If you are concerned about the security and privacy of your online activities, this new 50% off Malwarebytes deal can bring you peace of mind. [...] | Continue reading
A new Android subscription malware named 'Fleckpe' has been spotted on Google Play, the official Android app store, disguised as legitimate apps downloaded over 620,000 times. [...] | Continue reading
Microsoft has released a new Windows 11 dev build that modernizes the File Explorer details pane, improves the Windows Spotlight lock screen feature, and expands the roll out of "notification badging" in the Start menu. [...] | Continue reading
Cisco has disclosed a vulnerability in the web-based management interface of Cisco SPA112 2-Port Phone Adapters, allowing an unauthenticated, remote attacker to execute arbitrary code on the devices. [...] | Continue reading
The Avos ransomware gang hijacked Bluefield University's emergency broadcast system, "RamAlert," to send students and staff SMS texts and email alerts that their data was stolen and would soon be released. [...] | Continue reading
There are simple steps to follow when the organization is developing a web application or needs to lift its digital experience and match a customer's expectations. Learn more here. [...] | Continue reading
The City of Dallas, Texas, has suffered a Royal ransomware attack, causing it to shut down some of its IT systems to prevent the attack's spread. [...] | Continue reading
An APT hacking group known as "Dragon Breath," "Golden Eye Dog," or "APT-Q-27" is demonstrating a new trend of using several complex variations of the classic DLL sideloading technique to evade detection. [...] | Continue reading
The Russian 'Sandworm' hacking group has been linked to an attack on Ukrainian state networks where WinRar was used to destroy data on government devices. [...] | Continue reading
Orqa, a maker of First Person View (FPV) drone racing goggles, claims that a contractor introduced code into its devices' firmware that acted as a time bomb designed to brick them. [...] | Continue reading
The City of Dallas, Texas, has suffered a ransomware attack, causing it to shut down some of it's IT systems to prevent the attack's spread. [...] | Continue reading
Facebook discovered a new information-stealing malware distributed on Meta called 'NodeStealer,' allowing threat actors to steal browser cookies to hijack accounts on the platform, as well as Gmail and Outlook accounts. [...] | Continue reading
Microsoft announced today that Windows admins can now choose to be emailed when new known issues are added to the Windows release health section of the Microsoft 365 admin center. [...] | Continue reading
The U.S. Department of Justice announced today the indictment of Russian citizen Denis Gennadievich Kulkov, suspected of running a stolen credit card checking operation that generated tens of millions in revenue. [...] | Continue reading
A researcher hijacked over a dozen Packagist packages—with some having been installed hundreds of millions of times over the course of their lifetime. The researcher reached out to BleepingComputer stating that by hijacking these packages he hopes to get a job. And, he seems pret … | Continue reading
Pediatric mental health provider Brightline is warning patients that it suffered a data breach impacting 783,606 people after a ransomware gang stole data using a zero-day vulnerability in its Fortra GoAnywhere MFT secure file-sharing platform. [...] | Continue reading
Google is rolling out support for passkeys for Google Accounts across all services and platforms, allowing users to sign into their Google accounts without entering a password or using 2-Step Verification (2SV) when logging in. [...] | Continue reading
Hackers exploited a Level Finance smart contract vulnerability to drain 214,000 LVL tokens from the decentralized exchange and swapped them for 3,345 BNB, worth approximately $1,100,000. [...] | Continue reading
1Password says a recent incident that caused customers to receive notifications about changed passwords was the result of service disruption and not a security breach. [...] | Continue reading
The FBI and Ukrainian police have seized nine cryptocurrency exchange websites that facilitated money laundering for scammers and cybercriminals, including ransomware actors. [...] | Continue reading
Google announced today that the lock icon, long thought to be a sign of website security and trustworthiness, will soon be changed with a new icon that doesn't imply that a site is secure or should be trusted. [...] | Continue reading
Apple and Google have joined forces to push for the adoption of new industry standards designed to put a stop to stalking via Bluetooth-enabled location-tracking devices. [...] | Continue reading
Hackers are actively exploiting an unpatched 2018 authentication bypass vulnerability in exposed TBK DVR (digital video recording) devices. [...] | Continue reading
