IBM WebSphere Application Server (WAS) security vulnerabilities

IBM WebSphere Application Server WAS is an application server product developed by IBM. It serves as a platform for JavaEE and web services applications, and it also forms the foundation of the IBM WebSphere software platform. Both versions of IBM WebSphere Application Server WAS, 9.0 and 8.5, ha...

IBM WebSphere Application Server Liberty 安全漏洞

IBM WebSphere Application Server Liberty is a Java application server developed by IBM, based on the Open Liberty project. Versions 17.0.0.3 to 26.0.0.4 of IBM WebSphere Application Server Liberty contain security vulnerabilities. These vulnerabilities arise from deploying applications without...

WordPress plugin My Tickets 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

Inside a network of 20,000+ fake shops

We mapped a sprawling fake shop operation of over 20,000 domains, dozens of shared IP addresses and identical storefronts with different names pasted on top. They exist for one purpose: to steal your payment details and personal data. The thread that ties them all together is a browser tab title...

WordPress plugin WooODT Lite 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There ar...

WordPress plugin All In One Login 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

Italian hotels breached for tens of thousands of scanned IDs

The Computer Emergency Response Team CERT for Italy's "Agenzia per l’Italia Digitale" AGID issued a warning that cybercriminals are selling stolen identity documents from hotels operating in Italy. This summer, a criminal hacker group named “mydocs” infiltrated the booking systems of at least ten...

Apple ID scam leads to $27,000 in-person theft of Ohio man

You've probably heard about people scamming from halfway around the world, but sometimes they turn up at your door. That's what happened in May, when 67 year-old Robert Wise of Ohio received a text telling him that his Apple ID had been compromised. It had been used at an Apple store for a $213...

“This fraud destroyed my life.” Man ends up with criminal record after ID was stolen

This is a sad story that illustrates how losing your ID can effectively ruin your life and reputation. 19-year-old dual German Tunisian national Rami Battikh travelled to the UK in 2019, bringing both his passport and his German national ID. When he returned to Germany, Rami noticed that his Germ...

Crazy Evil Gang Targets Crypto with StealC, AMOS, and Angel Drainer Malware

A Russian-speaking cybercrime gang known as Crazy Evil has been linked to over 10 active social media scams that leverage a wide range of tailored lures to deceive victims and trick them into installing malware such as StealC, Atomic macOS Stealer aka AMOS, and Angel Drainer. "Specializing in...

Cybercriminals Deploy 100K+ Malware Android Apps to Steal OTP Codes

A new malicious campaign has been observed making use of malicious Android apps to steal users' SMS messages since at least February 2022 as part of a large-scale campaign. The malicious apps, spanning over 107,000 unique samples, are designed to intercept one-time passwords OTPs used for online...

E-Root Marketplace Admin Sentenced to 42 Months for Selling 350K Stolen Credentials

A 31-year-old Moldovan national has been sentenced to 42 months in prison in the U.S. for operating an illicit marketplace called E-Root Marketplace that offered for sale hundreds of thousands of compromised credentials, the Department of Justice DoJ announced. Sandu Boris Diaconu was charged wit...

How to make a fake ID online, with Joseph Cox: Lock and Code S05E05

This week on the Lock and Code podcast… For decades, fake IDs had roughly three purposes: Buying booze before legally allowed, getting into age-restricted clubs, and, we can only assume, completing nation-state spycraft for embedded informants and double agents. In 2024, thats changed, as the use...

ID Theft Service Resold Access to USInfoSearch Data

One of the cybercrime undergrounds more active sellers of Social Security numbers, background and credit reports has been pulling data from hacked accounts at the U.S. consumer data broker USinfoSearch, KrebsOnSecurity has learned. Since at least February 2023, a service advertised on Telegram...

Hacker Behind Optus Breach Releases 10,200 Customer Records in Extortion Scheme

The Australian Federal Police AFP on Monday disclosed it's working to gather "crucial evidence" and that it's collaborating with overseas law enforcement authorities following the hack of telecom provider Optus. "Operation Hurricane has been launched to identify the criminals behind the alleged...

Scammer Who Used Info of Riot Games’ Co-Founder to Mine Crypto is Jailed

By Deeba Ahmed The Singaporean identity fraud scammer also tricked Google and Amazon Web Services AWS into providing $5.4 million worth… This is a post from HackRead.com Read the original post: Scammer Who Used Info of Riot Games Co-Founder to Mine Crypto is Jailed...

Deepfake Attacks Are About to Surge, Experts Warn

Artificial intelligence and the rise of deepfake technology is something cybersecurity researchers have cautioned about for years and now it’s officially arrived. Cybercriminals are increasingly sharing, developing and deploying deepfake technologies to bypass biometric security protections, and ...

Indian National Gets 20-Year Jail in United States for Running Scam Call Centers

An Indian national on Monday was sentenced to 20 years in prison in the Southern District of Texas for operating and funding India-based call centers that defrauded US victims out of millions of dollars between 2013 and 2016. Hitesh Madhubhai Patel aka Hitesh Hinglaj, who hails from the city of...

Indian National Gets 20-Year Jail in United States for Running Scam Call Centers

An Indian national on Monday was sentenced to 20 years in prison in the Southern District of Texas for operating and funding India-based call centers that defrauded US victims out of millions of dollars between 2013 and 2016. Hitesh Madhubhai Patel aka Hitesh Hinglaj, who hails from the city of...

This Week in Security News: Linkury Adware Caught Distributing Full-Blown Malware and Cross-Platform Modular Glupteba Malware Uses ManageX

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about how an adware family known primarily for distributing browser hijackers, Linkury, has been caught distributing malware. Also, re...