A driver that's been pushed for the past 12 years to Dell computer devices for consumers and enterprises contains multiple vulnerabilities that could lead to increased privileges on the system. | Continue reading
Today, Trustwave researchers have disclosed their findings on a novel Windows malware sample that uses Internet Control Message Protocol (ICMP) for its command-and-control (C2) activities. Dubbed "Pingback," this malware targets Windows 64-bit systems, and uses DLL Hijacking to g … | Continue reading
Nonprofit health care provider Scripps Health in San Diego is currently dealing with a ransomware attack that forced the organization to suspend user access to its online portal and switch to alternative methods for patient care operations. | Continue reading
Today, Apple has released security updates that fix two actively exploited iOS zero-day vulnerabilities in the Webkit engine used by hackers to attack iPhones, iPads, iPods, macOS, and Apple Watch devices. | Continue reading
A new ransomware gang known as 'N3TW0RM' is targeting Israeli companies in a wave of cyberattacks starting last week. | Continue reading
Technical documentation and proof-of-concept exploit (PoC) code has been released for a high-severity vulnerability in Microsoft Exchange Server that could let remote attackers execute code on unpatched machines. | Continue reading
Pulse Secure has fixed a zero-day vulnerability in the Pulse Connect Secure (PCS) SSL VPN appliance that is being actively exploited to compromise the internal networks of defense firms and govt agencies. | Continue reading
Microsoft quietly revealed its plans to remove the Adobe Flash plugin from Windows 10, with mandatory removal starting in July 2021. | Continue reading
The next feature update "Windows 10 May 2021 Update" is going to be a minor service pack style-like release with quality improvements and bug fixes. While the next update is all about improvements, preview builds and reports have suggested that Windows 10 version 21H2 is going to … | Continue reading
Like other antivirus programs, Microsoft Defender will upload suspicious files to Microsoft to determine if they are malicious. However, some consider this a privacy risk and would rather have their files stay on their computer than being uploaded to a third party. | Continue reading
The Windows 10 Device Manager is getting a helpful upgrade that makes it easier to uninstall a specific driver by seeing what devices are using it | Continue reading
In the latest effort to improve the web apps experience, Google appears to be working on a new API that will allow Chrome progressive web apps (PWAs) to 'handle' (read) files in the operating system's file system. | Continue reading
Microsoft has updated the security baseline for Microsoft 365 Apps for enterprise (formerly Office 365 Professional Plus) to include protection from JScript code execution attacks and unsigned macros. | Continue reading
Python 3.3 standard library 'ipaddress' suffers from a critical IP address vulnerability (CVE-2021-29921) identical to the flaw that was reported in the "netmask" library earlier this year. | Continue reading
Ransomware gangs continue to target organizations large and small, including a brazen attack on the Washington DC police department. | Continue reading
Bank holding company First Horizon Corporation disclosed the some of its customers had their online banking accounts breached by unknown attackers earlier this month. | Continue reading
A new message today from the operators of Babuk ransomware clarifies that the gang has decided to close the affiliate program and move to an extortion model that does not rely on encrypting victim computers. | Continue reading
Microsoft has added AAC (Advanced Audio Coding) support for Bluetooth audio devices with the release of Windows 10 Build 21370 to the Dev Channel. | Continue reading
Microsoft released PowerToys v0.37.0 yesterday with minor improvements and a significant change - it now requires a minimum version of Windows 10 1903. | Continue reading
Cryptocurrency trading platform Hotbit has shut down all services for at least a week after a cyberattack that down several of its services on Thursday evening. | Continue reading
The account information for almost 22 million ParkMobile customers is now in the hands of hackers and scammers after the data was released for free on a hacking forum. | Continue reading
Hackers suspected to work for the Chinese government have used a new malware called PortDoor to infiltrate the systems of an engineering company that designs submarines for the Russian Navy. | Continue reading
Codecov has now started notifying the maintainers of software repositories affected by the recent supply-chain attack. These notifications, delivered via both email and the Codecov application interface, state that the company believes the affected repositories were downloaded by … | Continue reading
