The LockBit ransomware gang received more than $125 million in ransom payments over the past 18 months, according to the analysis of hundreds of cryptocurrency wallets associated with the operation. [...] | Continue reading
U-Haul has started informing customers that a hacker used stolen account credentials to access an internal system for dealers and team members to track customer reservations. [...] | Continue reading
Microsoft's Windows Photos app now has its own generative erase tool that enables users to replace unwanted objects with AI-generated content. [...] | Continue reading
US healthcare giant UnitedHealth Group announced that its subsidiary Optum suffered a cyberattack by "nation-state" hackers on the Change Healthcare platform, forcing the company to shut down IT systems and various services. [...] | Continue reading
Microsoft is testing support for Wi-Fi 7 in Windows 11, which offers multi-gigabit speeds and improved throughput, latency, and reliability compared to previous Wi-Fi generations. [...] | Continue reading
Microsoft has started force installing Windows 11 23H2 on eligible devices that have reached or are close to their end-of-servicing date. [...] | Continue reading
The Bitwarden open-source password management service has introduced a new inline auto-fill menu that addresses the risk of user credentials being stolen through malicious form fields. [...] | Continue reading
Attackers are exploiting a maximum severity authentication bypass vulnerability to breach unpatched ScreenConnect servers and deploy LockBit ransomware payloads on compromised networks. [...] | Continue reading
The U.S. Federal Trade Commission (FTC) will order Avast to pay $16.5 million and ban the company from selling the users' web browsing data or licensing it for advertising purposes. [...] | Continue reading
Tens of thousands of U.S. customers from Verizon, T-Mobile, and AT&T have been complaining about lack of wireless service or interruptions on Thursday morning. [...] | Continue reading
LockBit ransomware developers were secretly building a new version of their file encrypting malware, dubbed LockBit-NG-Dev - likely a future LockBit 4.0, when law enforcement took down the cybercriminal's infrastructure earlier this week. [...] | Continue reading
Five vulnerabilities have been discovered in the Joomla content management system that could be leveraged to execute arbitrary code on vulnerable websites. [...] | Continue reading
Microsoft has expanded free Purview Audit logging capabilities for all U.S. federal agencies six months after disclosing that Chinese hackers stole U.S. government emails undetected in an Exchange Online breach between May and June 2023. [...] | Continue reading
Security researchers are warning of hackers abusing the Google Cloud Run service to distribute massive volumes of banking trojans like Astaroth, Mekotio, and Ousaban. [...] | Continue reading
Two Chinese nationals face 20 years in prison after being caught and convicted of submitting over 5,000 fake iPhones worth more than $3 million to Apple with the goal of having them replaced with genuine devices. [...] | Continue reading
A threat actor is using an open-source network mapping tool named SSH-Snake to look for private keys undetected and move laterally on the victim infrastructure. [...] | Continue reading
CISA, the FBI, and the Environmental Protection Agency (EPA) shared a list of defense measures U.S. water utilities should implement to better defend their systems against cyberattacks [...] | Continue reading
Both technical details and proof-of-concept exploits are available for the two vulnerabilities ConnectWise disclosed earlier this week for ScreenConnect, its remote desktop and access software. [...] | Continue reading
The U.S. State Department is now also offering rewards of up to $15 million to anyone who can provide information about LockBit ransomware gang members and their associates. [...] | Continue reading
VMware urged admins today to remove a discontinued authentication plugin exposed to authentication relay and session hijack attacks in Windows domain environments via two security vulnerabilities left unpatched. [...] | Continue reading
A team of academic researchers show that a new set of attacks called 'VoltSchemer' can inject voice commands to manipulate a smartphone's voice assistant through the magnetic field emitted by an off-the-shelf wireless charger. [...] | Continue reading
Security researchers discovered a new campaign that targets Redis servers on Linux hosts using a piece of malware called 'Migo' to mine for cryptocurrency. [...] | Continue reading
End-to-end encrypted messaging app Signal finally allows users to pick custom usernames to connect with others while hiding their phone numbers and protecting their privacy. [...] | Continue reading
ConnectWise warned customers to patch their ScreenConnect servers immediately against a maximum severity flaw that can be used in remote code execution (RCE) attacks. [...] | Continue reading
