The U.S. government has indicted a co-owner of a Minnesota IT company for his participation in an international conspiracy to sell forged license keys for networking devices. [...] | Continue reading
Global news agency AFP (Agence France-Presse) is warning that it suffered a cyberattack on Friday, which impacted IT systems and content delivery services for its partners. [...] | Continue reading
Microsoft warns that some Windows 11 systems enter reboot loops or might freeze with blue screens after installing the September 2024 KB5043145 preview update. [...] | Continue reading
A critical vulnerability in NVIDIA Container Toolkit impacts all AI applications in a cloud or on-premise environment that rely on it to access GPU resources. [...] | Continue reading
The Data Protection Commission (DPC) in Ireland has fined Meta Platforms Ireland Limited (MPIL) €91 million ($100 million) for storing in plaintext passwords of hundreds of millions of users. [...] | Continue reading
The U.S. Department of Justice unsealed an indictment charging three Iranian hackers with a "hack-and-leak" campaign that aimed to influence the 2024 U.S. presidential election. [...] | Continue reading
The U.S. Department of Justice (DoJ) has announced charges against two Russian nationals for operating billion-dollar money laundering services for cybercriminals, including ransomware groups. [...] | Continue reading
Microsoft has announced security and privacy upgrades to its AI-powered Windows Recall feature, which now can be removed and has stronger default protection for user data and tighter access controls. [...] | Continue reading
Microsoft warns that ransomware threat actor Storm-0501 has recently switched tactics and now targets hybrid cloud environments, expanding its strategy to compromise all victim assets. [...] | Continue reading
Progress Software warned customers to patch multiple critical and high-severity vulnerabilities in its WhatsUp Gold network monitoring tool as soon as possible. [...] | Continue reading
Microsoft released the September 2024 preview update (KB5043145) for Windows 11 23H2 and 22H2, with 13 improvements and fixes for multiple issues, including Edge and task manager freezes. [...] | Continue reading
Under certain conditions, attackers can chain a set of vulnerabilities in multiple components of the CUPS open-source printing system to execute arbitrary code remotely on vulnerable machines. [...] | Continue reading
A new variant of the RomCom malware called SnipBot, has been used in attacks that pivot on the network to steal data from compromised systems. [...] | Continue reading
A group of security researchers discovered critical flaws in Kia's dealer portal that could let hackers locate and steal millions of Kia cars made after 2013 using just the targeted vehicle's license plate. [...] | Continue reading
The Tor Project and Tails OS are merging operations to better collaborate for a free internet by protecting users from surveillance and censorship. [...] | Continue reading
The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) has sanctioned PM2BTC and Cryptex, two cryptocurrency exchanges that laundered funds from Russian ransomware gangs and other cybercrime groups. [...] | Continue reading
WordPress.org has banned WP Engine from accessing its resources and stopped delivering plugin updates to websites hosted on the platform, urging impacted users to choose other hosting providers. [...] | Continue reading
A crypto draining app mimicking the legitimate 'WalletConnect' project has been distributed over Google Play for five months getting more than 10,000 downloads. [...] | Continue reading
HPE Aruba Networking has fixed three critical vulnerabilities in the Command Line Interface (CLI) service of its Aruba Access Points. [...] | Continue reading
Microsoft has released the September 2024 non-security preview update for Windows 10, version 22H2, with fixes for bugs causing Edge web browser freezes and media playback issues. [...] | Continue reading
AutoCanada is warning that employee data may have been exposed in an August cyberattack claimed by the Hunters International ransomware gang. [...] | Continue reading
Arkansas City, a small city in Cowley County, Kansas, was forced to switch its water treatment facility to manual operations over the weekend to contain a cyberattack detected on Sunday morning. [...] | Continue reading
Infostealer malware developers released updates claiming to bypass Google Chrome's recently introduced feature App-Bound Encryption to protect sensitive data such as cookies. [...] | Continue reading
CISA has tagged another critical Ivanti security vulnerability, which can let threat actors create rogue admin users on vulnerable Virtual Traffic Manager (vTM) appliances, as actively exploited in attacks. [...] | Continue reading
While cybercriminals have used generative AI technology to create convincing emails, government agencies have warned about the potential abuse of AI tools to creating malicious software, despite the safeguards and restrictions that vendors implemented. [...] | Continue reading
