182 matches found
Elon Musk’s Twitter Files Are a Feast for Conspiracy Theorists
From QAnon influencers to @catturd, the very online right sees exactly what they want to see in the CEO’s orchestrated disclosure...
ceotrithuc.com Cross Site Scripting vulnerability OBB-2965727
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
When Efforts to Contain a Data Breach Backfire
Earlier this month, the administrator of the cybercrime forum Breached received a cease-and-desist letter from a cybersecurity firm. The missive alleged that an auction on the site for data stolen from 10 million customers of Mexicos second-largest bank was fake news and harming the banks...
To settle with the DoJ, Uber must confess to a cover-up. And it did.
Uber covered up the 2016 data breach that affected its 57 million customers and drivers. The confession came as part of the settlement between the DOJ US Department of Justice and the taxi company, which will see it avoid criminal prosecution. In a press release from the DOJ, Uber "admits that it...
Uniswap V3 LPs Lose Millions in Fake Token Phishing Attack
By Deeba Ahmed Binance CEO Changpeng Zhao CZ said in a Tweet that their intel unit identified an exploit on Uniswap… This is a post from HackRead.com Read the original post: Uniswap V3 LPs Lose Millions in Fake Token Phishing Attack...
10 Years Journey into API Security Vulnerabilities with Ivan, the CEO of Wallarm
Ivan Novikov, CEO at Wallarm, is an API security expert, bug hunter, security researcher, and blackhat speaker with 24 years of experience in the cybersecurity field. He spent decades in this industry and witnessed exploits as well as growth. Read ahead to understand Ivan’s API Security journey a...
Trend Micro CEO Discusses Need for a Unified Cybersecurity Platform
In the face of evolving cyberattacks, an ever-expanding digital attack surface, and a global skills shortage, organizations need a more unified approach to managing cyber risk. Trend Micro co-founder & CEO Eva Chen discusses our vision and strategy for delivering a unified cybersecurity platform...
Why Paper Receipts are Money at the Drive-Thru
Check out this handmade sign posted to the front door of a shuttered Jimmy Johns sandwich chain shop in Missouri last week. See if you can tell from the store owners message what happened. If you guessed that someone in the Jimmy Johns store might have fallen victim to a Business Email Compromise...
Just-Released Dark Souls Game, Elden Ring, Includes Killer Bug
The latest installment of the Dark Souls gaming franchise, Elden Ring, contains a security vulnerability that allows bad actors to throw players on PCs into an endless loop of losing their characters’ lives, rendering it essentially unplayable. Malwarebytes Labs researcher Christopher Boyd said...
Ex-Crypto CEO accused of 2016’s $11 billion Ethereum DAO hack
By Waqas According to journalist Laura Shin and Blockchain data security firm Chainalysis, in 2016, a programmer, Toby Hoenisch, allegedly… This is a post from HackRead.com Read the original post: Ex-Crypto CEO accused of 2016s $11 billion Ethereum DAO hack...
Phishing scam: NFTs Worth $1.7M Stolen from OpenSea Users
By Deeba Ahmed OpenSeas CEO Devin Finzer has denied the claims that a vulnerability in their smart contract was exploited to… This is a post from HackRead.com Read the original post: Phishing scam: NFTs Worth $1.7M Stolen from OpenSea Users...
Evaluating MDR Vendors: A Pocket Buyer's Guide
Cyberthreats are now the No. 1 source of stress among CEOs, with 71% of respondents to PwC's 2021 CEO Study reporting they are "extremely concerned" about the issue. At the same time, the cybersecurity skills gap continues to grow, with 95% of security pros saying the shortage of talent in their...
Signal CEO Resigns, WhatsApp Co-Founder Takes Over as Interim CEO
Moxie Marlinspike, the founder of the popular encrypted instant messaging service Signal, has announced that he is stepping down as the chief executive of the non-profit in a move that has been underway over the last few months. "In other words, after a decade or more, it's difficult to overstate...
Spear phish, whale phish, regular phish: What’s the difference?
There are many types of phishing attack nowadays, to the extent it can be tricky to keep up with them all. We have unique names for mobile attacks, postal attacks, threats sent via SMS and many more besides. However, we often see folks mix up their spears and their whales, and even occasionally...
GoDaddy Data Breach Exposes Over 1 Million WordPress Customers' Data
Web hosting giant GoDaddy on Monday disclosed a data breach that resulted in the unauthorized access of data belonging to a total of 1.2 million active and inactive customers, making it the third security incident to come to light since 2018. In a filing with the U.S. Securities and Exchange...
Help Might Finally Be on the Way to Fight SIM-Swap Attacks
Plus: A cybersecurity CEO arrest, an Apple Pay hack, and more of the week's top security news...
FTC bans SpyFone and its CEO from continuing to sell stalkerware
Nearly two years after the US Federal Trade Commission first took aim against mobile apps that can non-consensually track people’s locations and pry into their emails, photos, and videos, the government agency placed restrictions Wednesday on the developers of SpyFone—which the FTC called a...
Hackers Steal Over $600 Million Worth of Cryptocurrencies from Poly Network
Hackers have siphoned $611 million worth of cryptocurrencies from a blockchain-based financial network in what's believed to be one of the largest heists targeting the digital asset industry, putting it ahead of breaches targeting exchanges Coincheck and Mt. Gox in recent years. Poly Network, a...
NamedPipePTH - Pass The Hash To A Named Pipe For Token Impersonation
This project is a PoC code to use Pass-the-Hash for authentication on a local Named Pipe user Impersonation. There also is a blog post for explanation: https://s3cur3th1ssh1t.github.io/Named-Pipe-PTH/ It is heavily based on the code from the projects Invoke-SMBExec.ps1 and RoguePotato. I faced...
Signal CEO hacks Cellebrite cellphone hacking, cracking tool
By Waqas Signal CEO states that since Cellebrite itself makes a living from undisclosed vulnerabilities, he decided to disclose the vulnerability to the public. This is a post from HackRead.com Read the original post: Signal CEO hacks Cellebrite cellphone hacking, cracking tool...