Tag: switch
-
Cybersecurity Snapshot: Industrial Systems in Crosshairs of Russian Hackers, FBI Warns, as MITRE Updates List of Top Hardware Weaknesses
Tags: access, ai, attack, automation, cisa, cisco, cloud, conference, control, credentials, cve, cyber, cybersecurity, data, data-breach, deep-fake, detection, docker, espionage, exploit, flaw, framework, fraud, google, government, group, guide, hacker, hacking, Hardware, identity, infrastructure, intelligence, Internet, iot, LLM, microsoft, mitigation, mitre, mobile, network, nist, risk, russia, scam, service, side-channel, software, strategy, switch, technology, threat, tool, update, vulnerability, vulnerability-management, windowsCheck out the FBI’s alert on Russia-backed hackers infiltrating critical infrastructure networks via an old Cisco bug. Plus, MITRE dropped a revamped list of the most important critical security flaws. Meanwhile, NIST rolled out a battle plan against face-morphing deepfakes. And get the latest on the CIS Benchmarks and on vulnerability prioritization strategies! Here are…
-
Developer gets prison time for sabotaging former employer’s network with a ‘kill switch’
The ex-developer was convicted of planting malicious code designed to crash its servers in the event that he was fired. First seen on techcrunch.com Jump to article: techcrunch.com/2025/08/22/developer-gets-prison-time-for-sabotaging-former-employers-network-with-a-kill-switch/
-
Urteil: Haftstrafe für Kill Switch im Netzwerk des Ex-Arbeitgebers
Tags: switchTausende Mitarbeiter eines Unternehmens wurden 2019 unerwartet aus ihren Nutzerkonten ausgesperrt. Der Saboteur muss nun ins Gefängnis. First seen on golem.de Jump to article: www.golem.de/news/urteil-haftstrafe-fuer-kill-switch-im-netzwerk-des-ex-arbeitgebers-2508-199434.html
-
Former developer jailed after deploying kill-switch malware at Ohio firm
Ex-developer jailed 4 years for sabotaging Ohio employer with kill-switch malware that locked employees out after his account was disabled. Ex-developer Davis Lu (55) was sentenced to 4 years for sabotaging Ohio employer with kill-switch malware that locked staff out after his account was disabled. The Chinese national was also sentenced to three years of…
-
Ex-Developer Jailed Four Years for Sabotaging Ohio Employer with Kill-Switch Malware
A 55-year-old Chinese national has been sentenced to four years in prison and three years of supervised release for sabotaging his former employer’s network with custom malware and deploying a kill switch that locked out employees when his account was disabled.Davis Lu, 55, of Houston, Texas, was convicted of causing intentional damage to protected computers…
-
Developer jailed for taking down employer’s network with kill switch malware
Pro tip: When taking revenge, don’t use your real name First seen on theregister.com Jump to article: www.theregister.com/2025/08/22/worlds_dumbest_it_admin_gets/
-
Dev gets 4 years for creating kill switch on ex-employer’s systems
A software developer has been sentenced to four years in prison for sabotaging his ex-employer’s Windows network with custom malware and a kill switch that locked out employees when his account was disabled. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/dev-gets-4-years-for-creating-kill-switch-on-ex-employers-systems/
-
Nvidia Pushes Back on Chinese ‘Kill-Switch’ Claims
Chipmaker Argues Against Growing Interest in US to Require New Security Measures. Artificial intelligence chip-making powerhouse Nvidia is rejecting claims from China’s top cyber agency that its H20 chips include location tracking and kill-switch features – while warning U.S. lawmakers against requiring those capabilities in future chip designs. First seen on govinfosecurity.com Jump to article:…
-
Weaponized npm Packages Target WhatsApp Developers with Remote Kill Switch
Socket’s Threat Research Team has uncovered a sophisticated supply chain attack targeting developers integrating with the WhatsApp Business API. Two malicious npm packages, naya-flore and nvlore-hsc, published by the npm user nayflore using the email idzzcch@gmail.com, disguise themselves as legitimate WhatsApp socket libraries. These packages exploit the growing ecosystem of third-party tools for WhatsApp automation,…
-
Microsoft SharePoint Hackers Switch Gears to Spread Ransomware
Threat actors exploit SharePoint flaws to access internal systems, steal sensitive data, and carry out surveillance, impersonation, and extortion. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-sharepoint-vulnerabilities-exploitation/
