Infosec.Pub

“Chronoscript: The Endless End” is an exploration-based action-adventure game where you, an editor trapped within a manuscript, must unravel a thousand-year story that writes itself beyond its end—across 2D pages and a 3D manor.

🌐 Steam

Co-op reveals £206m costs from April cyber attack, with revenues hit, member data stolen and shelves emptied, exposing major retail supply chain vulnerabilities

Volvo Group North America has begun notifying employees and associates about a data breach that exposed their personal information, including names and Social Security numbers. The security incident did not originate within Volvo’s own networks but was the result of a ransomware attack on one of its third-party human resources software suppliers, a company named […] The post Volvo Group Discloses Data Breach After Ransomware Attack on HR Supplier appeared first on Cyber Security News.

From Input Output via this RSS feed

Distributed denial-of-service (DDoS) attacks remain one of the most common and disruptive forms of cybercrime. Defenders have traditionally focused on detecting these attacks once they are underway. New research suggests that predicting DDoS attacks in advance may be possible, giving security teams a head start in planning their defenses. A new study outlines an approach to forecasting DDoS activity using deep learning. The researchers from Universiti Malaya and Universiti Teknikal Malaysia Melaka analyzed 192,525 DDoS … More → The post Predicting DDoS attacks: How deep learning could give defenders an early warning appeared first on Help Net Security.

Range of industry verticals targeted by patient threat actors.

Organizations commonly allow traffic to core services like Google Meet, YouTube, Chrome update servers, and Google Cloud Platform (GCP) to ensure uninterrupted operations.  A newly demonstrated domain fronting technique weaponizes this trust to establish covert command-and-control (C2) channels, enabling attackers to tunnel malicious traffic through Google’s own infrastructure without raising suspicion. Domain Fronting Technique Praetorian […] The post New Domain-fronting Attack Uses Google Meet, YouTube, Chrome and GCP to Tunnel Traffic appeared first on Cyber Security News.

In a five-month joint operation led by Interpol, law enforcement agencies have seized more than $439 million in cash and cryptocurrency linked to cyber-enabled financial crimes that impacted thousands of victims worldwide. [...]

An array of 6100 ultracold caesium atoms controlled by lasers is the largest collection of qubits ever assembled, and researchers hope they can soon turn it into the world's most advanced quantum computer

From Input Output via this RSS feed

Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.

A man in his forties has been arrested in West Sussex, England, in connection with a cyber-attack that has caused days of widespread disruption at several major European airports, including London’s Heathrow. The UK’s National Crime Agency (NCA) confirmed the man was arrested on Tuesday evening on suspicion of offenses under the Computer Misuse Act […] The post UK Police Arrested Man Linked to Ransomware Attack That Crippeled European Airports appeared first on Cyber Security News.

Chromium-based browsers, including Chrome, Edge, and Brave, manage installed extensions via JSON preference files stored under %AppData%\Google\User Data\Default\Preferences (for domain-joined machines) or Secure Preferences (for standalone systems).  Synacktiv research indicates that by directly altering these files, attackers can make the browser load any extensions without the user’s consent or involvement from the Chrome Web Store. A […] The post Hackers Can Compromise Chromium Browsers in Windows by Loading Arbitrary Extensions appeared first on Cyber Security News.

Attackers have a new favorite playground, and it’s not where many security teams are looking. According to fresh data from Bugcrowd, vulnerabilities in hardware and APIs are climbing fast, even as website flaws hold steady. The shift shows how attackers are adapting to infrastructure, going after the hidden systems that keep businesses running. This graph shows the number of vulnerabilities over the past three years (Source: Bugcrowd) “We are in a high-stakes innovation race, but … More → The post APIs and hardware are under attack, and the numbers don’t look good appeared first on Help Net Security.

Threat actors are leveraging the legacy Windows error‐reporting utility WerFaultSecure.exe to extract the memory region of the Local Security Authority Subsystem Service (LSASS.EXE) and harvest cached credentials from fully patched Windows 11 24H2 systems.  After gaining initial access to a host, adversaries frequently seek to dump LSASS memory to escalate privileges and move laterally across […] The post Hackers Exploit WerFaultSecure.exe Tool to Steal Cached Passwords From Windows 11 24H2 appeared first on Cyber Security News.

cross-posted from: https://lemmy.sdf.org/post/42855947

Archived

Here is the technical report: Nimbus Manticore Deploys New Malware Targeting Europe

A group of Iranian hackers known as Nimbus Manticore is expanding its operations, now focusing on major companies across Europe. According to new research from the cybersecurity firm Check Point Research (CPR), the group is targeting businesses in the defence, telecommunications, and aerospace sectors to steal sensitive information.

Nimbus Manticore, also called UNC1549 or Smoke Sandstorm, has been actively tracked since early 2025 and previously ran the Iranian Dream Job campaign. These campaigns align with the strategic intelligence-gathering goals of Iran’s IRGC, especially during times of heightened geopolitical tension.

[...]

From Input Output via this RSS feed

As head of digital at The Electoral Commission, Andrew Simpson’s mettle was tested when threat actors gained access to the regulator’s email systems and accessed sensitive voter data. Three years on, he tells his story to Computer Weekly

UK carmaker Jaguar Land Rover has said production will remain shuttered until October 1