Salesforce's Einstein Copilot can provide insights and perform tasks help streamline daily processes. However, it also comes with risks that you should takes steps to mitigate. Learn more from Varonis on how to prepare for Salesforce Einstein Copilot, [...] | Continue reading
Money transfer giant MoneyGram has confirmed it suffered a cyberattack after dealing with system outages and customer complaints about lack of service since Friday. [...] | Continue reading
A new version of the Octo Android malware, named "Octo2," has been seen spreading across Europe under the guise of NordVPN, Google Chrome, and an app called Europe Enterprise. [...] | Continue reading
Telegram will now share users' phone numbers and IP addresses with law enforcement if they are found to be violating the platform's rules following a valid legal request. [...] | Continue reading
An affiliate of the Mallox ransomware operation, also known as TargetCompany, was spotted using a slightly modified version of the Kryptina ransomware to attack Linux systems. [...] | Continue reading
Starting Thursday, Kaspersky deleted its anti-malware software from computers across the United States and replaced it with UltraAV's antivirus solution without warning. [...] | Continue reading
A new version of the Necro Trojan malware for Android was installed on 11 million devices through Google Play in malicious SDK supply chain attacks. [...] | Continue reading
In today's fast-paced business environment, employees increasingly turn to unauthorized IT solutions, called Shadow IT, to streamline their work and boost productivity. This article explores the prevalence of shadow IT, the risks it poses and discusses strategies for managing it. … | Continue reading
Google is testing a new API that uses machine learning models to offer real-time language translation for inputted text and to make it easier to translate web pages. [...] | Continue reading
A massive infostealer malware operation encompassing thirty campaigns targeting a broad spectrum of demographics and system platforms has been uncovered, attributed to a cybercriminal group named "Marko Polo." [...] | Continue reading
Microsoft announced today that Hotpatching is now available in public preview for Windows Server 2025, allowing installation of security updates without restarting. [...] | Continue reading
The Walt Disney Company is reportedly ditching Slack after a July data breach exposed over 1TB of confidential messages and files posted to the company's internal communication channels. [...] | Continue reading
Users of macOS 15 'Sequoia' are reporting network connection errors when using certain endpoint detection and response (EDR) or virtual private network (VPN) solutions, and web browsers. [...] | Continue reading
The U.S. Cybersecurity and Infrastructure Agency (CISA) has added five flaws to its Known Exploited Vulnerabilities (KEV) catalog, among which is a remote code execution (RCE) flaw impacting Apache HugeGraph-Server. [...] | Continue reading
Microsoft is testing a new feature in the Edge browser called the "extension performance detector," which warns you when browser extensions cause performance issues on web pages you visit. [...] | Continue reading
The Tor Project is attempting to assure users that the network is still safe after a recent investigative report warned that law enforcement from Germany and other countries are working together to deanonymize users through timing attacks. [...] | Continue reading
Today, Ivanti warned that threat actors are exploiting another Cloud Services Appliance (CSA) security flaw in attacks targeting a limited number of customers. [...] | Continue reading
A joint law enforcement operation has dismantled an international criminal network that used the iServer automated phishing-as-a-service platform to unlock the stolen or lost mobile phones of 483,000 victims worldwide. [...] | Continue reading
German law enforcement seized 47 cryptocurrency exchange services hosted in the country that facilitated illegal money laundering activities for cybercriminals, including ransomware gangs. [...] | Continue reading
Onboarding new employees is an important time for any organization but comes with a unique set of security risks. Learn more from Specops Software about these risks and how to mitigate them. [...] | Continue reading
Internet intelligence firm GreyNoise reports that it has been tracking large waves of "Noise Storms" containing spoofed internet traffic since January 2020. However, despite extensive analysis, it has not concluded its origin and purpose. [...] | Continue reading
A clever threat campaign is abusing GitHub repositories to distribute malware targeting users who frequent an open source project repository or are subscribed to email notifications from it. A malicious GitHub user opens a new "issue" on an open source repository falsely claiming … | Continue reading
Discord has introduced the DAVE protocol, a custom end-to-end encryption (E2EE) protocol designed to protect audio and video calls on the platform from unauthorized interceptions. [...] | Continue reading