Authy phone numbers accessed by cybercriminals, warns Twilio

Twilio has warned users of the Authy multi-factor authentication MFA app about an incident in which cybercriminals may have obtained their phone numbers. Twilio said the cybercriminals abused an unsecured Application Programming Interface API endpoint to verify the phone numbers of millions of...

U.K. Hacker Linked to Notorious Scattered Spider Group Arrested in Spain

Law enforcement authorities have allegedly arrested a key member of the notorious cybercrime group called Scattered Spider. The individual, a 22-year-old man from the United Kingdom, was arrested this week in the Spanish city of Palma de Mallorca as he attempted to board a flight to Italy. The mo...

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider, a cybercrime group suspected of hacking into Twilio, LastPass, DoorDash, Mailchimp, and nearly 130 other organizations over the past two years. The Spanish daily Murcia Today...

DEBIAN-CVE-2021-47554

In the Linux kernel, the following vulnerability has been resolved: vdpasim: avoid putting an uninitialized iovadomain The system will crash if we put an uninitialized iovadomain, this could happen when an error occurs before initializing the iovadomain in vdpasimcreate. BUG: kernel NULL pointer...

UBUNTU-CVE-2021-47554

In the Linux kernel, the following vulnerability has been resolved: vdpasim: avoid putting an uninitialized iovadomain The system will crash if we put an uninitialized iovadomain, this could happen when an error occurs before initializing the iovadomain in vdpasimcreate. BUG: kernel NULL pointer...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the use of an uninitialized iovadomain in the vdpasim module...

CVE-2023-52706 gpio: sim: fix a memory leak

In the Linux kernel, the following vulnerability has been resolved: gpio: sim: fix a memory leak Fix an inverted logic bug in gpiosimremovehogs that leads to GPIO hog structures never being freed...

CVE-2023-52706 gpio: sim: fix a memory leak

In the Linux kernel, the following vulnerability has been resolved: gpio: sim: fix a memory leak Fix an inverted logic bug in gpiosimremovehogs that leads to GPIO hog structures never being freed...

CVE-2023-52706 gpio: sim: fix a memory leak

In the Linux kernel, the following vulnerability has been resolved: gpio: sim: fix a memory leak Fix an inverted logic bug in gpiosimremovehogs that leads to GPIO hog structures never being freed...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from a memory leak vulnerability in the GPIO:SIM module...

'eXotic Visit' Spyware Campaign Targets Android Users in India and Pakistan

An active Android malware campaign dubbed eXotic Visit has been primarily targeting users in South Asia, particularly those in India and Pakistan, with malware distributed via dedicated websites and Google Play Store. Slovak cybersecurity firm said the activity, ongoing since November 2021, is no...

Store manager admits SIM swapping his customers

A 42-year-old manager at an unnamed telecommunications company has admitted SIM swapping customers at his store. SIM swapping, also known as SIM jacking, is the act of illegally taking over a target’s cell phone number and re-routing it to a phone under the attackers control. Once an attacker has...

PT-2024-38410

Name of the Vulnerable Software and Affected Versions oFono affected versions not specified Description This issue allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit...

PT-2024-38412

Name of the Vulnerable Software and Affected Versions oFono affected versions not specified Description This issue allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit...

PT-2024-38409

Name of the Vulnerable Software and Affected Versions oFono affected versions not specified Description This issue allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit...

Facebook Marketplace users’ stolen data offered for sale

Personal data belonging to Facebook Marketplace users has been published online, according to BleepingComputer. A cybercriminal was allegedly able to steal a partial database after hacking the systems of a Meta contractor. The leak consists of around 200,000 records that contain names, phone...

Data Breach Affects 66,000 in SIM-Swapping Attacks on US Insurance Giants

By Waqas The data breach targeted insurance giants Washington National Insurance Company and Bankers Life and Casualty Company. This is a post from HackRead.com Read the original post: Data Breach Affects 66,000 in SIM-Swapping Attacks on US Insurance Giants...

Arrests in $400M SIM-Swap Tied to Heist at FTX?

Three Americans were charged this week with stealing more than $400 million in a November 2022 SIM-swapping attack. The U.S. government did not name the victim organization, but there is every indication that the money was stolen from the now-defunct cryptocurrency exchange FTX, which had just...

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

On Jan. 9, 2024, U.S. authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. Sources close to the investigation tell KrebsOnSecurity the accused was a key member of a criminal hacki...

SEC X account hacked to hawk crypto-scams

We have seen several high-profile accounts that were taken over on X formerly Twitter only to be used for cryptocurrency related promotional activities, like expressing the approval of exchange-traded funds ETFs. The latest victim in this line-up is the Securities and Exchange Commission SEC. The...