News

Hudson Rock has found evidence that infostealers have compromised hundreds of US military and defense contractor credentials

It’s a fully supported upgrade from v21, v20, v19.5 and v19.0.

This isn’t new, but it’s increasingly popular:

The technique is known as device code phishing. It exploits “device code flow,” a form of authentication formalized in the industry-wide OAuth standard. Authentication through device code flow is designed for logging printers, smart TVs, and similar devices into accounts. These devices typically don’t support browsers, making it difficult to sign in using more standard forms of authentication, such as entering user names, passwords, and two-factor mechanisms.

Rather than authenticating the user directly, the input-constrained device displays an alphabetic or alphanumeric device code along with a link associated with the user account. The user opens the link on a computer or other device that’s easier to sign in with and enters the code. The remote server then sends a token to the input-constrained device that logs it into the account.

Device authorization relies on two paths: one from an app or code running on the input-constrained device seeking permission to log in and the other from the browser of the device the user normally uses for signing in.

Significant OpenSSH flaws are exposing systems to man-in-the-middle and denial-of service attacks

Trend Micro found that Chinese espionage group Mustang Panda is deploying malware via legitimate Microsoft tools, enabling it to bypass ESET antivirus applications

A new Snake Keylogger variant, responsible for over 280 million blocked infection attempts worldwide, has been identified targeting Windows users

The BlackLock or Eldorado ransomware gang could be the year’s fastest-growing ransomware-as-a-service group

Proofpoint also identified two new threat actors operating components of web inject campaigns, TA2726 and TA2727

A threat actor claims to have hacked and published data on 12 million Zacks Investment Research accounts

KI ist aus der Cybersecurity nicht mehr wegzudenken. Auf Konferenzen, Veranstaltungen oder Messen zur Cybersecurity dreht sich alles um KI-Funktionen. Anbieter von Cybersecurity-Lösungen aus dem gesamten Spektrum werben mit KI in ihren Produkten und Services. Die Cybersecurity-Branche sendet also die klare Botschaft aus, dass KI einen integralen Bestandteil einer effektiven Cyberabwehr darstellt. Vor diesem Hintergrund […]