information security

OpenJS Foundation Targeted in Potential JavaScript Project Takeover Attempt

Apr 16, 2024 by iHash Leave a Comment

Apr 16, 2024NewsroomSupply Chain / Software Security Security researchers have uncovered a "credible" takeover attempt targeting the OpenJS Foundation in a manner that evokes similarities to the recently uncovered incident aimed at the open-source XZ Utils project. "The OpenJS Foundation Cross Project Council received a suspicious series of emails with similar messages, … [Read more...] about OpenJS Foundation Targeted in Potential JavaScript Project Takeover Attempt

Launching Innovation Rockets, But Beware of the Darkness Ahead

Apr 15, 2024 by iHash Leave a Comment

Imagine a world where the software that powers your favorite apps, secures your online transactions, and keeps your digital life could be outsmarted and taken over by a cleverly disguised piece of code. This isn't a plot from the latest cyber-thriller; it's actually been a reality for years now. How this will change – in a positive or negative direction – as artificial … [Read more...] about Launching Innovation Rockets, But Beware of the Darkness Ahead

Ex-Security Engineer Jailed 3 Years for $12.3 Million Crypto Exchange Thefts

Apr 13, 2024 by iHash Leave a Comment

Apr 13, 2024NewsroomCryptocurrency / Regulatory Compliance A former security engineer has been sentenced to three years in prison in the U.S. for charges relating to hacking two decentralized cryptocurrency exchanges in July 2022 and stealing over $12.3 million. Shakeeb Ahmed, the defendant in question, pled guilty to one count of computer fraud in December 2023 following his … [Read more...] about Ex-Security Engineer Jailed 3 Years for $12.3 Million Crypto Exchange Thefts

U.S. Treasury Hamas Spokesperson for Cyber Influence Operations

Apr 13, 2024 by iHash Leave a Comment

Apr 13, 2024NewsroomCyber influence / Warfare The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) on Friday announced sanctions against an official associated with Hamas for his involvement in cyber influence operations. Hudhayfa Samir 'Abdallah al-Kahlut, 39, also known as Abu Ubaida, has served as the public spokesperson of Izz al-Din al-Qassam Brigades, … [Read more...] about U.S. Treasury Hamas Spokesperson for Cyber Influence Operations

Popular Rust Crate liblzma-sys Compromised with XZ Utils Backdoor Files

Apr 12, 2024 by iHash Leave a Comment

"Test files" associated with the XZ Utils backdoor have made their way to a Rust crate known as liblzma-sys, new findings from Phylum reveal. liblzma-sys, which has been downloaded over 21,000 times to date, provides Rust developers with bindings to the liblzma implementation, an underlying library that is part of the XZ Utils data compression software. The impacted version in … [Read more...] about Popular Rust Crate liblzma-sys Compromised with XZ Utils Backdoor Files

TA547 Phishing Attack Hits German Firms with Rhadamanthys Stealer

Apr 11, 2024 by iHash Leave a Comment

Apr 11, 2024NewsroomEndpoint Security / Ransomware A threat actor tracked as TA547 has targeted dozens of German organizations with an information stealer called Rhadamanthys as part of an invoice-themed phishing campaign. "This is the first time researchers observed TA547 use Rhadamanthys, an information stealer that is used by multiple cybercriminal threat actors," … [Read more...] about TA547 Phishing Attack Hits German Firms with Rhadamanthys Stealer

‘eXotic Visit’ Spyware Campaign Targets Android Users in India and Pakistan

Apr 10, 2024 by iHash Leave a Comment

Apr 10, 2024NewsroomMobile Security / Spyware An active Android malware campaign dubbed eXotic Visit has been primarily targeting users in South Asia, particularly those in India and Pakistan, with malware distributed via dedicated websites and Google Play Store. Slovak cybersecurity firm said the activity, ongoing since November 2021, is not linked to any known threat actor … [Read more...] about ‘eXotic Visit’ Spyware Campaign Targets Android Users in India and Pakistan

10-Year-Old ‘RUBYCARP’ Romanian Hacker Group Surfaces with Botnet

Apr 9, 2024 by iHash Leave a Comment

Apr 09, 2024NewsroomBotnet / Crypto Mining A threat group of suspected Romanian origin called RUBYCARP has been observed maintaining a long-running botnet for carrying out crypto mining, distributed denial-of-service (DDoS), and phishing attacks. The group, believed to be active for at least 10 years, employs the botnet for financial gain, Sysdig said in a report shared with … [Read more...] about 10-Year-Old ‘RUBYCARP’ Romanian Hacker Group Surfaces with Botnet

Google Chrome Adds V8 Sandbox

Apr 8, 2024 by iHash Leave a Comment

Apr 08, 2024NewsroomSoftware Security / Cybersecurity Google has announced support for what's called a V8 Sandbox in the Chrome web browser in an effort to address memory corruption issues. The sandbox, according to V8 Security technical lead Samuel Groß, aims to prevent "memory corruption in V8 from spreading within the host process." The search behemoth has described V8 … [Read more...] about Google Chrome Adds V8 Sandbox

Hackers Exploit Magento Bug to Steal Payment Data from E-commerce Websites

Apr 6, 2024 by iHash Leave a Comment

Apr 06, 2024NewsroomSkimmer / Threat Intelligence Threat actors have been found exploiting a critical flaw in Magento to inject a persistent backdoor into e-commerce websites. The attack leverages CVE-2024-20720 (CVSS score: 9.1), which has been described by Adobe as a case of "improper neutralization of special elements" that could pave the way for arbitrary code … [Read more...] about Hackers Exploit Magento Bug to Steal Payment Data from E-commerce Websites

« Previous Page

JBL Flip 6 Portable Bluetooth Speaker (Open Box) for $74

Navee V25 300W Foldable e-Scooter for $299

Smart Tracker Includes Key Ring – Works with Apple Find My App (2-Pack) for $34

Harmony Premium Plan Lifetime Subscription for $99

Lenovo 11.6" 100e Chromebook 2nd Gen (2019) MediaTek MT8173C 4GB RAM 16GB eMMC (Refurbished) for $54