Ransomware gangs continue to hammer local governments in attacks, taking down IT systems and disrupting city's online services. [...] | Continue reading
Microsoft has introduced a new Microsoft Defender capability named "performance mode" for developers on Windows 11, tuned to reduce the impact of antivirus scans when analyzing files stored on Dev Drives. [...] | Continue reading
Swiss tech multinational and U.S. government contractor ABB has confirmed that some of its systems were impacted by a ransomware attack, previously described by the company as "an IT security incident." [...] | Continue reading
Emby says it remotely shut down an undisclosed number of user-hosted media server instances that were recently hacked by exploiting a previously known vulnerability and an insecure admin account configuration. [...] | Continue reading
Firefox users have been complaining about very intrusive full-screen advertisements promoting Mozilla VPN displayed in the web browser when navigating an unrelated page. [...] | Continue reading
The city of Augusta in Georgia, U.S., has confirmed that the most recent IT system outage was caused by unauthorized access to its network. [...] | Continue reading
Microsoft has released a new Windows 11 dev build that adds a long-awaited feature allowing users to ensure that all windows are shown as individual items in the taskbar. [...] | Continue reading
Security researchers at Cisco Talos and the Citizen Lab have presented a new technical analysis of the commercial Android spyware 'Predator' and its loader 'Alien,' sharing its data-theft capabilities and other operational details. [...] | Continue reading
Attackers are now using encrypted RPMSG attachments sent via compromised Microsoft 365 accounts to steal Microsoft credentials in targeted phishing attacks designed to evade detection by email security gateways. [...] | Continue reading
D-Link has fixed two critical-severity vulnerabilities in its D-View 8 network management suite that could allow remote attackers to bypass authentication and execute arbitrary code. [...] | Continue reading
Mandiant security researchers have discovered a new OT known as CosmicEnergy that targets operational technology (OT), raising concerns about potential disruptions to electric power systems worldwide. [...] | Continue reading
[...] | Continue reading
Zyxel is warning customers of two critical-severity vulnerabilities in several of its firewall and VPN products that attackers could leverage without authentication. [...] | Continue reading
ChatGPT, the famous artificial intelligence chatbot that allows users to converse with various personalities and topics, has connectivity issues worldwide. [...] | Continue reading
A Brazilian hacking group has been targeting thirty Portuguese government and private financial institutions since 2021 in a malicious campaign called 'Operation Magalenha.' [...] | Continue reading
A new ransomware operation named 'Buhti' uses the leaked code of the LockBit and Babuk ransomware families to target Windows and Linux systems, respectively. [...] | Continue reading
Microsoft says some 32-bit applications are being impacted by recurring failures when saving and copying files across multiple Windows versions (especially when copying to network shares). [...] | Continue reading
Ongoing attacks are targeting an Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability in a WordPress cookie consent plugin named Beautiful Cookie Consent Banner with more than 40,000 active installs. [...] | Continue reading
Microsoft says a Chinese cyberespionage group it tracks as Volt Typhoon has been targeting critical infrastructure organizations across the United States, including Guam, since at least mid-2021. [...] | Continue reading
GitLab has released an emergency security update, version 16.0.1, to address a maximum severity (CVSS v3.1 score: 10.0) path traversal flaw tracked as CVE-2023-2825. [...] | Continue reading
A new PowerShell-based malware dubbed PowerExchange was used in attacks linked to APT34 Iranian state hackers to backdoor on-premise Microsoft Exchange servers. [...] | Continue reading
Microsoft has released the Windows 11 22H2 KB5026446 update, aka 'Moment 3,' bringing quite a few new and long-awaited features to the operating system. [...] | Continue reading
Microsoft has released the optional KB5026435 Preview cumulative update for Windows 10 22H2 with two new features and 18 additional fixes or changes. [...] | Continue reading
A suspected Iranian state-supported threat actor known as 'Agrius' is now deploying a new ransomware strain named 'Moneybird' against Israeli organizations. [...] | Continue reading
