Cybersecurity researchers have found a number of GitHub repositories offering cracked software that are used to deliver an information stealer called RisePro. The campaign, codenamed gitgub, includes 17 repositories associated with 11 different accounts, according to G DATA. The repositories in question have since been taken down by the Microsoft-owned subsidiary. "The repositories look

Bloomberg.com: Two of the UK's biggest supermarket chains, Tesco and Sainsbury's, were hit with technical issues on Saturday; Sainsbury's blames a software update  —  Two of the UK's biggest supermarket chains - Tesco and Sainsbury's - were hit with technical issues on Saturday.

How Your Life Events Invite Cyber & Physical Threats The post How to Identify & Monitor Insider Threat Indicators [A Guide] appeared first on Security Boulevard.

James O'Donnell / MIT Technology Review: Self-driving startup Waabi unveils Copilot4D, a generative AI model trained on lidar data to predict traffic flow around a vehicle 5-10 seconds into the future  —  Waabi says its new model can anticipate how pedestrians, trucks, and bicyclists move using lidar data.

A former manager at a telecommunications company in New Jersey pleaded guilty to conspiracy charges for accepting money to perform unauthorized SIM swaps that enabled an accomplice to hack customer accounts. [...]

Moldovan national Sandu Boris Diaconu has been sentenced to 42 months in prison for operating E-Root, a major online marketplace that sold access to hacked computers worldwide. [...]

Don't Let the Quest for Data Lead You to Amplify What Criminals Might Be ClaimingFor the love of humanity, please stop playing into ransomware groups' hands by treating their data leak blogs as reliable sources of information and then using them to build lists of who's amassed the most victims. That's not what data leak sites actually document.

Annie Palmer / CNBC: How Amazon refund fraud gangs, which promote their schemes on Reddit, TikTok, and Telegram, are exploiting lenient refund policies at the company  —  - Refund fraud groups, organized like businesses, are exploiting lenient refund policies, robbing retailers of billions of dollars, experts told CNBC.

12.8 million new secrets occurrences were leaked publicly on GitHub in 2023, +28% compared to 2022, according to GitGuardian. Remarkably, the incidence of publicly exposed secrets has quadrupled since the company started reporting in 2021. Companies need to manage sensitive information exposure The growing number of code repositories on GitHub, with 50 million new repositories added in the past year (+22%), increases the risk of both accidental and deliberate exposure of sensitive information. This reality … More → The post 90% of exposed secrets on GitHub remain active for at least five days appeared first on Help Net Security.

 undefined

            Image: Nick Barclay / The Verge
    


  

Even after Apple was hit with a $2 billion fine in the European Union over years-old complaints from Spotify about its App Store rules, Spotify says Apple is stonewalling updates issued in compliance with that very ruling. In an email to the European Commission obtained by The Verge, Spotify writes that Apple has “neither acknowledged nor responded to Spotify’s submission” to bring subscription pricing information into the app, preventing it from updating the app at all for its users, even to put out fixes for bugs or add other features. On March 5th, Spotify submitted an update to Apple that puts links to Spotify’s website, along with pricing information for different subscription options, directly in the EU version of its app, without...

 undefined

        Continue reading…
  
  

Zut alors! Department for registering and helping unemployed people broken into A French government department - responsible for registering and assisting unemployed people - is the latest victim of a mega data breach that compromised the information of up to 43 million citizens.…

A bill that passed the House of Representatives would ban TikTok from the US unless Chinese owner ByteDance gives up its share of the app.

Rare occasion when you do want Big Tech to make a hash of it Google has enhanced its Safe Browsing service to enable real-time protection in Chrome for desktop, iOS, and soon Android against risky websites, without sending browsing history data to the ad biz.…

SIM swappers have adapted their attacks to steal a target's phone number by porting it into a new eSIM card, a digital SIM stored in a rewritable chip present on many recent smartphone models. [...]

Imagine trying to trick folks into buying $500 of unnecessary repairs – and they turn out to be federal agents A pair of tech support businesses accused of swindling marks out of their hard-earned cash have agreed to cough up a $26 million settlement following an undercover probe by the FTC.…

A new variant of StopCrypt ransomware (aka STOP) was spotted in the wild, employing a multi-stage execution process that involves shellcodes to evade security tools. [...]