nytimes.com/2024/04/30/business/meta-european-union-disinformation-investigation.html" title="The inquiry is intended to pressure the tech giant to more aggressively police Facebook and Instagram ahead of the European Union’s closely watched elections in June.">Meta Faces EU Investigation Over Election Disinformation</a><br>2024-04-30 - <a href="https://www.nytimes.com/2024/04/30/science/ai-infants-language-learning.html" title="Could a better understanding of how infants acquire language help us build smarter A.I. models?">From Baby Talk to Baby A.I.</a><br>2024-04-30 - <a href="https://www.nytimes.com/2024/04/30/technology/changpeng-zhao-binance-crypto.html" title="Since pleading guilty to violating money-laundering rules, Changpeng Zhao, who ran the giant crypto exchange Binance, has networked across the United States to set up his next act.">Even as He Faces Prison Time, Binance’s Founder Plans a Comeback</a><br>2024-04-29 - <a href="https://www.nytimes.com/2024/04/29/technology/ai-startups-financial-reality.html" title="The table stakes for small companies to compete with the likes of Microsoft and Google are in the billions of dollars. And even that may not be enough.">A.I. Start-Ups Face a Rough Financial Reality Check</a><br>2024-04-29 - <a href="https://www.nytimes.com/2024/04/29/technology/ai-google-microsoft.html" title="Demis Hassabis and Mustafa Suleyman, who both grew up in London, feared a corporate rush to build artificial intelligence. Now they’re driving that competition at Google and Microsoft.">Friends From the Old Neighborhood Turn Rivals in Big Tech’s A.I. Race</a><br><h2>Wall Street Journal</h2>2024-05-02 - <a href="https://www.wsj.com/articles/sk-hynixs-ai-related-memory-chips-sold-out-for-year-aba56345?mod=rss_Technology" title="SK Hynix said its high bandwidth memory products were sold out for this year and almost fully booked for 2025 due to brisk demand for artificial-intelligence chips.">SK Hynix's AI-Related Memory Chips Sold Out for Year</a><br>2024-05-01 - <a href="https://www.wsj.com/articles/microsoft-to-invest-2-2-billion-in-ai-infrastructure-in-malaysia-76565b28?mod=rss_Technology" title="The U.S. tech giant’s investment over four years will build on previously announced plans to construct its first data center region in Malaysia, and mark its single biggest investment in the country.">Microsoft to Invest $2.2 Billion in AI Infrastructure in Malaysia</a><br>2024-05-01 - <a href="https://www.wsj.com/articles/vacation-photos-cameras-73505a7d?mod=rss_Technology" title="Instead, try a unique point-and-shoot camera and a 360-degree action option. Or, if you’re braver, a drone.">For Truly Envy-Inducing Vacation Pictures, Put the Phone Away</a><br>2024-05-01 - <a href="https://www.wsj.com/articles/ai-cloud-computing-startup-coreweave-valued-at-19-billion-in-new-funding-round-dfdb47cd?mod=rss_Technology" title="Nvidia-backed company raises $1.1 billion from investors including Fidelity, Magnetar Capital.">AI StartupCoreWeaveNearly Triples Valuation to $19 Billion in Five Months</a><br>2024-04-30 - <a href="https://www.wsj.com/articles/microsoft-to-invest-1-7-billion-in-ai-infrastructure-in-indonesia-5398e04f?mod=rss_Technology" title="The U.S. tech giant said the investment will build on plans to build the company’s first data center region in Indonesia and mark its single biggest investment in Southeast Asia’s largest economy.">Microsoft to Invest $1.7 Billion in AI Infrastructure in Indonesia</a><br>2024-04-29 - <a href="https://www.wsj.com/articles/samsungs-net-profit-quadruples-as-chip-business-rebounds-c5ec3f35?mod=rss_Technology" title="The South Korean tech giant’s flagship semiconductor business swung to profit on higher memory-chip prices amid the artificial-intelligence boom.">Samsung's Net Profit Quadruples as Chip Business Rebounds</a><br>2024-04-29 - <a href="https://www.wsj.com/articles/how-big-data-centers-are-slowing-the-shift-to-clean-energy-44ef4145?mod=rss_Technology" title="In Virginia’s data-center alley, rising power demand means more fossil fuels.">How Big Data Centers Are Slowing the Shift to Clean Energy</a><br>2024-04-28 - <a href="https://www.wsj.com/articles/why-turning-it-off-and-turning-it-back-on-is-gadget-fixing-magic-8a25ba91?mod=rss_Technology" title="There’s a reason it’s the first question IT asks.">Why Turning It Off and Turning It Back On Is Gadget-Fixing Magic</a><br>2024-04-28 - <a href="https://www.wsj.com/articles/how-tiktok-lost-the-war-in-washington-bbc419cc?mod=rss_Technology" title="Coordinated efforts by its critics and missteps by the company led to the law forcing a sale or ban of the popular app.">How TikTok Lost the War in Washington</a><br><h2>BBC</h2>2024-05-02 - <a href="https://www.bbc.com/news/articles/cll4ggr8re1o" title="The deal means songs from artists including Ariana Grande and Drake can be used on the platform again.">TikTok and Universal settle music royalties dispute</a><br>2024-05-02 - <a href="https://www.bbc.com/news/articles/c14kzw7x14vo" title="The case against the US-based ride-hailing giant is being brought on behalf of over 10,800 drivers.">Uber faces £250m London black cab drivers case</a><br>2024-05-01 - <a href="https://www.bbc.com/news/articles/c0kl4glp547o" title="Users have been reporting unexpected lie-ins after the alarms on their phones failed to go off.">Apple working to fix alarming iPhone issue</a><br>2024-05-01 - <a href="https://www.bbc.com/news/articles/cw0vnedkvwlo" title="Ofcom suspects the platform is not doing enough to stop under-18s accessing explicit material.">OnlyFans investigated over children accessing porn</a><br>2024-05-01 - <a href="https://www.bbc.co.uk/news/technology-68935522" title="The division responsible for the car-maker's huge fast-charging network is being axed to cut costs.">Tesla staff say entire Supercharger team fired</a><br>2024-04-30 - <a href="https://www.bbc.com/news/articles/ckke9x0e50xo" title="Will Cathcart reveals how many people are secretly using his app in countries where it is banned.">Tens of millions secretly use WhatsApp despite bans</a><br>2024-04-30 - <a href="https://www.bbc.co.uk/news/technology-68930465" title="Changpeng Zhao, head of world's largest crypto platform, pleaded guilty to breaking US money laundering laws.">Binance crypto boss sentenced to 4 months in prison</a><br>2024-05-01 - <a href="https://www.bbc.com/news/articles/cxe8dzz4jdpo" title="Changes to China's State