The Information Highway

The Information Highway

Bill Toulas
Bill Toulas is a technology writer and infosec news reporter with over a decade of experience working on various online publications. An open source advocate and Linux enthusiast, is currently finding pleasure in following hacks, malware campaigns, and data breach incidents, as well as by exploring the intricate ways through which tech is swiftly transforming our lives.
Bill Toulas

DarkGate and Pikabot malware emerge as Qakbot’s successors

Hacker_red_map

A sophisticated phishing campaign pushing the DarkGate malware infections has recently added the PikaBot malware into the mix, making it the most advanced phishing campaign since the Qakbot operation was dismantled. 

Continue reading
0
Tags:
phishing campaign DarkGate malware infections PikaBot malware Qakbot operation email campaign
  962 Hits
0 Comments
Bill Toulas

Kinsing malware exploits Apache ActiveMQ RCE to plant rootkits

apache-header-image

The Kinsing malware operator is actively exploiting the CVE-2023-46604 critical vulnerability in the Apache ActiveMQ open-source message broker to compromise Linux systems. 

Continue reading
0
Tags:
Kinsing malware operator CVE -2023-46604 Apache ActiveMQ open-source message broker compromise Linux systems code execution
  959 Hits
0 Comments
Bill Toulas

Lumma Stealer malware now uses trigonometry to evade detection

Hacker_headpic

The Lumma information-stealing malware is now using an interesting tactic to evade detection by security software - the measuring of mouse movements using trigonometry to determine if the malware is running on a real machine or an antivirus sandbox. 

Continue reading
0
Tags:
Lumma information-stealing malware security software mouse movements trigonometry malware
  652 Hits
0 Comments
Bill Toulas

Researchers extract RSA keys from SSH server signing errors

cyber-key

A team of academic researchers from universities in California and Massachusetts demonstrated that it's possible under certain conditions for passive network attackers to retrieve secret RSA keys from naturally occurring errors leading to failed SSH (secure shell) connection attempts. 

Continue reading
0
Tags:
researchers network attackers RSA keys SSH connection attempts
  814 Hits
0 Comments
Bill Toulas

Exploit for CrushFTP RCE chain released, patch now

hacker-looking-at-screens

A proof-of-concept exploit was publicly released for a critical remote code execution vulnerability in the CrushFTP enterprise suite, allowing unauthenticated attackers to access files on the server, execute code, and obtain plain-text passwords. 

Continue reading
0
Tags:
code execution vulnerability CrushFTP enterprise suite unauthenticated attackers access files plain-text passwords
  770 Hits
0 Comments

Top Breaches Of 2023

Customers Affected In T-Mobile Breach
Accounts Affected In MOVEit Breach
Customers Affected In MCNA Insurance Data Breach
Individuals Affected In PharMerica Data Breach
Users Affected In ChatGPT Major Data Breach
*Founder Shield End of Year 2023