News

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) warn of advanced persistent threat (APT) actors targeting Fortinet FortiOS servers using multiple exploits. In the Joint Cybersecurity Advisory (CSA) published today, the agencies warn admins and users that the state-sponsored hacking groups are “likely” exploiting Fortinet FortiOS vulnerabilities CVE-2018-13379, CVE-2020-12812, and CVE-2019-5591. The attackers are…

A group of threat actors maintains an active attack targeting GitHub Actions systems with the intention of extracting cryptocurrency in a hacking variant known as cryptojacking. As you may remember, GitHub Actions is a CI/CD solution that makes it easier to automate particular resource flows, as well as allow for periodic task configuration. Apparently, this…

A joint advisory warns admins of the likelihood of APT groups exploiting three vulnerabilities in the Fortinet FortiOS. Editor’s Note: This story was updated on April 2 at 5:35 PM ET to include Fortinet’s statement. The FBI and Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) today issued a joint advisory warning admins…

GitHub Actions is currently being abused by attackers to mine cryptocurrency using GitHub’s servers in an automated attack. GitHub Actions is a CI/CD solution that makes it easy to automate all your software workflows and setup periodic tasks. The particular attack adds malicious GitHub Actions code to repositories forked from legitimate ones, and further creates a Pull Request…

Application Security , Application Security & Online Fraud , Breach Notification Three FortiOS Vulnerabilities Being Exploited for the Campaign Akshaya Asokan (asokan_akshaya) • April 3, 2021     The U.S. Cybersecurity and Infrastructure Security Agency and the FBI warn that unidentified nation-state actors are scanning for three vulnerabilities in Fortinet’s operating system, FortiOS, to likely…

A major cache of personal data for more than 500 million Facebook users has been published on hacking forums, in one of the biggest lapses of data protection for the social network so far. The database, published to a hacking forum, contains the personal data of hundreds of millions of Facebook users around the…

MENLO PARK (AP) — Details from more than 500 million Facebook users have been found available on a website for hackers. The information appears to be several years old but it is another example of the vast amount of information collected by Facebook and other social media sites and the limits to how secure that…

New Delhi: A hacker has posted the phone numbers and sensitive account details of nearly 533 million Facebook users — about a fifth of the social networking platform‘s entire user base — including over 61 lakh Indian users which has been dumped on a public cybercrime forum. The leaked data includes Facebook ID numbers, profile…