-- Leo's gemini proxy
-- Connecting to gemini.tuxmachines.org:1965...
-- Connected
-- Sending request
-- Meta line: 20 text/gemini;lang=en-GB
Tux Machines
Posted by Roy Schestowitz on Feb 23, 2023,
updated Feb 23, 2023
> Screenshots show how a hacker tricked an Activision worker into providing a two-factor authentication token.
> On December 4, hackers successfully phished an employee at the games giant Activision, gaining access to some internal employee and game data.
> This data breach was not disclosed until last weekend, when cybersecurity and malware research group vx-underground posted on Twitter screenshots of the stolen data, as well as the hackers’ messages on Activision’s internal Slack channel.
> But the public weren’t the only ones caught off guard by news of the breach. Activision has yet to notify its own employees of the data breach, and whether their data was stolen, according to two current Activision employees who spoke on condition of anonymity, as they were not allowed to talk to the press.
> Falco, an open-source runtime security tool recently announced their latest release version 0.34.0. Highlights of the latest release include support for older RHEL distros, the ability to download and update Falco rules at runtime, and the experimental release of a modern eBPF probe.
> VMware issues a critical fix for a vulnerability that allows hacker to gain full access to the underlying server operating system.
> The conventional tools we rely on to defend corporate networks are creating gaps in network visibility and in our capabilities to secure them.
> A prominent DNA testing firm has settled a pair of lawsuits with the attorney generals of Pennsylvania and Ohio after a 2021 episode that saw�cybercriminals steal data on 2.1 million people, including the social security numbers of 45,000 customers from both states.
> Cybersecurity researchers today detailed recently discovered information-stealing malware that is rapidly growing in popularity on dark web marketplaces.
> CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
> CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations:
> There are a lot of scam messages in circulation at the moment as criminals try to access Finnish personal data. The Kanta Services will never contact users by email or text message to ask for their information. The only way to log in securely to the My Kanta Pages is to go to www.kanta.fi
> At present there is an unusual number of scam messages in circulation claiming to be from the Kanta Services and trying to access people’s personal data.
> Data centre operator ST Telemedia Global Data Centres (STT GDC) has noticed no data loss or impact to its customer service portals following a hacking incident in 2021, it said on Tuesday (Feb 21).
> Through unspecified means, the hackers made away with login credentials - email addresses and passwords - for customer-support websites for STT GDC and Chinese data centre operator GDS, reported Bloomberg, citing a report by cybersecurity research firm Resecurity.
> Login credentials for more than 1,000 people at STT GDC were stolen, while GDS had information for more than 3,000 people, including its own employees and those of its customers, stolen, according to Bloomberg.
> Nineteen months after the confidential tax filings of American citizens were leaked, the House Committee on Ways and Means is seeking answers.
> In a letter to the Inspector General for Tax Administration, committee chairman Jason Smith (R-MO) relays his “expectations” regarding the “egregious and unprecedented” leak of this tax information, a duty which he affirms the IRS is tasked with keeping “confidential and secure.”
> “U.S. Department of the Treasury Secretary Yellen stated at the time that this was a ‘very serious situation’ and that the issue was referred to the Treasury Inspector General for Tax Administration (TIGTA). She also indicated that she would keep Congress updated on the matter. Yet, nineteen months after the outrageous leak, Congress and, more importantly, the American people have no idea how this betrayal of taxpayer confidentiality happened or whether anyone has been held accountable,” Smith writes.
-- Response ended
-- Page fetched on Fri Jun 14 07:11:09 2024