Crypto-mining gangs are abusing the free tiers of cloud computing platforms
therecord.media/crypto-mining-gangs-are-running-amok-on-free-cloud-computing-platforms/ Gangs have been operating by registering accounts on selected platforms, signing up for a free tier, and running a cryptocurrency mining app on the provider’s free tier infrastructure.
Air India Hack Exposes Credit Card and Passport Info of 4.5 Million Passengers
www.bleepingcomputer.com/news/security/air-india-data-breach-impacts-45-million-customers/ Air India has disclosed a data breach affecting 4.5 million of its customers over a period stretching nearly 10 years after SITA fell victim to a cyber attack earlier this year. The breach involves personal data registered during a span of 10 years and includes names, dates of birth, contact information, passport information and other personal information.
Privacy in the time after cookies – Google Chrome’s new FLoC tracking
www.forbes.com/sites/zakdoffman/2021/05/01/stop-using-google-chrome-on-your-iphone-android-macbook-and-pc/ Now that end of the third party cookie era is coming to an end, other tracking methods are being experimented with. Zak Doffman discusses in detail what kind of privacy impact Chrome’s new FLoC tracking has.
Serverless Phishing Campaign
isc.sans.edu/diary/%22Serverless%22+Phishing+Campaign/27446 Usually most attackers deploy their phishing kits on servers, this one includes an obfuscated html phishing page attached in the mail. Xavier Mertens, Senior ISC Handler, analyses the method in the InfoSec handlers diary blog.
PowerShell Is Source of More Than a Third of Critical Security Threats
www.esecurityplanet.com/threats/powershell-source-of-third-of-critical-security-threats/ PowerShell was the source of more than a third of critical threats detected on endpoints in the second half of 2020, according to a Cisco research study released at the RSA Conference.
Nuoret hakkerit löysivät tietoturva-aukkoja Abitti-ohjelmasta
yle.fi/uutiset/3-11939828 Poikakolmikko löysi laajoja tietoturva-aukkoja lukioiden käyttämästä Abitti-ohjelmasta, jonka kautta järjestetään muun muassa yo-kokeet. He ovat saaneet löydöksen jälkeen lukuisia työtarjouksia.