Barracuda, a company known for its email and network security solutions, warned customers today that some of their Email Security Gateway (ESG) appliances were breached last week by targeting a now-patched zero-day vulnerability. [...] | Continue reading
In a significant development for the PC platform, Microsoft has introduced Windows Copilot, marking a milestone as the first PC platform to offer unified AI assistance for consumers. [...] | Continue reading
A relatively unknown advanced persistent threat (APT) group named 'GoldenJackal' has been targeting government and diplomatic entities in Asia since 2019 for espionage. [...] | Continue reading
Microsoft is adding native support for RAR, 7-Zip, and GZ archives to an upcoming version of Windows 11 expected this week. [...] | Continue reading
Microsoft has updated PowerToys with two new tools that help control multiple Windows systems with the same keyboard/mouse and quickly preview various file types. [...] | Continue reading
Microsoft has released the May 2023 optional cumulative update for Windows 11, version 21H2, with fixes for audio and printer install problems. [...] | Continue reading
The Treasury Department's Office of Foreign Assets Control (OFAC) announced sanctions today against four entities and one individual for their involvement in illicit IT worker schemes and cyberattacks generating revenue to finance North Korea's weapons development programs. [...] | Continue reading
German automotive and arms manufacturer Rheinmetall AG confirms that it suffered a BlackBasta ransomware attack that impacted its civilian business. [...] | Continue reading
A 28-year-old United Kingdom man from Fleetwood, Hertfordshire, has been convicted of unauthorized computer access with criminal intent and blackmailing his employer. [...] | Continue reading
Microsoft has released the Windows 11 22H2 'Moment 3' update, bringing many new and long-awaited features to the operating system. [...] | Continue reading
ESET malware researchers have discovered a new remote access trojan (RAT) on the Google Play Store, bundled with an Android screen recording app with 50,000 installs. [...] | Continue reading
The Cuba ransomware gang has claimed responsibility for this month's cyberattack on The Philadelphia Inquirer, which temporarily disrupted the newspaper's distribution and disrupted some business operations. [...] | Continue reading
Google has launched the Mobile Vulnerability Rewards Program (Mobile VRP), a new bug bounty program that will pay security researchers for flaws found in the company's Android applications. [...] | Continue reading
Microsoft is investigating service issues preventing users from accessing their Microsoft 365 ccounts and blocking access to installed apps. [...] | Continue reading
The ALPHV ransomware group (aka BlackCat) was observed employing signed malicious Windows kernel drivers to evade detection by security software during attacks. [...] | Continue reading
Highly realistic AI-generated images depicting an explosion near the Pentagon that went viral on Twitter caused the stock market to dip briefly earlier today. [...] | Continue reading
A cryptocurrency phishing and scam service called 'Inferno Drainer' has reportedly stolen over $5.9 million worth of crypto from 4,888 victims. [...] | Continue reading
Today, the U.S. Cybersecurity & Infrastructure Security Agency (CISA) ordered federal agencies to address three recently patched zero-day flaws affecting iPhones, Macs, and iPads known to be exploited in attacks. [...] | Continue reading
The Irish Data Protection Commission (DPC) has announced a $1.3 billion fine on Facebook after claiming that the company violated Article 46(1) of the GDPR (General Data Protection Regulation). [...] | Continue reading
Criminal IP's Chrome extension offers real-time scanning of websites worldwide, using AI-based detection to identify recently created phishing sites. [...] | Continue reading
Microsoft is doubling its efforts to court the gaming community with a new feature, "Edge for Gamers" mode, which promises to elevate the user experience inside and outside gaming sessions. [...] | Continue reading
Google has updated its policy for personal accounts across its services to allow a maximum period of inactivity of two years. [...] | Continue reading
Researchers at Tencent Labs and Zhejiang University have presented a new attack called 'BrutePrint,' which brute-forces fingerprints on modern smartphones to bypass user authentication and take control of the device. [...] | Continue reading
PyPI, the official third-party registry of open source Python packages has temporarily suspended new users from signing up, and new projects from being uploaded to the platform until further notice. The unexpected move comes amid the registry's struggle to upkeep with a large inf … | Continue reading