Tag: security professionals
-
The Register: Microsoft admits GitHub used to store malware that infected almost a million devices
Source URL: https://www.theregister.com/2025/03/10/infosec_in_brief/ Source: The Register Title: Microsoft admits GitHub used to store malware that infected almost a million devices Feedly Summary: Also, phone cleaner apps are a data-sucking scam, Singapore considering the literal rod for scammers, and more Infosec in Brief Microsoft has spotted a malvertising campaign that downloaded nastyware hosted on GitHub and…
-
Hacker News: The ESP32 "backdoor" that wasn’t
Source URL: https://darkmentor.com/blog/esp32_non-backdoor/ Source: Hacker News Title: The ESP32 "backdoor" that wasn’t Feedly Summary: Comments AI Summary and Description: Yes Summary: The text addresses the misconception that the ESP32 Bluetooth chips contain a backdoor, clarifying that the vendor-specific HCI commands discovered are common in Bluetooth technology and do not inherently indicate malicious intent. It discusses…
-
Krebs on Security: Feds Link $150M Cyberheist to 2022 LastPass Hacks
Source URL: https://krebsonsecurity.com/2025/03/feds-link-150m-cyberheist-to-2022-lastpass-hacks/ Source: Krebs on Security Title: Feds Link $150M Cyberheist to 2022 LastPass Hacks Feedly Summary: In September 2023, KrebsOnSecurity published findings from security researchers who concluded that a series of six-figure cyberheists across dozens of victims resulted from thieves cracking master passwords stolen from the password manager service LastPass in 2022. In…
-
The Register: Developer sabotaged ex-employer with kill switch that activated when he was let go
Source URL: https://www.theregister.com/2025/03/08/developer_server_kill_switch/ Source: The Register Title: Developer sabotaged ex-employer with kill switch that activated when he was let go Feedly Summary: IsDavisLuEnabledInActiveDirectory? Not any more. IsDavisLuGuilty? Yes. IsDavisLuFacingJail? Also yes A federal jury in Cleveland has found a senior software developer guilty of sabotaging his employer’s systems – and he’s now facing a potential…
-
Google Online Security Blog: Vulnerability Reward Program: 2024 in Review
Source URL: http://security.googleblog.com/2025/03/vulnerability-reward-program-2024-in.html Source: Google Online Security Blog Title: Vulnerability Reward Program: 2024 in Review Feedly Summary: AI Summary and Description: Yes Summary: The text discusses Google’s Vulnerability Reward Program (VRP) for 2024, highlighting its financial support for security researchers and improvements to the program. Notable enhancements include revamped reward structures for mobile, Chrome, and…
-
The Register: Like whitebox servers, rent-a-crew crime ‘affiliates’ have commoditized ransomware
Source URL: https://www.theregister.com/2025/03/07/commoditization_ransomware/ Source: The Register Title: Like whitebox servers, rent-a-crew crime ‘affiliates’ have commoditized ransomware Feedly Summary: Which is why taking down chiefs and infra behind big name brand operations isn’t working Interview There’s a handful of cybercriminal gangs that Jason Baker, a ransomware negotiator with GuidePoint Security, regularly gets called in to respond…