Navigate
Home
Blog
Dashboard
Feeds
Articles
Search
Overview
Topics
Assistant
Home
Blog
Dashboard
Feeds
Articles
Search
Overview
Topics
Assistant
Login
Qubitstrike attacks rootkit Jupyter Linux servers to steal credentials
CISOs are struggling to get cybersecurity budgets: Report
SANS Survey Shows Drop in 2023 ICS/OT Security Budgets
Data Theft Overtakes Ransomware as Top Concern for IT Decision Makers
Stealthy APT Gelsemium Seen Targeting Southeast Asian Government
Threat Report: The High Tech Industry Targeted the Most with 46% of NLX-Tagged Attack Traffic
Ex-NSA Employee Pleads Guilty to Leaking Classified Data to Russia
New GoldDigger Android Trojan Drains Victim Bank Accounts
Johnson Controls Hit by Ransomware
Expensive Investigations Drive Surging Data Breach Costs
Police Issue “Quishing” Email Warning
Fresh Wave of Malicious npm Packages Threaten Kubernetes Configs and SSH Keys
Microsoft Edge is testing a new video translation feature
New 'Looney Tunables' Linux bug gives root on major distros
Estes reports cyberattack caused ongoing tech outage
Supply Chain Attackers Escalate With GitHub Dependabot Impersonation
Why Small Businesses Need a Malware Sandbox ? - Top 3 Reasons in 2023
Warning: Unpatched Cisco Zero-Day Vulnerability Actively Targeted in the Wild
GoldDigger Android Trojan Targets Banking Apps in Asia Pacific Countries
Microsoft Edge is losing tablet-friendly "Web Select" feature
Looney Tunables: New Linux Flaw Enables Privilege Escalation on Major Distributions
China's Offensive Cyber Operations in Africa Support Soft Power Efforts
ChatGPT “not a reliable” tool for detecting vulnerabilities in developed code
AuditBoard adds new AI and analytics capabilities for risk and compliance
China Poised to Disrupt US Critical Infrastructure with Cyber-Attacks,
MGM Resorts' Systems Restored After 10-Days Following Ransomware Attack
Google ads push malicious CPU-Z app from fake Windows news site
Google TAG Detects State-Backed Threat Actors Exploiting WinRAR Flaw
Half of Cybersecurity Professionals Report Increase in Cyber-Attacks
libcue Library Flaw Opens GNOME Linux Systems Vulnerable to RCE Attacks
Hacker Group GhostSec Unveils New Generation Ransomware Implant
Google Given Max Severity Score for lipwebp Zero-day Exploited in Wild
American Family Insurance confirms cyberattack is behind IT outages
Researchers Uncover Malware Posing as WordPress Caching Plugin
French Cybercriminal Pleads Guilty for Hacking Corporate Data
New ZeroFont phishing tricks Outlook into showing fake AV-scans
‘War has no rules’: Hacktivists scorn Red Cross’ new guidelines
Russian Zero-Day Acquisition Firm Offers $20 Million for Android, iOS Exploits
What is ransomware? Everything you need to know and how to reduce your risk
Police arrests Ragnar Locker ransomware developer in France
Qakbot hackers now pushing Cyclops/Ransom Knight ransomware, Cisco says
D-Link Confirms Data Breach: Employee Falls Victim to Phishing Attack
UN Chief Appoints 39-Member Panel to Advise on International Governance of Artificial Intelligence
Lyca Mobile investigates customer data leak after cyberattack
Android Banking Trojan Zanubis Evolves to Target Peruvian Users
Eureka: With GPT-4 overseeing training, robots can learn much faster
Authorities Seized RagnarLocker Ransomware Dark Web Site
Cybercriminals Using New ASMCrypt Malware Loader Flying Under the Radar
Hackers use malicious 404 error pages to steal credit cards
Over 10,000 Cisco devices hacked in IOS XE zero-day attacks
Fake Bitwarden sites push new ZenRAT password-stealing malware
Addressing the People Problem in Cybersecurity
MGM Resorts Refused to Pay Hackers’ Ransom Demand in Cyberattack
Microsoft Patch Tuesday Haunted by Zero-Days, Wormable Bug
Motel One Discloses Ransomware Attack Impacting Customer Data
C-suite leaders to boost cybersecurity compliance amid SEC disclosure rule: Deloitte
European Police Hackathon Hunts Down Traffickers
Simpson Manufacturing shuts down IT systems after cyberattack
Incomplete disclosures by Apple and Google create “huge blindspot” for 0-day hunters
CyberEPQ Course Triples Student Intake for the Coming Year
Okta Support System Hacked, Sensitive Customer Data Stolen
'Gold Melody' Access Broker Plays on Unpatched Servers' Strings
CISA working on updated National Cyber Incident Response Plan
Florida court pauses many proceedings following cyberattack
Hackers Shifting Towards Non-Executable .txt & .log Files to Deliver Malware
New Jupyter Infostealer Version Emerges with Sophisticated Stealth Tactics
Google, Yahoo announce new email authentication requirements for 2024
New WordPress backdoor creates rogue admin to hijack websites
Titan File Transfer Server Flaws Let Attackers Execute Remote Code
iLeakage - New Attack Let Hackers Steal Emails, Passwords On Apple Safari
“Catastrophic” AI harms among warnings in declaration signed by 28 nations
A Primer on Cyber Risk Acceptance and What it Means to Your Business
Simple Membership Plugin Flaws Expose WordPress Sites
Federal judge issues injunction limiting officials’ ability to control disinformation
India targets Microsoft, Amazon tech support scammers in nationwide crackdown
Iranian Hackers Launches Destructive Cyberattacks on Israeli Tech and Education Sectors
Qualcomm Releases Patch for 3 new Zero-Days Under Active Exploitation
Exploit released for Microsoft SharePoint Server auth bypass flaw
Apple Releases iOS 16 Update to Patch Exploited Vulnerability
CISA urges use of memory safe code in software development
Data Breach at Singapore’s Marina Bay Sands Affects 665,000 Customers
MGM Resorts Computers Back Up After 10 Days as Analysts Eye Effects of Casino Cyberattacks
#CyberMonth: Google Makes Passkeys Default Sign-In Option
$200 Million in Cryptocurrency Stolen in Mixin Network Hack
New BBTok Banking Malware Server-Side Software Generates Victim-Specific Payload
Trend Micro fixes endpoint protection zero-day used in attacks
Leading CISO Creates Model for Ransomware Payment Decisions
DarkGate Opens Organizations for Attack via Skype, Teams
Watch Out For These Backdoored Android TV Boxes Already Available
“Project Volterra” review: Microsoft’s $600 Arm PC that almost doesn’t suck
Mandiant Intelligence Chief Raises Alarm Over China's 'Volt Typhoon' Hackers in US Critical Infrastructure
BianLian extortion group claims recent Air Canada breach
Cyber venture capital funding on pace to hit four-year low
CISA Kicks Off Cybersecurity Awareness Month With New Program
Qualcomm Sys Hackers Actively Exploit 3 new Zero-Days - Patch Now
NIST Publishes Final Version of 800-82r3 OT Security Guide
SIM Box Fraud to Drive 700% Surge in Roaming Scams
Windows 11 ‘Moment 4’ update released, here are the many new features
Kinsing Cyberattackers Debut 'Looney Tunables' Cloud Exploits
People are speaking with ChatGPT for hours, bringing 2013’s Her closer to reality
Lost and Stolen Devices: A Gateway to Data Breaches and Leaks
OpenAI’s new AI image generator pushes the limits in detail and prompt fidelity
Microsoft: Human-operated ransomware attacks tripled over past year
California Law Restricting Companies' Use of Information From Kids Online Is Halted by Federal Judge
Exela Stealer Attacking Discord Users to Steal Login Credentials
White House rolls out zero trust strategy for federal agencies | ZDNet
1Password Detects Suspicious Activity Following Okta Support Breach
Q&A: UK Ambassador on Creating New Cybersecurity Agencies Around the World
Fake Ledger Live app in Microsoft Store steals $768,000 in crypto
GitHub passkeys generally available for passwordless sign-ins
Critical Flaw in NextGen's Mirth Connect Could Expose Healthcare Data
Microsoft Blames Nation-State Threat Actor for Confluence Zero-Day Attacks
North Korean hackers exploit known bug in ‘high-profile’ software vendor
Jony Ive and OpenAI’s Altman reportedly collaborating on mysterious AI device
China-Linked Budworm Targeting Middle Eastern Telco and Asian Government Agencies
Meta launches consumer AI chatbots with celebrity avatars in its social apps
AWS bets on accuracy in generative AI deployment race
CISA Unveils New HBOM Framework to Track Hardware Components
Qakbot Gang Still Active Despite FBI Takedown
Ragnar Locker Ransomware Boss Arrested in Paris
Cloudflare Observed The Peak DDOS Attack of 201 Million HTTP Requests Per Second
In Chernihiv, a project preserving the past — with technology of the future
US Treasury inks cybersecurity agreement with United Arab Emirates
Chrome Flags Third Zero-Day This Month That's Tied to Spying Exploits
T-Mobile denies rumors of a breach affecting employee data
Ragnar Locker ransomware site taken down by FBI, Europol
APIs: Unveiling the Silent Killer of Cyber Security Risk Across Industries
Octo Tempest Group Threatens Physical Violence as Social Engineering Tactic
Qubitstrike Targets Jupyter Notebooks with Crypto Mining and Rootkit Campaign
Half of Small Businesses Hit by Cyber-Attack Over the Past Year
Vanta bakes generative AI into core security and compliance product
Unpatched Vulnerabilities Expose Yifan Industrial Routers to Attacks
Amazon sends Mastercard, Google Play gift card order emails by mistake
Hong Kong crypto business Mixin says hackers stole $200 million in assets
India raids tech-support fraud compounds after tip from Amazon, Microsoft
Chinese Hackers TAG-74 Targets South Korean Organizations in a Multi-Year Campaign
Top Dutch cyber official Hans de Vries on cyber defense in times of war
Red Cross releases ethical guidelines for hacktivists in war
Cybersecurity Awareness Month Celebrates 20 Years
New Magecart Campaign Alters 404 Error Pages to Steal Shoppers' Credit Cards
Government Shutdown Poised to Stress Nation's Cybersecurity Supply Chain
Citrix Devices Under Attack: NetScaler Flaw Exploited to Capture User Credentials
SAP Patches for XSS, Log Injection & Other Vulnerabilities
Millions of Exim mail servers exposed to zero-day RCE attacks
Nigerian Police dismantle cybercrime recruitment, mentoring hub
Coalition to give NGOs free access to cybersecurity services to protect against attacks
FBI Warns of Dual Ransomware Attacks and Data Destruction Trends
Google Cloud Chronicle Security Unifies SOAR and SIEM Solutions
Google and Yahoo say they will crack down on spam with new measures
CISA: Agencies seeing steep decrease in known exploited vulnerabilities on federal networks
Microsoft overhauls cyber strategy to finally embrace security by default
Thales Acquired Cyber Security Company Imperva in a $3.6 Billion Deal
Researchers Find Malicious npm Packages Targeting Sensitive Data
Middle East telcos targeted by new malware with suspected nation-state backing
Qualcomm Patches 3 Zero-Days Reported by Google
Cyber-Attacks on Ukraine Surge 123%, But Success Rates Plummet
Philadelphia: Hackers spent three months accessing city gov’t email accounts
Google is retiring its Gmail Basic HTML view in January 2024
New Admin Takeover Vulnerability Exposed in Synology's DiskStation Manager
Microsoft Warns of Cyber Attacks Attempting to Breach Cloud via SQL Server Instance
Ex-Navy IT head gets 5 years for selling people’s data on darkweb
Firefox, Chrome Updates Patch High-Severity Vulnerabilities
Head of US Cybersecurity Agency Sees Progress on Election Security, With More Work Needed for 2024
China APT Cracks Cisco Firmware in Attacks Against the US and Japan
Attacks on EMEA Financial Services Double in a Year
Developers can’t seem to stop exposing credentials in publicly accessible code
Operation Behind Predator Mobile Spyware Is 'Industrial Scale'
Crypto firm Nansen asks users to reset passwords after vendor breach
Microsoft Defender Thwarts Large-Scale Akira Ransomware Attack
Nigerian Pleads Guilty in US to Million-Dollar BEC Scheme Role
Pro-Ukraine group says it took down Trigona ransomware website
New Supermicro BMC Vulnerabilities Could Expose Many Servers to Remote Attacks
Arm warns of Mali GPU flaws likely exploited in targeted attacks
Gone in 130 seconds: New Tesla hack gives thieves their own personal key
Too Rich To Ransomware? MGM Brushes Off $100M in Losses
Microsoft Warns of North Korean Attacks Exploiting JetBrains TeamCity Flaw
Critical OAuth Flaws Uncovered in Grammarly, Vidio, and Bukalapak Platforms
AI Adoption Surges But Security Awareness Lags Behind
Cloudflare DDoS protections ironically bypassed using Cloudflare
Cyberattacks in Arizona, Missouri limit access to community services
New Trojan ZenRAT masquerades as Bitwarden password manager
