Tag: computer

Four Hackers Caught Exploiting Old Routers as Proxy Servers

May 13, 2025 3:38 PM

Tags: botnet, computer, crime, cyber, cybercrime, exploit, hacker, malicious, router, russia

U.S. authorities unsealed charges against four foreign nationals accused of operating a global cybercrime scheme that hijacked outdated wireless routers to create malicious proxy networks. Russian nationals Alexey Viktorovich Chertkov (37), Kirill Vladimirovich Morozov (41), Aleksandr Aleksandrovich Shishkin (36), and Kazakhstani Dmitriy Rubtsov (38) face conspiracy and computer crime charges for allegedly profiting from botnets…
ASUS Patches DriverHub RCE Flaws Exploitable via HTTP and Crafted .ini Files

May 12, 2025 6:10 PM

Tags: computer, exploit, flaw, rce, remote-code-execution, software, tool, update

ASUS has released updates to address two security flaws impacting ASUS DriverHub that, if successfully exploited, could enable an attacker to leverage the software in order to achieve remote code execution.DriverHub is a tool that’s designed to automatically detect the motherboard model of a computer and display necessary driver updates for subsequent installation by communicating…
The rise of vCISO as a viable cybersecurity career path

May 12, 2025 9:10 AM

Tags: advisory, business, ceo, cio, ciso, compliance, computer, control, country, cyber, cybersecurity, government, grc, group, guide, healthcare, incident response, infrastructure, ISO-27001, jobs, mobile, network, nist, risk, risk-assessment, risk-management, service, skills, strategy, technology, tool, training

Damon Petraglia, vCISO and CISO on demand Blue Mantis Damon Petraglia A long-time cybersecurity pro with chops built up in the federal government world and through forensic investigation work, Damon Petraglia works as a vCISO and CISO on demand for the IT services firm Blue Mantis.”Where I am today as a vCISO is a culmination…
BSidesLV24 Proving Ground The Immortal Retrofuturism Of Mainframe Computers And How To Keep Them Safe

May 11, 2025 6:10 PM

Tags: computer, conference

Author/Presenter: Michelle Eggers Our sincere appreciation to BSidesLV, and the Presenters/Authors for publishing their erudite Security BSidesLV24 content. Originating from the conference’s events located at the Tuscany Suites & Casino; and via the organizations YouTube channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/bsideslv24-proving-ground-the-immortal-retrofuturism-of-mainframe-computers-and-how-to-keep-them-safe/
DOGE Employee Computer Infected with Malware and Leaked Data Found Info-Stealer Logs

May 10, 2025 5:10 PM

Tags: access, computer, cyber, data, data-breach, email, government, malware, password, unauthorized

Kyle Schutt, a 37-year-old DOGE employee identified in federal payroll records, has had his personal email address and associated passwords exposed in at least four distinct >>stealer log
Infostealer hits DOGE software engineer’s computer

May 9, 2025 11:10 PM

Tags: computer, software

First seen on scworld.com Jump to article: www.scworld.com/brief/infostealer-hits-doge-software-engineers-computer
DOGE software engineer’s computer infected by info-stealing malware

May 8, 2025 9:11 PM

Tags: computer, credentials, data-breach, malware, software

The presence of credentials in leaked “stealer logs” indicates his device was infected. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/05/doge-software-engineers-computer-infected-by-info-stealing-malware/
Hacker Exploits AI Art Tool to Steal 1.1TB of Disney Data

May 7, 2025 10:11 PM

Tags: ai, computer, data, exploit, hacker, hacking, intelligence, malicious, tool

California Man Pleads Guilty to Two Felony Charges Related to Hacking Employee’s PC. A California man agreed to plead guilty to hacking a Disney employee’s personal computer and stealing over one terabyte of confidential company data. Authorities say the man posted a malicious artificial intelligence art application online and used it to steal an employee’s…
IT Worker from Computacenter Let Girlfriend Into Deutsche Bank’s Restricted Areas

May 7, 2025 8:50 AM

Tags: breach, china, computer, cyber, finance, technology, unauthorized

A former information technology manager has filed a whistleblower lawsuit alleging a major security breach at Deutsche Bank’s Manhattan headquarters, claiming a fellow IT contractor repeatedly brought his girlfriend an unauthorized Chinese national with computer expertise into the bank’s most sensitive tech rooms. The lawsuit further alleges the incident was covered up by […] The…
NIST loses key cyber experts in standards and research

May 6, 2025 6:50 PM

Tags: computer, cyber, nist

The head of NIST’s Computer Security Division and roughly a dozen of his subordinates took the Trump administration’s retirement offers, placing key programs at risk. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/nist-cyber-retirements-quantum-ai-research-standards/747270/
Microsoft unveils new AI agents that can modify Windows settings

May 6, 2025 3:50 PM

Tags: ai, computer, microsoft, windows

Today, Microsoft announced new Windows experiences for Copilot+ PCs, including AI agents that will make changing settings on your Windows computer easier. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-unveils-new-ai-agents-that-can-modify-windows-settings/
Chaos Computer Clubs erläutert Cyberangriffe – Lauterbach bestätigt Sicherheitslücke bei E-Patientenakte