Secrets Law requires internet firms to monitor information shared by users.">Beijing tightens grip on China social media giants</a><br>2024-04-30 - <a href="https://www.bbc.com/news/articles/c97znd00q7mo" title="Julius Kivimäki threatened thousands of patients he would publish details of their therapy sessions.">Hacker jailed for blackmailing therapy patients</a><br>2024-04-30 - <a href="https://www.bbc.com/news/articles/c72p1dr0mk8o" title="The EU says Facebook and Instagram have not done enough to combat "malicious actors'" political ads.">Meta faces EU probe over Russian disinformation</a><br>2024-04-30 - <a href="https://www.bbc.co.uk/news/technology-68907647" title="Lidiane Jones says women have to turn the career barriers they still face to their advantage.">Bumble boss: What women in tech can learn from me</a><br>2024-04-30 - <a href="https://www.bbc.com/news/articles/c9rznkq3vqro" title="Car maker takes a hit from weakening demand and price war in the world's largest electric vehicle market.">Tesla China rival BYD sees profits and sales fall</a><br>2024-04-29 - <a href="https://www.bbc.com/news/articles/cgxwlqej0jjo" title="A reported deal with Chinese search giant Baidu will help pave the way for a rollout of Tesla's self-driving technology.">Tesla shares jump after reports of China deal</a><br>2024-04-29 - <a href="https://www.bbc.com/news/articles/crgy3g7g9y1o" title="The US regulator says it will evaluate Ford's driver assistance tech after two fatal collisions.">US probes Ford hands-free driving tech after crashes</a><br>2024-04-28 - <a href="https://www.bbc.co.uk/news/business-68917837" title="Speakers, fitness trackers and other internet-connected devices sold in the UK now have to meet new requirements.">New law aims to protect devices from hackers</a><br>2024-04-28 - <a href="https://www.bbc.co.uk/news/business-68914929" title="China is Tesla's second-biggest market but the company has not enabled autonomous driving in the country.">Musk in China to discuss enabling Full Self Driving</a><br>2024-04-28 - <a href="https://www.bbc.com/news/articles/c9wz7pvvjypo" title="An IT glitch leaves the cabin crew expecting to welcome a baby on board rather than a centenarian.">Airline keeps mistaking 101-year-old woman for baby</a><br>2024-04-30 - <a href="https://www.bbc.co.uk/sounds/play/w3ct5wm1" title="TikTok is a popular video sharing platform, but not so popular with some governments.">Tech Life: TikTok world</a><br>2024-05-01 - <a href="https://www.bbc.co.uk/news/business-68880241" title="Makers of insect-based animal feed hope to be able to compete with soybeans on price.">The insect farmers turning to AI to help lower costs</a><br>2024-04-29 - <a href="https://www.bbc.co.uk/news/newsbeat-68911356" title="The game's maker Activision Blizzard was bought by Microsoft last year in gaming's biggest ever acquisition">After 20 years, what next for World of Warcraft?</a><br><h2>SecurityBrief AU</h2>2024-05-02 - <a href="https://securitybrief.com.au/story/illumio-wiz-partner-to-boost-cloud-security-resilience" title="Illumio teams up with cloud security provider Wiz, employing their joint platforms to enhance cyber resilience while streamlining vulnerability management.">Illumio & Wiz partner to boost cloud security resilience</a><br>2024-05-02 - <a href="https://securitybrief.com.au/story/secure-code-warrior-launches-industry-first-scw-trust-score-for-developer-teams" title="Secure Code Warrior launches its SCW Trust Score, an industry-first tool measuring the security effectiveness of developer teams, vital for managing increased vulnerability risks in accelerated application development and AI.">Secure Code Warrior launches industry-first SCW Trust Score for developer teams</a><br>2024-05-02 - <a href="https://securitybrief.com.au/story/halcyon-introduces-ransomware-warranty-program-for-enhanced-protection" title="Ransomware defence platform Halcyon launches its unique Ransomware Warranty Program, further intensifying its fight against potentially damaging attacks, and ensuring businesses receive robust, cost-effective security resilience.">Halcyon introduces Ransomware Warranty Program for enhanced protection</a><br>2024-05-02 - <a href="https://securitybrief.com.au/story/senetas-lands-record-breaking-middle-eastern-encryption-hardware-order" title="Senetas Corporation lands its largest-ever order worth $2.5 and $3 million in revenue from a Middle East government agency, deploying over 100 high-speed Ethernet encryptors, enhancing its FY2024 profit.">Senetas lands record-breaking Middle Eastern encryption hardware order</a><br>2024-05-02 - <a href="https://securitybrief.com.au/story/what-is-vishing-tips-to-spot-and-avoid-voice-phishing-scams" title="As vishing scams persist, we explore its mechanisms, common tactics, and how to deter these voice phishing attacks, safeguarding your personal data and finances.">What is vishing? Tips to spot and avoid voice phishing scams</a><br>2024-05-02 - <a href="https://securitybrief.com.au/story/espionage-breaches-account-for-25-in-apac-report-reveals" title="A quarter of data breaches in APAC are espionage attacks, a significantly higher portion than Europe and North America.">Espionage breaches account for 25% in APAC, report reveals</a><br>2024-05-02 - <a href="https://securitybrief.com.au/story/australian-firms-see-customer-rates-hit-by-increasing-fraud" title="LexisNexis Risk Solutions' study reveals 80% of Australian firms recognise fraud significantly impacting customer conversion rates.">Australian firms see customer rates hit by increasing fraud</a><br>2024-05-02 - <a href="https://securitybrief.com.au/story/securitybridge-teams-up-with-taciti-for-advanced-sap-security-solutions" title="SecurityBridge partners with Taciti Consulting to enhance SAP security, merging real-time threat monitoring and vulnerability management.">SecurityBridge teams up with Taciti for advanced SAP security solutions</a><br>2024-05-02 - <a href="https://securitybrief.com.au/story/the-remote-desktop-tools-most-targeted-by-attackers-in-the-last-year" title="Virtual Network Computing (VNC) was the most targeted remote desktop tool in the past year, clouds over a new Barracuda data report.">The remote desktop tools most targeted by attackers in the last year</a><br>2024-05-02 - <a href="https://securitybrief.com.au/story/let-s-dive-in-amperity-s-cto-on-gen-ai-as-catalyst-for-digital-transformation" title="Amperity's