“Folks have absolutely no say in where their data is going to go,” said Tazin Khan, CEO of the nonprofit Cyber Collective, which advocates for privacy rights and cybersecurity for marginalized people.
Category: InfoSec News
InfoSec News
Police remove skimmer from Piggly-Wiggly on Battle Street | News | annistonstar.com
A skimmer is an electronic device that is used to steal credit or debit card information, including PIN numbers, while the victim is making a legitimate transaction.
Online scams easy as ever, as cybercrime markets flourish
Cybercriminals are often portrayed in popular media as rogue and highly skilled individuals, wielding coding and hacking abilities from a dimly lit room. But such stereotypes are becoming outdated.
Apartment buildings broken into with phone in minutes — IoT-connected intercoms using default creds vulnerable to anyone with Google | Tom’s Hardware
A number of apartment complexes using internet-connected intercom/entry systems still use their default credentials, which make them fully accessible to anyone savvy enough to Google their unit’s manual.
Misconfig Mapper: Open-source tool to uncover security misconfigurations – Help Net Security
Misconfig Mapper is an open-source CLI tool built in Golang that discovers and enumerates instances of services used within your organization. It performs large-scale detection and misconfiguration assessments, leveraging customizable templates with detection and misconfiguration fingerprints to identify potential security risks in widely used third-party software and services.
OSINT Framework
Here is a useful collection of OSINT tools for CTFs and PenTesting. https://bkellyteacher.com/MiscApps/CTF/osint/
US Coast Guard paychecks delayed by cyberattack | TechRadar
A data breach has affected the personnel and payroll systems of the US Coast Guard, and has impacted member pay, and forced the agency to to take systems offline to prevent further intrusion until “at least February 19th, 2025”.
Single Right-Click Let Hackers Gain Access To System By Exploiting 0-Day
This 0-day flaw, identified by security analysts at ClearSky Cyber Security in June 2024, allows attackers to gain unauthorized access to systems through minimal user interaction.