Category: security
Billions of Discord chats have been harvested, set to be sold online
A publically-accessible website appears to be selling a colossal database of Discord chats to the highest bidder. The site is called Spy.pet, and claims to have obtained more than four billion public messages, made by roughly 620 million users, logged into more than 14,000 servers. On the surface, it would…
Read More
Security flaw in top SSH client could let hackers recover cryptographic private keys
Multiple versions of the PuTTY SSH client were found to be vulnerable to a high-severity flaw which allowed, in certain scenarios, threat actors to exfiltrate private keys used to generate cryptographic signatures. As a result, the attackers could gain unauthorized access to SSH servers, or could be allowed to sign…
Read More
DDoS attacks saw a huge surge in the first part of 2024, with one particular country badly hit
Distributed denial of service (DDoS) attacks saw a significant increase during the first quarter of 2024, with one European country being particularly badly hit, new research has claimed. The DDoS threat report for 2024 Q1 from Cloudflare found the company’s automated defenses mitigated 4.5 million DDoS attacks in the first…
Read More
Crypto miner arrested for skipping on millions in cloud server bills
A 45-year-old Nebraska man Charles O. Parks III has been charged with numerous financial crimes, including wire fraud and money laundering, as part of a scheme defrauding two cloud storage providers based in Seattle and Redmond, Washington. Ars Technica, reporting on the indictment, beat us to the punch in alleging…
Read More
A sneaky new steganography malware is exploiting Microsoft Word — hundreds of firms around the world hit by attack
Hackers have been observed using steganography to target hundreds of organizations in Latin America with infostealers, remote access trojans (RAT), and more. The campaign, dubbed SteganoArmor, was discovered by researchers from Positive Technologies. For those unfamiliar with steganography, it’s a technique of hiding data inside benign files. Hackers use it…
Read More
Cisco Duo says a third-party data breach stole MFA SMS logs
Cisco Duo has confirmed some sensitive customer data was stolen after a third-party cyber-incident. In a breach notification letter sent to affected customers, Cisco Duo said that its telephony provider, which it didn’t name, was compromised on April 1 2024. Unidentified threat actors mounted a phishing attack against the third…
Read More