CTO, Derek Slager, advocates for Gen AI as a game changer for digital transformation and urges companies to fully embrace this technology or risk lagging behind.">Let’s dive in! Amperity’s CTO on Gen AI as catalyst for digital transformation</a><br><h2>ITNews AU</h2>2024-05-02 - <a href="https://www.itnews.com.au/news/man-arrested-after-nsw-act-club-data-leak-607636?utm_source=feed&utm_medium=rss&utm_campaign=iTnews+Security+feed" title="Charges expected to be laid.">Man arrested after NSW, ACT club data leak</a><br>2024-05-02 - <a href="https://www.itnews.com.au/news/nab-tech-and-investment-spend-up-80-million-607629?utm_source=feed&utm_medium=rss&utm_campaign=iTnews+Security+feed" title="Reflects licencing and support costs, cloud and mainframe usage and resilience spend.">NAB tech and investment spend up $80 million</a><br>2024-05-02 - <a href="https://www.itnews.com.au/news/nsw-police-tries-to-get-website-that-leaked-club-data-shut-down-607633?utm_source=feed&utm_medium=rss&utm_campaign=iTnews+Security+feed" title="As many as 1 million people may be impacted.">NSW Police tries to get website that leaked club data shut down</a><br>2024-05-02 - <a href="https://www.itnews.com.au/news/federal-courts-to-review-endpoint-detection-and-response-607553?utm_source=feed&utm_medium=rss&utm_campaign=iTnews+Security+feed" title="Currently uses BlackBerry Cylance.">Federal Courts to review endpoint detection and response</a><br>2024-05-01 - <a href="https://www.itnews.com.au/news/qantas-app-displays-wrong-flyer-info-to-users-607575?utm_source=feed&utm_medium=rss&utm_campaign=iTnews+Security+feed" title="Airline says "issue" resolved after about three hours.">Qantas app displays wrong flyer info to users</a><br>2024-05-01 - <a href="https://www.itnews.com.au/news/thales-could-be-tempted-by-some-atos-defence-assets-607569?utm_source=feed&utm_medium=rss&utm_campaign=iTnews+Security+feed" title="Not interested in troubled French IT group's computing business.">Thales could be tempted by some Atos defence assets</a><br>2024-05-01 - <a href="https://www.itnews.com.au/news/amaysim-adopts-cnapp-to-shift-its-cloud-security-model-607141?utm_source=feed&utm_medium=rss&utm_campaign=iTnews+Security+feed" title="Prioritises security risks, looks to secure code development.">Amaysim adopts CNAPP to shift its cloud security model</a><br>2024-04-30 - <a href="https://www.itnews.com.au/news/unitedhealth-hackers-used-citrix-vulnerability-to-break-in-607552?utm_source=feed&utm_medium=rss&utm_campaign=iTnews+Security+feed" title="Before unleashing ransomware payload.">UnitedHealth hackers used Citrix vulnerability to break in</a><br>2024-04-29 - <a href="https://www.itnews.com.au/news/teamwork-pays-off-as-scam-losses-fall-to-274-billion-607512?utm_source=feed&utm_medium=rss&utm_campaign=iTnews+Security+feed" title="601,000 scam reports in 2023, according to ACCC.">Teamwork pays off as scam losses fall to $2.74 billion</a><br>2024-04-29 - <a href="https://www.itnews.com.au/state-of-security-2024/state-of-security-2024-xdr-607348?utm_source=feed&utm_medium=rss&utm_campaign=iTnews+Security+feed" title="Bringing clarity and simplification to security services.">State of Security 2024: XDR</a><br>2024-04-29 - <a href="https://www.itnews.com.au/state-of-security-2024/state-of-security-2024-email-and-collaboration-607351?utm_source=feed&utm_medium=rss&utm_campaign=iTnews+Security+feed" title="Oldest trick in the book.">State of Security 2024: Email and Collaboration</a><br>2024-04-29 - <a href="https://www.itnews.com.au/state-of-security-2024/state-of-security-2024-identity-access-management-607355?utm_source=feed&utm_medium=rss&utm_campaign=iTnews+Security+feed" title="No 'one-size-fits-all'.">State of Security 2024: Identity & Access Management</a><br>2024-04-29 - <a href="https://www.itnews.com.au/state-of-security-2024/state-of-security-2024-network-infrastructure-607356?utm_source=feed&utm_medium=rss&utm_campaign=iTnews+Security+feed" title="Network complexity worsens.">State of Security 2024: Network & Infrastructure</a><br>2024-04-29 - <a href="https://www.itnews.com.au/state-of-security-2024/state-of-security-2024-sase-607349?utm_source=feed&utm_medium=rss&utm_campaign=iTnews+Security+feed" title="Full benefits realised over the long term.">State of Security 2024: SASE</a><br>2024-04-29 - <a href="https://www.itnews.com.au/state-of-security-2024/state-of-security-2024-endpoint-security-607327?utm_source=feed&utm_medium=rss&utm_campaign=iTnews+Security+feed" title="Criminals quick to exploit weaknesses.">State of Security 2024: Endpoint Security</a><br>2024-04-29 - <a href="https://www.itnews.com.au/state-of-security-2024/state-of-security-2024-cloud-security-607325?utm_source=feed&utm_medium=rss&utm_campaign=iTnews+Security+feed" title="Additional risk through increased complexity.">State of Security 2024: Cloud Security</a><br>2024-04-29 - <a href="https://www.itnews.com.au/state-of-security-2024?utm_source=feed&utm_medium=rss&utm_campaign=iTnews+Security+feed" title="How security services providers can evolve their offerings and grow security revenue.">State of Security 2024</a><br>2024-04-29 - <a href="https://www.itnews.com.au/news/australiansuper-hunts-for-new-ciso-607485?utm_source=feed&utm_medium=rss&utm_campaign=iTnews+Security+feed" title="Mick Dunne departs.">AustralianSuper hunts for new CISO</a><br><h2>BleepingComputer</h2>2024-05-02 - <a href="https://www.bleepingcomputer.com/news/security/microsoft-warns-of-dirty-stream-attack-impacting-android-apps/" title="Microsoft has highlighted a novel attack dubbed "Dirty Stream," which could allow malicious Android apps to overwrite files in another application's home directory, potentially leading to arbitrary code execution and secrets theft. [...]">Microsoft warns of "Dirty Stream" attack impacting Android apps</a><br>2024-05-02 - <a href="https://www.bleepingcomputer.com/news/security/revil-hacker-behind-kaseya-ransomware-attack-gets-13-years-in-prison/" title="Yaroslav Vasinskyi, a Ukrainian national, was sentenced to 13 years and seven months in prison and ordered to pay $16 million in restitution for his involvement in the REvil ransomware operation. [...]">REvil hacker behind Kaseya ransomware attack gets 13 years in prison</a><br>2024-05-02 - <a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-wont-fix-windows-0x80070643-errors-manual-fix-required/" title="​Microsoft has confirmed that it won't provide an