Cybersecurity

5955 readers

326 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Pico Capture the flag

Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected]

Notable mention to [email protected]

founded 2 years ago

MODERATORS

[email protected]

876

18

Endless Microsoft one-time-use code emails. (forum.uncomfortable.business)

submitted 5 months ago by [email protected] to c/cybersecurity

11 comments fedilink

I have a question for the hive mind: what is the point of this, exactly?

I mean, I understand the attempt to gain access, and I understand why 2fa codes can be valuable to attempt to phish but that's like, not the thing here.

They just spam dozens to hundreds of these (I'm showing over 400 in my inbox right now) but like, even if I WANTED to give these codes to the attacker, I have no damn clue who the dude in China that's doing this is.

I'm confused as to what they hope to gain by trying over and over and over every couple of hours because it feels like there's no upside to whomever is running this bot, but I probably have missed a memo on some TTP around this, heh.

877

95

Google Ads used to distribute Mac malware disguised as 'Loom' app (appleinsider.com)

submitted 5 months ago by [email protected] to c/cybersecurity

5 comments fedilink

878

18

Microsoft Patched a Critical Edge Flaw that Led to Arbitrary Code Execution (gbhackers.com)

submitted 5 months ago by kid to c/cybersecurity

0 comments fedilink

879

25

New Windows Backdoor BITSLOTH Exploits BITS for Stealthy Communication (thehackernews.com)

submitted 5 months ago by kid to c/cybersecurity

1 comments fedilink

880

15

Bitdefender Vulnerability Let Attackers Trigger SSRF Attacks (cybersecuritynews.com)

submitted 5 months ago by kid to c/cybersecurity

0 comments fedilink

881

10

Hackers abuse free TryCloudflare to deliver remote access malware (www.bleepingcomputer.com)

submitted 5 months ago by kid to c/cybersecurity

0 comments fedilink

882

20

Google Chrome Adds App-Bound Encryption to Protect Cookies from Malware (thehackernews.com)

submitted 5 months ago by kid to c/cybersecurity

1 comments fedilink

883

32

New "Sitting Ducks" DNS Attack Lets Hackers Easy Domain Takeover, Data Breaches (hackread.com)

submitted 5 months ago by kid to c/cybersecurity

0 comments fedilink

884

13

Vulnerabilities Enable Attackers to Spoof Emails From 20 Million Domains (www.securityweek.com)

submitted 5 months ago by kid to c/cybersecurity

0 comments fedilink

885

11

Cuckoo Spear – the latest Nation-state Threat Actor targeting Japanese companies (www.cybereason.com)

submitted 5 months ago by kid to c/cybersecurity

0 comments fedilink

886

9

Unmasking the SMS Stealer: Targeting Several Countries with Deceptive Apps (www.zimperium.com)

submitted 5 months ago by kid to c/cybersecurity

0 comments fedilink

887

10

BingoMod Android RAT Wipes Devices After Stealing Money (www.securityweek.com)

submitted 5 months ago by kid to c/cybersecurity

0 comments fedilink

888

40

Meta paid a $1.4 Billion Settlement for the Unauthorized Capture of Personal Biometric Data (gbhackers.com)

submitted 5 months ago by kid to c/cybersecurity

2 comments fedilink

889

9

New Specula tool uses Outlook for remote code execution in Windows (www.bleepingcomputer.com)

submitted 5 months ago by kid to c/cybersecurity

0 comments fedilink

890

11

Black Basta ransomware switches to more evasive custom malware (www.bleepingcomputer.com)

submitted 5 months ago by kid to c/cybersecurity

0 comments fedilink

891

23

Researchers Uncover Largest Ever Ransomware Payment of $75m (www.infosecurity-magazine.com)

submitted 5 months ago by kid to c/cybersecurity

1 comments fedilink

892

17

Microsoft: DDoS defense error amplified attack on Azure, leading to outage (www.helpnetsecurity.com)

submitted 5 months ago by kid to c/cybersecurity

0 comments fedilink

893

12

Critical security vulnerabilities in Voice over WiFi (idw-online.de)

submitted 5 months ago by kid to c/cybersecurity

1 comments fedilink

894

37

New Mandrake Spyware Found in Google Play Store Apps After Two Years (thehackernews.com)

submitted 5 months ago by [email protected] to c/cybersecurity

0 comments fedilink

895

21

Google Chrome adds app-bound encryption to block infostealer malware (www.bleepingcomputer.com)

submitted 5 months ago by [email protected] to c/cybersecurity

0 comments fedilink

896

27

Ukraine Claims Cyber Attack Disrupted Russian ATMs and Banking System (hackread.com)

submitted 5 months ago by kid to c/cybersecurity

0 comments fedilink

897

16

1 million HotJar users vulnerable to XSS attacks (www.scmagazine.com)

submitted 5 months ago by kid to c/cybersecurity

0 comments fedilink

898

21

VMware ESXi Flaw Exploited by Ransomware Groups for Admin Access (thehackernews.com)

submitted 5 months ago by kid to c/cybersecurity

0 comments fedilink

899

21

4.3 Million Impacted by HealthEquity Data Breach (www.securityweek.com)

submitted 5 months ago by kid to c/cybersecurity

4 comments fedilink

900

54

'Zeus' Hacker Group Strikes Israeli Olympic Athletes in Data Leak (www.darkreading.com)

submitted 5 months ago by kid to c/cybersecurity

1 comments fedilink