Spy Trojan SpyNote Unveiled in Attacks on Gamers
CISA Warns of Old JBoss RichFaces Vulnerability Being Exploited in Attacks
Russian flight booking system suffers ‘massive’ cyberattack
Firefox 118 Released With the Fix for 6 High-Severity Vulnerabilities
Fake WinRAR proof-of-concept exploit drops VenomRAT malware
Chrome 118 Patches 20 Vulnerabilities
Arm patches bugs in Mali GPUs that affect Android phones and Chromebooks
Microsoft Azure Developers Awash in PII-Stealing npm Packages
Apple and Chrome Zero-Days Exploited to Hack Egyptian ex-MP with Predator Spyware
Palo Alto Networks updates Prisma Cloud with integrated cloud security
Nearly 100,000 Industrial Control Systems Exposed to the Internet
BORN Ontario child registry data breach affects 3.4 million people
GitLab urges users to install security updates for critical pipeline flaw
US Government Proposes SBOM Rules for Contractors
Elusive Sandman APT Targets Telecom Giants With LuaJIT Toolkit
CapraRAT Android Malware Hijack Android Phones Mimicking YouTube App
#mWISE: Why Zero Days Are Set for Highest Year on Record
Turla Updates Kazuar Backdoor with Advanced Anti-Analysis to Evade Detection
Apple Issues Emergency Patches for More Zero-Days
Threat actors claim to have compromised MGM Resorts’ Okta environment
Revisiting 16shop Phishing Kit, Trend-Interpol Partnership
NATO official: Alliance needs to consider 'a more structural cooperation' with Microsoft, Google
Former US Cyber Director Inglis on Israel, Russia and ONCD’s future
Okta says its support system was breached using stolen credentials
Cloudflare Dashboard and APIs down after data center power outage
Hackers Earn $400k on First Day at Pwn2Own Toronto 2023
High-Severity Flaws in ConnectedIO's 3G/4G Routers Raise Concerns for IoT Security
D-Link Hacked: Hackers Steal Source Code and Customer Personal Information
Hackers Use ZeroFont Phishing To Target Microsoft Outlook Users
How to Keep Your Business Running in a Contested Environment
Iranian Crambus Actors Modify Windows Firewall Rules To Enable Remote Access
Generative AI could erode customer trust, half of business leaders say
City of Philadelphia discloses data breach after five months
Internet-Wide Zero-Day Bug Fuels Largest-Ever DDoS Event
Pentagon moves closer to picking leader for top cyber job
European Telecommunications Standards Institute Discloses Data Breach
SASE Firm Cato Networks Raises $238 Million at $3 Billion Valuation
New CVSS 4.0 vulnerability severity rating standard released
Microsoft, American Express most spoofed brands in financial services phishing emails
UK appoints Neal-Hopes as commander of National Cyber Force
Critical, Unpatched Cisco Zero-Day Bug Is Under Active Exploit
China's Malicious Cyber Activity Informing War Preparations, Pentagon
AWS kicks off cloud race to mandate MFA by default
TetrisPhantom: Cyber Espionage via Secure USBs Targets APAC Governments
Dangerous privilege escalation bugs found in Linux package manager Snap
Aviation sector organization hit by exploit of CVE duo
UK logistics firm blames ransomware attack for insolvency, 730 redundancies
Hacktivists take sides in Israel-Palestinian war
AI language models can exceed PNG and FLAC in lossless compression, says study
ShadowSyndicate hackers linked to multiple ransomware ops, 85 servers
Microsoft October 2023 Patch Tuesday fixes 3 zero-days, 104 flaws
CrowdStrike to Acquire Cloud-Native App Security Startup Bionic for $350 Million
Google to bolster phishing and malware delivery defenses in 2024
Cisco Zero-Day Exploited to Implant Malicious Lua Backdoor on Thousands of Devices
QNAP Releases Patch for 2 Critical Flaws Threatening Your NAS Devices
British government quietly sacks entire board of independent AI advisers
CISA furloughs will cut deep if government shuts down
Russian hackers target Ukrainian government systems involved in war crimes investigations
OriginBotnet Attack Windows Machine Using Weaponized Word Document
Rockwell Automation Acquires ICS/OT Security Firm Verve Industrial
Business-oriented threat involving ‘several types of malware all at once’ remains active
Nation-state Hackers Exploiting Confluence Zero-day Vulnerability
Immersive Labs adds custom 'workforce exercising' for each organizational role
Microsoft Breach Exposed 60,000 State Department Emails
Number of Internet-Exposed ICS Drops Below 100,000: Report
IT Admins Set Admin Portal Passwords to ‘admin’ - Almost 40,000 Entries Found
Large Michigan healthcare provider confirms ransomware attack
CISA and NFL Collaborate to Secure Super Bowl LVIII
Intel fixes high-severity CPU bug that causes “very strange behavior”
GPUs from all major suppliers are vulnerable to new pixel-stealing attack
LightSpy iPhone Spyware Linked to Chinese APT41 Group
Maltego’s New SSL Certificate Spotter to Detect Suspicious Certificate
Generative AI Startup Nexusflow Raises $10.6 Million
Ukrainian Hacker Suspected to be Behind "Free Download Manager" Malware Attack
Windows 11's new ‘Never Combine’ icons feature is almost usable
Atlassian Confluence Hit by Newly Actively Exploited Zero-Day – Patch Now
Deep Instinct goes deeper with 'preventive' storage protection
AI Security Firm Cranium Raises $25 Million
#mWISE: US to Implement Game-Changing Cyber Mandates on Medical Device
Spyware was used against Catalan targets and UK prime minister and Foreign Office
US Government Releases Anti-Phishing Guidance
BunnyLoader Malware Targets Browsers and Cryptocurrency
Iranian APT Group OilRig Using New Menorah Malware for Covert Operations
Windows 11 KB5030310 update adds recommended websites, fixes 24 issues
ToddyCat hackers use 'disposable' malware to target Asian telecoms
NCSC Launches Cyber Incident Exercise Scheme
Critical Infrastructure Organizations Warned of Snatch Ransomware Attacks
Failure to verify OAuth tokens enables account takeover on websites
Papercut Print Manager Flaw Let Attackers Perform Sophisticated Attacks
Cybersecurity M&A Roundup for First Half of October 2023
FAIR Institute wants to quantify just how much a cyberattack costs
Critical updates for Microsoft Office and Visual Studio drive September's Patch Tuesday
Almost US 900 Schools Breached Via MOVEit
Enhancing your application security program with continuous monitoring
UK National Cyber Force operations to become ‘more embedded’ with policing
Signal Messenger Introduces PQXDH Quantum-Resistant Encryption
Thanks to AI, the future of programming may involve YELLING IN ALL CAPS
Twistlock Founders Score Whopping $51M Seed Funding for Gutsy
Critical MQTT-Related Bugs Open Industrial Networks to RCE Via Moxa
SolarWinds Access Rights Manager Flaw Let Attackers Execute Remote Code
Curl Bug Hype Fizzles After Patching Reveal
Lacework adds multiple extensions to its multicloud security platform
Insider risks are getting increasingly costly
Apple Emergency Update for New Zero-Day Used to Hack iPhones
Live Exploitation Underscores Urgency to Patch Critical WS-FTP Server Flaw
So far, AI hasn’t been profitable for Big Tech
Exim SMTP Service Zero-day Flaw Let Attackers Execute Remote Code
Cisco’s big bet on Splunk accelerates market shifts
Silverfort Open Sources Lateral Movement Detection Tool
Microsoft Releases October 2023 Patches for 103 Flaws, Including 2 Active Exploits
Google Expands Bug Bounty Program With Chrome, Cloud CTF Events
Okta launches Cybersecurity Workforce Development Initiative
Do You Really Trust Your Web Application Supply Chain?
Air Canada Says Employee Information Accessed in Cyberattack
FIDO Alliance certifies security of edge nodes, IoT devices
Discord is investigating cause of ‘You have been blocked’ errors
Sophos Firewall Password Disclosure Vulnerability: Patch Now!
DC Board of Elections Says Full Voter Roll Compromised in Data Breach
Critical 'ShellTorch' Flaws Light Up Open Source AI Users, Like Google
900 US Schools Impacted by MOVEit Hack at National Student Clearinghouse
Google will shield AI users from copyright challenges, within limits
Beware Lumma Stealer Distributed via Discord CDN
China-based spies are hacking East Asian semiconductor companies, report says
Atlassian patches critical Confluence zero-day exploited in attacks
US is making headway on securing cyber infrastructure, commission says
FBI: Crippling 'Dual Ransomware Attacks' on the Rise
New Ransomware Victims Surge by 47% with Gangs Targeting Small Busines
Hackers actively exploiting Openfire flaw to encrypt servers
As Congress idles, key lawmakers retain sense of urgency on surveillance law
New TetrisPhantom hackers steal data from secure USB drives on govt systems
Capita Boss to Step Down Following Cyber Incident
Stanford University investigating cyberattack after ransomware claims
New 'Grayling' APT Targeting Organizations in Taiwan, US
The 2024 race promises to be 'very, very active' in terms of foreign and domestic meddling, says former CISA chief
Critical Glibc Bug Puts Linux Distributions at Risk
Modern GPUs vulnerable to new GPU.zip side-channel attack
Air Canada says hackers accessed limited employee records during cyberattack
Hacker Stole $200 Million in Cryptocurrency from Mixin Network
Evasive Gelsemium hackers spotted in attack against Asian govt
Apple Patches Three Actively Exploited Zero-Days
WordPress Advanced Custom Fields plugin XSS exposes +2M sites to attacks
CISO salaries are up, but growth is slowing
Clorox Blames Damaging Cyberattack for Product Shortage
Suspected China-based hackers target Middle Eastern telecom, Asian government
New critical AI vulnerabilities in TorchServe put thousands of AI models at risk
Pro-Russia hackers target inboxes with 0-day in webmail app used by millions
CISA Warns of Active Exploitation of JetBrains and Windows Vulnerabilities
Citrix Bleed exploit lets hackers hijack NetScaler accounts
Red Cross Releases Wartime Hacktivist Rules
Hamas likely cooperates with hackers to stay online
Kansas courts IT systems offline after ‘security incident’
AI to Create Demand for Digital Trust Professionals, ISACA Survey Find
Hackers are increasingly hiding within services such as Slack and Trello to deploy malware
Iranian Hackers Lurked for 8 Months in Government Network
Emergency alert on US phones and TVs today — Don’t worry, it’s just a test
Hackers hijack Citrix NetScaler login pages to steal credentials
Red Cross says tech companies should protect civilians during conflicts
ChatGPT back online after major OpenAI systems outage
FBI warns of extortion groups targeting plastic surgery offices
Splunk to cut 7% of staff in latest layoff round this year
Social media platforms foment disinformation about war in Israel
Researchers Uncover New GPU Side-Channel Vulnerability Leaking Sensitive Data
Royal lurked in Dallas’ systems weeks before ransomware attack
ENISA: Ransomware became a prominent threat against the transport sector in 2022
A Key US Government Surveillance Tool Should Face New Limits, a Divided Privacy Oversight Board Says
New Survey Uncovers How Companies Are Confronting Data Security Challenges Head-On
UK data regulator warns that data breaches put abuse victims’ lives at risk
Fortinet FortiOS Flaw Let Attacker Execute Malicious JavaScript Code
GitLab Releases Urgent Security Patches for Critical Vulnerability
Binance agrees to pay $4.3 billion for money laundering violations, CEO steps down
Top 10 Best Data Loss Prevention Software - 2023
D-Link Confirms Breach, Rebuts Hacker's Claims About Scope
Hackers Exploiting Windows SmartScreen Zero-day Vulnerability to Deploy Remcos RAT
Exploits released for Linux flaw giving root on major distros
Construction insurer hit in data breach
TeamCity RCE Flaw Actively Exploited To Deploy Ransomware
US govt bans European spyware vendors Intellexa and Cytrox
Vulnerability in popular ‘libwebp’ code more widespread than expected
Google makes passkeys the default sign-in for personal accounts
Another Chrome Zero-Day Under Attack Received A Fix
Akira ransomware targets Cisco VPNs to breach organizations
Hunting Insider Threats on the Dark Web
Virtual Kidnapping: AI Tools Are Enabling IRL Extortion Scams
FBI: Hackers Are Extorting Plastic Surgery Providers, Patients
OpenRefine's Zip Slip Vulnerability Could Let Attackers Execute Malicious Code
Why Choose When You Can Have Both? IT Management OR IT security
CISA and NSA Publish Top 10 Misconfigurations
Clorox warns of product shortages a month after disclosing cyberattack
Threat Data Feeds and Threat Intelligence Are Not the Same Thing
Who's Experimenting with AI Tools in Your Organization?
