Trojanized Signal and Telegram apps containing the BadBazaar spyware were uploaded onto Google Play and Samsung Galaxy Store by a Chinese APT hacking group known as GREF. [...] | Continue reading
The FBI announced today the disruption of the Qakbot botnet in an international law enforcement operation that not only seized infrastructure but also uninstalled the malware from infected devices. [...] | Continue reading
A new version of the DreamBus botnet malware exploits a critical-severity remote code execution vulnerability in RocketMQ servers to infect devices. [...] | Continue reading
A novel Android banking malware named MMRat utilizes a rarely used communication method, protobuf data serialization, to more efficiently steal data from compromised devices. [...] | Continue reading
Qakbot, one of the largest and longest-running botnets to date, was taken down following a multinational law enforcement operation spearheaded by the FBI and known as Operation 'Duck Hunt.' [...] | Continue reading
Microsoft announced today that Exchange Server 2016 and 2019 now come with support for HTTP Strict Transport Security (also known as HSTS). [...] | Continue reading
Hackers have started using a critical exploit chain to target Juniper EX switches and SRX firewalls via their Internet-exposed J-Web configuration interface. [...] | Continue reading
The University of Michigan has taken all of its systems and services offline to deal with a cybersecurity incident, causing a widespread impact on online services the night before classes started. [...] | Continue reading
Genshin Impact developer miHoYohas responded to an in-game hacking situation that has caused problems recently in its player community, warning that they would take legal action against those responsible. [...] | Continue reading
Suspected Chinese hackers disproportionately targeted and breached government and government-linked organizations worldwide in recent attacks targeting a Barracuda Email Security Gateway (ESG) zero-day, with a focus on entities across the Americas. [...] | Continue reading
A threat actor believed to be tied to the FIN8 hacking group exploits the CVE-2023-3519 remote code execution flaw to compromise unpatched Citrix NetScaler systems in domain-wide attacks. [...] | Continue reading
Japan's computer emergency response team (JPCERT) is sharing a new 'MalDoc in PDF' attack detected in July 2023 that bypasses detection by embedding malicious Word files into PDFs. [...] | Continue reading
Microsoft announced today that Windows Extended Protection will be enabled by default on servers running Exchange Server 2019 starting this fall after installing the 2023 H2 Cumulative Update (CU14). [...] | Continue reading
The National Police of Spain is warning of an ongoing 'LockBit Locker' ransomware campaign targeting architecture companies in the country through phishing emails. [...] | Continue reading
Microsoft says the recent wave of blue screens impacting some Windows users is not caused by issues in its August 2023 optional updates. [...] | Continue reading
Proof-of-concept exploit code has been publicly released for vulnerabilities in Juniper SRX firewalls that, when chained, can allow unauthenticated attackers to gain remote code execution in Juniper's JunOS on unpatched devices. [...] | Continue reading
PurFoods, which conducts business in the U.S. as 'Mom's Meals,' is warning of a data breach after the personal information of 1.2 million customers and employees was stolen in a ransomware attack. [...] | Continue reading
Threat actors take advantage of common password mistakes to breach corporate networks. Learn more from Specops Software on the four most common mistakes and how to strengthen your Active Directory against these risks. [...] | Continue reading
The Rhysida ransomware gang has claimed responsibility for the massive cyberattack on Prospect Medical Holdings, claiming to have stolen 500,000 social security numbers, corporate documents, and patient records. [...] | Continue reading
Microsoft is experimenting with different approaches to introduce new users to Windows 11's features as soon as they complete the initial setup, also known as the "Out of Box Experience" (OOBE). [...] | Continue reading
Pôle emploi, France's governmental unemployment registration and financial aid agency, is informing of a data breach that exposed data belonging to 10 million individuals. [...] | Continue reading
MSI has officially confirmed the recent surge of blue screens of death (BSODs) encountered by Windows users after installing this week's optional preview updates is linked to some of its motherboard models. [...] | Continue reading
UK's Information Commissioner's Office (ICO), together with eleven data protection and privacy authorities from around the world, have published a statement calling social media platforms to up their protections against data scrapers. [...] | Continue reading
Microsoft has identified a new hacking group it now tracks as Flax Typhoon that argets government agencies and education, critical manufacturing, and information technology organizations likely for espionage purposes. [...] | Continue reading
Leaseweb, one of the world's largest cloud and hosting providers, notified people that it's working on restoring "critical" systems disabled following a recent security breach. [...] | Continue reading