automated fix for a known issue causing 0x80070643 errors when installing recent Windows Recovery Environment (WinRE) updates. [...]">Microsoft won't fix Windows 0x80070643 errors, manual fix required</a><br>2024-05-02 - <a href="https://www.bleepingcomputer.com/news/legal/cybersecurity-consultant-arrested-after-allegedly-extorting-it-firm/" title="A former cybersecurity consultant was arrested for allegedly attempting to extort a publicly traded IT company by threatening to disclose confidential and proprietary data unless they paid him $1,500,000. [...]">Cybersecurity consultant arrested after allegedly extorting IT firm</a><br>2024-05-01 - <a href="https://www.bleepingcomputer.com/news/security/hpe-aruba-networking-fixes-four-critical-rce-flaws-in-arubaos/" title="HPE Aruba Networking has issued its April 2024 security advisory detailing critical remote code execution (RCE) vulnerabilities impacting multiple versions of ArubaOS, its proprietary network operating system. [...]">HPE Aruba Networking fixes four critical RCE flaws in ArubaOS</a><br>2024-05-01 - <a href="https://www.bleepingcomputer.com/news/security/dropbox-says-hackers-stole-customer-data-auth-secrets-from-esignature-service/" title="Cloud storage firm DropBox says hackers breached production systems for its DropBox Sign eSignature platform and gained access to authentication tokens, MFA keys, hashed passwords, and customer information. [...]">DropBox says hackers stole customer data, auth secrets from eSignature service</a><br>2024-05-01 - <a href="https://www.bleepingcomputer.com/news/security/us-govt-warns-of-pro-russian-hacktivists-targeting-water-facilities/" title="The US government is warning that pro-Russian hacktivists are seeking out and hacking into unsecured operational technology (OT) systems used to disrupt critical infrastructure operations. [...]">US govt warns of pro-Russian hacktivists targeting water facilities</a><br>2024-05-01 - <a href="https://www.bleepingcomputer.com/news/security/panda-restaurants-discloses-a-data-breach-after-corporate-systems-hack/" title="Panda Restaurant Group, the parent company of Panda Express, Panda Inn, and Hibachi-San, disclosed a data breach after attackers compromised its corporate systems in March and stole the personal information of an undisclosed number of individuals. [...]">Panda Restaurants discloses data breach after corporate systems hack</a><br>2024-05-01 - <a href="https://www.bleepingcomputer.com/news/security/french-hospital-chc-sv-refuses-to-pay-lockbit-extortion-demand/" title="The Hôpital de Cannes - Simone Veil (CHC-SV) in France announced it received a ransom demand from the Lockbit 3.0 ransomware gang, saying they refuse to pay the ransom. [...]">French hospital CHC-SV refuses to pay LockBit extortion demand</a><br>2024-05-01 - <a href="https://www.bleepingcomputer.com/news/security/cisa-says-gitlab-account-takeover-bug-is-actively-exploited-in-attacks/" title="​CISA warned today that attackers are actively exploiting a maximum-severity GitLab vulnerability that allows them to take over accounts via password resets. [...]">CISA says GitLab account takeover bug is actively exploited in attacks</a><br>2024-05-01 - <a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-april-windows-server-updates-cause-ntlm-auth-failures/" title="Microsoft has confirmed customer reports of NTLM authentication failures and high load after installing last month's Windows Server security updates. [...]">Microsoft: April Windows Server updates cause NTLM auth failures</a><br>2024-05-01 - <a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-says-april-windows-updates-break-vpn-connections/" title="Microsoft says the April 2024 Windows security updates break VPN connections on Windows 11, Windows 10, and Windows Server systems. [...]">Microsoft says April Windows updates break VPN connections</a><br>2024-05-01 - <a href="https://www.bleepingcomputer.com/news/security/qantas-app-exposed-sensitive-traveler-details-to-random-users/" title="Qantas Airways confirms that some of its customers were impacted by a misconfiguration in its app that exposed sensitive information and boarding passes to random users. [...]">Qantas app exposed sensitive traveler details to random users</a><br><h2>/r/NetSec</h2>2024-05-02 - <a href="https://www.reddit.com/r/netsec/comments/1ci87pd/its_morphin_time_selfmodifying_code_sections_with/" title="&#32; submitted by &#32; <a href="https://www.reddit.com/user/thewatcher_"> /u/thewatcher_ </a> <br /> <span><a href="https://revflash.medium.com/its-morphin-time-self-modifying-code-sections-with-writeprocessmemory-for-edr-evasion-9bf9e7b7dced">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/netsec/comments/1ci87pd/its_morphin_time_selfmodifying_code_sections_with/">[comments]</a></span>">It’s Morphin’ Time: Self-Modifying Code Sections with WriteProcessMemory for EDR Evasion</a><br>2024-04-30 - <a href="https://www.reddit.com/r/netsec/comments/1ch7g5v/a_basic_guide_to_afl_qemu/" title="<!-- SC_OFF --><div class="md"><p>This tutorial gives an example showing how to fuzz a function out of a compiled binary using AFL's QEMU mode.</p> </div><!-- SC_ON --> &#32; submitted by &#32; <a href="https://www.reddit.com/user/cy1337"> /u/cy1337 </a> <br /> <span><a href="https://medium.com/@cy1337/a-basic-guide-to-afl-qemu-495df504b5fb">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/netsec/comments/1ch7g5v/a_basic_guide_to_afl_qemu/">[comments]</a></span>">A Basic Guide to AFL QEMU</a><br>2024-04-30 - <a href="https://www.reddit.com/r/netsec/comments/1cgtztj/nearly_20_of_docker_hub_repositories_were_used_to/" title="&#32; submitted by &#32; <a href="https://www.reddit.com/user/SRMish3"> /u/SRMish3 </a> <br /> <span><a href="https://jfrog.com/blog/attacks-on-docker-with-millions-of-malicious-repositories-spread-malware-and-phishing-scams/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/netsec/comments/1cgtztj/nearly_20_of_docker_hub_repositories_were_used_to/">[comments]</a></span>">Nearly 20% of Docker Hub Repositories were used to spread malware & phishing scams</a><br>2024-04-30 - <a href="https://www.reddit.com/r/netsec/comments/1cgklic/how_an_empty_s3_bucket_can_make_your_aws_bill/" title="&#32; submitted by &#32; <a href="https://www.reddit.com/user/xiongchiamiov"> /u/xiongchiamiov </a> <br /> <span><a