Meta Ponies Up $300K Bounty for Zero-Click Mobile RCE Bugs in Facebook
Facebook parent Meta will pay up to $300,000 to security researchers who report exploitable remote code execution (RCE) vulnerabilities in the Android and iOS versions of Facebook, Messenger, Instagram,...
Stolen Data on 80K+ Members of FBI-Run InfraGard Reportedly for Sale on Dark Web...
A hacker using the handle "USDoD" has reportedly stolen contact information on more than 80,000 members of an FBI-run program called InfraGard and put the information up for sale...
FBI Charges 6, Seizes 48 Domains Linked to DDoS-for-Hire Service Platforms
By:
Dec 15, 2022Ravie LakshmananCyber Attack / DDoS-for-Hire
The U.S. Department of Justice (DoJ) on Wednesday announced the seizure of 48 domains that offered services to conduct distributed denial-of-service (DDoS)...
Crypto users claim Gemini email leak occurred much earlier than first reported
"Not handled well." This was how one user described the revelations brought forth by Cointelegraph on Dec. 14 regarding the leak of 5.7 million Gemini customers’ email addresses and...
Meta takes down surveillance-for-hire firms, calls for government action against the industry
Written by Tonya Riley and Suzanne Smalley Dec...
NSA Slices Up 5G Mobile Security Risks
A working group pulled together by the US National Security Agency (NSA) has issued a report outlining the cybersecurity threats related to mobile broadband 5G network slicing. Network slicing...
Why PCI DSS 4.0 Should Be on Your Radar in 2023
By:
Dec 14, 2022The Hacker NewsData Security / Compliance
Protecting customer data is critical for any business accepting online payment information. The Payment Card Industry Data Security Standard (PCI DSS),...
Automated Cybercampaign Creates Masses of Bogus Software Building Blocks
An automated attack within the NuGet open source ecosystem for .NET developers has resulted in a flood of malicious packages containing links to phishing campaigns.
That's according to a joint...
CSAF Is the Future of Vulnerability Management
Today, nearly every party that issues security advisories uses its own format and structure. Plus, most security advisories are only human-readable, not machine-readable.System administrators have to read each advisory,...
Microsoft-Signed Malicious Drivers Usher In EDR-Killers, Ransomware
Malicious drivers certified by Microsoft's Windows Hardware Developer Program have been used to juice post-exploitation efforts by cybercriminals, Redmond warned this week — including being used as part of...