Arm, Qualcomm warn GPU drivers are likely being exploited by hackers
Ransomed.vc gang claims to shut down after six affiliates allegedly arrested
LinkedIn Smart Links Abused in Phishing Campaign Targeting Microsoft Accounts
In Other News: Funding Increase, Abuse of Smartphone Location Data, Legal Matters
UK Regulator Fines Equifax £11m for 2017 Data Breach
Cisco Warns of IOS Software Zero-Day Exploitation Attempts
UK-US Confirm Agreement for Personal Data Transfers
US surprises Nvidia by speeding up new AI chip export ban
Critical Infrastructure Stakeholders Gather for Day 2 of SecurityWeek's 2023 ICS Cybersecurity Conference
Caesars Entertainment faces class action lawsuits following rewards database hack
Threat Actors Deployed Hundreds of Python Packages to Steal System Data
SEC cyber disclosure rules: What’s the role of the CIO?
Ukrainian activists hack Trigona ransomware gang, wipe servers
Microsoft: 0ktapus Cyberattackers Evolve to 'Most Dangerous' Status
Exim patches three of six zero-day bugs disclosed last week
P2PInfect botnet activity surges 600x with stealthier malware variants
NSA is creating a hub for AI security, Nakasone says
Microsoft: State hackers exploiting Confluence zero-day since September
DoNot Team's New Firebird Backdoor Hits Pakistan and Afghanistan
Supermicro's BMC Firmware Found Vulnerable to Multiple Critical Vulnerabilities
The Rise of the Malicious App
Cybercrime gangs now deploying ransomware within 24 hours of hacking victims
IoT Device Definition Types And The Four Most Popular In 2023
Pro Wrestling Tees discloses data breach after credit cards stolen
Qualcomm says hackers exploit 3 zero-days in its GPU, DSP drivers
Microsoft Exchange gets ‘better’ patch to mitigate critical bug
Number of hacked Cisco IOS XE devices plummets from 50K to hundreds
Google launches dependency API and curated package repository with security metadata
CISO Best Practices for Managing Cyber Risk
Help! I have 100,000 unread messages in my Gmail inbox. Where do I even start? [Ask ZDNet] | ZDNet
Arm Issues Patch for Mali GPU Kernel Driver Vulnerability Amidst Ongoing Exploitation
Nation State Hackers Exploiting Zero-Day in Roundcube Webmail Software
BlackCat ransomware uses new ‘Munchkin’ Linux VM in stealthy attacks
Unraveling Real-Life Attack Paths – Key Lessons Learned
Recently Patched TagDiv Plugin Flaw Exploited to Hack Thousands of WordPress Sites
In Other News: New Analysis of Snowden Files, Yubico Goes Public, Election Hacking
Guide: How vCISOs, MSPs and MSSPs Can Keep their Customers Safe from Gen AI Risks
A massive phishing campaign using QR codes targets the energy sector
MGM Resorts Reveals Over $100M in Costs After Ransomware Attack
Security has an underlying defect: passwords and authentication
Kazakhstan-based hackers targeting gov’t websites in Central Asia, Cisco says
These ransomware attackers sent their ransom note to the victim's printer | ZDNet
Convincing Twitter 'quote tweet' phone scam targets bank customers
Cisco Plugs Gaping Hole in Emergency Responder Software
US Government in Snatch Ransomware Warning
Wisconsin county dealing with ransomware attack on public health department
Exotic Lily initial access broker works with Conti gang
1Password caught in Okta breach, impacting employee-facing apps
Google Open Sources Binary File Comparison Tool BinDiff
Progress Software discloses 8 vulnerabilities in one of its other file-transfer services
California city warns of data breach after ransomware attack claims
From ScreenConnect to Hive Ransomware in 61 hours - The DFIR Report
SEC pushes for tougher cybersecurity disclosure rules
DHS to host Latin American cyber summit as region faces an onslaught of digital attacks
Oracle Patches 185 Vulnerabilities With October 2023 CPU
Average insider cyberthreat cost spikes 40% in 4 years
Best early Black Friday VPN deals 2022: Surfshark, Proton, and more available now
Persistent Espionage Campaign Targets APAC Governments
Rising AI-Fueled Phishing Drives Demand for Password Alternatives
Operations of Healthcare Solutions Giant Henry Schein Disrupted by Cyberattack
Researchers show how easy it is to defeat AI watermarks
EtherHiding: A Novel Technique to Hide Malicious Code Using Binance's Smart Chain
New PCI DSS v4.0 receives kudos for flexibility
New Campaign Targets Middle East Governments with IronWind Malware
Criminal IP Elevates Payment Security with PCI DSS Level 1 Certification
FBI warns of surge in 'phantom hacker' scams impacting elderly
Bipartisan bill aims to have wide impact on federal surveillance efforts
Tom Tugendhat criticizes fake AI attempts to ‘besmirch’ Keir Starmer and Sadiq Khan
Cisco Catalyst SD-WAN Manager flaw allows remote server access
Cisco DNA Center Vulnerability Let Attacker Modify Internal Data
FTC to force ISP to deploy fiber for 60K users to match speed claims
Forty Countries Agree Not to Pay Cybercrime Ransoms
New OS Tool Tells You Who Has Access to What Data
The Week in Ransomware - June 30th 2023 - Mistaken Identity
Lyca Mobile Services Significantly Disrupted by Cyberattack
Zero-Day Flaw Exposes Atlas VPN User IPs
If you have a tell-a-friend feature on your website, disable it right now
Hackers Target Azerbaijan Users With A Novel Rust Malware
Citrix warns admins to patch NetScaler CVE-2023-4966 bug immediately
Windows Systems Targeted in Multi-Stage Malware Attack
Security Affairs newsletter Round 413 by Pierluigi Paganini – International edition
The Interdependence between Automated Threat Intelligence Collection and Humans
Microsoft 365 admins warned of new Google anti-spam rules
Microsoft Releases Patches for 74 New Vulnerabilities in August Update
HackerGPT: A ChatGPT Empowered Penetration Testing Tool
Apple Patches 3 Zero-Days Likely Exploited by Spyware Vendor to Hack iPhones
Cisco Emergency Responder Vulnerability Let Remote Attacker Login as Root User
DNA Tester 23andMe Hit By Credential Stuffing Campaign
Researchers Extract Sounds From Still Images on Smartphone Cameras
Basic home office hacks: 8 things you need to elevate your workspace
Windows 11 KB5030310 preview update released with 26 fixes
Google Patches Chrome Zero-Day Used in Spyware Attacks
New GPU Side Channel Vulnerability Impacts GPUs from Intel, AMD, Apple & Nvidia
Washington State Department of Transportation working to recover from cyberattack
Vietnamese Hackers Target U.K., U.S., and India with DarkGate Malware
From Cyber Threats to Cyber Talent, Insights From the Front Lines
Lapsus Teen Suspects Have their Day in Court
Xenomorph Banking Trojan: A New Variant Targeting 35+ U.S. Financial Institutions
Analyzing an Old Bug and Discovering CVE-2021-30995
Google-hosted malvertising leads to fake Keepass site that looks genuine
Okta attacked again, this time hitting its support system
FCC proposes 3-year cybersecurity pilot for schools, libraries
MOVEit Gang Targets SysAid Customers With Zero-Day Attacks
Security experts urge Fick's speedy confirmation as first U.S. cyber ambassador
Google Uncovers Initial Access Broker Behind Conti Ransomware
ChatGPT Hallucinations Open Developers to Supply-Chain Malware Attacks
Rollbar discloses data breach after hackers stole access tokens
Facebook tops security ratings among social networks
Hacker accused of breaching Finnish psychotherapy center facing 30,000 counts
Ransomed.vc Group Hits NTT Docomo After Sony Breach Claims
VMware ESXi server ransomware evolves, after recovery script released
Can we fix the weaknesses in password-based authentication?
Malvertisers Using Google Ads to Target Users Searching for Popular Software
Navigating the Digital Frontier in Cybersecurity Awareness Month 2023
Cisco patches IOS XE zero-days used to hack over 50,000 devices
Tens of Thousands of Cisco Devices Hacked via Zero-Day Vulnerability
BEC Scammer Pleads Guilty to Part in $6m Scheme
Act Now: VMware Releases Patch for Critical vCenter Server RCE Vulnerability
Stanford researchers challenge OpenAI, others on AI transparency in new report
Microsoft launches Defender Bounty Program with $20,000 rewards
Cisco releases security fix for widely-exploited IOS XE software vulnerability
Almost 42K Cisco IOS XE devices exploited, no patch available
Two Energy Department entities breached as part of massive MOVEit compromise
Microsoft breach led to theft of 60,000 US State Dept emails
Belgian intelligence fears Chinese tech giant Alibaba may be spying on logistics
BIND Updates Patch Two High-Severity DoS Vulnerabilities
UK’s New Online Safety Law Adds to Crackdown on Big Tech Companies
Meta whistleblower testimony adds fuel to push for online kids safety bill
Record Numbers of Ransomware Victims Named on Leak Sites
Android adware apps on Google Play amass two million installs
APT36 Using Customized Malware to Attack Indian Government Linux and Windows Servers
#mWISE: Chinese Cyber Power Bigger Than the Rest of the World Combined
Critical Security Flaw Found In JetBrains TeamCity
Top 10 Best Insider Risk Management Platforms - 2023
In Other News: RSA Encryption Attack, Meta AI Privacy, ShinyHunters Hacker Guilty Plea
Clop Ransomware Gang Likely Exploiting MOVEit Transfer Vulnerability Since 2021
Mandia: China replaces Russia as top cyber threat
5 Okta customers snared in attack on the provider’s support system
MGM Resorts hackers 'one of the most dangerous financial criminal groups’
White House to issue AI rules for federal employees
Q&A: At MIT event, Tom Siebel sees ‘terrifying’ consequences from using AI
Internet access severed in Gaza as IDF announces ‘expanding’ ground operation
Cisco Devices Hacked via IOS XE Zero-Day Vulnerability
Critical JetBrains TeamCity Flaw Could Expose Source Code and Build Pipelines to Attackers
International Criminal Court systems breached for cyber espionage
W3LL phishing kit hijacks thousands of Microsoft 365 accounts, bypasses MFA
Hola Espana: 'Grandoreiro' Trojan Targets Global Banking Customers
OpenSSF releases SLSA v1.0, adds software supply chain-specific tracks
Hackers Fraudulent Job offers to target University Students
US launches “Shields Ready” campaign to secure critical infrastructure
Veza releases new IGA solution to enhance identity security
MGM Resorts says hotel, casino operations back up and running
Microsoft plans to kill off NTLM authentication in Windows 11
Progress warns of maximum severity WS_FTP Server vulnerability
Group-IB: 'GoldDigger' Banking Trojan Targets Vietnamese Organizations
Beware of New Phishing Attacks Mimicking Booking.com and Airbnb
North Korea's State-Sponsored APTs Organize & Align
Researchers Unveil ToddyCat's New Set of Tools for Data Exfiltration
Flipper Zero can now spam Android, Windows users with Bluetooth alerts
Patreon confirms outages affecting creator payouts
Researchers Uncover RaaS Affiliate Distributing Multiple Ransomware Strains
Sony Breached Via MOVEit Zero-Day Vulnerability
RIP to my 8-port Unifi switch after years and years of Texas outdoor temps
Largest-ever DDoS leverages zero-day vulnerability
Free Download Manager releases script to check for Linux malware
New critical Citrix NetScaler flaw exposes 'sensitive' data
Zero-Day WhatsApp Hacking Vulnerabilities Worth Millions
AI is entering the enterprise application security tool stack
Critical TorchServe Flaws Could Expose AI Infrastructure of Major Companies
US Charges Six in Operation Targeting 48 DDoS-for-Hire Websites
Chinese Hackers Target Semiconductor Firms in East Asia with Cobalt Strike
UK's controversial online safety bill set to become law
Linux Foundation Announces OpenPubkey Open Source Cryptographic Protocol
NY AG issues $450k penalty to US Radiology after unpatched bug led to ransomware attack
Cybercriminals Combine Phishing and EV Certificates to Deliver Ransomware Payloads
Xenomorph Android malware now targets U.S. banks and crypto wallets
Concerns grow as LockBit knockoffs increasingly target popular vulnerabilities
Darwinium Raises $18 Million for Edge-based Fraud Prevention Tech
NSA Publishes Security Guidance for Organizations Transitioning to IPv6
Free Key Group ransomware decryptor helps victims recover data
Beware of New Whatsapp Scam Tricking Jobs Seakers to Steal Money
Law enforcement kills off Android-based FluBot malware | CyberNews