Multiple reports on social media warn of a data breach at financial and risk advisory company Kroll that resulted in exposing to an unauthorized third-party the personal data of some credit claimants. [...] | Continue reading
The Federal Bureau of Investigation warned that patches for a critical Barracuda Email Security Gateway (ESG) remote command injection flaw are "ineffective," and patched appliances are still being compromised in ongoing attacks. [...] | Continue reading
Ransomware threat actors are spending less time on compromised networks before security solutions sound the alarm. In the first half of the year the hackers' median dwell time dropped to five days from nine in 2022 [...] | Continue reading
Two vulnerabilities affecting some version of Jupiter X Core, a premium plugin for setting up WordPress and WooCommerce websites, allow hijacking accounts and uploading files without authentication. [...] | Continue reading
Microsoft says the August 2023 preview updates released this week for Windows 11 and Windows 10 systems are causing blue screens with errors mentioning an unsupported processor issue. [...] | Continue reading
Cybercriminals behind the Smoke Loader botnet are using a new piece of malware called Whiffy Recon to triangulate the location of infected devices through WiFi scanning and Google's geolocation API. [...] | Continue reading
Proof-of-concept exploit code is now available for a critical Ivanti Sentry authentication bypass vulnerability that enables attackers to execute code remotely as root on vulnerable systems. [...] | Continue reading
We're down to the final weeks of registration for mWISE, the community-focused cybersecurity conference from Mandiant. Learn more from Mandiant about the available attendance options and what you should expect. [...] | Continue reading
The North Korean state-backed hacker group tracked as Lazarus has been exploiting a critical vulnerability (CVE-2022-47966) in Zoho's ManageEngine ServiceDesk to compromise an internet backbone infrastructure provider and healthcare organizations. [...] | Continue reading
A London jury has found that an 18-year-old member of the Lapsus$ data extortion gang helped hack multiple high-profile companies, stole data from them, and demanded a ransom threatening to leak the information. [...] | Continue reading
Microsoft has released the optional KB5029331 Preview cumulative update for Windows 10 22H2 with sixteen improvements or fixes, including the introduction of a new Backup app. [...] | Continue reading
Thousands of Openfire servers remain vulnerable to CVE-2023-32315, an actively exploited and path traversal vulnerability that allows an unauthenticated user to create new admin accounts. [...] | Continue reading
Bitwarden, the maker of the popular open-source password manager tool, has released 'Secrets Manager,' an end-to-end encrypted secrets manager for IT professionals, software development teams, and the DevOps industry. [...] | Continue reading
Starting on Monday, Discord has been reaching out to users affected by a data breach disclosed earlier this year to let them know what Personal Identifying Information (PII) was exposed in the incident. [...] | Continue reading
Security researchers have released NoFilter, a tool that abuses the Windows Filtering Platform to elevate a user's privileges to increases privileges to SYSTEM, the highest permission level on Windows. [...] | Continue reading
The U.S. Justice Department charged two Tornado Cash founders with helping criminals, including the notorious North Korean Lazarus hacking group, launder over $1 billion worth of stolen cryptocurrency through their decentralized crypto mixing service. [...] | Continue reading
Kali Linux 2023.3, the third version of 2023, is now available for download, with nine new tools and internal optimizations. [...] | Continue reading
Google announced today new cybersecurity defense controls that will allow security teams to thwart account takeover attempts and social engineering attacks targeting Workspace users. [...] | Continue reading
The FBI warned that North Koreans are likely readying to cash out tens of millions worth of stolen cryptocurrency out of hundreds of millions stolen in the last year alone. [...] | Continue reading
Danish hosting firms CloudNordic and AzeroCloud have suffered ransomware attacks, causing the loss of the majority of customer data and forcing the hosting providers to shut down all systems, including websites, email, and customer sites. [...] | Continue reading
When a cyberattack like the 2023 MOVEit hack makes global news headlines, attention often focuses on the names of the affected organizations. This article from @Outpost24 overviews the Moveit hack and aims to draw some important actionable takeaways for your business. [...] | Continue reading
A WinRar zero-day vulnerability tracked as CVE-2023-38831 was actively exploited to install malware when clicking on harmless files in an archive, allowing the hackers to breach online cryptocurrency trading accounts. [...] | Continue reading
The scraped data of 2.6 million DuoLingo users was leaked on a hacking forum, allowing threat actors to conduct targeted phishing attacks using the exposed information. [...] | Continue reading