Cybersecurity

7584 readers
54 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Community Rules

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !securitynews@infosec.pub !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 2 years ago
MODERATORS
kid@sh.itjust.works
Lanky_Pomegranate530@midwest.social
listing: all - local
1
10
Godfather Android malware now uses virtualization to hijack banking apps (www.bleepingcomputer.com)
submitted 17 hours ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works
0 comments fedilink
2
10
Krispy Kreme says November data breach impacts over 160,000 people (www.bleepingcomputer.com)
submitted 17 hours ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works
2 comments fedilink
3
10
UK Passes Data Use and Access Regulation Bill (www.bankinfosecurity.in)
submitted 17 hours ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works
1 comments fedilink
4
3
UBS Employee Data Reportedly Exposed in Third Party Attack - Infosecurity Magazine (www.infosecurity-magazine.com)
submitted 17 hours ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works
0 comments fedilink
5
39
No, the 16 billion credentials leak is not a new data breach (www.bleepingcomputer.com)
submitted 1 day ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works
0 comments fedilink
6
10
The Hidden Threat: How DanaBot Malware Facilitated Data Theft and Russian State-Sponsored Spying (www.rferl.org)
submitted 1 day ago by Pro@programming.dev to c/cybersecurity@sh.itjust.works
0 comments fedilink
7
1
Banana Squad’s Stealthy GitHub Malware Campaign Targets Devs - Infosecurity Magazine (www.infosecurity-magazine.com)
submitted 17 hours ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works
0 comments fedilink
8
91
Telegram Messenger's Ties to Russia's FSB Revealed in New Report - Newsweek (www.newsweek.com)
submitted 2 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works
12 comments fedilink
9
5
Same Sea, New Phish: Russian Government-Linked Social Engineering Targets App-Specific Passwords (citizenlab.ca)
submitted 1 day ago by Pro@programming.dev to c/cybersecurity@sh.itjust.works
0 comments fedilink
10
42
Scammers hijack websites of Bank of America, Netflix, Microsoft, and more to insert fake phone number | Malwarebytes (www.malwarebytes.com)
submitted 2 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works
6 comments fedilink
11
22
New Linux udisks flaw lets attackers get root on major Linux distros (www.bleepingcomputer.com)
submitted 2 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works
0 comments fedilink
12
20
WormGPT Makes a Comeback Using Jailbroken Grok and Mixtral Models (hackread.com)
submitted 2 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works
5 comments fedilink
13
12
CISA Warns of Active Exploitation of Linux Kernel Privilege Escalation Vulnerability (thehackernews.com)
submitted 2 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works
2 comments fedilink
14
11
BeyondTrust warns of pre-auth RCE in Remote Support software (www.bleepingcomputer.com)
submitted 2 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works
0 comments fedilink
15
9
Critical Vulnerability Patched in Citrix NetScaler (www.securityweek.com)
submitted 2 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works
0 comments fedilink
16
51
Two Factor Insecurity: How Google, Amazon, Meta and thousands of other companies leave customers vulnerable over one-time codes to save time and money (www.lighthousereports.com)
submitted 3 days ago by randomname@scribe.disroot.org to c/cybersecurity@sh.itjust.works
6 comments fedilink
 
 

cross-posted from: https://scribe.disroot.org/post/3159641

Archived version

Across the world, phone networks carry billions of passwords and login codes on a daily basis. Tech companies need to keep their subscribers logged in to their apps and accounts with maximum efficiency, wherever they might be. So these security codes need to get from Silicon Valley to everywhere, as quickly (and as cheaply) as possible. For most people they are a necessary annoyance, until they are breached with damaging consequences.

Companies, including banks and Big Tech, don’t send login codes to their customers directly. This would be costly and inefficient. Instead they rely on a sprawling and opaque network of contractors and subcontractors, each of which promises to shave off a part of the sending cost in return for market share. This is what the industry calls “lowest cost routing”. The catch is that any of these middleman companies can see everything transmitted. The codes that come saying “Do not share with anyone” might in fact already have been shared with more or less anyone.

...

Lighthouse obtained a cache of almost 100 million data packets from a phone industry source. The data gave a unique insight into telecom traffic passing through the network of a controversial Swiss outfit. Millions of these packets contained “A2P” (application-to-person) SMS messages. We analysed these to identify senders, recipients and type of message content.

We found millions of sensitive security codes and logins getting sent via Fink Telecom Services. The logins related to services from some of the world’s largest tech companies – including Google, Meta and Amazon; banks and crypto exchanges; dating sites and online marketplaces; and messaging apps including WhatsApp, Viber and Signal. Overall we identified over 1000 companies sending logins to their customers via the network run by maverick telecom entrepreneur Andreas Fink. The text messages we were looking at often told us the account names as well as the login codes and phone numbers.

...

17
7
RapperBot Botnet Surges with 50,000+ Attacks Targeting Network Edge Devices (gbhackers.com)
submitted 2 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works
0 comments fedilink
18
26
U.S. CISA adds Apple products, and TP-Link routers flaws to its Known Exploited Vulnerabilities catalog (securityaffairs.com)
submitted 3 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works
0 comments fedilink
19
5
Taiwan Targeted In Sophisticated Malware Campaign Disguised As Tax Emails (informationsecuritybuzz.com)
submitted 2 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works
0 comments fedilink
20
14
Hacker steals 1 million Cock.li user records in webmail data breach (www.bleepingcomputer.com)
submitted 3 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works
0 comments fedilink
21
3
Water Curse Employs 76 GitHub Accounts to Deliver Multi-Stage Malware Campaign (thehackernews.com)
submitted 2 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works
0 comments fedilink
22
14
New Sophisticated Multi-Stage Malware Campaign Weaponizes VBS Files to Execute PowerShell Script (cybersecuritynews.com)
submitted 3 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works
0 comments fedilink
23
3
Python Protobuf Flaw Allows DoS Via Nested Messages (securityonline.info)
submitted 2 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works
0 comments fedilink
24
13
Apache Tomcat Flaws Allow Auth Bypass and DoS Attacks (gbhackers.com)
submitted 3 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works
0 comments fedilink
25
4
A look at ‘Tinker,’ Black Basta’s phishing fixer, negotiator (intel471.com)
submitted 2 days ago by Pro@programming.dev to c/cybersecurity@sh.itjust.works
0 comments fedilink
view more: next ›