-
Hackers Connected Raspberry Pi to ATM in Bank Heist Attempt
Runners Hired to Connect Device to Bank’s Network, Facilitating Remote Hacks. Researchers tied a cybercrime group tracked as UNC2891 to an attempted Asia-Pacific bank heist, in which remote attackers physically installed a 4G-enabled Raspberry Pi onto an ATM network switch, giving them remote access to the internal IT environment as part of an attempted cashout…
-
UNC2891 Breaches ATM Network via 4G Raspberry Pi, Tries CAKETAP Rootkit for Fraud
The financially motivated threat actor known as UNC2891 has been observed targeting Automatic Teller Machine (ATM) infrastructure using a 4G-equipped Raspberry Pi as part of a covert attack.The cyber-physical attack involved the adversary leveraging their physical access to install the Raspberry Pi device and have it connected directly to the same network switch as the…
-
Firewalls umgangen: Hacker infiltrieren Netzwerk einer Bank per Raspberry Pi
Der Raspberry Pi wurde einfach am Switch eines Geldautomaten angeschlossen. Dank 4G-Modem konnten sich die Angreifer danach im Netzwerk austoben. First seen on golem.de Jump to article: www.golem.de/news/firewalls-umgangen-hacker-infiltrieren-netzwerk-einer-bank-per-raspberry-pi-2507-198674.html
-
UNC2891 Hackers Breach ATMs Using Raspberry Pi Devices for Network Access
A Raspberry Pi device that was directly attached to an internal network switch was used by the financially motivated threat actor group UNC2891 to breach ATM networks in a sophisticated cyber campaign that targeted banking infrastructure. This embedded hardware, equipped with a 4G modem, facilitated remote access over mobile data, bypassing perimeter firewalls and establishing…
-
Microsoft SharePoint Hackers Switch Gears to Spread Ransomware
Threat actors exploit SharePoint flaws to access internal systems, steal sensitive data, and carry out surveillance, impersonation, and extortion. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/microsoft/sharepoint-vulnerabilities-exploitation/
-
FBI seized multiple piracy sites distributing pirated video games
FBI seizes multiple piracy sites for Nintendo Switch and PlayStation 4 games, dismantling their infrastructure. The FBI, with the help of the Dutch FIOD, seized multiple piracy sites distributing pirated video games, including nsw2u.com, ps4pkg.com, and mgnetu.com, dismantling their infrastructure. These sites, active for over four years, offered early access to popular game titles and…
-
Piracy sites for Nintendo Switch, PS4 games taken down by FBI
Last week, the FBI’s Atlanta field office announced the seizure of nsw2u.com, nswdl.com, game-2u.com, bigngame.com, ps4pkg.com, ps4pkg.net and mgnetu.com, placing FBI banners on all of the sites. First seen on therecord.media Jump to article: therecord.media/piracy-sites-for-nintendo-switch-ps4-games-taken-down
-
Cloned Phones, Stolen Identities: The eSIM Hack No One Saw Coming
Embedded SIMs (eSIMs), officially known as Kigen eUICC, are transforming connectivity by allowing users to switch operators without physically swapping cards. These chips store digital profiles and support secure over-the-air provisioning, a boon for smartphones, IoT devices, and connected vehicles. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/breaking-euicc-security/
-
Mis-scoped AWS Organizations Policy Allowed Hackers to Seize Full Control of AWS Environment
Security professionals have uncovered serious vulnerabilities in AWS Organizations in a ground-breaking study by Cymulate Research Labs that might allow attackers to switch between accounts, increase privileges, and take control the entire organization.l takeover. The research focuses on how misconfigured delegation mechanisms intended as a best practice for distributing administrative tasks can be weaponized by…
-
How talent-strapped CISOs can tap former federal government cyber pros
Tags: cio, ciso, cyber, cybersecurity, government, jobs, risk, service, skills, software, switch, technology, threat, vulnerability, vulnerability-managementLuring federal talent to the private sector: In the past, the federal government represented a stable career path. Many highly skilled people spent their entire careers within the federal government. But the current shakeup makes some of that talent, trusted and honed by federal agencies, available to industry CISOs.Federal workers may look to state and…
-
How talent-strapped CISOs can tap former federal government cyber pros