href="https://medium.com/@maciej.pocwierz/how-an-empty-s3-bucket-can-make-your-aws-bill-explode-934a383cb8b1">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/netsec/comments/1cgklic/how_an_empty_s3_bucket_can_make_your_aws_bill/">[comments]</a></span>">How an empty S3 bucket can make your AWS bill explode</a><br>2024-04-30 - <a href="https://www.reddit.com/r/netsec/comments/1cgop5t/your_nvme_had_been_syzed_fuzzing_nvmeoftcp_with/" title="&#32; submitted by &#32; <a href="https://www.reddit.com/user/alon_za"> /u/alon_za </a> <br /> <span><a href="https://www.cyberark.com/resources/threat-research-blog/your-nvme-had-been-syzed-fuzzing-nvme-of-tcp-driver-for-linux-with-syzkaller">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/netsec/comments/1cgop5t/your_nvme_had_been_syzed_fuzzing_nvmeoftcp_with/">[comments]</a></span>">Your NVMe Had Been Syz’ed: Fuzzing NVMe-oF/TCP with Syzkaller</a><br>2024-04-30 - <a href="https://www.reddit.com/r/netsec/comments/1cgw55v/exploit_education_andrew_griffiths_exploit/" title="&#32; submitted by &#32; <a href="https://www.reddit.com/user/louis11"> /u/louis11 </a> <br /> <span><a href="https://exploit.education/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/netsec/comments/1cgw55v/exploit_education_andrew_griffiths_exploit/">[comments]</a></span>">Exploit Education :: Andrew Griffiths' Exploit Education</a><br>2024-04-30 - <a href="https://www.reddit.com/r/netsec/comments/1cgnlyk/how_not_to_protect_your_android_applications/" title="&#32; submitted by &#32; <a href="https://www.reddit.com/user/Lightricks_Tech"> /u/Lightricks_Tech </a> <br /> <span><a href="https://medium.com/lightricks-tech-blog/how-not-to-protect-your-android-applications-bfe9bcaf9177">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/netsec/comments/1cgnlyk/how_not_to_protect_your_android_applications/">[comments]</a></span>">How Not To Protect Your Android Applications</a><br>2024-04-29 - <a href="https://www.reddit.com/r/netsec/comments/1cfxgq6/from_icedid_to_dagon_locker_ransomware_in_29_days/" title="&#32; submitted by &#32; <a href="https://www.reddit.com/user/TheDFIRReport"> /u/TheDFIRReport </a> <br /> <span><a href="https://thedfirreport.com/2024/04/29/from-icedid-to-dagon-locker-ransomware-in-29-days/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/netsec/comments/1cfxgq6/from_icedid_to_dagon_locker_ransomware_in_29_days/">[comments]</a></span>">From IcedID to Dagon Locker Ransomware in 29 Days</a><br>2024-04-29 - <a href="https://www.reddit.com/r/netsec/comments/1cfrodg/lsass_rings_ksecdd_ext_0_overview_of_the_recent/" title="&#32; submitted by &#32; <a href="https://www.reddit.com/user/clod81"> /u/clod81 </a> <br /> <span><a href="https://tierzerosecurity.co.nz/2024/04/29/kexecdd.html">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/netsec/comments/1cfrodg/lsass_rings_ksecdd_ext_0_overview_of_the_recent/">[comments]</a></span>">LSASS rings KsecDD ext. 0 - Overview of the recent KexecDD exploit</a><br>2024-04-29 - <a href="https://www.reddit.com/r/netsec/comments/1cfsjwg/judge0_sandbox_escape_cve202429021_cve202428185/" title="&#32; submitted by &#32; <a href="https://www.reddit.com/user/_pimps"> /u/_pimps </a> <br /> <span><a href="https://tantosec.com/blog/judge0/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/netsec/comments/1cfsjwg/judge0_sandbox_escape_cve202429021_cve202428185/">[comments]</a></span>">Judge0 Sandbox Escape - CVE-2024-29021, CVE-2024-28185 and CVE-2024-28189</a><br>2024-04-28 - <a href="https://www.reddit.com/r/netsec/comments/1cf64zy/justintime_admin_and_production_access_using/" title="&#32; submitted by &#32; <a href="https://www.reddit.com/user/nindustries"> /u/nindustries </a> <br /> <span><a href="https://ironpeak.be/blog/the-way-of-the-cookie/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/netsec/comments/1cf64zy/justintime_admin_and_production_access_using/">[comments]</a></span>">Just-in-Time admin and production access using Azure PIM</a><br><h2>/r/InfoSecNews</h2>2024-05-02 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1ciaq4f/dunequixote_shows_stealth_cyberattack_methods_are/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1ciaq4f/dunequixote_shows_stealth_cyberattack_methods_are/"> <img alt="'DuneQuixote' Shows Stealth Cyberattack Methods Are Evolving. Can Defenders Keep Up?" src="https://external-preview.redd.it/MP_ojB0ZVDPHVmd-87Vvt9SbVt6FSyc4lEWgOlK2Y9k.jpg?width=640&amp;crop=smart&amp;auto=webp&amp;s=f1ae53f2fa906a2a9d73b17b9f68fbc68aa1b3ce" title="'DuneQuixote' Shows Stealth Cyberattack Methods Are Evolving. Can Defenders Keep Up?" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://www.darkreading.com/threat-intelligence/dunequixote-shows-stealth-cyberattack-methods-are-evolving">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1ciaq4f/dunequixote_shows_stealth_cyberattack_methods_are/">[comments]</a></span> </td></tr></table>">'DuneQuixote' Shows Stealth Cyberattack Methods Are Evolving. Can Defenders Keep Up?</a><br>2024-05-02 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1ci2enb/dropbox_says_hackers_stole_customer_data_auth/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1ci2enb/dropbox_says_hackers_stole_customer_data_auth/"> <img alt="DropBox says hackers stole customer data, auth secrets from eSignature service" src="https://external-preview.redd.it/1E9TqfWBVwAdRNPqGEYCWejeEfVrYtJDuK4QTdMlbYY.jpg?width=640&amp;crop=smart&amp;auto=webp&amp;s=9d8ffe843a918177dc0fa63fddc0e5b997fa7a06" title="DropBox says hackers stole customer data, auth secrets from eSignature service" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://www.bleepingcomputer.com/news/security/dropbox-says-hackers-stole-customer-data-auth-secrets-from-esignature-service/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1ci2enb/dropbox_says_hackers_stole_customer_data_auth/">[comments]</a></span> </td></tr></table>">DropBox says hackers stole customer data, auth secrets from eSignature service</a><br>2024-05-01 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1chzq43/us_govt_warns_of_prorussian_hacktivists_targeting/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1chzq43/us_govt_warns_of_prorussian_hacktivists_targeting/"> <img alt="US govt warns of pro-Russian hacktivists targeting water facilities" src="https://external-preview.redd.it/YEdPEVz12pM1UMrVCB1VXElYare5RBoNRXOVq8-rYx4.jpg?width=640&amp;crop=smart&amp;auto=webp&amp;s=ad05d10dc8cf08c74acafe555101c3f2f4b6ae14" title="US govt warns of pro-Russian hacktivists targeting