Brazil's Tribunal de Justiça do Estado do Rio Grande do Sul was hit with an REvil ransomware attack yesterday that encrypted employee's files and forced the courts to shut down their network. | Continue reading
Microsoft security researchers have discovered over two dozen critical remote code execution (RCE) vulnerabilities in Internet of Things (IoT) devices and Operational Technology (OT) industrial systems. | Continue reading
A financially motivated threat actor exploited a zero-day bug in Sonicwall SMA 100 Series VPN appliances to deploy new ransomware known as FiveHands on the networks of North American and European targets. | Continue reading
As Microsoft begins to utilize its Known Issue Rollback feature to release Windows 10 fixes quickly, users are discovering that modifying privacy settings may prevent these fixes from being installed. | Continue reading
QNAP customers are once again urged to secure their Network Attached Storage (NAS) devices following a massive Qlocker ransomware campaign earlier this month. | Continue reading
After just a few months of activity, the operators of Babuk ransomware briefly posted a short message about their intention to quit the extortion business after having achieved their goal. | Continue reading
The Whistler municipality in British Columbia, Canada, has suffered a cyberattack at the hands of a new ransomware operation. | Continue reading
The Ransomware Task Force, a public-party coalition of more than 50 experts, has shared a framework of actions to disrupt the ransomware business model. | Continue reading
Microsoft has announced that the Windows May 10th 2021 Update (21H1) is complete and being prepared for release. | Continue reading
Cloud hosting provider DigitalOcean has disclosed a data breach after a flaw exposed customers' billing information. | Continue reading
Popular hacking forum OGUsers has been hacked for its fourth time in two years, with hackers now selling the site's database containing user records and private messages. | Continue reading
New Microsoft Graph APIs released today for public preview allow developers and IT professionals to manage Windows 10 updates and expedite Windows 10 security updates in enterprise environments. | Continue reading
A recently discovered Linux malware with backdoor capabilities has flown under the radar for years, allowing attackers to harvest and exfiltrate sensitive information from compromised devices. | Continue reading
Cybercriminals target Rogers customers with a new SMS phishing campaign pretending to be refunds for last week's Canada-wide wireless outage. | Continue reading
Click Studios, the software company behind the Passwordstate enterprise password manager, is warning customers of ongoing phishing attacks targeting them with updated Moserpass malware. | Continue reading
A Chinese-speaking threat actor has deployed a new backdoor in multiple cyber-espionage operations spanning roughly two years and targeting military organizations from Southeast Asia. | Continue reading
UK rail network Merseyrail has confirmed a cyberattack after a ransomware gang used their email system to email employees and journalists about the attack. | Continue reading
GitHub has announced rolling out a mysterious HTTP header on all GitHub Pages sites to block Google FLoC tracking. | Continue reading
Microsoft Edge will automatically redirect users to a secure HTTPS connection when visiting websites using the HTTP protocol, starting with version 92, coming in late July. | Continue reading
Millions of email addresses collected by Emotet botnet for malware distribution campaigns have been shared by the Federal Bureau of Investigation (FBI) as part of the agency's effort to clean infected computers. | Continue reading
Manga scanlation site MangaDex disclosed a data breach last week after learning that the site's user database was privately circulating among threat actors. | Continue reading
A worldwide Microsoft Teams outage is blocking users from logging into their accounts, and preventing those already logged in from sending and receiving messages. | Continue reading
The Metropolitan Police Department has confirmed that they suffered a cyberattack after the Babuk ransomware gang leaked screenshots of stolen data. | Continue reading
Microsoft today announced that multiple .NET Framework versions signed using the legacy and insecure Secure Hash Algorithm 1 (SHA-1) will reach end of support next year. | Continue reading
Popular musical instrument marketplace Reverb has suffered a data breach after an unsecured database containing customer information was exposed online. | Continue reading