Malicious Apps Use Sneaky Versioning Technique to Bypass Google Play Store Scanners
DOJ seizes $3.6 billion in crypto from 2016 Bitfinex hack, arrests New York couple | ZDNet
FBI director urges private sector to work with the agency on cyber threats
Healthcare Data Breaches Impact 88 Million Americans This Year
Over 60,000 Android apps secretly installed adware for past six months
Novel zero-day exploits fuel Q3 surge in DDoS attacks
EU Cyber Resilience Act Could be Exploited for Surveillance, Experts W
SMBs seek cyber training, support as attack risk surges
Hacktivists Enter Fray Following Hamas Strikes Against Israel
ChatGPT, FraudGPT, and WormGPT Plays A Vital Role in Social Engineering Attacks
Johnson Controls hit by ‘severe’ cyberattack
How to download a Windows 11 23H2 ISO from Microsoft
Google links WinRAR exploitation to multiple state hacking groups
Mozilla Rushes to Patch WebP Critical Zero-Day Exploit in Firefox and Thunderbird
Konni APT Exploits WinRAR Vulnerability To Attack Financial & Crypto Industries
Faster Patching Pace Validates CISA's KEV Catalog Initiative
Marina Bay Sands Hacked: 665,000+ Members Personal Data Exposed
New BlackCat Hacker Tool Spreads Ransomware to Remote Machines
Snatch gang ‘consistently evolved’ in targeting multiple industries, feds say
Hackers Abuse QR Codes on Tea Shops to Deploy Malware
Top 12 vulnerabilities list highlights troubling reality: many organizations still aren't patching
Watch the Webinar — AI vs. AI: Harnessing AI Defenses Against AI-Powered Risks
Name That Toon: Somewhere in Sleepy Hollow
Five Eyes Warn Deep Tech Start-Ups Against Nation-State Threats
Thousands of exposed gas pumps invite cyberwarriors
Signal Disputes Alleged Zero-Day Flaw
Watch Out: Attackers Are Hiding Malware in 'Browser Updates'
UAE Bolsters Cyber Future With US Treasury Partnership, Collaborations
British Library knocked offline by weekend cyberattack
Hackers Earn $350k on Second Day at Pwn2Own Toronto 2023
Windows Server Running SMB over QUIC Let Attacker Launch DoS Attacks
Windows 11 23H2 now rolling out to Release Preview Insiders
Claimants in Celsius crypto bankruptcy targeted in phishing attack
Experts Warn of Ransomware Hackers Exploiting Atlassian and Apache Flaws
Security researcher stopped at US border for investigating crypto scam
DDoS attacks trending upwards: multiple EU websites under siege
Wing Disrupts the Market by Introducing Affordable SaaS Security
CipherStash Raises $3 Million for Encryption-in-Use Technology
MGM Resorts’ Las Vegas area operations to take $100M hit from cyberattack
Hundreds of Citrix NetScaler ADC and Gateway Servers Hacked in Major Cyber Attack
Police Dismantle Multimillion-Dollar Scam Gang
Russian hackers offered phony drone training to exploit WinRAR vulnerability
WhatsApp gets support for multiple accounts on the same phone
Lazarus Group Impersonates Recruiter from Meta to Target Spanish Aerospace Firm
Palo Alto Networks to acquire Israeli enterprise browser security firm Talon
Air Europa Asks Customers to Cancel Cards After Breach
Comcast stock falls as company fails to add Internet users for first time ever
Enterprise Browser Startup Island Banks $100M in Funding
US Charge Man with Running Stolen Credentials Marketplace
Beware! Gootkit Loader Malware Using VLC Player to Deliver Malicious Payloads
OpenAI’s first-ever dev conference hopes to draw “hundreds of developers” in November
EvilProxy Attacking Microsoft 365 Users Abusing Open Redirection With Indeed.com
NSA and CISA reveal top 10 cybersecurity misconfigurations
Hackers Attacking MSSQL Servers To Deploy Ransomware
OpenSSL releases fixes for two ‘high’ severity vulnerabilities
50 World's Best Penetration Testing Companies - 2023
Healthcare Ransomware Attacks Cost US $78bn
Microsoft offers free security logs amid backlash from State Department hack
ENISA: Ransomware Makes Up Over Half of Healthcare Cyber-Threats
OpenAI introduces custom AI assistants called “GPTs” that play different roles
New RomCom Backdoor Targets Female Political Leaders
GoldDigger Disguises as Fake Android App To Steal Banking Credentials
UK Cops Collar 7 Suspected Lapsus$ Gang Members
Chinese Gov Hackers Caught Hiding in Cisco Router Firmware
Google, Yahoo Boosting Email Spam Protections
Auth0 Finds No Breach Following Source Code Compromise
Atlassian warns of critical Confluence flaw leading to data loss
Intel Trust Authority attestation services now in general availability
Google Authenticator Flaw Inadvertently Facilitated $15 Million Theft
Attacks on Maximum Severity WS_FTP Bug Have Been Limited — So Far
Red Cross-Themed Phishing Attacks Distributing DangerAds and AtlasAgent Backdoors
Apache NiFi RCE Vulnerability Let Attackers Exfiltrate Sensitive Data
Europol: Police Must Start Planning For Post-Quantum Future
Organizations grapple with detection and response despite rising security budgets
Magento Security Checklist: 8 Steps To a Secure Magento Store - 2023
4 Places to Supercharge Your SOC with Automation
Popular YouTube Channel Caught Distributing Malicious Tor Browser Installer
MGM, Caesars attacks raise new concerns about social engineering tactics
OpenAI introduces GPT-4 Turbo: Larger memory, lower cost, new knowledge
CISA Outlines AI-Related Cybersecurity Efforts
European Dismantle of EncroChat Led To 6,500 Arrests & Seizure Of $979 Million Funds
Cyberattack hits Singapore’s Marina Bay Sands hotel and casino
Five Steps to Mitigate the Risk of Credential Exposure
ENISA Warns of AI Manipulation Ahead of Upcoming European Elections
October Patch Tuesday Addresses Three Zero-Days
Palestine crypto donation scams emerge amid Israel-Hamas war
Signal appoints former Google manager as president | Cybernews
National Security Agency is Starting an Artificial Intelligence Security Center
Best password manager 2022: Maintain all your logins | ZDNet
Reddit Taps Fredrick ‘Flee’ Lee for CISO Job
185,000 Individuals Impacted by MOVEit Hack at Car Parts Giant AutoZone
Okta's Support System Breach Exposes Customer Data to Unidentified Threat Actors
Chinese Hackers Backdoor Chat App to Steal Data From Linux & macOS
New ZenRAT Malware Targeting Windows Users via Fake Password Manager Software
CISA orders govt agencies to update iPhones, Macs by May 1st
Qakbot malware’s creators ride again, despite FBI takedown
French hospital cancels operations after a ransomware attack
Black Friday warning as ‘grinch bots’ target retailers
How DDoSecrets built the go-to home for Russian leaks
Russia charges 8 suspected REvil ransomware gang members
Threat Actors Adopt, Modify Open Source 'SapphireStealer' Information Stealer
The Current State of Business Email Compromise Attacks
HMRC in New Tax Credits Scam Warning
Lazarus hackers deploy fake VMware PyPI packages in VMConnect attacks
Police Disrupt Ragnar Locker Ransomware Group
Krebs: Taiwan, Geopolitical Headwinds Loom Large
Air Europa data breach: Customers warned to cancel credit cards
Marvin Attack: 25-year-old RSA Decryption Vulnerability Disclosed
Critical Authentication Bypass Flaw in VMware Cloud Director Appliance
Sextortion Scams Surge 178% in a Year
National Student Clearinghouse data breach impacts 890 schools
Philippines state health org struggling to recover from ransomware attack
CapraRAT Impersonates YouTube to Hijack Android Devices
New ransomware encrypts files, then steals your Discord account
FBI investigates data breach impacting U.S. House members and staff
Paperbug Attack: New Politically-Motivated Surveillance Campaign in Tajikistan
Mixin Network suspends operations following $200 million hack
T-Mobile app glitch let users see other people's account info
Slack's private GitHub code repositories stolen over holidays
In Other News: Ex-Uber Security Chief Appeal, New Offerings From Tech Giants, Crypto Bounty
CISA Says 'PwnKit' Linux Vulnerability Exploited in Attacks
Raspberry Robin Malware Attacks Against Telecom and Government Sectors
Cybersecurity for Industrial Control Systems: Part 1
Researchers to release PoC exploit for critical Zoho RCE bug, patch now
Identity Threat Detection and Response: Rips in Your Identity Fabric
Lapsus$ extortion gang claims to have hacked IT Giant Globant
High-profile summer attacks linked to same aggressive ransomware group
Critical libwebp Vulnerability Under Active Exploitation - Gets Maximum CVSS Score
Exploit available for critical WS_FTP bug exploited in attacks
Citrix released security updates for multiple High-Severity flaws in its products
Iranian Cyber Espionage Group Targets Financial and Government Sectors in Middle East
TeamTNT's Silentbob Botnet Infecting 196 Hosts in Cloud Attack Campaign
Over 640 Citrix servers backdoored with web shells in ongoing attacks
Car Cybersecurity Study Shows Drop in Critical Vulnerabilities Over Past Decade
Three-Quarters of Retail Ransomware Attacks End in Encryption
EPA rescinds rule to include cybersecurity in water system audits after legal challenge
Cyberattack against Johnson Controls sparks downstream concerns
Egyptian opposition politician hacked with Predator spyware, researchers confirm
Researchers Found that Bluetooth Devices Can Be Used to Track Location
Security Patch for Two New Flaws in Curl Library Arriving on October 11
Active attacks exploiting WS_FTP pose a grave threat to the Internet
Best Unified Network Security Solutions for Small Businesses
Top 10 Best DDoS Protection Tools & Services - 2023
Silent Skimmer: A Year-Long Web Skimming Campaign Targeting Online Payment Businesses
Cyber-Criminals Are Using Mining Pools to Launder Crypto
UAE-Linked 'Stealth Falcon' APT Mimics Microsoft in Homoglyph Attack
Microsoft AI Researchers Leaked 38TB of Secrets, Private Keys, & Passwords
China-Linked EvilBamboo Targets Mobiles
Russian Hacker Group Attacked Largest Japanese Port
US aims to cut off foreign adversaries access to Americans’ personal data | CyberNews
Earth Zhulong Familiar Patterns Target Vietnam
CISA adds two Zabbix flaws to its Known Exploited Vulnerabilities Catalog
Day 3 of SecurityWeek's 2023 ICS Cybersecurity Conference — Challenges and Solutions
Hackers exploit three-year-old Telerik flaws to deploy Cobalt Strike
Sandman APT Attacks Telcos Organizations to Steal System Information
Windows 'InstallerFileTakeOver' zero-day bug gets free micropatch
Five Takeaways From the Russian Cyber-Attack on Viasat’s Satellites
Darktrace launches AI-driven vulnerability detection, alert system Newsroom
CISA lines up new leader of election security efforts
Critical Mirth Connect Vulnerability Could Expose Sensitive Healthcare Data
Exposing Infection Techniques Across Supply Chains and Codebases
Cyberspies drop new infostealer malware on govt networks in Asia
INTERPOL Nabs Hacking Crew OPERA1ER's Leader Behind $11 Million Cybercrime
Phishing campaign uses Word documents to distribute three malware strains
West Blocks Russia’s Access to Weather Data
Major Australian ports shut down following cyber incident
Three vulnerabilities found in Wyze Cam devices allow for outside access
Kwik Trip finally confirms cyberattack was behind ongoing outage
Cisco warns of attempted exploitation of zero-day in VPN software
A new Chrome 0-day is sending the Internet into a new chapter of Groundhog Day
Visa launches cybersecurity training program
How to install Kali Linux on Apple Silicon Macs
CrowdStrike to Acquire Application Intelligence Startup Bionic
International Criminal Court Reveals Security Breach
Cisco routers abused by China-linked hackers against US, Japan companies
Microsoft Patch Tuesday: 97 Windows Vulns, 1 Exploited Zero-Day
Why trust is the most critical deliverable for CISOs
Mom’s Meals discloses data breach impacting 1.2 million people
1Password, Cloudflare affected by Okta compromise
Privacy Regulator Orders End to Spreadsheet FOI Responses
Windows 11 KB5031354 cumulative update released with new features
Every Network Is Now an OT Network. Can Your Security Keep Up?
Protecting your IT infrastructure with Security Configuration Assessment (SCA)
3 iOS 0-days, a cellular network compromise, and HTTP used to infect an iPhone
Cyberattacks on Kenya Drop in Third Quarter
HackerOne Surpasses $230 Million in Paid Bug Bounties
Sony confirms data breach impacting thousands in the U.S.