water facilities" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://www.bleepingcomputer.com/news/security/us-govt-warns-of-pro-russian-hacktivists-targeting-water-facilities/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1chzq43/us_govt_warns_of_prorussian_hacktivists_targeting/">[comments]</a></span> </td></tr></table>">US govt warns of pro-Russian hacktivists targeting water facilities</a><br>2024-05-02 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1ci2enq/hpe_aruba_networking_fixes_four_critical_rce/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1ci2enq/hpe_aruba_networking_fixes_four_critical_rce/"> <img alt="HPE Aruba Networking fixes four critical RCE flaws in ArubaOS" src="https://external-preview.redd.it/nnAkxo-5Q1oDaB8RuP5d3wHHwThaFmOrL11Y6DSxRlQ.jpg?width=640&amp;crop=smart&amp;auto=webp&amp;s=d2273c0bd2051049ef95ce724b81d0f6f9f0ba1d" title="HPE Aruba Networking fixes four critical RCE flaws in ArubaOS" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://www.bleepingcomputer.com/news/security/hpe-aruba-networking-fixes-four-critical-rce-flaws-in-arubaos/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1ci2enq/hpe_aruba_networking_fixes_four_critical_rce/">[comments]</a></span> </td></tr></table>">HPE Aruba Networking fixes four critical RCE flaws in ArubaOS</a><br>2024-05-01 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1chtta3/cuttlefish_zeroclick_malware_steals_private_cloud/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1chtta3/cuttlefish_zeroclick_malware_steals_private_cloud/"> <img alt="'Cuttlefish' Zero-Click Malware Steals Private Cloud Data" src="https://external-preview.redd.it/1nr85QNJ02QKUk5833brZKmSLpaPF5fQkBAbpuBdfOg.jpg?width=640&amp;crop=smart&amp;auto=webp&amp;s=32c0425768b2e3daae8b43e6b7e12600160cfb24" title="'Cuttlefish' Zero-Click Malware Steals Private Cloud Data" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://www.darkreading.com/cloud-security/cuttlefish-zero-click-malware-steals-private-cloud-data">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1chtta3/cuttlefish_zeroclick_malware_steals_private_cloud/">[comments]</a></span> </td></tr></table>">'Cuttlefish' Zero-Click Malware Steals Private Cloud Data</a><br>2024-05-01 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1chttcp/zloader_malware_evolves_with_antianalysis_trick/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1chttcp/zloader_malware_evolves_with_antianalysis_trick/"> <img alt="ZLoader Malware Evolves with Anti-Analysis Trick from Zeus Banking Trojan" src="https://external-preview.redd.it/7NPOdmylnWwFY17GMsRqRPH-TINhfo6dN6tQFf6K1LY.jpg?width=640&amp;crop=smart&amp;auto=webp&amp;s=5d77f6e144ecb239cf437e76e32c39070fe88fb7" title="ZLoader Malware Evolves with Anti-Analysis Trick from Zeus Banking Trojan" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://thehackernews.com/2024/05/zloader-malware-evolves-with-anti.html">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1chttcp/zloader_malware_evolves_with_antianalysis_trick/">[comments]</a></span> </td></tr></table>">ZLoader Malware Evolves with Anti-Analysis Trick from Zeus Banking Trojan</a><br>2024-05-01 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1chttcc/lawsuits_and_company_devaluations_await_for/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1chttcc/lawsuits_and_company_devaluations_await_for/"> <img alt="Lawsuits and Company Devaluations Await For Breached Firms" src="https://external-preview.redd.it/iiC34-o5iIjtDCNoVT_sC68PWljni-4vfPoK59pVeZI.jpg?width=216&amp;crop=smart&amp;auto=webp&amp;s=aceba426ae992c1d4b5cfcc1eeca350b9a15592e" title="Lawsuits and Company Devaluations Await For Breached Firms" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://www.infosecurity-magazine.com/news/lawsuits-company-devaluations/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1chttcc/lawsuits_and_company_devaluations_await_for/">[comments]</a></span> </td></tr></table>">Lawsuits and Company Devaluations Await For Breached Firms</a><br>2024-05-01 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1chttbt/qantas_app_exposed_sensitive_traveler_details_to/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1chttbt/qantas_app_exposed_sensitive_traveler_details_to/"> <img alt="Qantas app exposed sensitive traveler details to random users" src="https://external-preview.redd.it/O0lS8sdXiOzZZ9LBP940ISPHpRYOj8jcU-4DBDuYFBY.jpg?width=640&amp;crop=smart&amp;auto=webp&amp;s=758e3722af81dcddc1ef3e6462cf4654f83158a9" title="Qantas app exposed sensitive traveler details to random users" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://www.bleepingcomputer.com/news/security/qantas-app-exposed-sensitive-traveler-details-to-random-users/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1chttbt/qantas_app_exposed_sensitive_traveler_details_to/">[comments]</a></span> </td></tr></table>">Qantas app exposed sensitive traveler details to random users</a><br>2024-05-01 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1chttar/panda_restaurants_discloses_data_breach_after/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1chttar/panda_restaurants_discloses_data_breach_after/"> <img alt="Panda Restaurants discloses data breach after corporate systems hack" src="https://external-preview.redd.it/51mCRS-da43nbTqCs9uhnWC3662wyzmMOz14YSh9G5c.jpg?width=640&amp;crop=smart&amp;auto=webp&amp;s=ca3ca78a2fecf96c84d53cafbff884a14d6ce0ae" title="Panda Restaurants discloses data breach after corporate systems hack" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://www.bleepingcomputer.com/news/security/panda-restaurants-discloses-a-data-breach-after-corporate-systems-hack/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1chttar/panda_restaurants_discloses_data_breach_after/">[comments]</a></span> </td></tr></table>">Panda Restaurants discloses data breach after corporate systems hack</a><br>2024-05-01 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1chtt9q/french_hospital_chcsv_refuses_to_pay_lockbit/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1chtt9q/french_hospital_chcsv_refuses_to_pay_lockbit/"> <img alt="French hospital CHC-SV refuses to pay LockBit extortion demand" src="https://external-preview.redd.it/kSBWNasWSHR86doJgF0jhQiWCKMkXiZ0trnHYzr-P70.jpg?width=640&amp;crop=smart&amp;auto=webp&amp;s=3d8cee942c974a97b0fb65fe4e74b69fa84240fd" title="French hospital CHC-SV refuses to pay LockBit extortion