lemmydev2

News of the fictitious bounty fooled news outlets into reporting that $50K would be paid for information on two Qilin administrators. The post Europol bounty for Russian crypto ransomware gang wasn’t real appeared first on Protos.

Chris Prentice / Reuters: The DOJ says it will no longer target developers who create decentralized crypto platforms without criminal intent, as part of a regulatory retreat on crypto  —  The U.S. Justice Department does not plan to target software developers that create decentralized platforms for transmitting …

“Kia Boys will be Flipper Boys by 2026,” one person in the reverse engineering community said.

iiNet breach blamed on single stolen login, with emails, phone numbers, and addresses exposed Aussie telco giant TPG Telecom has opened an investigation after confirming a cyberattack at subsidiary iiNet.…

Comments

A significant security vulnerability has been discovered in Microsoft’s Copilot for M365 that allowed users, including potential malicious insiders, to access and interact with sensitive files without leaving any record in the official audit logs. After patching the flaw, Microsoft has reportedly decided against issuing a formal CVE or notifying its customers, leaving organizations unaware […] The post Copilot Vulnerability Breaks Audit Logs and Access Files Secretly for Hackers appeared first on Cyber Security News.

Orange SA’s Belgian business said that hackers gained access to data from 850,000 customer accounts, in the third major cyberattack targeting the French telecommunications firm this year.

Six major password managers with tens of millions of users are currently vulnerable to unpatched clickjacking flaws that could allow attackers to steal account credentials, 2FA codes, and credit card details. [...]

A 22-year-old man from the U.S. state of Oregon has been charged with allegedly developing and overseeing a distributed denial-of-service (DDoS)-for-hire botnet called RapperBot. Ethan Foltz of Eugene, Oregon, has been identified as the administrator of the service, the U.S. Department of Justice (DoJ) said. The botnet has been used to carry out large-scale DDoS-for-hire attacks targeting

An attacker is breaking into Linux systems via a widely abused 2-year-old vulnerability in Apache ActiveMQ, installing malware and then patching the flaw.

Three families of Android VPN apps, with a combined 700 million-plus Google Play downloads, are secretly linked, according to a group of researchers from Arizona State University and Citizen Lab. Finding the secret links Virtual private networks (VPNs) are widely marketed as tools for enhancing privacy, securing internet traffic, and shielding users from surveillance. Unfortunately, the consumer VPN ecosystem is decidedly opaque, making it difficult (and sometime impossible) for users to make an evidence-based decision … More → The post Android VPN apps used by millions are covertly connected AND insecure appeared first on Help Net Security.

The call comes as governments go to war with the anonymous web.