Massive HTTP DDoS Attack Hits Record High of 71 Million Requests/Second
North Korea's BlueNoroff APT Debuts 'Dumbed Down' macOS Malware
Sony Investigating After Hackers Offer to Sell Stolen Data
Researcher finds easy exploit for Apple’s malware-flagging tool
LockBit Claims Ransomware Attack on Continental
DHS Publishes New Recommendations on Cyber Incident Reporting
Webinar: Locking Down Financial and Accounting Data — Best Data Security Strategies
ClearFake a New Malware Attacking Mac users via fake browser updates
Roundcube Webmail XSS Vulnerability Exposes Sensitive Data
Police are sending messages to 70,000 people who may have fallen victim to phone scammers
Moving From Qualitative to Quantitative Cyber Risk Modeling
Defend Against Insider Threats: Join this Webinar on SaaS Security Posture Management
CISA Releases Cybersecurity Toolkit For Healthcare
UK passport database to be used to identify suspects from CCTV footage
Malvertising Campaign Targets Brazil's PIX Payment System with GoPIX Malware
Network, Meet Cloud; Cloud, Meet Network
Ukraine discovers lingering breaches 1 year into Russia invasion
New BlueNoroff Malware Variant Targets Cryptocurrency Exchanges
City of Dallas Details Ransomware Attack Impact, Costs
LokiBot Malware Targets Windows Users in Office Document Attacks
Hamas-linked threat actors target high-profile Israeli individuals
Hackers Exploiting Citrix NetScaler Vulnerability to Steal User Credentials
Okta Breach Hit Over 130 Customers
ChatGPT update enables its AI to “see, hear, and speak,“ according to OpenAI
ZenRAT Malware Delivered Through Fake Bitwarden Installation Packages
D-Link WiFi range extender vulnerable to command injection attacks
The Rise of Ransomware in Healthcare: What IT Leaders Need to Know
OT:Icefall Continues With Vulnerabilities in Festo, Codesys Products
Regulator Warns Breaches Can Cost Lives
China-linked influence campaign targets Canadian lawmakers, prime minister
Cisco Confirms It's Been Hacked by Yanluowang Ransomware Gang
The latest high-severity Citrix vulnerability under attack isn’t easy to fix
Google Play Protect Gets Real-Time Code Scanning
Hearing on national cyber director nominee sticks to familiar questions
Rust devs push back as Serde project ships precompiled binaries
In Other News: Ex-NSA Employee Spying for Russia, EU Threat Landscape, Cyber Education Funding
VMware Workspace Flaw Let Attacker Redirect User to Malicious Source
Researchers uncover years-long espionage campaign targeting dozens of global companies
Threat and Vulnerability Roundup for the week of August 20th to 26th
Virginia school district open despite LockBit ransomware attack
Ducktail Malware Targets the Fashion Industry
SSH keys stolen by stream of malicious PyPI and npm packages
Google assigns new maximum rated CVE to libwebp bug exploited in attacks
Experts observed Amadey malware deploying LockBit 3.0 Ransomware
Cisco Releases Urgent Patch to Fix Critical Flaw in Emergency Responder Systems
Windows 10 KB5031356 update released with 25 improvements
Citrix Zero-Day Exploited Against Critical Infrastructure Organization
New Malvertising Campaign Uses Fake Windows News Portal to Distribute Malicious Installers
Citrix NetScaler Zero-Day Exploited to Compromise Government Organizations
South Korea exposes 38 Chinese-run fake news websites
Cyber-Threat Actor Uses Booby-Trapped VPN App to Deploy Android Spyware
Threat and Vulnerability Roundup for the week of October 29th to November 4th
Virtual Patching: what is it? Your Defense Against Exploits and Threats
PentestPad: Platform for Pentest Teams
Lloyd’s of London finds hypothetical cyberattack could cost world economy $3.5 trillion
The Week in Ransomware - November 3rd 2023 - Hive's Back
GitHub Repositories Hit by Password-Stealing Commits Disguised as Dependabot Contributions
The CISO Carousel and its Effect on Enterprise Cybersecurity
New Microsoft Teams Phishing Campaign Targets Corporate Employees
Researchers Uncover Wiretapping of XMPP-Based Instant Messaging Service
EvilProxy uses indeed.com open redirect for Microsoft 365 phishing
Backdoor Lurks Behind WordPress Caching Plugin to Hijack Websites
APT34 Deploys Phishing Attack With New Malware
Remote execution holes in Log4j, Exchange and Confluence lead Five Eyes 2021 exploited CVE list | ZDNet
AI firms working on “constitutions” to keep AI from spewing toxic content
Singapore to build nationwide quantum-safe network
Equifax Fined $13.5 Million Over 2017 Data Breach
DOS Attacks Dominate, but System Intrusions Cause Most Pain
Research builds anti-Russia AI disinformation machine for $400
Are you looking forward to the new age of mobile app insecurity?
CISA targets software identification in push to boost supply chain security
Cisco Finds 8 Vulnerabilities in OAS Industrial IoT Data Platform
Summer Spending Pressure Fuels Loan Fee Fraud Fears
Air Europa customers urged to cancel cards following hack on payment system
UK Security Agency Publishes New Crypto Designs
Palo Alto Networks to Acquire Cloud Security Start-Up Dig Security
Hackers backdoor telecom providers with new HTTPSnoop malware
Researchers Discover Attempt to Infect Leading Egyptian Opposition Politician With Predator Spyware
North Korean State Actors Attack Critical Bug in TeamCity Server
Kubernetes Command Injection Flaw Allows SYSTEM Code Execution
Cyberattackers Alter Implant on 30K Compromised Cisco IOS XE Devices
Customer-configured rules now the biggest contributor to mitigated traffic
Zero trust and why it matters to the Apple enterprise
Google Bug Bounty Program Expands to Chrome V8, Google Cloud
Sophisticated APT Clusters Target Southeast Asia
'Hunters International' Cyberattackers Take Over Hive Ransomware
MOVEit maker announces new critical vulnerability affecting a different file transfer tool
APT28 Hackers Deploy Malware on Cisco Routers Via Unpatched Vulnerabilities
Medusa ransomware gang picks up steam as it targets companies worldwide
Experts discovered a previously undocumented initial access vector used by P2PInfect worm
Admin of the darknet carding platform Skynet Market pleads guilty
VMware patches released after vulnerabilities found during Tianfu Cup reported by Chinese gov't | ZDNet
Relentless Log4j Attacks Include State Actors, Possible Worm
US Smashes Annual Data Breach Record With Three Months Left
CISA orders govt agencies to patch MOVEit bug used for data theft
The Cybersecurity Resilience Quotient: Measuring Security Effectiveness
Q&A: How one CSO secured his environment from generative AI risks
Air Canada discloses data breach of employee and 'certain records'
Mirai V3G4 botnet exploits 13 flaws to target IoT devices
LastPass breach: Hackers put malware on engineer's home computer to steal their password
Microsoft Fixes Zero-Day Bug This Patch Tuesday
Hackers Hijack Facebook Business Accounts to Run Malicious Ads
New York health network restores services after crippling cyberattack
Threat actors shifting tactics as Microsoft blocks, unblocks and reblocks macros
OpenAI Reveals ChatGPT Is Being DDoS-ed
Attackers use dynamic code loading to bypass Google Play store’s malware detections
Hackers Using MSIX App Packages to Infect Windows PCs with GHOSTPULSE Maware
IBM Patches High-Severity Vulnerabilities in Cloud, Voice, Security Products
New iLeakage attack steals emails, passwords from Apple Safari
ShadowSyndicate: A New Raas Provider Launching Multiple Ransomware Attacks
Complex Spy Platform StripedFly Bites 1M Victims
Prolific ransomware gang takes credit for Seiko data breach
Signal says there is no evidence rumored zero-day bug is real
Detecting Windows AMSI Bypass Techniques
Microsoft: Octo Tempest one of the most dangerous financial hacking groups
Smishing Attack Led to Major Twilio Breach
FBI: Hackers Are Extorting Plastic Surgery Patients
Tired of shortages, OpenAI considers making its own AI chips
Interpol Shuts Down Phishing Service '16shops'
When Partial Protection is Zero Protection: The MFA Blind Spots No One Talks About
How North Korea became a mastermind of crypto cybercrime
Hackers Bypassing "Restricted Settings" in Android 13 to Drop Malware Securely
Pro Sports Grapple with Convergence of Cyber and Physical Security Challenges
North Korean Software Supply Chain Attack Hits North America, Asia
Chinese 'RedZei' Group Batters Victims With Incessant Vishing Effort
Sony Confirms Data Stolen in Two Recent Hacker Attacks
The Fast Evolution of SaaS Security from 2020 to 2024 (Told Through Video)
Cyber experts and officials raise alarms about exploits against Citrix and Apache products
Police Seized Website Selling Malware Used to Hack Computers
Hackers create fake banking apps to steal financial data from Indian users
This new malware wants to create backdoors and targets Windows, Linux and macOS | ZDNet
Microsoft finds severe bugs in Android apps from large mobile providers
TransUnion Denies Breach After Hacker Publishes Allegedly Stolen Data
Biden Announces National Cyber Workforce and Education Strategy
Security Teams Should Be Addressing Quantum Cyber-Threats Now
Peugeot leaks access to user information in South America
New GootLoader Malware Variant Evades Detection and Spreads Rapidly
How end-user phishing training works (and why it doesn’t)
US cyber officials offer technical details associated with CL0P ransomware attacks
Lawyers and Incident Response can be a dangerous combo
Hackers earn $400K for zero-day ICS exploits demoed at Pwn2Own
Citrix and NSA urge admins to fix actively exploited zero-day in Citrix ADC and Gateway
Cybersecurity experts say the west has failed to learn lessons from Ukraine
Weaponized Telegram App Infected Over 60K Android Users
Hilb Group Cyber Attack: 81K people's Personal Information Exposed
Researchers Uncover Ongoing Attacks Targeting Asian Governments and Telecom Giants
Russian APT Sandworm Disrupted Power in Ukraine Using OT Techniques
Hackers stole around $35 million in Atomic Wallet security breach
Log4J: BlackBerry finds Prophet Spider access broker exploiting VMware Horizon | ZDNet
Phishing campaign targets European officials assisting in refugee operations
Fake FlipperZero sites promise free devices after completing offer
Cisco Issues Urgent Fix for Authentication Bypass Bug Affecting BroadWorks Platform
Clop Ransomware Group Exploits GoAnywhere MFT Flaw
Vietnamese Hackers Deploy Python-Based Stealer via Facebook Messenger
Product leasing giant warns that sensitive information was stolen during cyberattack
Microsoft Zero-Days, Wormable Bugs Spark Concern
Zimbra Patched An XSS Zero-Day Vulnerability Under Active Attack
White House urging dozens of countries to publicly commit to not pay ransoms
Browser Security Survey: 87% of SaaS Adopters Exposed to Browser-borne Attacks
Sumo Logic Warns Customers to Reset API Keys Following a Security Breach
Cloudflare website down, showing ‘We’re sorry’ Google errors
THN Webinar – Learn How to Comply with New Cyber Insurance Identity Security Requirements
Threat Actors Use Abnormal Certificates to Deliver Info-stealing Malware
China's BlackTech Hacking Group Exploited Routers to Target U.S. and Japanese Companies
LUCR-3: Scattered Spider Getting SaaS-y in the Cloud
Researchers Claim High-Risk Vulnerabilities Found in 87% of All Container Images
Malicious PyPI Packages Use Compiled Python Code to Bypass Detection
