Hackers Hijack Unsecured Jupyter Notebooks to Stream Illegal Sports Broadcasts https://firewall.firm.in/wp-content/uploads/2024/11/streaming.png Nov 19, 2024Ravie LakshmananCloud Security / Piracy Malicious actors are exploiting misconfigured JupyterLab and Jupyter Notebooks to conduct stream ripping and enable sports piracy using live streaming capture tools. The attacks involve the hijack of unauthenticated Jupyter Notebooks to establish initial access, and perform a series of actions designed ...

Ngioweb Botnet Fuels NSOCKS Residential Proxy Network Exploiting IoT Devices https://firewall.firm.in/wp-content/uploads/2024/11/botnet.png The malware known as Ngioweb has been used to fuel a notorious residential proxy service called NSOCKS, as well as by other services such as VN5Socks and Shopsocks5, new findings from Lumen Technologies reveal. “At least 80% of NSOCKS bots in our telemetry originate from the Ngioweb botnet, mainly ...

Privileged Accounts, Hidden Threats: Why Privileged Access Security Must Be a Top Priority https://firewall.firm.in/wp-content/uploads/2024/11/silverfort.png Nov 19, 2024The Hacker NewsInsider Threat / Credential Security Privileged accounts are well-known gateways for potential security threats. However, many organizations focus solely on managing privileged access—rather than securing the accounts and users entrusted with it. This emphasis is perhaps due to the persistent challenges of ...

New ‘Helldown’ Ransomware Variant Expands Attacks to VMware and Linux Systems https://firewall.firm.in/wp-content/uploads/2024/11/locker.png Cybersecurity researchers have shed light on a Linux variant of a relatively new ransomware strain called Helldown, suggesting that the threat actors are broadening their attack focus. “Helldown deploys Windows ransomware derived from the LockBit 3.0 code,” Sekoia said in a report shared with The Hacker News. “Given ...

Facebook users affected by data breach eligible for compensation, German court says – ET CISO https://etimg.etb2bimg.com/thumb/msid-115438376,imgsize-3037,width-1200,height=765,overlay-etciso/data-breaches/facebook-users-affected-by-data-breach-eligible-for-compensation-german-court-says.jpg BERLIN, – A German court said on Monday that Facebook users whose data was illegally obtained in 2018 and 2019 were eligible for compensation. The Federal Court of Justice (BGH) ruled that the loss of control over one’s data online was grounds for damages ...

New Stealthy BabbleLoader Malware Spotted Delivering WhiteSnake and Meduza Stealers https://firewall.firm.in/wp-content/uploads/2024/11/malware.png Nov 18, 2024Ravie LakshmananThreat Intelligence / Ransomware Cybersecurity researchers have shed light on a new stealthy malware loader called BabbleLoader that has been observed in the wild delivering information stealer families such as WhiteSnake and Meduza. BabbleLoader is an “extremely evasive loader, packed with defensive mechanisms, that is designed ...

The Problem of Permissions and Non-Human Identities – Why Remediating Credentials Takes Longer Than You Think https://firewall.firm.in/wp-content/uploads/2024/11/git.png According to research from GitGuardian and CyberArk, 79% of IT decision-makers reported having experienced a secrets leak, up from 75% in the previous year’s report. At the same time, the number of leaked credentials has never been higher, with over 12.7 million hardcoded ...

THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 11 – Nov 17) https://firewall.firm.in/wp-content/uploads/2024/11/recap.png Nov 18, 2024Ravie LakshmananCybersecurity / Infosec What do hijacked websites, fake job offers, and sneaky ransomware have in common? They’re proof that cybercriminals are finding smarter, sneakier ways to exploit both systems and people. This week makes one thing clear: no system, no person, no organization ...

Turkey fines Amazon’s Twitch 2 million lira for data breach – ET CISO https://etimg.etb2bimg.com/thumb/msid-115405112,imgsize-39952,width-1200,height=765,overlay-etciso/data-breaches/turkey-fines-amazons-twitch-2-million-lira-for-data-breach.jpg Turkey’s Personal Data Protection Board (KVKK) has fined Amazon.com’s gaming platform Twitch 2 million lira ($58,000) over a data breach, the official Anadolu Agency reported on Saturday. KVKK launched an investigation after a 125 GB data leak. It found that Twitch had failed to take adequate ...

NSO Group Exploited WhatsApp to Install Pegasus Spyware Even After Meta’s Lawsuit https://firewall.firm.in/wp-content/uploads/2024/11/whatsapp-exploit.png Nov 18, 2024Ravie LakshmananMobile Security / Spyware Legal documents released as part of an ongoing legal tussle between Meta’s WhatsApp and NSO Group have revealed that the Israeli spyware vendor used multiple exploits targeting the messaging app to deliver Pegasus, including one even after it was sued ...