Tech News
General news about the tech industry, trends, and major events.
Unexplained ‘Noise Storms’ flood the Internet, puzzle experts
Internet intelligence firm GreyNoise reports that it has been tracking large waves of “Noise Storms” containing spoofed internet traffic since January 2020. However, despite extensive analysis, it has not concluded its origin and purpose. These Noise Storms are suspected to be covert communications, DDoS attack coordination signals, clandestine command and control (C2) channels of malware operations, or the result […]
Police dismantles phone unlocking ring linked to 483,000 victims
A joint law enforcement operation has dismantled an international criminal network that used the iServer automated phishing-as-a-service platform to unlock the stolen or lost mobile phones of 483,000 victims worldwide. The global operation, codenamed “Operation Kaerb,” began in 2022 after Europol received information from cybersecurity firm Group-IB, which contributed to identifying the victims and the criminals behind […]
Google Password Manager now automatically syncs your passkeys
Google announced that starting today, passkeys added to Google Password Manager will automatically sync between Windows, macOS, Linux, Android, and ChromeOS devices for logged-in users. Passkeys, which use biometric authentication such as fingerprints, facial recognition, or screen locks, provide a more secure and convenient alternative to traditional passwords, significantly reducing the risk of data breaches. […]
Ivanti warns of another critical CSA flaw exploited in attacks
Today, Ivanti warned that threat actors are exploiting another Cloud Services Appliance (CSA) security flaw in attacks targeting a limited number of customers. Tracked as CVE-2024-8963, this admin bypass vulnerability is caused by a path traversal weakness. Successful exploitation allows remote unauthenticated attackers to access restricted functionality on vulnerable CSA systems (used as gateways to provide enterprise users secure […]
Tor says it’s “still safe” amid reports of police deanonymizing users
The Tor Project is attempting to assure users that the network is still safe after a recent investigative report warned that law enforcement from Germany and other countries are working together to deanonymize users through timing attacks. The team behind the specialized web browser claims that adequate protections are in place for those using the […]
CISA warns of actively exploited Apache HugeGraph-Server bug
The U.S. Cybersecurity and Infrastructure Agency (CISA) has added five flaws to its Known Exploited Vulnerabilities (KEV) catalog, among which is a remote code execution (RCE) flaw impacting Apache HugeGraph-Server. The flaw, tracked as CVE-2024-27348 and rated critical (CVSS v3.1 score: 9.8), is an improper access control vulnerability that impacts HugeGraph-Server versions from 1.0.0 and up to, […]
Suspects behind $230 million cryptocurrency theft arrested in Miami
Two suspects were arrested in Miami this week and charged with conspiracy to steal and launder over $230 million in cryptocurrency using crypto exchanges and mixing services. The two defendants, 20-year-old Malone Lam (aka “Greavys,” “Anne Hathaway,” and “$$$”) and 21-year-old Jeandiel Serrano (aka “Box,” “VersaceGod,” and “@SkidStar”) were arrested Wednesday night by FBI agents and appeared […]
Discord rolls out end-to-end encryption for audio, video calls
Discord has introduced the DAVE protocol, a custom end-to-end encryption (E2EE) protocol designed to protect audio and video calls on the platform from unauthorized interceptions. DAVE was created with the help of cybersecurity experts at Trail of Bits, that also audited the E2EE system’s code and implementation. The new system will cover one-on-one audio and video calls […]
GitLab releases fix for critical SAML authentication bypass flaw
GitLab has released security updates to address a critical SAML authentication bypass vulnerability impacting self-managed installations of the GitLab Community Edition (CE) and Enterprise Edition (EE). Security Assertion Markup Language (SAML) is a single sign-on (SSO) authentication protocol that allows users to log in across different services using the same credentials. The flaw, tracked as […]
Apple pulls iPadOS 18 update bricking M4 iPad Pro devices
Apple has paused the rollout of iPadOS 18 on iPad Pro tablets with the M4 chip after numerous owners reported the update is “bricking” their devices, with no way to turn them on after performing the update. Attempts to overcome the problem using standard recovery methods such as force restart or entering recovery mode have […]