Monday , November 25 2024

infosecbulletin

MSI’s leaked firmware keys endanger hundreds of devices

MSI attackers leaked the company’s firmware image signing keys, a crucial component for differentiating between legitimate and malicious updates. Over 200 MSI products are believed to be exposed. Researchers have identified leaked firmware image signing keys and Intel’s BootGuard for MSI products. According to Alex Matrosov, CEO of firmware supply …

Read More »

France Space Center Attacked! NoName Targets French Government Websites

Politically motivate group NoName added French government websites to its victim list. The group enlisted the National Center for Space Studies of France. The website was inaccessible at the time of writing. Besides the France Space Center attack, they also claimed an attack on the Ministry of Labor of France. Although the threat …

Read More »

T-Mobile Says Personal Information Stolen in New Data Breach

US wireless carrier T-Mobile is informing some customers that their personal information was compromised in a recent data breach. After being alerted to unauthorized activity on its systems, the company discovered that a malicious actor had access to a “small number” of T-Mobile accounts between late February and March 2023. …

Read More »

Malware Campaigns Abusing Telegram Bots to Spread Rapidly

Numerous updates and alterations were witnessed in the major malware families employed in phishing scams during the first quarter of 2023, alongside significant variations in TTPs. The Cofense Intelligence team has recently published Active Threat Reports, which provide insights into the latest malicious email threats. At the same time, all …

Read More »

Google rolls out passkey support across accounts on all major platforms

Google has begun rolling out support for passkeys across Google Accounts on all major platforms, adding a new sign-in option that can be used alongside passwords and two-step verification. The tech giant announced passkey availability on the eve of World Password Day as it looks to introduce more secure, reliable …

Read More »

Google Introduces Passwordless Secure Sign-In with Passkeys for Google Accounts

Almost five months after Google added support for passkeys to its Chrome browser, the tech giant has begun rolling out the passwordless solution across Google Accounts on all platforms. Passkeys, backed by the FIDO Alliance, are a more secure way to sign in to apps and websites without having to use a traditional password. …

Read More »

BlackCat Trolls Western Digital With Leaked Response Meeting Image

The ransomware actor–threat hunter relationship just got extremely personal. The BlackCat gang decided to add the professional reputations of the Western Digital cyber-incident response team to the hit list when it hacked into its early morning videoconference convened to discuss the recent ransomware attack against the company. The ransomware group then …

Read More »