Samsung Devices Under Active Exploitation! CISA Warns of Critical Flaw
Jail Releases 300 Suspects Due to Computer
Biden-Harris Administration Secures AI Commitments For Safety
#RSAC: Three US Federal Agencies Suffer Cyber Intrusion Campaign
Five easy steps to keep your smartphone safe from hackers
Web3 Platform Mixin Network Hit by $200m Crypto Hack
FBI Warns of Emerging Ransomware Initial Access Techniques
Ukraine cyber officials warn of a ‘surge’ in Smokeloader attacks on financial, government entities
Predictions 2023: Big Tech's Coming Security Shopping Spree
Apple says it’s time your business ran BIMI
Dozens of countries will pledge to stop paying ransomware gangs
How to Investigate an OAuth Grant for Suspicious Activity or Overly Permissive Scopes
Iran's hackers are using these tools to steal passwords and deliver ransomware, say FBI and CISA | ZDNet
Russia-Linked RomCom Hackers Targeting NATO Summit Guests
Redfly Group Compromises National Power Grid
AuthMind Scores $8.5M Seed Funding for ITDR Tech
Thousands of Cisco IOS XE devices hacked in widespread attacks
VMware vCenter Server Vulnerability Can Facilitate Attacks on Many Organizations
Anonymous hacktivists, ransomware groups get involved in Ukraine-Russia conflict | ZDNet
Chasing defamatory hallucinations, FTC opens investigation into OpenAI
Chinese Hackers use .chm files to Hijack Execution Chain and Deploy Malware
Japanese Cryptocurrency Exchange Falls Victim to JokerSpy macOS Backdoor Attack
Script Tracer Tool - Threat Researchers to Trace & Deobfuscate the Malware Execution
Over 15K Citrix servers vulnerable to CVE-2023-3519 RCE attacks
RedLine Malware Steals Sensitive Data and Installs More Malware
Mirai-based Botnet Exploiting Zero-Day Bugs in Routers and NVRs for Massive DDoS Attacks
ORBCOMM ransomware attack causes trucking fleet management outage
ASVEL basketball team confirms data breach after ransomware attack
New ‘Shampoo’ Chromeloader malware pushed via fake warez sites
Microsoft fixes Outlook Desktop bug causing slow saving issues
Cybercriminals Team Up to Upgrade 'SapphireStealer' Malware
Over $1.1 Million Awarded at Pwn2Own Vancouver 2022 for 25 Zero-Day Vulnerabilities
Federal privacy legislation is the ‘foundation for any AI efforts,’ key lawmaker says
Clorox resumes normal plant operations in the wake of cyberattack
Signal adds quantum-resistant encryption to its E2EE messaging protocol
QR Codes Used in 22% of Phishing Attacks
Telling AI model to “take a deep breath” causes math scores to soar in study
Europol Strike Wounds Ragnar Locker Ransomware Group
FBI dismantles IPStorm botnet, operator arrested
GitGuardian launches ggcanary project to help detect open-source software risks
Google Plans To Roll Out IP Protection Feature In Chrome Browser
Better than JPEG? Researcher discovers that Stable Diffusion can compress images
New stealthy and modular Deadglyph malware used in govt attacks
FBI: Thousands of Remote IT Workers Sent Wages to North Korea to Help Fund Weapons Program
CISA, FBI urge admins to patch Atlassian Confluence immediately
Reddit Files: BlackCat/ALPHV ransomware gang claims to have stolen 80GB of data from Reddit
Boeing Confirms Distribution Business Hit by Cyberattack
PDF smuggles Microsoft Word doc to drop Snake Keylogger malware
HYAS Unveils New Tool for Continuous DNS Monitoring
SEC to investigate Progress Software over mass MOVEit hack
'Cybersecurity Incident' Hits ICC
Patch Tuesday: Microsoft rolls out 90 updates for Windows, Office
Appin group legacy: Indian cyber mercenaries will hack for coin
Dallas County reviewing data leaked by ransomware gang
US Authorities Seize $112m From
CISA Warning: Nation-State Hackers Exploit Fortinet and Zoho Vulnerabilities
CISA adds 41 vulnerabilities to list of bugs used in cyberattacks
Proton Mail Vulnerabilities Would Allow Attackers to Steal Emails
HiddenGh0st Malware Attacking MS-SQL & MySQL Servers
Over a Dozen Exploitable Vulnerabilities Found in AI/ML Tools
Five Ways TikTok Is Seen as Threat to US National Security
Atlassian Confluence customers confront pair of critical vulnerabilities
Hundreds Download Malicious NPM Package Capable of Delivering Rootkit
Nile Raises $175 Million for Secure NaaS Solutions
The Signal Protocol used by 1+ billion people is getting a post-quantum makeover
Mazda’s DMCA takedown kills a hobbyist’s smart car API tool
Examining the Activities of the Turla APT Group
China Crackdown on Cyber Scams in Southeast Asia Nets Thousands but Leaves Networks Intact
Sensitive records of over 280m Indian citizens exposed | Cybernews
Lego fans told to change passwords after cyberattack
Microsoft: New critical Windows HTTP vulnerability is wormable
Budworm hackers target telcos and govt orgs with custom malware
Seven 'Creepy' Backdoors Used by Lebanese Cyberspy Group in Israel Attacks
Palestinian Lawyer Sues Pegasus Spyware Maker in France
iPhones Hacked via Zero-click Exploit to Drop QuaDream Spyware
Iranian hackers target VMware Horizon servers with Log4j exploits
ShellBot Uses Hex IPs to Evade Detection in Attacks on Linux SSH Servers
Windows 11 23H2 - New features in the Windows 11 2023 Update
Ransomware isn’t going away – the problem is only getting worse
Bing Chat responses infiltrated by ads pushing malware
Manufacturing Top Targeted Industry in Record-Breaking Cyber Extortion
FjordPhantom Android malware uses virtualization to evade detection
The ‘game-changing’ attitude behind a very creative dark web takedown
UK Logistics Firm Forced to Close After Ransomware Breach
Top 10 Cybersecurity Trends for 2023: From Zero Trust to Cyber Insurance
HelloKitty Ransomware Exploiting Apache ActiveMQ Flaw
Earth Lusca Employs New Linux Backdoor, Uses Cobalt Strike for Lateral Movement
Japanese Watchmaking Giant Seiko Confirms Personal Data Stolen in Ransomware Attack
Researchers Release Details of New RCE Exploit Chain for SharePoint
New Infamous Chisel Malware Targets Android Users In State-Backed Campaign
Facebook Accounts Targeted by Vietnamese Threat Groups
LockBit Demands 3% of Victim Company Revenue as Ransom
Critical SOCKS5 Vulnerability in cURL Puts Enterprise Systems at Risk
Zero-Day Flaw Discovered in Quarkus Java Framework
iPhone privacy feature hiding Wi-Fi MACs has failed to work for 3 years
Chinese Threat Actor Abused ESXi Zero-Day to Pilfer Files From Guest VMs
Cybercriminals Exploit the Moroccan Tragedy in New Scam Campaign
URGENT! Microsoft Exchange double zero-day – “like ProxyShell, only different”
LastPass says attacker hacked employee’s home computer to access corporate vault
In Other News: LastPass Vault Hacking, Russia Targets Ukraine Energy Facility, NXP Breach
Unmasking crypto crime: An analysis of China and Iran
New PsExec spinoff lets hackers bypass network security defenses
What’s all the fuss with Log4j2?
Ducktail Spear-Phishing Campaign Uses LinkedIn to Hijack Facebook Business Accounts
Exploit Released for Cisco IOS XE Zero-day Vulnerability
Log4j Attacks Continue Unabated Against VMware Horizon Servers
Critical Security Patches Issued by Microsoft, Adobe and Other Major Software Firms
North Korea's Lazarus Group Suspected in $31 Million CoinEx Heist
High-Severity Access Control Vulnerability Found in Spring WebFlux
Over 700 Dark Web Ads Offer DDoS Attacks Via IoT in 2023
Jamf CEO weighs in on Apple deployments and enterprise security
Microsoft seizes internet domains linked to GRU cyberattacks against Ukraine
Cisco warns of new IOS XE zero-day actively exploited in attacks
Chinese gov’t hackers exploiting new Atlassian vulnerability, Microsoft says
Chinese Hackers Target VMware Horizon Servers with Log4Shell to Deploy Rootkit
Akira Ransomware Attacks Exploit Zero-Day Cisco ASA Vulnerability
FBI Dismantle the Notorious Qakbot Infrastructure Used For Ransomware Attacks
Critical Vulnerabilities Expose Weintek HMIs to Attacks
Cybersecurity M&A Roundup: 28 Deals Announced in September 2023
Top 3 Malware Loaders of 2023 that Fueling 80% of Cyber Attacks
MGM Resorts discloses cyber incident in filing with SEC
Google Links Exploitation Frameworks to Spanish Spyware Vendor Variston
Hackers Use Google Ads to Deliver Bumblebee Malware
British Library Still Reeling After Major Cyber Incident
Resolving Availability vs. Security, a Constant Conflict in IT
Microsoft warns of incorrect BitLocker encryption errors
Unidentified attackers breach tens of thousands of Cisco devices
Commerce Department promises safeguards to prevent surveillance tech sales abroad
Critical Atlassian Bug Exploited in Ransomware Attacks
Facebook to Pay $725 Million to settle Lawsuit Over Cambridge Analytica Data Leak
Citrix urges NetScaler ADC, Gateway customers to patch
Hack the Real Box: APT41’s New Subgroup Earth Longzhi
Steve Wozniak: ChatGPT-type tech may threaten us all
Microsoft Teams phishing attack pushes DarkGate malware
TransUnion denies it was hacked, links leaked data to 3rd party
Gem Security Lands $23 Million Series A Funding
Remote sex toys might spice up your love life – but crooks could also get a kick out of them
Vanderbilt University Medical Center investigating cybersecurity incident
Western Digital cyber incident is credit negative: Moody’s analyst
Europol: ‘Key target’ in Ragnar Locker ransomware operation arrested in Paris
Kubernetes Windows Nodes Vulnerability Let Attacks Gain Admin Privileges
1.5 Million Impacted by Ransomware Attack at Canadian Dental Service
GootBot Implant Heightens Risk of Post-Infection Ransomware
FBI warns of spike in ‘pig butchering’ crypto investment schemes
Cuba Ransomware Group Unleashes Undetectable Malware
NATO 'actively addressing' alleged cyberattack affecting some websites
Hackers Use Discord for C&C to Exploit Jupyter Notebooks & SSH
E-Root admin faces 20 years for selling stolen RDP, SSH accounts
Cybersec executive caught hacking hospitals to boost business
Advanced Fee Fraud Surges by Over 600%
Thousands of WordPress sites have been hacked through tagDiv plugin vulnerability
T-Mobile denies new data breach rumors, points to authorized retailer
Chinese Hackers Expanding Cyber Capabilities to Exploit Zero-Day Vulnerabilities
ShinyHunters member pleads guilty to $6 million in data theft damages
US agencies warn of custom-made hacking tools targeting energy sector systems
Discovery of 56 OT Device Flaws Blamed on Lackluster Security Culture
Sophisticated MATA Framework Strikes Eastern European Oil and Gas Companies
Microsoft Sounds Alarm Over English-Speaking Octo Tempest
This sneaky hacking group hid inside networks for 18 months without being detected | ZDNet
Ukrainian Hackers Take Out Russian Banking Infrastructure
Phishing Campaign Impersonating UAE Ministry of Human Resources Grows
AWS: Security Not a Priority For a Third of SMBs
Fresh Blow to PSNI Security as Second Data Breach Disclosed
Rare 'CosmicStrand' UEFI Rootkit Swings into Cybercrime Orbit
Microsoft Improving Windows Authentication, Disabling NTLM
Unsung Hero in Cyber Risk Management
Rapture, a Ransomware Family With Similarities to Paradise
Social Engineering Risks Found in Microsoft Teams
CISA orders federal agencies to update iPhones, Macs until Feb 25th
Charming Kitten APT is targeting Iranian dissidents in Germany
F5 Issues Warning: BIG-IP Vulnerability Allows Remote Code Execution
Google Chrome 119 Released: Fix for 15 security Flaws - Patch Now!
