-- Leo's gemini proxy
-- Connecting to gemini.tuxmachines.org:1965...
-- Connected
-- Sending request
-- Meta line: 20 text/gemini;lang=en-GB
Tux Machines
Posted by Roy Schestowitz on Sep 17, 2023
> A subtle flaw in how GitHub handled repository creation and user renaming could have had serious consequences for the open source community, but has now been fixed. Learn more about how it worked
> While attack details remain unknown, Chrome, Edge and Firefox users are being urged to update their browsers as an exploit for CVE-2023-4863 lurks in the wild.
> Google, Microsoft and Mozilla have all moved to patch a critical zero-day flaw affecting their browsers and potentially linked to the dissemination of malicious commercial spyware.
> Mozilla on Tuesday patched an actively exploited zero-day bug affecting the Firefox browser and Thunderbird email client.
> Ubuntu Server is one of the more popular operating systems used for container deployments.
> Casmer spoke with theCUBE industry analyst Lisa Martin at the “Cybersecurity” AWS Startup Showcase event, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They dove deep into how data becomes dangerous and discussed how to ensure data is safe to use. (* Disclosure below.)
> One strip club in Las Vegas is offering free lap dances to customers who are impacted by a cyberattack at MGM Resorts.
> Larry Flynt’s Hustler Club in Las Vegas says it’s offering free luggage storage and airport pickup for people who experience delays in check-in, as well as a complimentary $1,200 platinum VIP membership and lap dances, according to TMZ.
> According to the Justice Department, Pankov made at least $350,000 from cybercrime activities between 2016 and 2019. He is believed to have developed and sold NLBrute, a tool that has been widely used by cybercriminals to obtain credentials.
> Pankov was charged with using NLBrute to obtain the login credentials of tens of thousands of computers located all over the world.
> In addition to smishing and social engineering, the group was also observed using a credential harvesting tool, thoroughly searching through a victim’s internal systems to identify valid login information, using publicly available tools to harvest credentials from internal GitHub repositories, and the open source tool MicroBurst to identify Azure credentials and secrets.
-- Response ended
-- Page fetched on Fri Jun 14 02:34:31 2024