Compromised Linux SSH servers engage in DDoS attacks, cryptomining
Poorly managed Linux SSH servers are getting compromised by unknown attackers and instructed to engage in DDoS attacks while simultaneously mining cryptocurrency in the background. The Tsunami DDoS bot Tsunami, also known as Kaiten, is a type of DDoS.....»»
Lemur"s lament: When one vulnerable species stalks another
What can be done when one threatened animal kills another? Scientists studying critically endangered lemurs in Madagascar confronted this difficult reality when they witnessed attacks on lemurs by another vulnerable species, a carnivore called a fosa.....»»
Reintroduced wolves kill four yearling cattle in latest of string of livestock attacks in Colorado
Wolves killed several yearling cattle in north-central Colorado this week, bringing the total number of wolf kills of livestock this month to six......»»
LastPass users targeted in phishing attacks good enough to trick even the savvy
Campaign used email, SMS, and voice calls to trick targets into divulging master passwords. Enlarge (credit: Getty Images) Password-manager LastPass users were recently targeted by a convincing phishing campaign that use.....»»
Billions of public Discord messages may be sold through a scraping service
Cross-server tracking suggests a new understanding of "public" chat servers. Enlarge (credit: Getty Images) It's easy to get the impression that Discord chat messages are ephemeral, especially across different public ser.....»»
Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation
While it initially seemed that protecting Palo Alto Network firewalls from attacks leveraging CVE-2024-3400 would be possible by disabling the devices’ telemetry, it has now been confirmed that this mitigation is ineffectual. “Device tele.....»»
Attackers are pummeling networks around the world with millions of login attempts
Attacks coming from nearly 4,000 IP addresses take aim at VPNs, SSH and web apps. Enlarge (credit: Matejmo | Getty Images) Cisco’s Talos security team is warning of a large-scale credential compromise campaign that’s.....»»
Cisco Duo provider breached, SMS MFA logs compromised
Hackers have managed to compromise a telephony provider for Duo, the Cisco-owned company providing secure access solutions, and steal MFA (multi-factor authentication) SMS message logs of Duo customers. About the attack The unnamed provider – o.....»»
Cisco Duo says a third-party data breach stole MFA SMS logs
Hackers stole Cisco Duo customers' phone numbers, and the company is warning of possible incoming smishing attacks......»»
New open-source project takeover attacks spotted, stymied
The OpenJS Foundation has headed off a “credible takeover attempt” similar to the one that resulted in a backdoor getting included in the open-source XZ Utils package by someone who called themselves “Jia Tan”. This malicious.....»»
Australian court is the latest to attack Apple on behalf of rich corporations
Apple Fellow Phil Schiller has been testifying in an Australian Federal Court about the origins of the App Store in 2008, and it's just the latest example of pointless attacks on the company.Phil Schiller (left) and Steve Jobs with the first online A.....»»
Framework’s software and firmware have been a mess, but it’s working on them
New features, security updates, and Linux support are all on a long to-do list. Enlarge / The Framework Laptop 13. (credit: Andrew Cunningham) Since Framework showed off its first prototypes in February 2021, we've gener.....»»
Geopolitical tensions escalate OT cyber attacks
In this Help Net Security interview, Andrew Ginter, VP of Industrial Security at Waterfall Security, discusses operational technology (OT) cyber attacks and their 2024 Threat Report. He examines how global geopolitical tensions and evolving ransomwar.....»»
Space Force Is Planning a Military Exercise in Orbit
Two satellites will engage in a “realistic threat response scenario” when Victus Haze gets underway......»»
CVE-2024-3400 exploited: Unit 42, Volexity share more details about the attacks
Earlier today, Palo Alto Networks revealed that a critical command injection vulnerability (CVE-2024-3400) in the company’s firewalls has been exploited in limited attacks and has urged customers with vulnerable devices to quickly implement mit.....»»
Nintendo targets Switch-emulation chat servers, decryption tools with DMCA
Legal fallout continues following Yuzu lawsuit. Enlarge / Is a name like "Suyu" ironic enough to avoid facing a lawsuit? (credit: Suyu) Nintendo continues to use DMCA requests to halt projects it says aid in the piracy o.....»»
Roku closes the barn door, badly, after a half-million accounts are compromised
Roku has finally turned on two-factor authentication -- after it learned that more than 500,000 accounts were hit by a credential-stuffing attack......»»
BMC flaw left unchecked for 6 years hits Intel and Lenovo servers
BMC flaw left unchecked for 6 years hits Intel and Lenovo servers.....»»
Unix system administration: Vocabulary for English speakers
In the vast, interconnected world of information technology, Unix stands as a monumental pillar, powering servers, workstations, and critical systems across the globe. Its reputation for stability, efficiency, and flexibility makes Unix system admini.....»»
The Ultimate Guide to Popular Linux Games in 2024 – Boosters.gg Insights
With the gaming world constantly evolving, Linux has emerged as a formidable platform for gamers seeking diversity and freedom in their gaming experience. This guide, brought to you with insights from Boosters.gg, dives deep into the thriving ecosyst.....»»
UI/UX Design Services: What These Are and Who Needs Them on Linux Platforms
Ever wondered why some apps, especially those developed on Linux, feel just right, while others don’t? It’s all about UI/UX design — when executed well, it makes navigating a website or app seamless. Whether you’re a startup or managing a lar.....»»