The Ukrainian cyber police have arrested a 36-year-old man from the city of Netishyn for selling the personal data and sensitive information of over 300 million people, citizens of Ukraine, and various European countries. [...] | Continue reading
Google is bringing end-to-end encryption to Google Authenticator cloud backups after researchers warned users against synchronizing 2FA codes with their Google accounts. [...] | Continue reading
The open-source e-commerce platform PrestaShop has released a new version that addresses a critical-severity vulnerability allowing any back-office user to write, update, or delete SQL databases regardless of their permissions. [...] | Continue reading
Cisco disclosed today a zero-day vulnerability in the company's Prime Collaboration Deployment (PCD) software that can be exploited for cross-site scripting attacks. [...] | Continue reading
The Chinese APT hacking group known as 'Evasive Panda' are behind a mysterious attack that distributed the MsgBot malware as part of an automatic update for the Tencent QQ messaging app. [...] | Continue reading
Google is taking down malware infrastructure linked to the Cryptbot info stealer after suing those using it to infect Google Chrome users and steal their data. [...] | Continue reading
Apache Superset is vulnerable to authentication bypass and remote code execution at default configurations, allowing attackers to potentially access and modify data, harvest credentials, and execute commands. [...] | Continue reading
Microsoft is rolling out Phone Link for iOS to all Windows 11 and iPhone users, with the rollout expected to complete by mid-May. [...] | Continue reading
Microsoft has fixed a known issue triggering Windows Security warnings that Local Security Authority (LSA) Protection is off by removing the feature's UI from settings. [...] | Continue reading
Hackers are deploying new Linux malware variants in cyberespionage attacks, such as a new PingPull variant and a previously undocumented backdoor tracked as 'Sword2033.' [...] | Continue reading
Microsoft is investigating ongoing Microsoft 365 issues preventing some Exchange Online customers from accessing their mailboxes. [...] | Continue reading
VMware has released security updates to address zero-day vulnerabilities that could be chained to gain code execution systems running unpatched versions of the company's Workstation and Fusion software hypervisors. [...] | Continue reading
Microsoft has released the optional KB5025297 Preview cumulative update for Windows 10 22H2, with eighteen fixes or changes. [...] | Continue reading
Microsoft has released the optional April 2023 non-security cumulative updates for all editions of Windows 11 22H2 with a new option to prioritize non-security and feature Windows updates. [...] | Continue reading
A new reflective Denial-of-Service (DoS) amplification vulnerability in the Service Location Protocol (SLP) allows threat actors to launch massive denial-of-service attacks with 2,200X amplification. [...] | Continue reading
The Google Authenticator app has received a critical update for Android and iOS that allows users to back up their two-factor authentication one-time passwords (OTPs) to their Google Accounts and have multi-device support. [...] | Continue reading
The Mirai malware botnet is actively exploiting a TP-Link Archer A21 (AX1800) WiFi router vulnerability tracked as CVE-2023-1389 to incorporate devices into DDoS (distributed denial of service) swarms. [...] | Continue reading
VirusTotal announced on Monday the launch of a new artificial intelligence-based code analysis feature named Code Insight. [...] | Continue reading
A new side-channel attack impacting multiple generations of Intel CPUs has been discovered, allowing data to be leaked through the EFLAGS register. [...] | Continue reading
Attackers are exploiting severe vulnerabilities in the widely-used PaperCut MF/NG print management software to install Atera remote management software to take over servers. [...] | Continue reading
KuCoin's Twitter account was hacked, allowing attackers to promote a fake giveaway scam that led to the theft of over $22.6K in cryptocurrency. [...] | Continue reading
APC's Easy UPS Online Monitoring Software is vulnerable to unauthenticated arbitrary remote code execution, allowing hackers to take over devices and, in a worst-case scenario, disabling its functionality altogether. [...] | Continue reading
Microsoft is investigating an ongoing issue preventing some customers from using the search functionality across multiple Microsoft 365 services. [...] | Continue reading
Yellow Pages Group, a Canadian directory publisher has confirmed to BleepingComputer that it has been hit by a cyber attack. Black Basta ransomware and extortion gang claims responsibility for the attack and has posted sensitive documents and data over the weekend. [...] | Continue reading
Enterprise-level network equipment on the secondary market hide sensitive data that hackers could use to breach corporate environments or to obtain customer information. [...] | Continue reading
