You can soon right-click on any YouTube video in Microsoft Edge or Google Chrome and save the frame (capture the screenshot of the video) in the original resolution and PNG format. [...] | Continue reading
Security researchers have tracked a new campaign from Imperial Kitten targeting transportation, logistics, and technology firms. [...] | Continue reading
Microsoft Edge's latest Canary update has an innovative feature: video translation. This feature translates YouTube videos in real-time, and it allegedly supports four languages. [...] | Continue reading
The notorious BulletProftLink phishing-as-a-service (PhaaS) platform that provided more than 300 phishing templates has been seized, the Royal Malaysian Police announced. [...] | Continue reading
Microsoft has resolved a known issue causing significant delays for Microsoft 365 customers when saving attachments in Outlook Desktop. [...] | Continue reading
Mr. Cooper, the largest home loan servicer in the United States, says it found evidence of customer data exposed during a cyberattack disclosed last week, on October 31. [...] | Continue reading
Microsoft warns that the BlueNoroff North Korean hacking group is setting up new attack infrastructure for upcoming social engineering campaigns on LinkedIn. [...] | Continue reading
Security researchers are warning that hackers are targeting multiple healthcare organizations in the U.S. by abusing the ScreenConnect remote access tool. [...] | Continue reading
Microsoft provides three more years of Windows Server 2012 Extended Security Updates (ESUs) until October 2026, allowing administrators more time to upgrade or migrate to Azure. [...] | Continue reading
The State of Maine has announced that its systems were breached after threat actors exploited a vulnerability in the MOVEit file transfer tool and accessed personal information of about 1.3 million, which is close to the state's entire population. [...] | Continue reading
McLaren Health Care (McLaren) is notifying nearly 2.2 million people of a data breach that occurred between late July and August this year, exposing sensitive personal information. [...] | Continue reading
Ransomware attacks are rapidly becoming the weapon of choice, making up over half of all attacks in the healthcare industry. Learn more from Specops Software on securing your organization from these attacks. [...] | Continue reading
Kyocera AVX Components Corporation (KAVX) is sending notices of a data breach exposing personal information of 39,111 individuals following a ransomware attack. [...] | Continue reading
Cloudflare is investigating an ongoing outage causing 'We're sorry" Google errors to be shown on the company's website. [...] | Continue reading
The Industrial & Commercial Bank of China (ICBC) is restoring systems and services following a ransomware attack that disrupted the U.S. Treasury market, causing equities clearing issues. [...] | Continue reading
Microsoft publicly acknowledged a known issue causing Windows Server 2022 virtual machine (VM) blue screens and boot failures on VMware ESXi hosts. [...] | Continue reading
A threat actor has been abusing Google Ads to distribute a trojanized version of the CPU-Z tool to deliver the Redline info-stealing malware. [...] | Continue reading
Threat actors are exploiting a zero-day vulnerability in the service management software SysAid to gain access to corporate servers for data theft and to deploy Clop ransomware. [...] | Continue reading
Russian state hackers have evolved their methods for breaching industrial control systems by adopting living-off-the-land techniques that enable reaching the final stage of the attack quicker and with less resources [...] | Continue reading
During the last 24 hours, OpenAI has been addressing what it describes as "periodic outages" linked to DDoS attacks affecting its API and ChatGPT services. [...] | Continue reading
Signal is now testing public usernames that allow users to conceal the phone numbers linked to their accounts while communicating with others. [...] | Continue reading
Windows 11 will no longer add SMB1 Windows Defender Firewall rules when creating new SMB shares starting with today's Canary Channel Insider Preview Build 25992 build. [...] | Continue reading
Security and data analytics company Sumo Logic disclosed a security breach after discovering that its AWS (Amazon Web Services) account was compromised last week. [...] | Continue reading
Russian financial organization Sberbank states in a press release that two weeks ago it faced the most powerful distributed denial of service (DDoS) attack in recent history. [...] | Continue reading
The Federal Bureau of Investigation is warning that ransomware threat actors are targeting casino servers and use legitimate system management tools to increase their permissions on the network. [...] | Continue reading
