The hottest Malware Substack posts right now

And their main takeaways
Category
Top Technology Topics

Risky Biz News: Cybercrime crew infects 172,000 smart TVs and set-top boxes

Risky Business News 0 implied HN points 17 Jan 24
🕹 Technology Cybersecurity Vulnerabilities Malware Government Tech news
  1. A cybercrime group infected 172,000 smart TVs and set-top boxes to carry out DDoS attacks.
  2. Bigpanzi botnet targeted Spanish and Portuguese-speaking users by spreading malware through social engineering.
  3. The security industry faces challenges like unpatched vulnerabilities in SonicWall firewalls and sophisticated malware targeting various platforms.

Risky Biz News: Chinese APT exploits two Pulse Secure zero-days

Risky Business News 0 implied HN points 12 Jan 24
🕹 Technology Security Malware Cybercrime Vulnerabilities Infosec Industry
  1. Chinese state-sponsored hacking group exploited two zero-days in Ivanti Connect Secure VPN appliances.
  2. FTC banned data broker Outlogic from selling precise location data of American citizens due to privacy violations.
  3. A member of the ShinyHunters hacking group was sentenced to three years in prison for hacking and selling data on underground forums.

Risky Biz News: Turkish APT group Sea Turtle returns

Risky Business News 0 implied HN points 08 Jan 24
🕹 Technology Cybersecurity Malware Vulnerabilities Acquisitions Tools
  1. Hackers associated with the Turkish government in the Sea Turtle group have resumed cyber-espionage operations targeting governments and IT service providers.
  2. Recent cyber incidents include Russian hackers targeting Ukraine, hacks in the telecom sector, and cyberattacks on US museums and crypto platforms.
  3. New malware discoveries, ransomware attacks, and cybercrime incidents underscore the importance of strong passwords, security updates, and vigilance against cyber threats.

Linux Kernel Flaw, VPN Zero Day, Router, 911 S5, Google leak, Snowflake compromised, Ticketmaster breach.

Secure GenAI 0 implied HN points 02 Jun 24
🕹 Technology Security Networking AI Malware Cybersecurity
  1. CISA alerted federal agencies to patch a Linux Kernel flaw by June 20, 2024, to prevent local attackers from gaining privileges and executing code.
  2. A zero-day vulnerability in Check Point VPNs allows remote attackers to steal sensitive credentials starting around April 30, and the flaw is described as 'extremely easy' to exploit.
  3. Snowflake account hacks led to breaches at Santander and Ticketmaster, with hackers using a compromised Snowflake employee's account to access data, urging customers to enable multi-factor authentication for account security.

Weekly update: Data breach, Incognito, Linux malware, new course about Red Team for LLMs, phishing without login page.

Secure GenAI 0 implied HN points 07 Apr 24
🕹 Technology Cybersecurity Malware Data Privacy Learning Resources Phishing
  1. AT&T experienced a massive data breach affecting 73 million customers' personal information, prompting concerns about data security measures in place.
  2. Google is implementing new security measures in Incognito mode to prevent unauthorized access using stolen session cookies, emphasizing the importance of safeguarding user data.
  3. The discovery of the first Linux malware injected by an open-source maintainer highlights the vulnerability of systems worldwide, underscoring the critical need for enhanced cybersecurity measures.
Get a weekly roundup of the best Substack posts, by hacker news affinity:

Scary attacks

Thái | Hacker | Kỹ sư tin tặc 0 implied HN points 26 Mar 08
🕹 Technology Cybersecurity Data Breaches Malware Vulnerabilities Phishing
  1. Highly targeted and technically advanced attacks can be carried out by well-funded and motivated individuals or groups.
  2. In practice, these attacks may involve the use of forged email headers, exploits within documents, keyloggers, and DNS-bouncer systems.
  3. The attackers may craft their exploits to evade detection by antivirus products, making the attacks harder to detect and defend against.

See you at VNSECON07!

Thái | Hacker | Kỹ sư tin tặc 0 implied HN points 02 Aug 07
🕹 Technology Cybersecurity Mobile Banking Hacking Malware
  1. VNSECON07 aimed to bridge the gap in cybersecurity between Vietnam and the rest of the world by bringing experts to share their latest research and insights.
  2. VNSECON07 stood out from other security conferences by following a rigorous selection process for presentations and hosting a hacking competition called Capture the Flag.
  3. The conference featured hot topics such as next-gen .NET attacks, live malware attacks, using Google for finding malware, cheating in online games, building a GSM interceptor, and banking security challenges in fast-developing countries.

Tấn công DDoS bằng PDF Spam

Thái | Hacker | Kỹ sư tin tặc 0 implied HN points 26 Jul 07
🕹 Technology Cybersecurity Networking Email Malware Operating Systems
  1. A client's server faced a DDoS attack through PDF spam, causing FPT Telecom's firewall to freeze due to high traffic.
  2. Investigating the server's services and analyzing log files helped determine the source of the attack - in this case, excessive traffic on SMTP and DNS ports.
  3. Disabling specific troublesome domains temporarily and monitoring traffic helped mitigate the DDoS attack effectively.

Inside a malicious Chrome Extension

Altay's Blog 0 implied HN points 05 Feb 20
🕹 Technology Cybersecurity Software Malware Web Development Data Privacy
  1. Be careful with Chrome extensions that promise to block ads, as some can be malicious. They may appear harmless but can steal your personal information.
  2. Malicious extensions often wait a little while before doing anything suspicious to avoid detection. They might log you out or demand access to your data stealthily.
  3. If you find a suspicious extension, report it to the Chrome Web Store. It's essential to stay safe and protect your personal data online.