May 6, 2025 9:50 AM

Tags: bug, computer, cyberattack

First seen on security-insider.de Jump to article: www.security-insider.de/elektronische-patientenakte-sicherheitsluecken-a-1d83b8b0abeab522950c5ac40698c607/
Federal prosecutors indict alleged head of Black Kingdom ransomware

May 5, 2025 8:50 PM

Tags: computer, ransomware

A man believed to be living in Yemen is accused of developing the ransomware and infecting about 1,500 computer systems in the U.S. and elsewhere between March 2021 and June 2023. First seen on cyberscoop.com Jump to article: cyberscoop.com/black-kingdom-ransomware-indictment-doj/
California Man Will Plead Guilty to Last Year’s Disney Hack

May 5, 2025 2:49 PM

Tags: breach, computer, credentials, data, data-breach, group, hacking, russia

A 25-year-old California man will plead guilty to hacking into a Disney’s personal computer and using stolen credentials to break into thousands of Disney Slack channels. Ryan Mitchell Kramer, who claimed to be a member of the Russian group NullBulge, then leaked the data when the victim didn’t respond to his emails. First seen on…
Trump promises protection for TikTok, for which he has a ‘warm spot in my heart’

May 5, 2025 9:49 AM

Tags: computer, skills

Hails DOGE operatives for computer skills during interview in which he also flubbed some tech investment figures First seen on theregister.com Jump to article: www.theregister.com/2025/05/05/trump_promises_protection_for_tiktok/
Cyber-Zwischenfall bei einer County-Verwaltung in Wisconsin, USA

May 5, 2025 7:49 AM

Tags: computer, cyber, incident, network, usa

On April 28, 2025, Iowa County detected suspicious activity in our computer network environment … First seen on iowacounty.org Jump to article: www.iowacounty.org/
U.S. Charges Yemeni Hacker Behind Black Kingdom Ransomware Targeting 1,500 Systems

May 3, 2025 10:50 AM

Tags: computer, hacker, healthcare, ransomware

The U.S. Department of Justice (DoJ) on Thursday announced charges against a 36-year-old Yemeni national for allegedly deploying the Black Kingdom ransomware against global targets, including businesses, schools, and hospitals in the United States.Rami Khaled Ahmed of Sana’a, Yemen, has been charged with one count of conspiracy, one count of intentional damage to a protected…
US indicts Yemeni man in Black Kingdom ransomware attacks

May 2, 2025 9:50 PM

Tags: attack, computer, office, ransomware

The U.S. Attorney’s Office for the Central District of California announced charges against Rami Khaled Ahmed for allegedly helping to develop and deploy Black Kingdom, which infected “approximately 1,500 computer systems.” First seen on therecord.media Jump to article: therecord.media/us-indicts-yemeni-man-black-kingdom-ransomware
Cybersecurity Snapshot: CISA’s Best Cyber Advice on Securing Cloud, OT, Apps and More

May 2, 2025 6:50 PM

Tags: access, ai, attack, authentication, best-practice, breach, business, cisa, ciso, cloud, computer, control, credentials, cyber, cybersecurity, data, defense, detection, encryption, exploit, firewall, flaw, framework, government, guide, hacker, iam, identity, incident, incident response, infrastructure, injection, international, Internet, iot, kubernetes, login, mfa, microsoft, mitigation, mitre, network, nist, open-source, organized, password, phishing, programming, RedTeam, risk, risk-management, sbom, service, software, sql, supply-chain, tactics, technology, threat, tool, unauthorized, update, usa, vulnerability, vulnerability-management, windows, xss, zero-day

In this special edition of the Cybersecurity Snapshot, we’re highlighting some of the most valuable guidance offered by the U.S. Cybersecurity and Infrastructure Security Agency in the past 12 months. Check out best practices, recommendations and insights on protecting your cloud environments, OT systems, software development processes and more. In case you missed it, here’s…
Disney Hacker Admits Guilt After Stealing 1.1TB of Internal Data

May 2, 2025 7:50 AM

Tags: access, computer, cyber, data, hacker, hacking, threat, unauthorized

A 25-year-old man from Santa Clarita, California, has agreed to plead guilty to hacking into the personal computer of a Walt Disney Company employee and stealing a massive amount of sensitive internal data last year. Ryan Mitchell Kramer faces charges related to unauthorized computer access and threats to damage a protected computer, marking a significant…
Quantum computer threat spurring quiet overhaul of internet security

May 1, 2025 11:50 PM

Tags: computer, cryptography, Internet, threat

Cryptography experts said a “Cambrian explosion” of standards is on its way as a response to worries over quantum computers breaking current algorithms. First seen on cyberscoop.com Jump to article: cyberscoop.com/cloudflare-ibm-quantum-security-cryptography-migration/
Preparing for Quantum Cybersecurity Risks CISO Insights

May 1, 2025 8:50 PM

Tags: attack, ciso, computer, cyber, cybersecurity, data, encryption, risk, threat