OpenAI's AI-powered ChatGPT large language model-based chatbot is down because of a major ongoing outage that also took down the company's Application Programming Interface (API). [...] | Continue reading
WhatsApp is rolling out a new privacy feature that helps Android and iOS users hide their location during calls by relaying the connection through WhatsApp servers. [...] | Continue reading
The operator of the Nokoyawa ransomware-as-a-service (RaaS), a threat actor known as 'farnetwork', built experience over the years by helping the JSWORM, Nefilim, Karma, and Nemty affiliate programs with malware development and operation management. [...] | Continue reading
Shared service provider TransForm has published an update on the cyberattack that recently impacted operations in multiple hospitals in Ontario, Canada, clarifying that it was a ransomware attack. [...] | Continue reading
Microsoft has recently removed from its store a fraudulent Ledger Live app for cryptocurrency management after multiple users lost at least $768,000 worth of cryptocurrency assets. [...] | Continue reading
The North Korean-backed BlueNorOff threat group targets Apple customers with new macOS malware tracked as ObjCShellz that can open remote shells on compromised devices. [...] | Continue reading
In a Monday advisory, Microsoft warned Outlook.com users about issues they might encounter when sending emails containing attachments. [...] | Continue reading
Microsoft has introduced a new protective feature in the Authenticator app to block notifications that appear suspicious based on specific checks performed during the account login stage. [...] | Continue reading
During its inaugural developer conference, OpenAI unveiled GPTs, short for Generative Pre-trained Transformers. These custom versions of ChatGPT are designed to be shaped by and for individual users, whether for recreational or professional use, and can be shared with others. [.. … | Continue reading
The Marina Bay Sands (MBS) luxury resort and casino in Singapore has disclosed a data breach that impacts personal data of 665,000 customers. [...] | Continue reading
Veeam released hotfixes today to address four vulnerabilities in the company's Veeam ONE IT infrastructure monitoring and analytics platform, two of them critical. [...] | Continue reading
The operators of the Kinsing malware are targeting cloud environments with systems vulnerable to "Looney Tunables," a Linux security issue identified as CVE-2023-4911 that allows a local attacker to gain root privileges on the system. [...] | Continue reading
Microsoft will roll out Conditional Access policies requiring multifactor authentication from administrators when signing into Microsoft admin portals such as Microsoft Entra, Microsoft 365, Exchange, and Azure. [...] | Continue reading
Attackers are exploiting a recently patched and critical severity Atlassian Confluence authentication bypass flaw to encrypt victims' files using Cerber ransomware. [...] | Continue reading
The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) has sanctioned Russian national Ekaterina Zhdanova for laundering millions in cryptocurrency for various individuals, including ransomware actors. [...] | Continue reading
Internet-exposed Apache ActiveMQ servers are also targeted in TellYouThePass ransomware attacks targeting a critical remote code execution (RCE) vulnerability previously exploited as a zero-day. [...] | Continue reading
QNAP Systems published security advisories for two critical command injection vulnerabilities that impact multiple versions of the QTS operating system and applications on its network-attached storage (NAS) devices. [...] | Continue reading
A new dropper-as-a-service (DaaS) named 'SecuriDropper' has emerged, using a method that bypasses Android 13's 'Restricted Settings' to install malware on devices and grant them access to the Accessibility Services. [...] | Continue reading
A proxy botnet called 'Socks5Systemz' has been infecting computers worldwide via the 'PrivateLoader' and 'Amadey' malware loaders, currently counting 10,000 infected devices. [...] | Continue reading
Discord will switch to temporary file links for all users by the end of the year to block attackers from using its CDN (content delivery network) for hosting and pushing malware. [...] | Continue reading
Apple's "Find My" location network can be abused by malicious actors to stealthily transmit sensitive information captured by keyloggers installed in keyboards. [...] | Continue reading
Over the past couple of months, ransomware attacks have been escalating as new operations launch, old ones return, and existing operations continue to target the enterprise. [...] | Continue reading
A former Dutch cybersecurity professional was sentenced to four years in prison after being found guilty of hacking and blackmailing more than a dozen companies in the Netherlands and worldwide. [...] | Continue reading