An international law enforcement operation codenamed 'SpecTor' has arrested 288 dark web vendors and customers worldwide, with police seizing €50.8 million ($55.9M) in cash and cryptocurrency. [...] | Continue reading
Artificial intelligence has brought forth a new era of innovation. However, its rise has also led to an evolving landscape of emerging cyber threats. [...] | Continue reading
Apple has launched the first Rapid Security Response (RSR) patches for iOS 16.4.1 and macOS 13.3.1 devices, with some users having issues installing them on their iPhones. [...] | Continue reading
A Twitter outage has logged many users out of the website and prevents them from logging back into the site. [...] | Continue reading
A new malware known as 'LOBSHOT' distributed using Google ads allows threat actors to stealthily take over infected Windows devices using hVNC. [...] | Continue reading
T-Mobile disclosed the second data breach of 2023 after discovering that attackers had access to the personal information of hundreds of customers for more than a month, starting late February 2023. [...] | Continue reading
A silly Twitter bug allows previously-verified accounts to add their legacy 'Blue Check' back to their profile for free. [...] | Continue reading
The ALPHV ransomware operation, aka BlackCat, has published screenshots of internal emails and video conferences stolen from Western Digital, indicating they likely had continued access to the company's systems even as the company responded to the breach. [...] | Continue reading
The Computer Emergency Response Team of Ukraine (CERT-UA) says Russian hackers are targeting various government bodies in the country with malicious emails supposedly containing instructions on how to update Windows as a defense against cyber attacks. [...] | Continue reading
Veeam backup servers are being targeted by at least one group of threat actors known to work with multiple high-profile ransomware gangs. [...] | Continue reading
Americold, a leading cold storage and logistics company, has been facing IT issues since its network was breached on Tuesday night. [...] | Continue reading
It has been a very quiet week for ransomware news, with only a few reports released and not much info about cyberattacks. An item of interest was Microsoft linking the recent PaperCut server attacks on the Clop and LockBit ransomware operation. [...] | Continue reading
A new version of the ViperSoftX information-stealing malware has been discovered with a broader range of targets, including targeting the KeePass and 1Password password managers. [...] | Continue reading
Hackers are hijacking online stores to display modern, realistic-looking fake payment forms to steal credit cards from unsuspecting customers. [...] | Continue reading
The U.S. Cybersecurity Infrastructure Security Agency (CISA) and the FDA have issued an urgent alert about two vulnerabilities that impact Illumina's Universal Copy Service (UCS), used for DNA sequencing in medical facilities and labs worldwide. [...] | Continue reading
Mark your calendar for mWISE™, a global gathering where security's top practitioners come together to tackle the industry's biggest challenges. It runs from September 18-20, 2023 in Washington, DC [...] | Continue reading
Websites and mobile apps of Lloyds Bank, Halifax, TSB Bank, and Bank of Scotland are experiencing web and mobile app outages leaving customers unable to access their account balances and information. [...] | Continue reading
A set of 38 Minecraft copycat games on Google Play infected devices with the Android adware 'HiddenAds' to stealthily load ads in the background to generate revenue for its operators. [...] | Continue reading
Microsoft says Windows 10, version 22H2 will be the last feature update to be released for the Windows 10 operating system. [...] | Continue reading
Google says it banned 173,000 developer accounts in 2022 to block malware operations and fraud rings from infecting Android users' devices with malicious apps. [...] | Continue reading
RTM Locker is the latest enterprise-targeting ransomware operation found to be deploying a Linux encryptor that targets virtual machines on VMware ESXi servers. [...] | Continue reading
Microsoft has addressed a known issue affecting Outlook for Microsoft 365 customers that prevented them from accessing group mailboxes and calendars using the Outlook desktop client. [...] | Continue reading
A new macOS information-stealing malware named 'Atomic' (aka 'AMOS') is being sold to cybercriminals via private Telegram channels for a subscription of $1,000 per month. [...] | Continue reading
In some ways, past best practices for password policies may have made password cracking easier. Let's examine the most common types of password attacks, and how to defend against them. [...] | Continue reading
Microsoft has attributed recent attacks on PaperCut servers to the Clop and LockBit ransomware operations, which used the vulnerabilities to steal corporate data. [...] | Continue reading