The alleged source code for the third iteration of the Knight ransomware is being offered for sale to a single buyer on a hacker forum by a representative of the operation. [...] | Continue reading
The cybercrime ecosystem has created a supply chain of stolen accounts and breached networks that are used to fuel ransomware attacks and data breaches. Learn more from Flare about how this supply chain has led to an explosion of cybercrime. [...] | Continue reading
PSI Software SE, a German software developer for complex production and logistics processes, has confirmed that the cyber incident it disclosed last week is a ransomware attack that impacted its internal infrastructure. [...] | Continue reading
Law enforcement arrested two operators of the LockBit ransomware gang in Poland and Ukraine, created a decryption tool to recover encrypted files for free, and seized over 200 crypto-wallets after hacking the cybercrime gang's servers in an international crackdown operation. [... … | Continue reading
Law enforcement agencies from 11 countries have disrupted the notorious LockBit ransomware operation in a joint operation known as ''Operation Cronos." [...] | Continue reading
In an advisory today Germany's federal intelligence agency (BfV) and South Korea's National Intelligence Service (NIS) warn of an ongoing cyber-espionage operation targeting the global defense sector on behalf of the North Korean government. [...] | Continue reading
The Cactus ransomware gang claims they stole 1.5TB of data from Schneider Electric after breaching the company's network last month. [...] | Continue reading
Up to 97,000 Microsoft Exchange servers may be vulnerable to a critical severity privilege escalation flaw tracked as CVE-2024-21410 that hackers are actively exploiting. [...] | Continue reading
Hackers are actively exploiting a critical remote code execution (RCE) flaw impacting the Brick Builder Theme to run malicious PHP code on vulnerable sites. [...] | Continue reading
Wyze shared more details on a security incident that impacted thousands of users on Friday and said that at least 13,000 customers could get a peek into other users' homes. [...] | Continue reading
The Anatsa banking trojan has been targeting users in Europe by infecting Android devices through malware droppers hosted on Google Play. [...] | Continue reading
Ukraine's cyber police arrested a 31-year-old for running a cybercrime operation that gained access to bank accounts of American and Canadian users and sold it on the dark web. [...] | Continue reading
A serious vulnerability named KeyTrap in the Domain Name System Security Extensions (DNSSEC) feature could be exploited to deny internet access to applications for an extended period. [...] | Continue reading
Google is testing a new feature to prevent malicious public websites from pivoting through a user's browser to attack devices and services on internal, private networks. [...] | Continue reading
The ALPHV/Blackcat ransomware gang has claimed responsibility for the recent network breaches of Fortune 500 company Prudential Financial and mortgage lender loanDepot. [...] | Continue reading
Wyze Labs is investigating a security issue while experiencing a service outage that has been causing connectivity issues since this morning. [...] | Continue reading
SolarWinds has patched five remote code execution (RCE) flaws in its Access Rights Manager (ARM) solution, including three critical severity vulnerabilities that allow unauthenticated exploitation. [...] | Continue reading
Security researchers analyzing the Alpha ransomware payload and modus operandi discovered overlaps with the now-defunct Netwalker ransomware operation. [...] | Continue reading
The North Korean hacker collective Lazarus, infamous for having carried out numerous large-scale cryptocurrency heists over the years, has switched to using YoMix bitcoin mixer to launder stolen proceeds. [...] | Continue reading
Ukrainian national Vyacheslav Igorevich Penchukov, one of the heads of the notorious JabberZeus cybercrime gang, has pleaded guilty to charges related to his leadership roles in the Zeus and IcedID malware groups. [...] | Continue reading
Microsoft claims to have fixed Windows Metadata connection issues which continue to plague customers, causing problems for users trying to manage their printers and other hardware. [...] | Continue reading
The U.S. State Department is offering rewards of up to $10 million for information that could lead to the identification or location of ALPHV/Blackcat ransomware gang leaders. [...] | Continue reading
The RansomHouse ransomware operation has created a new tool named 'MrAgent' that automates the deployment of its data encrypter across multiple VMware ESXi hypervisors. [...] | Continue reading
The FBI took down a botnet of small office/home office (SOHO) routers used by Russia's Main Intelligence Directorate of the General Staff (GRU) in spearphishing and credential theft attacks targeting the United States and its allies. [...] | Continue reading