- Crooks Bypassed Google’s Email Verification to Create Workspace Accounts, Access 3rd-Party Services
Google says it recently fixed an authentication weakness that allowed crooks to circumvent email verification needed to create a Google Workspace account, and leverage that to impersonate a domain holder to third-party services that allow logins through Google's "Sign in with Google" feature.
- Phish-Friendly Domain Registry “.top” Put on Notice
The Chinese company in charge of handing out domain names ending in “.top” has been given until mid-August 2024 to show that it has put in place systems for managing phishing reports and suspending abusive domains, or else forfeit its license to sell domains. The warning comes amid the release of new findings that .top was the most common suffix in phishing websites over the past year, second only to domains ending in “.com.”
- Global Microsoft Meltdown Tied to Bad Crowdstrike Update
A faulty software update from cybersecurity vendor Crowdstrike crippled countless Microsoft Windows computers across the globe today, disrupting everything from airline travel and financial institutions to hospitals and businesses online. Crowdstrike said a fix has been deployed, but experts say the recovery from this outage could take some time, as Crowdstrike's solution needs to be applied manually on a per-machine basis.
- Researchers: Weak Security Defaults Enabled Squarespace Domains Hijacks
At least a dozen organizations with domain names at domain registrar Squarespace saw their websites hijacked last week. Squarespace bought all assets of Google Domains a year ago, but many customers still haven't set up their new accounts. Experts say malicious hackers learned they could commandeer any migrated Squarespace accounts that hadn't yet been registered, merely by supplying an email address tied to an existing domain.
- Crooks Steal Phone, SMS Records for Nearly All AT&T Customers
AT&T Corp. disclosed today that a new data breach has exposed phone call and text message records for roughly 110 million people -- nearly all of its customers. AT&T said it delayed disclosing the incident in response to "national security and public safety concerns," noting that some of the records included data that could be used to determine where a call was made or text message sent. AT&T also acknowledged the customer records were exposed in a cloud database that was protected only by a username and password (no multi-factor authentication needed).
- The Stark Truth Behind the Resurgence of Russia’s Fin7
The Russia-based cybercrime group dubbed "Fin7," known for phishing and malware attacks that have cost victim organizations an estimated $3 billion in losses since 2013, was declared dead last year by U.S. authorities. But experts say Fin7 has roared back to life in 2024 -- setting up thousands of websites mimicking a range of media and technology companies -- with the help of Stark Industries Solutions, a sprawling hosting provider is a persistent source of cyberattacks against enemies of Russia.
- Microsoft Patch Tuesday, July 2024 Edition
Microsoft Corp. today issued software updates to plug 139 security holes in various flavors of Windows and other Microsoft products. Redmond says attackers are already exploiting at least two of the vulnerabilities in active attacks against Windows users.
- Feed has no items.
- Threat Actors Exploit Fresh ServiceNow Vulnerabilities in Attacks
Threat actors have started exploiting critical-severity vulnerabilities in ServiceNow shortly after public disclosure. The post Threat Actors Exploit Fresh ServiceNow Vulnerabilities in Attacks appeared first on SecurityWeek.
- In Other News: FBI Cyber Action Team, Pentagon IT Firm Leak, Nigerian Gets 12 Years in Prison
Noteworthy stories that might have slipped under the radar: FBI article on agency’s Cyber Action Team, data of Pentagon IT provider Leidos leaked, Nigerian cybercriminal sentenced to 12 years in prison. The post In Other News: FBI Cyber Action Team, Pentagon IT Firm Leak, Nigerian Gets 12 Years in Prison appeared first on SecurityWeek.
- US Offers $10 Million Reward for Information on North Korean Hacker
The US is offering a reward of up to $10 million for information on Rim Jong Hyok, a member of the North Korean hacking group APT45. The post US Offers $10 Million Reward for Information on North Korean Hacker appeared first on SecurityWeek.
- PKfail Vulnerability Allows Secure Boot Bypass on Hundreds of Computer Models
A vulnerability dubbed PKfail can allow attackers to run malicious code during the boot process, which can be used to deliver UEFI bootkits. The post PKfail Vulnerability Allows Secure Boot Bypass on Hundreds of Computer Models appeared first on SecurityWeek.
- 97% of Devices Disrupted by CrowdStrike Restored as Insurer Estimates Billions in Losses
CrowdStrike says 97% of Windows systems impacted by its bad update are back online, just as an insurer predicts billions in losses for major companies. The post 97% of Devices Disrupted by CrowdStrike Restored as Insurer Estimates Billions in Losses appeared first on SecurityWeek.
- North Korean Charged in Cyberattacks on US Hospitals, NASA and Military Bases
A man who allegedly carried out attacks for a North Korean military intelligence agency has been indicted in a conspiracy to hack healthcare firms, NASA, military bases and other entities. The post North Korean Charged in Cyberattacks on US Hospitals, NASA and Military Bases appeared first on SecurityWeek.
- Chainguard Raises $140 Million, Expands Tech to Secure AI Workloads
Software supply chain security startup Chainguard raises a $140 million Series C round that values the company at $1.2 billion. The post Chainguard Raises $140 Million, Expands Tech to Secure AI Workloads appeared first on SecurityWeek.