A new enterprise-targeting malware toolkit called 'Decoy Dog' has been discovered after inspecting anomalous DNS traffic that is distinctive from regular internet activity. [...] | Continue reading
GitHub announced that private vulnerability reporting is now generally available and can be enabled at scale, on all repositories belonging to an organization. [...] | Continue reading
Researchers are seeing a rise in attacks spreading the EvilExtractor data theft tool, used to steal users' sensitive data in Europe and the U.S. [...] | Continue reading
The enterprise-targeting Bumblebee malware is distributed through Google Ads and SEO poisoning that promote popular software like Zoom, Cisco AnyConnect, ChatGPT, and Citrix Workspace. [...] | Continue reading
A lot of news broke this week related to ransomware, with the discovery of LockBit testing macOS encryptors to an outage on NCR, causing massive headaches for restaurants. [...] | Continue reading
The X_Trader software supply chain attack that led to last month's 3CX breach has also impacted at least several critical infrastructure organizations in the United States and Europe, according to Symantec's Threat Hunter Team. [...] | Continue reading
Google has addressed a Cloud Platform (GCP) security vulnerability impacting all users and allowing attackers to backdoor their accounts using malicious OAuth applications installed from the Google Marketplace or third-party providers. [...] | Continue reading
Hackers use a novel method involving RBAC (Role-Based Access Control) to create persistent backdoor accounts on Kubernetes clusters and hijack their resources for Monero crypto-mining. [...] | Continue reading
The American Bar Association (ABA) has suffered a data breach after hackers compromised its network and gained access to older credentials for 1,466,000 members. [...] | Continue reading
Websites of multiple U.S. universities are serving Fortnite and 'gift card' spam. Researchers observed Wiki and documentation pages being hosted by universities including Stanford, MIT, Berkeley, UMass Amherst, Northeastern, Caltech, among others, were compromised. [...] | Continue reading
Attackers are using Eval PHP, an outdated legitimate WordPress plugin, to compromise websites by injecting stealthy backdoors. [...] | Continue reading
Google's Threat Analysis Group (TAG) has been monitoring and disrupting Russian state-backed cyberattacks targeting Ukraine's critical infrastructure in 2023. [...] | Continue reading
VMware addressed a critical vRealize Log Insight security vulnerability that allows remote attackers to gain remote execution on vulnerable appliances. [...] | Continue reading
A new Lazarus campaign considered part of "Operation DreamJob" has been discovered targeting Linux users with malware for the first time. [...] | Continue reading
Microsoft is investigating an ongoing outage blocking customers worldwide from accessing and using web apps and online services. [...] | Continue reading
London-based professional outsourcing giant Capita has published an update on the cyber-incident that impacted it at the start of the month, now admitting that hackers exfiltrated data from its systems. [...] | Continue reading
An investigation into last month's 3CX supply chain attack discovered that it was caused by another supply chain compromise where suspected North Korean attackers breached the site of stock trading automation company Trading Technologies to push trojanized software builds. [...] | Continue reading
In a confusing mess, a recent Microsoft Defender update rolled out a new security feature called 'Kernel-mode Hardware-enforced Stack Protection,' while removing the LSA protection feature. Unfortunately, Microsoft has not provided any documentation on this change, leading to mor … | Continue reading
Attackers are hacking into poorly secured and Interned-exposed Microsoft SQL (MS-SQL) servers to deploy Trigona ransomware payloads and encrypt all files. [...] | Continue reading
Fortra has completed its investigation into the exploitation of CVE-2023-0669, a zero-day flaw in the GoAnywhere MFT solution that the Clop ransomware gang exploited to steal data from over a hundred companies. [...] | Continue reading
Threat actors use a new hacking tool dubbed AuKill to disable Endpoint Detection & Response (EDR) Software on targets' systems before deploying backdoors and ransomware in Bring Your Own Vulnerable Driver (BYOVD) attacks. [...] | Continue reading
The United Kingdom's NCSC (National Cyber Security Centre) is warning of a heightened risk from attacks by state-aligned Russian hacktivists, urging all organizations in the country to apply recommended security measures. [...] | Continue reading
Print management software developer PaperCut is warning customers to update their software immediately, as hackers are actively exploiting flaws to gain access to vulnerable servers. [...] | Continue reading