Quantum cybersecurity risks represent a paradigm shift in cybersecurity, demanding immediate attention from Chief Information Security Officers worldwide. While practical quantum computers capable of breaking current encryption standards may still be years away, the threat is already present through >>harvest now, decrypt later
Thomas Herdman’s legal battle over Sky ECC encrypted phone distribution set to enter fifth year

May 1, 2025 1:50 PM

Tags: computer, phone

Computer Weekly speaks to Julie Kawai Herdman, daughter of Thomas Herdman, the only person in custody for distributing Sky ECC encrypted phones First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366623396/Thomas-Herdmans-legal-battle-over-Sky-ECC-encrypted-phone-distribution-set-to-enter-fifth-year
Quantum Computing and Cybersecurity What CISOs Need to Know Now

May 1, 2025 1:50 PM

Tags: ciso, computer, computing, cyber, cybersecurity, data, encryption

As quantum computing transitions from theoretical research to practical application, Chief Information Security Officers (CISOs) face an unprecedented challenge to cryptographic security. The emergence of cryptanalytically relevant quantum computers (CRQCs) threatens to break widely-used public-key encryption algorithms that safeguard sensitive data and communications. This looming crisis, often referred to as >>Y2Q>Q-Day,
The 14 most valuable cybersecurity certifications

May 1, 2025 10:50 AM

Tags: access, ai, application-security, attack, automation, best-practice, blockchain, blueteam, china, cisa, cisco, ciso, cloud, compliance, computer, computing, conference, control, country, credentials, cryptography, cyber, cybersecurity, data, defense, encryption, endpoint, exploit, finance, governance, government, guide, hacker, hacking, incident response, intelligence, Internet, jobs, kali, law, linux, malware, metric, microsoft, monitoring, network, penetration-testing, privacy, reverse-engineering, risk, risk-analysis, risk-management, skills, threat, training, vulnerability, windows

Industry recognition Who’s to say one certification is more respected than another? Such criteria can be very subjective, so we turned to the most direct and unbiased source to cut through the ambiguity: job listings. In addition to education, skills, and qualifications, employers often specify certs they seek in their ideal candidate. These mentions carry…
ePA 3.0: Neue Sicherheitslücke entdeckt und geschlossen

May 1, 2025 9:50 AM

Tags: bug, computer

Zum 29. April 2025 ist die elektronische Patientenakte ja flächendeckend für gesetzlich Krankenversicherte gestartet. Sicher und funktional, wie der Gesundheitsminister versicherte. Am 30. April 2025 musste die gematik vermelden, dass man eine durch den Chaos Computer Club (CCC) gemeldete neue … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/05/01/epa-3-0-neue-sicherheitsluecke-entdeckt-und-geschlossen/
Smashing Security podcast #415: Hacking hijinks at the hospital, and WASPI scams

May 1, 2025 1:50 AM

Tags: computer, hacking, healthcare, network, scam, spyware

He’s not a pop star, but Jeffrey Bowie is alleged to have toured staff areas of a hospital in Oklahoma, hunting for computers he could install spyware on. We dive into the bizarre case of the man accused of hacking medical networks and then sharing how he did it on LinkedIn. First seen on grahamcluley.com…
Brocade Fabric OS flaw could allow code injection attacks

Apr 29, 2025 3:51 PM

Tags: access, attack, cisa, computer, credentials, cve, exploit, flaw, injection, kev, software, update, vulnerability

Same KEV update included a Commvault flaw: CISA also added a high severity bugCVSS 8.7/10 affecting Commvault Web Server to its KEV Catalog, recommending patching under the same BOD directive.The flaw, tracked as CVE-2025-3928, is an unspecified vulnerability that can be exploited by a remote, authenticated attacker to execute webshells. All versions before 11.36.46, 11.32.89,…
2025 The International Year of Quantum Science and Technology

Apr 29, 2025 2:52 PM

Tags: access, attack, cloud, compliance, computer, conference, crypto, cryptography, cybersecurity, data, encryption, finance, government, group, Hardware, infrastructure, international, lessons-learned, network, nist, regulation, risk, risk-assessment, software, strategy, technology, tool

2025 The International Year of Quantum Science and Technology divya Tue, 04/29/2025 – 07:48 It is no surprise that the United Nations declared 2025 as the International Year of Quantum Science and Technology (IYQ). Not only does it mark the 100-year point since quantum physics were discovered, but for those who have been following, the…
Broadcom-backed SAN devices face code injection attacks via a critical Fabric OS bug

Apr 29, 2025 2:52 PM

Tags: access, attack, cisa, computer, credentials, cve, exploit, flaw, injection, kev, software, update, vulnerability

Same KEV update included a Commvault flaw: CISA also added a high severity bugCVSS 8.7/10 affecting Commvault Web Server to its KEV Catalog, recommending patching under the same BOD directive.The flaw, tracked as CVE-2025-3928, is an unspecified vulnerability that can be exploited by a remote, authenticated attacker to execute webshells. All versions before 11.36.46, 11.32.89,…