demand" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://www.bleepingcomputer.com/news/security/french-hospital-chc-sv-refuses-to-pay-lockbit-extortion-demand/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1chtt9q/french_hospital_chcsv_refuses_to_pay_lockbit/">[comments]</a></span> </td></tr></table>">French hospital CHC-SV refuses to pay LockBit extortion demand</a><br>2024-05-01 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1chrptm/new_muddling_meerkat_group_suspected_of_espionage/" title="&#32; submitted by &#32; <a href="https://www.reddit.com/user/jamessonnycrockett"> /u/jamessonnycrockett </a> <br /> <span><a href="https://www.hackread.com/muddling-meerkat-espionage-great-firewall-china/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1chrptm/new_muddling_meerkat_group_suspected_of_espionage/">[comments]</a></span>">New Muddling Meerkat Group Suspected of Espionage via Great Firewall of China</a><br>2024-04-30 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1ch7ksu/notorious_finnish_hacker_sentenced_to_more_than/" title="&#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://securityaffairs.com/162571/cyber-crime/finnish-hacker-sentenced-6-years-prison.html">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1ch7ksu/notorious_finnish_hacker_sentenced_to_more_than/">[comments]</a></span>">Notorious Finnish Hacker sentenced to more than six years in prison</a><br>2024-04-30 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1ch4ssx/r_language_flaw_allows_code_execution_via_rdsrdx/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1ch4ssx/r_language_flaw_allows_code_execution_via_rdsrdx/"> <img alt="R language flaw allows code execution via RDS/RDX files" src="https://external-preview.redd.it/CJkbeK_wfK4vDJaue1AabgpZ3f4fxnz80tZQgOCHORg.jpg?width=640&amp;crop=smart&amp;auto=webp&amp;s=33ca8a9347b0be05f13ed020e992ad34f102117c" title="R language flaw allows code execution via RDS/RDX files" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://www.bleepingcomputer.com/news/security/r-language-flaw-allows-code-execution-via-rds-rdx-files/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1ch4ssx/r_language_flaw_allows_code_execution_via_rdsrdx/">[comments]</a></span> </td></tr></table>">R language flaw allows code execution via RDS/RDX files</a><br>2024-04-30 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1ch7ksf/attackers_planted_millions_of_imageless/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1ch7ksf/attackers_planted_millions_of_imageless/"> <img alt="Attackers Planted Millions of Imageless Repositories on Docker Hub" src="https://external-preview.redd.it/vVao25VxxIOnGe1ZLyNzo73A7uG0NqnCFxbaYBxxDZA.jpg?width=640&amp;crop=smart&amp;auto=webp&amp;s=7db12102db6dea0cc69b6a2b2de8f24f46481c2d" title="Attackers Planted Millions of Imageless Repositories on Docker Hub" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://www.darkreading.com/cyber-risk/attackers-planted-millions-of-imageless-repositories-on-docker-hub">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1ch7ksf/attackers_planted_millions_of_imageless/">[comments]</a></span> </td></tr></table>">Attackers Planted Millions of Imageless Repositories on Docker Hub</a><br>2024-04-30 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1ch7kt4/new_latrodectus_malware_attacks_use_microsoft/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1ch7kt4/new_latrodectus_malware_attacks_use_microsoft/"> <img alt="New Latrodectus malware attacks use Microsoft, Cloudflare themes" src="https://external-preview.redd.it/tlz6meYnO2oIU-8tXbs1GFJmmLxATyJltrAqKz9SAks.jpg?width=640&amp;crop=smart&amp;auto=webp&amp;s=a1b8123ce5b567505c39f973ceb9ddd821ad8fef" title="New Latrodectus malware attacks use Microsoft, Cloudflare themes" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://www.bleepingcomputer.com/news/security/new-latrodectus-malware-attacks-use-microsoft-cloudflare-themes/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1ch7kt4/new_latrodectus_malware_attacks_use_microsoft/">[comments]</a></span> </td></tr></table>">New Latrodectus malware attacks use Microsoft, Cloudflare themes</a><br>2024-04-30 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1ch4ssh/google_now_pays_up_to_450000_for_rce_bugs_in_some/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1ch4ssh/google_now_pays_up_to_450000_for_rce_bugs_in_some/"> <img alt="Google now pays up to $450,000 for RCE bugs in some Android apps" src="https://external-preview.redd.it/kYoNB7smSkmBbpS7upyxNJuNDcELfw8po-it5rGytvg.jpg?width=640&amp;crop=smart&amp;auto=webp&amp;s=26d7a7edce79575a06dc765cb18a32cac09672ea" title="Google now pays up to $450,000 for RCE bugs in some Android apps" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://www.bleepingcomputer.com/news/security/google-now-pays-up-to-450-000-for-rce-bugs-in-some-android-apps/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1ch4ssh/google_now_pays_up_to_450000_for_rce_bugs_in_some/">[comments]</a></span> </td></tr></table>">Google now pays up to $450,000 for RCE bugs in some Android apps</a><br>2024-04-30 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1cgyxf4/change_healthcare_hacked_using_stolen_citrix/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1cgyxf4/change_healthcare_hacked_using_stolen_citrix/"> <img alt="Change Healthcare hacked using stolen Citrix account with no MFA" src="https://external-preview.redd.it/F1xhEodCiuujv2JzvwZ7KoHB76UQFlkOwo-qzS_1LcI.jpg?width=640&amp;crop=smart&amp;auto=webp&amp;s=5f8e4993787b6eb44a3a50df3e701d0981fed50d" title="Change Healthcare hacked using stolen Citrix account with no MFA" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://www.bleepingcomputer.com/news/security/change-healthcare-hacked-using-stolen-citrix-account-with-no-mfa/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1cgyxf4/change_healthcare_hacked_using_stolen_citrix/">[comments]</a></span> </td></tr></table>">Change Healthcare hacked using stolen Citrix account with no MFA</a><br>2024-04-30 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1cgumxe/man_who_massextorted_psychotherapy_patients_gets/" title="&#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://krebsonsecurity.com/2024/04/man-who-mass-extorted-psychotherapy-patients-gets-six-years/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1cgumxe/man_who_massextorted_psychotherapy_patients_gets/">[comments]</a></span>">Man Who Mass-Extorted