lemmydev2

A sophisticated threat actor designated as ViciousTrap has successfully compromised over 5,500 edge devices across more than 50 brands, transforming them into a massive distributed honeypot network capable of intercepting and monitoring exploitation attempts worldwide. This unprecedented campaign represents a significant evolution in cyberthreat tactics, where attackers leverage compromised infrastructure not merely for traditional malicious […] The post ViciousTrap Hacker Compromised 5,500+ Edge Devices From 50+ Brands & Turned Them Into Honeypots appeared first on Cyber Security News.

The U.S. government today unsealed criminal charges against 16 individuals accused of operating and selling DanaBot, a prolific strain of information-stealing malware that has been sold on Russian cybercrime forums since 2018. The FBI says a newer version of DanaBot was used for espionage, and that many of the defendants exposed their real-life identities after accidentally infecting their own systems with the malware.

If it ain't broke? A suspected Chinese government spy group is behind the rash of attacks that exploit two Ivanti bugs that can be chained together to achieve unauthenticated remote code execution (RCE), according to analysts at threat intelligence outfit EclecticIQ.…

69% of global respondents to a Jumio survey say AI-powered fraud now poses a greater threat to personal security than traditional forms of identity theft. This number rises to 74% in Singapore, with 71% also indicating that AI-generated scams are harder to detect than traditional scams. Rising AI concerns erode digital trust 69% of global consumers indicated they are more skeptical of the content they see online due to AI-generated fraud than they were last … More → The post Digital trust is cracking under the pressure of deepfakes, cybercrime appeared first on Help Net Security.

BSI Cites New Technologies, Geopolitical Tensions as Key Risk FactorsMounting decentralization and digitization put electricity grids at risk of hacking that could cause power outages, the German cybersecurity agency warned Wednesday. Technologies such as internet-connected solar power inverters and a tense geopolitical situation sparks increased concern.

A stalkerware company that recently leaked millions of users' personal information online has taken all of its assets offline without any explanation.

Wired: A security researcher finds an exposed Elastic database with 184M records, including login credentials for Apple, Meta, Google, and others; its owner is unknown  —  A trove of breached data, which has now been taken down, includes user logins for platforms including Apple, Google, and Meta.

One scheduled speaker has also pulled out of the New York-based event and specifically pointed to Trump’s mass deportation efforts.

Police arrested 270 suspects following an international law enforcement action codenamed 'Operation RapTor' that targeted dark web vendors and customers from ten countries. [...]

Case being heard in Germany could derail Zuck's plans, and noyb tells El Reg the fight isn't over The Irish Data Protection Commission has cleared the way for Meta to begin slurping up the data of European citizens next week, ongoing legal challenges notwithstanding. …

Comments

A sophisticated search engine optimization (SEO) poisoning attack has emerged, targeting employees through their mobile devices with fake login pages that mimic legitimate corporate portals. The attack, which has already affected organizations in the manufacturing sector, enables hackers to steal employee credentials, access payroll systems, and redirect salary payments to attacker-controlled accounts. This deceptive campaign […] The post Hackers Attacking Employees Mimic as Organizations to Steal Payroll Logins & Reroute Payments appeared first on Cyber Security News.