VMware fixed a critical flaw in vRealize that allows executing arbitrary code as root
NSO Group hires high-powered lobbyists to help navigate US market
Single Sign On and the Cybercrime Ecosystem
Losses from romance scams hit a record $547 million in 2021, FTC says
Kali Linux 2022.2 Released With 10 New Tools and Other Enhancements
A Free Solution to Protect Your Business from 6 Biggest Cyber Threats in 2022
Konni RAT Malware Campaign Spreads Via Malicious Word Files
WordPress Websites Hacked via Royal Elementor Plugin Zero-Day
Apple Rushes to Patch 3 New Zero-Day Flaws: iOS, macOS, Safari, and More Vulnerable
TransForm says ransomware data breach affects 267,000 patients
Researcher 'reverses' redaction, extracts words from pixelated image
Windows 11 KB5022845 and KB5022836 cumulative updates released
Microsoft disables bad spam rule flagging all sent emails as junk
PY#RATION: New Python-based RAT Uses WebSocket for C2 and Data Exfiltration
How Telegram found itself in the middle of the war between Russia and Ukraine
Hackers Exploit Open Redirect Vulnerabilities to Conduct LogoKit Phishing Campaigns
Windows cryptomining attacks target graphic designer's high-powered GPUs
AceCryptor: Cybercriminals' Powerful Weapon, Detected in 240K+ Attacks
Raspberry Robin malware used in attacks against Telecom and Governments
Cheerscrypt ransomware linked to a Chinese hacking group
Fake Browser Updates Targeting Mac Systems With Infostealer
Windows 11 now warns when typing your password in Notepad, websites
NVIDIA Confirms Employee Credentials Stolen in Cyberattack
On deck for the business of cybersecurity: Fire sales and due diligence
Gigamon’s ‘Precryption’ to block attacks hiding behind encryption
High-Severity Flaws Uncovered in Atlassian Products and ISC BIND Server
Only 5% of CISOs report to CEOs, survey finds
Ukraine’s cyberwar chief sounds like he’s winning
Dev backdoors own malware to steal data from other hackers
PDF lures aimed at NATO countries contain a Russian clue
CISA's catalog of must-patch vulnerabilities crosses the 1,000 bug mark after 2 years
Serious Security: How to improve cryptography, resist supply chain attacks, and handle data breaches
Over a Third of Recent ICS Bugs Still Have No Vendor Patch
Fighting Individual Ransomware Strains Fruitless, UK Agencies Suggest
Clop Drives Record Ransomware Activity in June
Ransomware Criminals Are Dumping Kids' Private Files Online After School Hacks
"Kekw" Malware in Python Packages Could Steal Data and Hijack Crypto
Atlas VPN upgrades servers for faster browsing
Security Affairs newsletter Round 397
VMware Issues Patches for Critical Flaws in OS Command Injection
Hackers Claim MGM Resorts Were Compromised in 10 Minutes
Retool blames breach on Google Authenticator MFA cloud sync feature
Threat Group Takes Aim Again at Cloud Platform Provider Zoho
Microsoft: 'Peach Sandstorm' Cyberattacks Target Defense, Pharmaceutical Orgs
New Ransomware Campaign Targets Citrix NetScaler Flaw
CacheWarp : A New Flaw in AMD's SEV Let Attackers Hijack Encrypted Virtual Machines
Fortinet VPN bug tops CISA’s list of most exploited vulnerabilities in 2022
Achieving Sustainable Cybersecurity Through Proper Care and Feeding
Deadglyph: New Advanced Backdoor with Distinctive Malware Tactics
North Korean Hacker Group Andariel Strikes with New EarlyRat Malware
Microsoft warns of emerging 'ice phishing' threat on blockchain, DeFi networks | ZDNet
Initial Access Broker Activity Doubles in a Year
Toyota Admits Decade-Long Data Leak Affecting 2.15 Million Customers
Pro-Russian hackers target elected US officials supporting Ukraine
Nubeva’s Ransomware Key Interception and Decryption Technology Validated in Third-Party Lab
Largest companies pausing ads on X over antisemitic storm, Musk vows revenge
Mozilla patches Firefox, Thunderbird against zero-day exploited in attacks
Car Dealership Hit by Major Ransomware Attack
White House to roll out Energy Star-like ratings for IoT
New COSMICENERGY Malware Exploits ICS Protocol to Sabotage Power Grids
Hackers Flood NPM with Bogus Packages Causing a DoS Attack
HTTP/2 Rapid Reset Zero-day Flaw Exploited to Launch Massive DDoS Attack
UNC3944 Hackers Acquire Corporate Logins Using SMS Phishing And Support Desk Calls
UK businesses could escape data breach fines if they engage with NCSC over cyber incidents
ICS Patch Tuesday: Critical CodeMeter Vulnerability Impacts Several Siemens Products
Wipermania: Malware Remains a Potent Threat, 10 Years Since 'Shamoon'
Mac Users Beware: Malvertising Campaign Spreads Atomic Stealer macOS Malware
Google extends security update support for Chromebooks to 10 years
'BlazeStealer' Python Malware Allows Complete Takeover of Developer Machines
Blockaid Emerges From Stealth With $33 Million Investment
‘Sandman’ hackers backdoor telcos with new LuaDream malware
Microsoft touts demand for its security services in fiscal Q1, driven by AI appetite
Ukraine supporters in Germany targeted with PowerShell RAT malware
Behind the FTC’s plan to hire child psychologists to help regulate social media firms
NodeStealer Malware Hijacking Facebook Business Accounts for Malicious Ads
US Lawmaker: Government Shutdown Will Leave Americans Exposed to Cyber
Progress Software Patches Critical Pre-Auth Flaws in WS_FTP Server Product
Patches Prepared for 'Probably Worst' cURL Vulnerability
US, Japan and South Korea Unite to Counter North Korean Cyber Activiti
Alert: 'Effluence' Backdoor Persists Despite Patching Atlassian Confluence Servers
News Corp says state hackers breached its systems 3 years ago
Security Agency Publishes Post-Quantum Guidance For Firms
Crypto casino Stake.com loses $41 million to hot wallet hackers
‘MoustachedBouncer’ espionage hackers targeting embassies in Belarus
Fighting off cyberattacks? Make sure user credentials aren’t compromised
CISA, HHS Release Cybersecurity Healthcare Toolkit
Finnish Authorities Shutter Dark Web Drugs Marketplace
npm packages used by crypto exchanges compromised
Avast confirms it tagged Google app as malware on Android phones
FCC wants telecom carriers to report data breaches faster
Hacktivists breach U.S. nuclear research lab, steal employee data
The Week in Ransomware - August 4th 2023 - Targeting VMware ESXi
Senator calls on DOJ to investigate alleged China hack of Microsoft cloud tools
Russian Government Bans Foreign Messaging Apps
Exclusive: Ukraine says joint mission with US derailed Moscow’s cyberattacks
North Korean Hackers Steal $53 Million in Cryptocurrency From CoinEx
Lobbyists have held up nation’s first right-to-repair bill in New York
SEC charges SolarWinds CISO with fraud for misleading investors before major cyberattack
Microsoft: China's Behind Atlassian Confluence Attacks; PoCs Available
Kansas Court System Down Nearly 2 Weeks in 'Security Incident' That Has Hallmarks of Ransomware
Google is enabling Chrome real-time phishing protection for everyone
Pangea Lands $25 Million Investment for API Security Services
US and UK Lead Fight Against Civil Society Cyber-Threats
Cyber Command, NSA pick advances to Senate floor, but path to confirmation remains blocked
QNAP Eliminates Server Responsible for Extensive Brute-force Attacks
Adobe launches new symbol to tag AI-generated content—but will anyone use it?
ShadowSyndicate Cybercrime gang has used 7 ransomware families over the past year
Canada blames border checkpoint outages on cyberattack
Regulator to Investigate Fertility App Security Concerns
Ransomware decryption tool: Victims of MegaCortex can now unlock their files for free
Republican senator continues blocking military picks, including cyber leaders
Key Learnings from “Big Game” Ransomware Campaigns
Canada Bans Kaspersky, WeChat On Govt Devices Suspecting Spying
Over 15000+ Citrix Servers Vulnerable to Code Injection Attacks
ConnectedIO’s 3G/4G Routers Vulnerability Let Hackers Execute Malicious Code
KeePass Flaw Exposes Master Passwords
Researchers Link Cheerscrypt Linux-Based Ransomware to Chinese Hackers
New Raspberry Robin worm uses Windows Installer to drop malware
Hackers Could Exploit Google Workspace and Cloud Platform for Ransomware Attacks
Threat actors can use ChatGPT to sharpen cyberthreats, but no need to panic yet
MMRat Android Trojan Executes Remote Financial Fraud Through Accessibility Feature
Microsoft Struggling to Find How Hackers Steal the Azure AD Signing Key
SentinelOne Set to Acquire a Cybersecurity Consulting Firm, Krebs Stamos Group
Amazon Rolls Out Independent Cloud for Europe to Address Stricter Privacy Standards
NSA Outs Chinese Hackers Exploiting Citrix Zero-Day
MATA malware framework exploits EDR in attacks on defense firms
Flaw in Citrix software led to the recent cyberattack on Boeing: Report
New shc Linux Malware used to deploy CoinMiner
NSO Group Used 3 Zero-Click iPhone Exploits Against Human Rights Defenders
New botnet malware exploits two zero-days to infect NVRs and routers
AuKill Malware Actively Used To Disable EDR In Ongoing Attacks
Log4J-Related RCE Flaw in H2 Database Earns Critical Rating
Microsoft: Zerobot adds new exploits, DDoS attack capabilities
VMware vCenter Server Flaw Let Attacker Execute Remote Code
New Android Banking Malware Pose as Government App to Target Users
Misconfigured TeslaMate Instances Put Tesla Car Owners at Risk
NYC Couple Pleads Guilty to Money Laundering in $3.6 Billion Bitfinex Hack
Post-Quantum Cryptography: Finally Real in Consumer Apps?
Critical Flaws Discovered in Veeam ONE IT Monitoring Software – Patch Now
Cyber insurer Resilience raises $100M in expansion bid
Orca’s new LLM tool to help detect Log4j-like exploits
Unpatched Office zero-day CVE-2023-36884 actively exploited in targeted attacks
Malware-Infected Devices Sold Through Major Retailers
Researchers figure out how to make AI misbehave, serve up prohibited content
Microsoft alerts CyberLink to North Korean threat
Iranian Hackers Leveraging BitLocker and DiskCryptor in Ransomware Attacks
Crooks are selling access to hacked networks. Ransomware gangs are their biggest customers | ZDNet
Albania interrupted diplomatic ties with Iran over the mid-July attack
Threat actors abuse Google AMP for evasive phishing attacks
Operation Triangulation iOS Attack Details Revealed
FBI takes down Hive ransomware group in an undercover operation
U.S. Government Recovers $2.4 Million From A Business Emails Hack
Progress Software says business impact ‘minimal’ from MOVEit attack spree
IBM Acquired Cloud Data Protection Company Polar Security
Tencent QQ users hacked in mysterious malware attack, says ESET
Microsoft Discloses 5 Zero-Days in Voluminous July Security Update
HuntGPT: AI-Based Intrusion Detection Tool
Iron Tiger hackers create Linux version of their custom malware
Spain's Spy Chief Sacked Over Phone Hacking Scandal
$20M Offered By Russian Zero-Day Seller To Hack Android And iPhone Devices
Hackers earn over $1 million for 58 zero-days at Pwn2Own Toronto
China-based Fangxiao group behind a long-running phishing campaign
How to Interpret the 2023 MITRE ATT&CK Evaluation Results
Spanish police arrest 34 alleged cybercriminals for scamming operation
Apple pulls no punches in lawsuit against 'amoral' NSO Group
Microsoft: Business email compromise attacks can take just hours
FormBook Malware Spreads via Malvertising Using MalVirt Loader to Evade Detection
Top 10 SaaS Security Risks and How to Mitigate Them
Critical Windows code-execution vulnerability went undetected until now
Singapore’s Marina Bay Sands says 665,000 customers had data stolen during cyberattack
White House guidance on third-party software seen as a major test of cyber risk strategy
Microsoft patches four zero-days, finally takes action against crimeware kernel drivers
New Mirai Variant Employs Uncommon Tactics to Distribute Malware
Sysdig unveils cloud attack graph based on real-time threat data
Crypto exchange Poloniex hacked, offers 5% bounty on $114M stolen
Simpson Manufacturing Takes Systems Offline Following Cyberattack
Zero-Day Alert: 10K Cisco IOS XE Systems Now Compromised
SAP Releases 7 New Notes on October 2023 Patch Day
FTC: Americans lost $8.8 billion to fraud in 2022 after 30% surge
A Wider Range of Cyber Threat Vectors Emerged Since Ukraine Invasion, Found ENISA
Royal Ransomware Expands to Target Linux, VMware ESXi
CryptoRom: OkCupid scam cost Florida man $480k – we followed the money to Binance
PureCrypter malware hits govt orgs with ransomware, info-stealers
Operation ChattyGoblin: Hackers Targeting Gambling Firms via Chat Apps
New technique leads to largest DDoS attacks ever, Google and Amazon say
Rhysida ransomware gang claims attacks on governments in Portugal, Dominican Republic
Google Home Speaker Vulnerability Could Allow Eavesdropping
Black Friday: Phishing Emails Soar 237%
Data brokers are selling US service members’ secrets, researchers find
Vulnerable Arm GPU drivers under active exploitation. Patches may not be available
Hackers target Android users with fake Shagle video-chat app
New BunnyLoader threat emerges as a feature-rich malware-as-a-service
Russian SolarWinds Culprits Launch Fresh Barrage of Espionage Cyberattacks
They plugged GPT-4 into Minecraft—and unearthed new potential for AI
A CISOs Practical Guide to Storage and Backup Ransomware Resiliency
'Scattered Spider' Cybercrime Group Targets Mobile Carriers via Telecom, BPO Firms
Zanubis Android Banking Trojan Poses as Peruvian Government App to Target Users
Why Big Tech shreds millions of storage devices it could reuse
OWASP Top 10 for LLM (Large Language Model) applications is out!
Facebook agrees to settle class action lawsuit related to Cambridge Analytica data breach
Canadian Nurses Association confirms data theft after group dumps stolen info
Rise in employee monitoring prompts calls for new rules to protect workers
How to Combat the Biggest Security Risks Posed by Machine Identities
MGM Resorts warns customers of fraud as it faces class action lawsuits
BlueNoroff hackers backdoor Macs with new ObjCShellz malware
Been Doing It The Same Way For Years? Think Again.
Shopping trap: The online stores’ scam that hits users worldwide
Microsoft Warns as Scattered Spider Expands from SIM Swaps to Ransomware
New Horabot campaign takes over victim's Gmail, Outlook accounts
AlienFox Malware Targets API Keys and Secrets from AWS, Google, and Microsoft Cloud Services
Chinese Hackers Infiltrate South American Diplomatic Networks
Free Download Manager site redirected Linux users to malware for years
Pro-Russia threat group Killnet is pummeling Lithuania with DDoS attacks
Malicious npm packages caught stealing Discord tokens, environment variables
Sacked Ukrainian cyber chief released on bail amid corruption probe
Ethereum feature abused to steal $60 million from 99K victims
A New Malware "Prynt" Comes Up As A Lethal Stealer, Keylogger, Clipper
Global Cyber-Enforcement Op Nets $130M, Says Interpol
What is Firewall-as-a-Service (FWaaS)? How Does It Work?
