Cybersecurity

7511 readers
162 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Community Rules

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected]

Notable mention to [email protected]

founded 2 years ago
MODERATORS
826
827
 
 

On December 31, cybercriminals launched a mass infection campaign, aiming to exploit reduced vigilance and increased torrent traffic during the holiday season. Our telemetry detected the attack, which lasted for a month and affected individuals and businesses by distributing the XMRig cryptominer. This previously unidentified actor is targeting users worldwide—including in Russia, Brazil, Germany, Belarus and Kazakhstan—by spreading trojanized versions of popular games via torrent sites.

In this report, we analyze how the attacker evades detection and launches a sophisticated execution chain, employing a wide range of defense evasion techniques.

828
 
 

title. I know Lemmy is global, so I'll see articles and links to sites that I have never heard of. I assume most content is good, but it's also the internet so there has to be assholes somewhere. any good ways to stay proactive about attacks?

829
830
831
832
833
834
835
836
837
 
 

838
 
 

Can anyone verify this report? This seems... Bad.

Between January 14 and February 8, servers belonging to Lawrence Livermore National Laboratory, Los Alamos National Laboratory, Thomas Jefferson National Accelerator Facility, and Fermi Accelerator National Laboratory have been found with Remote Desktop Protocol (RDP) services exposed to the public internet. This grants malicious actors the opportunity to hack into servers hosting sensitive nuclear research data, a golden egg for spy agencies across the globe.

My investigation also revealed government servers directly interfacing with AI products, creating yet another disturbing risk to national security that is extremely difficult to reverse or mitigate.

With the state of government security before this, I don't have a lot of hope these were secure, but at least they weren't exposed directly to the Internet for attack.....

839
840
841
842
843
844
845
846
847
848
849
8
submitted 3 months ago by kid to c/cybersecurity
850
view more: ‹ prev next ›