2FA bypass discovered in web hosting software cPanel More than 70 million sites are managed via cPanel software, according to the company. Researchers discovered a major issue in cPanel that could be exploited by attackers to bypass two-factor authentication for cPanel accounts. Security researchers from Digital Defense have discovered a major secur

Cybercriminals were able to change the DNS settings of some cryptocurrency websites after tricking GoDaddy employees into providing them with access to customer accounts.The incident happened earlier this month and affected an unknown number of the company’s customers, including at least two cryptocurrency-related websites: the virtual currency trading site

byPaul DucklinThanks to Bill Kearney of Sophos Rapid Response for his work on this article.If you’ve read the recent Sophos 2021 Threat Report, you’ll know that we deliberately included a section about all the malware out there that isn’t ransomware.Sure, ransomware understandably hogs the media headlines these days, but cybercriminality go

Chloe Messdaghi, VP of Strategy at Point3, advocate and activist joins the show to explain common misconceptions about the hacking community and how we can do better to combat those stigmas. She also unpacks the diversity challenges specifically in the infosec industry.Spotify: https://open.spotify.com/episode/7G9cXfVFeFxCfoEdhZlHOk?si=IZUhcqB1Q8WqG1h9vkRhJA

Hackers have been attempting to gain access to Spotify accounts using a database of 380 million records with login credentials and personal information collected from various sources.For years, users have complained that their Spotify accounts were hacked after passwords were changed, new playlists would appear in their profiles, or their family accounts had

Researchers at the University of Leuven in Belgium found vulnerabilities in the keyless entry system of the Tesla Model X that would have allowed attackers to steal the $100,000 car within just a few minutes.The security bugs allowed taking full control of the key fob and of the car by remotely updating the Tesla Model X's BLE chip with specially crafte

Hacktivists have reportedly downed the website of Uganda Police in the wake of protests triggered by the arrest of Robert Kyagulanyi Ssentamu, also known by his pop star alias, Bobi Wine.Wine is the presidential candidate of the center-left progressive political party, the National Unity Platform (NUP). He was arrested in Eastern Uganda's Luuka District

A subdomain of the official Joe Biden campaign website was defaced last week by what appears to be a Turkish hacktivist.The targeted subdomain, vote.joebiden.com, originally redirected users to iwillvote.com, a website sponsored by the Democratic National Committee (DNC) that provides information about the voting process, including registration, voting from

VMware addressed six vulnerabilities in its SD-WAN Orchestrator product that can potentially expose enterprise networks to hack. VMware last week addressed six vulnerabilities (CVE-2020-3984, CVE-2020-3985, CVE-2020-4000, CVE-2020-4001, CVE-2020-4002, CVE-2020-4003) in its SD-WAN Orchestrator product, including some issues that can be chained by an attack

Cybercriminals targeted Manchester United's IT systems in a "sophisticated" hacking operation, the club said."The club has taken swift action to contain the attack and is currently working with expert advisers to investigate the incident and minimise the ongoing IT disruption," it said in a statement late Friday.All "critical systems" required for games to t

A hacker has posted a list of one-line exploits to steal VPN credentials from almost 50,000 Fortinet VPN devices.Present on the list of vulnerable targets are domains belonging to high street banks and government organizations from around the world.Researchers find thousands of targetsThe vulnerability being referred to here is CVE-2

This week, the Vote Joe site set up by the Biden-Harris Presidential campaign had been hacked and defaced by a Turkish hacker called RootAyyildiz.Based on the evidence and the archived snapshots of the site, it appears the breach and defacement had lasted for over 24 hours.Vote Joe site defaced this weekUp until November 9th or so, days after the 2020 U.S. P

Authorities in India determined that a major power outage that occurred last month in Mumbai, the country’s largest city, may have been caused by hackers, according to reports.The outage occurred in mid-October and it impacted the Mumbai metropolitan area, causing significant disruption to traffic management systems and trains. It took two hours to restore p

Computer hacker Jeremy Hammond, who is serving a 10-year prison sentence for breaking into computer systems of security firms and law-enforcement agencies, will serve out the remainder of his term in a Chicago halfway house, a U.S. Bureau of Prison spokesman said Wednesday.Hammond, who has gained mythic status among his supporters, was released Tuesday from

VMware on Thursday announced releasing patches for a couple of serious ESXi vulnerabilities that were demonstrated at a recent hacking contest in China.At the 2020 Tianfu Cup International PWN Contest, which took place earlier this month in China, participants earned a total of more than $1.2 million for exploits targeting Chrome, Safari, Firefox, Adobe Read