GitHub makes 2FA mandatory next week for active developers
GitHub will start requiring active developers to enable two-factor authentication (2FA) on their accounts beginning next week, on March 13. Once expanded to the company’s…
Category: Bleeping Computer
Business email compromise attacks can take just hours
Microsoft’s Security Intelligence team recently investigated a business email compromise (BEC) attack and found that attackers move rapidly, with some steps taking mere minutes. The…
FBI warns of cryptocurrency theft via “play-to-earn” games
Cybercriminals are now using fake rewards in so-called “play-to-earn” mobile and online games to steal millions worth of cryptocurrency, according to an FBI warning on…
Police seize Netwire RAT malware infrastructure, arrest admin
An international law enforcement operation involving the FBI and police agencies worldwide led to the arrest of the suspected administrator of the NetWire remote access…
Akamai mitigates record-breaking 900Gbps DDoS attack in Asia
Akamai reports having mitigated the largest DDoS (distributed denial of service) attack ever launched against a customer based in the Asia-Pacific region. DDoS is an…
SonicWall devices infected by malware that survives firmware upgrades
A suspected Chinese hacking campaign has been targeting unpatched SonicWall Secure Mobile Access (SMA) appliances to install custom malware that establishes long-term persistence for cyber…
AT&T alerts 9 million customers of data breach after vendor hack
AT&T is notifying roughly 9 million customers that some of their information was exposed after a marketing vendor was hacked in January. “Customer Proprietary Network…
Protecting collocated servers from DDoS attacks using GRE tunnels
For any company that relies heavily on online sales and transactions, the increasing number of cyberattacks targeting e-commerce websites is a growing concern. E-commerce websites…
Pen Testers using Vulnerability Scanners – Closing the Gap
Vulnerability scanning is a common practice for businesses to verify and harden their security controls, and because of its popularity, you have at some point…
Ransomware gang posts video of data stolen from Minneapolis schools
The Medusa ransomware gang is demanding a $1,000,000 ransom from the Minneapolis Public Schools (MPS) district to delete data allegedly stolen in a ransomware attack.…
Microsoft testing File Explorer access keys, new VPN status icon
Microsoft has released a new Windows 11 preview build with new features such as File Explorer access keys, a new VPN status indicator, and a…
Fortinet warns of new critical unauthenticated RCE vulnerability
Fortinet has disclosed a “Critical” vulnerability impacting FortiOS and FortiProxy, which allows an unauthenticated attacker to execute arbitrary code or perform denial of service (DoS)…