Security Leftovers
-
GitHub fixes race condition that could have led to ‘repojacking’
A subtle flaw in how GitHub handled repository creation and user renaming could have had serious consequences for the open source community, but has now been fixed. Learn more about how it worked
-
Browser companies patch critical zero-day vulnerability
While attack details remain unknown, Chrome, Edge and Firefox users are being urged to update their browsers as an exploit for CVE-2023-4863 lurks in the wild.
-
Google, Microsoft and Mozilla push browser updates to foil zero-day
Google, Microsoft and Mozilla have all moved to patch a critical zero-day flaw affecting their browsers and potentially linked to the dissemination of malicious commercial spyware.
-
Zero-day affecting Chrome, Firefox and Thunderbird patched
Mozilla on Tuesday patched an actively exploited zero-day bug affecting the Firefox browser and Thunderbird email client.
-
Harden Ubuntu Server to Secure Your Container and Other Deployments
Ubuntu Server is one of the more popular operating systems used for container deployments.
-
When data becomes dangerous, and what to do about it
Casmer spoke with theCUBE industry analyst Lisa Martin at the “Cybersecurity” AWS Startup Showcase event, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They dove deep into how data becomes dangerous and discussed how to ensure data is safe to use. (* Disclosure below.)
-
Windows TCO
-
Las Vegas strip club offers free lap dances to customers affected by MGM Resorts cyberattack
One strip club in Las Vegas is offering free lap dances to customers who are impacted by a cyberattack at MGM Resorts.
Larry Flynt’s Hustler Club in Las Vegas says it’s offering free luggage storage and airport pickup for people who experience delays in check-in, as well as a complimentary $1,200 platinum VIP membership and lap dances, according to TMZ.
-
Extradited Russian Hacker Behind ‘NLBrute’ Malware Pleads Guilty
According to the Justice Department, Pankov made at least $350,000 from cybercrime activities between 2016 and 2019. He is believed to have developed and sold NLBrute, a tool that has been widely used by cybercriminals to obtain credentials.
Pankov was charged with using NLBrute to obtain the login credentials of tens of thousands of computers located all over the world.
-
MGM [Crackers] Broadening Targets, Monetization Strategies
In addition to smishing and social engineering, the group was also observed using a credential harvesting tool, thoroughly searching through a victim’s internal systems to identify valid login information, using publicly available tools to harvest credentials from internal GitHub repositories, and the open source tool MicroBurst to identify Azure credentials and secrets.
-