Blog

07Août 2024 by

Cybercrime Rapper Sues Bank over Fraud Investigation (Krebs on Security)

Actualités, Sécurité
A partial selfie posted by Puchmade Dev to his Twitter account. Yes, that is a functioning handheld card skimming device, encrusted in diamonds. Underneath that are more medallions, including a diamond-studded bitcoin and payment card. In January, KrebsOnSecurity wrote about rapper Punchmade Dev, whose music videos sing the praises of a cybercrime lifestyle. That story showed how Punchmade’s social media profiles promoted Punchmade-themed online stores selling bank account and payment card data. The subject of that piece, a 22-year-old Kentucky man, is now brazenly suing his financial institution after it blocked a $75,000 wire transfer and froze his account, citing an active law enforcement investigation. With memorable hits such as “Internet Swiping” and “Million Dollar Criminal” earning millions of views, Punchmade Dev has leveraged his considerable following to peddle tutorials…
Read More
07Août 2024 by

Cybercrime Rapper Sues Bank over Fraud Investigation

Actualités
A partial selfie posted by Puchmade Dev to his Twitter account. Yes, that is a functioning handheld card skimming device, encrusted in diamonds. Underneath that are more medallions, including a diamond-studded bitcoin and payment card. In January, KrebsOnSecurity wrote about rapper Punchmade Dev, whose music videos sing the praises of a cybercrime lifestyle. That story showed how Punchmade’s social media profiles promoted Punchmade-themed online stores selling bank account and payment card data. The subject of that piece, a 22-year-old Kentucky man, is now brazenly suing his financial institution after it blocked a $75,000 wire transfer and froze his account, citing an active law enforcement investigation. With memorable hits such as “Internet Swiping” and “Million Dollar Criminal” earning millions of views, Punchmade Dev has leveraged his considerable following to peddle tutorials…
Read More
07Août 2024 by

Roundcube Webmail Flaws Allow Hackers to Steal Emails and Passwords

Actualités
Cybersecurity researchers have disclosed details of security flaws in the Roundcube webmail software that could be exploited to execute malicious JavaScript in a victim's web browser and steal sensitive information from their account under specific circumstances. "When a victim views a malicious email in Roundcube sent by an attacker, the attacker can execute arbitrary JavaScript in the victim's
Read More
07Août 2024 by

New Linux Kernel Exploit Technique ‘SLUBStick’ Discovered by Researchers

Actualités
Cybersecurity researchers have shed light on a novel Linux kernel exploitation technique dubbed SLUBStick that could be exploited to elevate a limited heap vulnerability to an arbitrary memory read-and-write primitive. "Initially, it exploits a timing side-channel of the allocator to perform a cross-cache attack reliably," a group of academics from the Graz University of Technology said [PDF]. "
Read More
07Août 2024 by

CrowdStrike Reveals Root Cause of Global System Outages

Actualités
Cybersecurity company CrowdStrike has published its root cause analysis detailing the Falcon Sensor software update crash that crippled millions of Windows devices globally. The "Channel File 291" incident, as originally highlighted in its Preliminary Post Incident Review (PIR), has been traced back to a content validation issue that arose after it introduced a new Template Type to enable
Read More
07Août 2024 by

New Go-based Backdoor GoGra Targets South Asian Media Organization

Actualités
An unnamed media organization in South Asia was targeted in November 20233 using a previously undocumented Go-based backdoor called GoGra. "GoGra is written in Go and uses the Microsoft Graph API to interact with a command-and-control (C&C) server hosted on Microsoft mail services," Symantec, part of Broadcom, said in a report shared with The Hacker News. It's currently not clear how it's
Read More