The threat actor Sp1d3rHunters leaked valid Taylor Swift ’s ERAS Tour barcodes threatening to leak more data and blackmailing Ticketmaster. A threat actor that goes online with the moniker Sp1d3rHunters leaked 170,000 valid barcodes for Taylor Swift’s ERAS Tour for…
Tag: Security Affairs
Polyfill.io Supply Chain Attack: 384,773 hosts still embedding a polyfill JS script linking to the malicious domain
Cybersecurity company Censys has identified over 380,000 hosts that are still referencing the malicious polyfill.io domain. Censys reported that over 380,000 internet-exposed hosts are still referencing the malicious polyfill.io domain. The polyfill.io domain was suspended last week following multiple reports…
New Golang-based Zergeca Botnet appeared in the threat landscape
Researchers uncovered a new Golang-based botnet called Zergeca that can carry out distributed denial-of-service (DDoS) attacks. Researchers at the QiAnXin XLab team uncovered a new Golang-based botnet called Zergeca that can carry out distributed denial-of-service (DDoS) attacks. On May, 2024,…
Microsoft discloses 2 flaws in Rockwell Automation PanelView Plus
Microsoft discovered two flaws in Rockwell Automation PanelView Plus that remote, unauthenticated attackers could exploit. Microsoft responsibly disclosed two vulnerabilities in Rockwell Automation PanelView Plus that remote, unauthenticated attackers can exploit to perform remote code execution (RCE) and denial-of-service (DoS).…
Hackers compromised Ethereum mailing list and launched a crypto draining attack
Hackers compromised Ethereum ‘s mailing list provider and sent phishing messages to the members attempting to drain their crypto funds. Hackers compromised Ethereum’s mailing list provider and on the night of June 23, they sent an email to the 35,794…
OVHcloud mitigated a record-breaking DDoS attack in April 2024
OVHcloud successfully mitigated a record-breaking DDoS attack in April, which reached 840 million packets per second (Mpps). The cloud services provider OVHcloud announced it has mitigated a record-breaking distributed denial of service (DDoS) attack earlier this year. The attack reached…
Healthcare fintech firm HealthEquity disclosed a data breach
Healthcare firm HealthEquity disclosed a data breach caused by a partner’s compromised account that exposed protected health information. Healthcare fintech firm HealthEquity disclosed a data breach after a partner’s compromised account was used to access its systems. The intruders have…
Brazil data protection authority bans Meta from training AI models with data originating in the country
Brazil’s data protection authority temporarily banned Meta from using data originating in the country to train its artificial intelligence. Brazil’s data protection authority, Autoridade Nacional de Proteção de Dados (ANPD), has imposed a temporary ban on Meta from processing users’…
Splunk fixed tens of flaws in Splunk Enterprise and Cloud Platform
Technology company Splunk released security updates to address 16 vulnerabilities in Splunk Enterprise and Cloud Platform. Technology company Splunk addressed 16 vulnerabilities in Splunk Enterprise and Cloud Platform, including four high-severity flaws. The vulnerability CVE-2024-36985 is a Remote Code Execution…
Hackers obtained user data from Twilio-owned 2FA authentication app Authy
Twilio states that threat actors have identified the phone numbers of users of its two-factor authentication app, Authy, TechCrunch reported. Last week, the notorious hacker ShinyHunters claimed to have stolen 33 million phone numbers from Twilio. This week the messaging…