Psychotherapy Patients Gets Six Years</a><br>2024-04-30 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1cgyxff/new_wpeeper_android_malware_hides_behind_hacked/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1cgyxff/new_wpeeper_android_malware_hides_behind_hacked/"> <img alt="New Wpeeper Android malware hides behind hacked WordPress sites" src="https://external-preview.redd.it/9a8Sc4MdrkVDJ4rSbBLSxTMroUjHLW9tIEAwO1qNjYw.jpg?width=640&amp;crop=smart&amp;auto=webp&amp;s=65b9d15122e8e3d01ab23971dbb6b83ca01ae76f" title="New Wpeeper Android malware hides behind hacked WordPress sites" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://www.bleepingcomputer.com/news/security/new-wpeeper-android-malware-hides-behind-hacked-wordpress-sites/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1cgyxff/new_wpeeper_android_malware_hides_behind_hacked/">[comments]</a></span> </td></tr></table>">New Wpeeper Android malware hides behind hacked WordPress sites</a><br>2024-04-30 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1cgovea/ncsc_new_uk_law_bans_default_passwords_on_smart/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1cgovea/ncsc_new_uk_law_bans_default_passwords_on_smart/"> <img alt="NCSC: New UK law bans default passwords on smart devices" src="https://external-preview.redd.it/VfXnNE78oG_iXUs1zgXsQaczI7idsUevs1-kSOkVX4s.jpg?width=640&amp;crop=smart&amp;auto=webp&amp;s=368a40270afc4339f2c5b238658d7d19c54b4549" title="NCSC: New UK law bans default passwords on smart devices" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://securityaffairs.com/162557/laws-and-regulations/ncsc-uk-law-smart-devices.html">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1cgovea/ncsc_new_uk_law_bans_default_passwords_on_smart/">[comments]</a></span> </td></tr></table>">NCSC: New UK law bans default passwords on smart devices</a><br>2024-04-30 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1cgovdn/kapeka_backdoor_russian_threat_actor_groups/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1cgovdn/kapeka_backdoor_russian_threat_actor_groups/"> <img alt="KapeKa Backdoor: Russian Threat Actor Group’s Recent Attacks" src="https://external-preview.redd.it/bT42XlNWt17SDQmF2YThKPx1f1jE6ybE1R8es51W0fU.jpg?width=640&amp;crop=smart&amp;auto=webp&amp;s=f6bdeaf9218d1ad56b66fa3e9ffc3be7929ca111" title="KapeKa Backdoor: Russian Threat Actor Group’s Recent Attacks" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://securityboulevard.com/2024/04/kapeka-backdoor-russian-threat-actor-groups-recent-attacks/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1cgovdn/kapeka_backdoor_russian_threat_actor_groups/">[comments]</a></span> </td></tr></table>">KapeKa Backdoor: Russian Threat Actor Group’s Recent Attacks</a><br>2024-04-30 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1cgfmwg/r_programming_bug_exposes_orgs_to_vast_supply/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1cgfmwg/r_programming_bug_exposes_orgs_to_vast_supply/"> <img alt="R Programming Bug Exposes Orgs to Vast Supply Chain Risk" src="https://external-preview.redd.it/-DbyVhjUeexNfAruUiXbcsVKvyetSFMpHfbB_ScqIJ4.jpg?width=640&amp;crop=smart&amp;auto=webp&amp;s=2dab641c2a58a24b0f8bb0fffa5130c1623f201f" title="R Programming Bug Exposes Orgs to Vast Supply Chain Risk" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://www.darkreading.com/application-security/r-programming-language-exposes-orgs-to-supply-chain-risk">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1cgfmwg/r_programming_bug_exposes_orgs_to_vast_supply/">[comments]</a></span> </td></tr></table>">R Programming Bug Exposes Orgs to Vast Supply Chain Risk</a><br>2024-04-30 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1cgfmws/muddling_meerkat_hackers_manipulate_dns_using/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1cgfmws/muddling_meerkat_hackers_manipulate_dns_using/"> <img alt="Muddling Meerkat hackers manipulate DNS using China’s Great Firewall" src="https://external-preview.redd.it/3CY4ZO7pWTwhP8q2N0hLaDzymg8WRxgIMYyeLcAtF7k.jpg?width=640&amp;crop=smart&amp;auto=webp&amp;s=a9257087a5d3c84a1a5ca68f4f6290b1d6c9b863" title="Muddling Meerkat hackers manipulate DNS using China’s Great Firewall" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://www.bleepingcomputer.com/news/security/muddling-meerkat-hackers-manipulate-dns-using-chinas-great-firewall/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1cgfmws/muddling_meerkat_hackers_manipulate_dns_using/">[comments]</a></span> </td></tr></table>">Muddling Meerkat hackers manipulate DNS using China’s Great Firewall</a><br>2024-04-29 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1cfy83n/cyberpartisans_hacktivists_claim_to_have_breached/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1cfy83n/cyberpartisans_hacktivists_claim_to_have_breached/"> <img alt="Cyber-Partisans hacktivists claim to have breached Belarus KGB" src="https://external-preview.redd.it/_s0M47fruqpwIuYTstSVyTlqZ4EN2sYwK4yODJIzsAs.jpg?width=640&amp;crop=smart&amp;auto=webp&amp;s=fe4a11b30d135c1852e3e1a4868ee9ffc7e27c77" title="Cyber-Partisans hacktivists claim to have breached Belarus KGB" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://securityaffairs.com/162504/hacktivism/cyber-partisans-breached-belarus-kgb.html">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1cfy83n/cyberpartisans_hacktivists_claim_to_have_breached/">[comments]</a></span> </td></tr></table>">Cyber-Partisans hacktivists claim to have breached Belarus KGB</a><br>2024-04-29 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1cg5d7k/london_drugs_pharmacy_chain_closes_stores_after/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1cg5d7k/london_drugs_pharmacy_chain_closes_stores_after/"> <img alt="London Drugs pharmacy chain closes stores after cyberattack" src="https://external-preview.redd.it/3XOdsLz2QtjE-522YbmLjYS8yOlKX_IYV_xWBOcZFLY.jpg?width=640&amp;crop=smart&amp;auto=webp&amp;s=7185e32fa3d9b6edc079b6ddb02cacb0a00d3c2b" title="London Drugs pharmacy chain closes stores after cyberattack" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://www.bleepingcomputer.com/news/security/london-drugs-pharmacy-chain-closes-stores-after-cyberattack/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1cg5d7k/london_drugs_pharmacy_chain_closes_stores_after/">[comments]</a></span> </td></tr></table>">London Drugs pharmacy chain closes stores after cyberattack</a><br><h2>
</h2>