A virtual machine (VM) is a software-based emulation of a computer. A program called a hypervisor runs on your computer. It allows you to create virtual machines–virtual computers—and configure them with an amount of RAM, hard drive space, CPU cores, and other details that would normally be provisioned in hardware. Once you’ve configured your VM, you can turn it on and install an operating system.
Category: InfoSec News
InfoSec News
Online scams easy as ever, as cybercrime markets flourish
Cybercriminals are often portrayed in popular media as rogue and highly skilled individuals, wielding coding and hacking abilities from a dimly lit room. But such stereotypes are becoming outdated.
Apartment buildings broken into with phone in minutes — IoT-connected intercoms using default creds vulnerable to anyone with Google | Tom’s Hardware
A number of apartment complexes using internet-connected intercom/entry systems still use their default credentials, which make them fully accessible to anyone savvy enough to Google their unit’s manual.
Misconfig Mapper: Open-source tool to uncover security misconfigurations – Help Net Security
Misconfig Mapper is an open-source CLI tool built in Golang that discovers and enumerates instances of services used within your organization. It performs large-scale detection and misconfiguration assessments, leveraging customizable templates with detection and misconfiguration fingerprints to identify potential security risks in widely used third-party software and services.
OSINT Framework
Here is a useful collection of OSINT tools for CTFs and PenTesting. https://bkellyteacher.com/MiscApps/CTF/osint/
US Coast Guard paychecks delayed by cyberattack | TechRadar
A data breach has affected the personnel and payroll systems of the US Coast Guard, and has impacted member pay, and forced the agency to to take systems offline to prevent further intrusion until “at least February 19th, 2025”.
Single Right-Click Let Hackers Gain Access To System By Exploiting 0-Day
This 0-day flaw, identified by security analysts at ClearSky Cyber Security in June 2024, allows attackers to gain unauthorized access to systems through minimal user interaction.
Schneider Electric hit by Ransomware Demand of $125,000 in baguettes.
Schneider Electric confirmed that it is investigating a breach as a ransomware group Hellcat claims to have stolen more than 40 GB of compressed data — and demanded the French multinational energy management company pay $125,000 in baguettes or else see its sensitive customer and operational information leaked.
HYPR is latest firm to reveal hiring of fraudulent IT worker overseas | CyberScoop
Company officials say the individual was caught during the onboarding process, but used proxies and verified documents to back up their legend.