Tags: cio, ciso, cyber, cybersecurity, government, jobs, risk, service, skills, software, switch, technology, threat, vulnerability, vulnerability-managementLuring federal talent to the private sector: In the past, the federal government represented a stable career path. Many highly skilled people spent their entire careers within the federal government. But the current shakeup makes some of that talent, trusted and honed by federal agencies, available to industry CISOs.Federal workers may look to state and…
-
Fedora 43 won’t drop 32-bit app support or adopt Xlibre
Tags: switchCommunity vetoes plans to axe i686 compatibility and switch X11 forks First seen on theregister.com Jump to article: www.theregister.com/2025/07/01/fedora_43_i686_32bit/
-
German BSI Head: Tech Sovereignty Needs Technical Solution
Claudia Plattner Says Complete Switch to European Technologies Is Unrealistic. European ambitions to replace foreign tech solutions with domestic alternatives are unrealistic in the short term, warned the head of the German cybersecurity head cybersecurity agency in a call for greater technological control over cloud platforms. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/german-bsi-head-tech-sovereignty-needs-technical-solution-a-28868
-
Hackers switch to targeting U.S. insurance companies
Threat intelligence researchers are warning of hackers breaching multiple U.S. companies in the insurance industry using all the tactics observed with Scattered Spider activity. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/google-warns-scattered-spider-hackers-now-target-us-insurance-companies/
-
Danish government agency to ditch Microsoft software in push for digital independence
Denmark’s digital affairs ministry says it plans to switch to the open source LibreOffice software and away from Microsoft products as part of an effort to make the government more digitally independent. First seen on therecord.media Jump to article: therecord.media/denmark-digital-agency-microsoft-digital-independence
-
Switch 2 Gamechat: Nintendo warnt Nutzer vor der Weitergabe der Kommunikation
Tags: switchNintendo kündigt an, dass Audio- und Videodateien vom Switch 2 GameChat gespeichert und bei Bedarf an die Behörden übermittelt werden können. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/gaming/switch-2-gamechat-nintendo-warnt-nutzer-vor-der-weitergabe-der-kommunikation-316095.html
-
Mit diesem neuen Playstation-Handheld will Sony der Switch 2 Konkurrenz machen laut Leak
First seen on t3n.de Jump to article: t3n.de/news/playstation-handheld-switch-2-konkurrenz-1689985/
-
New Russian APT group Void Blizzard targets NATO-based orgs after infiltrating Dutch police
Tags: access, api, apt, attack, authentication, blizzard, cloud, credentials, data, defense, detection, edr, email, fido, framework, group, hacker, identity, least-privilege, login, mfa, microsoft, open-source, passkey, password, phishing, qr, risk, russia, siem, spear-phishing, switch, threat, toolSwitch to spear phishing: In recent months the group seems to have pivoted from password spraying to targeted spear phishing attacks that direct users to fake Microsoft Entra login pages using adversary-in-the-middle (AitM) techniques. Such a campaign led to the compromise of 20 NGOs in April.In its campaign against NGOs, Void Blizzard sent emails masquerading…
-
Operation Endgame 2.0: DanaBusted
Tags: access, attack, backup, banking, breach, business, cloud, communications, control, crypto, cybercrime, data, defense, detection, email, espionage, firewall, fraud, government, group, Hardware, infection, intelligence, international, law, malicious, malware, middle-east, network, programming, ransomware, russia, service, supply-chain, switch, threat, tool, ukraine, update, windowsIntroductionOn May 22, 2025, international law enforcement agencies released information about additional actions that were taken in conjunction with Operation Endgame, an ongoing, coordinated effort to dismantle and prosecute cybercriminal organizations, including those behind DanaBot. This action mirrors the original Operation Endgame, launched in May 2024, which disrupted SmokeLoader, IcedID, SystemBC, Pikabot, and Bumblebee. Zscaler…
-
What Kind of Identity Should Your AI Agent Have?
7 min readAI agents don’t neatly fit into your IAM chart. They switch roles, borrow authority, and rewrite what identity means at runtime. Here’s what that means for you. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/what-kind-of-identity-should-your-ai-agent-have/