RIG Exploit Kit still infects enterprise users via Internet Explorer
GoDaddy: Hackers stole source code, installed malware in multi-year breach
Pwn2Own Vancouver 2022 D1: MS Teams exploits received $450,000
Operation Soft Cell: Chinese Hackers Breach Middle East Telecom Providers
After 23 years, Weather Channel’s iconic computerized channel is shutting down
Guyana Governmental Entity Hit by DinodasRAT in Cyber Espionage Attack
Sam Altman is Back as OpenAI CEO Just Days After Being Removed, Along With a New Board
Cyber-Attacks Targeting Government Agencies Increase 40%
Wiz debuts PEACH tenant isolation framework for cloud applications
Microsoft joins opposition to current version of UN cybercrime treaty
Google announces open source vulnerability reward program after Log4j, Codecov issues
Microsoft Adding New Security Features to Windows 11
Security Affairs newsletter Round 419 by Pierluigi Paganini – International edition
Google fixes another Chrome zero-day bug exploited in attacks
Serbian civilians targeted with Pegasus on eve of national elections
CISOs Can Elevate Their Role with New Cyber Regulations
GitHub Dependabot Now Alerts Developers On Vulnerable GitHub Actions
UK Citizens Wary of NHS AI Use, Citing Privacy Concerns
Court rules automakers can record and intercept owner text messages
GRU hackers attack Ukrainian military with new Android malware
Veeam warns of critical bugs in Veeam ONE monitoring platform
Cybersecurity Executive Pleads Guilty to Hacking Hospitals
Jamf buys ZecOps to bring high-end security to Apple enterprise
Atlassian Vulnerabilities Let attackers To Conduct DoS & RCE Attacks
DDoS 2.0: IoT Sparks New DDoS Alert
Fueled by Pandemic Realities, Grinchbots Aggressively Surge in Activity
Safeguarding Against Silent Cyber Threats: Exploring the Stealer Log Lifecycle
'Culturestreak' Malware Lurks Inside GitLab Python Package
North Korean Hackers Deploy New Malicious Python Packages in PyPI Repository
Pentagon’s new cyber strategy takes lessons from offensive ops, Russian invasion of Ukraine
Russian APT28 hackers breach Ukrainian govt email servers
10 Steps to Help Secure Your APIs
Patch these vulnerable VMware products or remove them from your network, CISA warns federal agencies | ZDNet
Atomic Wallet Customers Lose Over $35m in Crypto Attacks
Hackers Selling Malware on Dark Web Underground Market
Splunk cuts 7% of workforce ahead of Cisco acquisition
Private Internet Access review: A cheap, powerful VPN | ZDNet
Clearing the informational fog in Israel and Gaza
Backdoor Malware Found on WordPress Website Disguised as Legitimate Plugin
Kuwait isolates some government systems following attack on its Finance Ministry
Court ruling on California’s online child safety law could put similar bills on hold
SonicWall warns admins to patch critical auth bypass bugs immediately
Ransomware gang behind MOEVit attacks are targeting new zero-day, Microsoft says
QBot Malware Hijack Business Emails To Drop Malware Via Weaponized PDF Files
Patch Now: Cybercriminals Set Sights on Critical IBM File Transfer Bug
MacOS targeted by ClearFake malware campaign
CISA Warns of Attacks Exploiting Adobe Acrobat Vulnerability
BlackByte 2.0 Ransomware: Infiltrate, Encrypt, and Extort in Just 5 Days
Best botnet ad? An attack on OpenAI
Hackers using HTML Smuggling Technique to Deliver Ransomware and Evade Detection
China's BlackFly Targets Materials Sector in 'Relentless' Quest for IP
BeanVPN leaks 25 million user records
Industry Reactions to EU-US Data Privacy Framework: Feedback Friday
MOVEit carnage continues with over 2600 organizations and 77M people impacted so far
September was a record month for ransomware attacks in 2023
Cyberattacks on Israel intensify as the war against Hamas rages: Check Point
EU asks Meta, TikTok to account for their response to Israel-Hamas disinformation
BalkanID Raises $6M for Intelligent IGA Technology
FBI: Dual ransomware attack victims now get hit within 48 hours
Latest iOS Update Fixes Another Zero-Day Flaw Under Attack
Clop gang to earn over $75 million from MOVEit extortion attacks
GhostLocker - A New Generation of Raas from Hacktivist Groups
New Mystic Stealer malware increasingly used in attacks
Apple, platform security, and the next big war
Iranian state hackers targeted satellite, defense organizations worldwide
D-Link Says Hacker Exaggerated Data Breach Claims
Citrix ADC and Citrix Gateway are affected by a critical authentication bypass flaw
Caesars Entertainment says social-engineering attack behind August breach
New Project Analyzes and Catalogs Vendor Support for Secure PLC Coding
Popular JWT cloud security library patches “remote” code execution hole
Raspberry Robin Malware Targets Telecom, Governments
Chinese Cyber Espionage Hackers Using USB Devices to Target Entities in Philippines
Russian Cyber Espionage Group Deploys LitterDrifter USB Worm in Targeted Attacks
Judge unseals FTC complaint against Kochava alleging ‘staggering’ data broker practices
Government of Bermuda links cyberattack to Russian hackers
California enacts first-of-its-kind bill targeting data brokers
CISA Trials Ransomware Warning System for Critical Infrastructure Orgs
BEC Attacks Increase By 279% in Healthcare
The Week in Ransomware - July 28th 2023 - New extortion tactics
Police dismantled bulletproof hosting service provider Lolek Hosted
Microsoft Found Numerous Bugs Affecting Pre-Built Android Apps From Telcos
Critical infrastructure providers ask CISA to place guardrails on reporting requirements
CISA Announces New Logging Tool for Windows-based Devices
US data compromises hit all-time high
Hackers steal $53 million worth of cryptocurrency from CoinEx
UK government fails to bring forward promised cyber laws in King’s Speech
New Matanbuchus Campaign drops Cobalt Strike beacons
Unleashing the Power of the Internet of Things and Cyber Security
Diicot cybercrime gang expands its attack capabilities
New ExelaStealer Attack Windows PCs and Steals Private Data
French town of Sartrouville recovering from cyberattack claimed by ransomware gang
New York mulling move to add crypto fraud to penal code
N. Korean BlueNoroff Blamed for Hacking macOS Machines with ObjCShellz Malware
Microsoft releases Windows 11 23H2 as an enablement package
Ransomware victims are refusing to pay, tanking attackers’ profits
Threat and Vulnerability Roundup for the week of August 27th to September 2nd
Hot Topic hit by automated credential stuffing attack spree
BianLian ransomware gang shifts focus to pure data extortion
'Fines alone aren't enough:' FCC threatens to blacklist voice providers for flouting robocall rules
Manchester police officers’ data stolen following ransomware attack on supplier
Researchers Uncover Packer Used by Several Malware to Evade Detection for 6 Years
Ransomware Hackers and Scammers Utilizing Cloud Mining to Launder Cryptocurrency
North Korean Hackers Targets Russian Missile Engineering Firm
Ronin Crypto Heist of $618m Traced to North Korea
VMware urges admins to patch critical auth bypass bug immediately
IRS Phishing Emails Used to Distribute Emotet
Five Families - Hackers Collaborate to Launch Notorious Cyber Attack
Repeatable VEC Attacks Target Critical Infrastructure
Detecting Malicious HTTP Traffic that Hides Under the Real Traffic
Twitter is down with "Something went wrong" errors
Dozens of cybersecurity efforts included in this year’s US NDAA
Several Colombian government ministries hampered by ransomware attack
Breached shutdown sparks migration to ARES data leak forums
Seiko “BlackCat” Data Breach: 60,000 Records on the Line
New Jamf CEO John Strosahl on Apple in the enterprise, Jamf's future
Researchers Find New Android Spyware Campaign Targeting Uyghur Community
Swedish Data Protection Authority Warns Companies Against Google Analytics Use
Bolsters Raises $15M to Tackle Fakes and Frauds
It's time to secure the Apple enterprise
SickKids: 80% of hospital priority systems back online after LockBit ransomware attack
Black Basta Ransomware Gang Actively Infiltrating U.S. Companies with Qakbot Malware
Chrome 116 Update Patches High-Severity Vulnerabilities
US disrupts Russia-linked Snake implant’s network
More hackers adopt Sliver toolkit as a Cobalt Strike alternative
Researchers published PoC exploit code for actively exploited Windows elevation of privilege issue
Hackers Exploit Microsoft Access Feature to Steal Windows User’s NTLM Tokens
Privacy nonprofit calls on FTC to investigate Grindr’s data practices
DeFi platform Qubit Finance begs hacker to return $80 million in stolen funds | ZDNet
Broadcom Planning to Complete Deal for $69 Billion Acquisition of VMWare After Regulators Give OK
10 Best Identity & Access Management Solutions (IAM) - 2023
Apple says new App Store API rules will limit user fingerprinting
SMBs Targeted by State-Aligned Actors for Financial Theft and Supply Chain Attacks
Windows 11 KB5031455 preview update enables Moment 4 features by default
Google Cloud launches Chronicle CyberShield to help government agencies tackle threats
Websites Hosting Fake Cracks Spread Updated CopperStealer Malware
Getty Images subscribers to get access to AI image generator
Fleckpe Android malware totaled +620K downloads via Google Play Store
Scammer posed as cybersecurity chief in phishing email | ZDNet
Extradited Russian Hacker Behind 'NLBrute' Malware Pleads Guilty
Microsoft shares tips on detecting Outlook zero-day exploitation
Google Adopts Passkeys as Default Sign-in Method for All Users
Malicious packages in the NPM designed for highly-targeted attacks
#IMOS22: Ciaran Martin Discusses Cyber-Threats from the Russia-Ukraine Conflict
New critical Citrix ADC and Gateway flaw exploited as zero-day
DraftKings Account Takeovers Frame Sports-Betting Cybersecurity Dilemma
Russia and China-linked hackers exploit WinRAR bug
The Ultimate SaaS Security Admin Guide - 2024
Exclu Shutdown Underscores Outsized Role Messaging Apps Play in Cybercrime
Exploit Released for Galaxy Store Flaw That Let Attacker Install Malware
CISA can’t definitively say if ransomware is getting better or worse
How to encrypt a file on Linux (and when you should)
3,464,756 Malware Installation Packages Targeted Mobile Users in 2021
Cisco Discloses Multiple Zero-Days Under Attack In IOS XE Devices
Thousands of Unpatched Openfire XMPP Servers Still Exposed to High-Severity Flaw
Samsung Galaxy gets new Auto Blocker anti-malware feature
Sri Lankan government loses months of data following ransomware attack
University of Michigan employee, student data stolen in cyberattack
LOLBAS in the Wild: 11 Living-Off-The-Land Binaries Used for Malicious Purposes
Kaspersky reveals 'elegant' malware resembling NSA code
Cisco ASA Zero-Day Exploited in Akira Ransomware Attacks
Five arrested after 33,000 victims lose $98M to online investment fraud
Predator Spyware Delivered to iOS, Android Devices via Zero-Days, MitM Attacks
Telerik Bug Exploited to Steal Federal Agency Data, CISA Warns
Ongoing supply chain attack targets Python developers with WASP Stealer
DFIR Company Binalyze Raises $19 Million in Series A Funding
Malicious Notepad++ Google ads evade detection for months
AvosLocker Ransomware Variant Abuses Driver File to Disable Anti-Virus, Scans for Log4shell
How Google Authenticator made one company’s network breach much, much worse
The Week in Ransomware - October 27th 2023 - Breaking Records
Malicious Python Package Relies on Steganography to Download Malware
QuaDream, 2nd Israeli Spyware Firm, Weaponizes iPhone Bug
Firefox 120 Released With Security Updates: What’s New!
VMware Patches VM Escape Flaw Exploited at Geekpwn Event
At TED AI 2023, experts debate whether we’ve created “the new electricity”
When Being Attractive Gets Risky - How Does Your Attack Surface Look to an Attacker?
SHEIN shopping app goes rogue, grabs price and URL data from your clipboard
Vietnamese-Origin Ransomware Operation Mimics WannaCry Traits
European Parliament declares Russia a terrorism sponsor, then its site goes down
Too many default 'admin1234' passwords increase risk for industrial systems, research finds
EchoMark releases watermarking solution to secure private communications, detect insider threats
Police Arrested Hackers Group Exploiting Keyless Technology to Steal Cars
North Korean hackers linked to attempted supply-chain attack on JumpCloud customers
Security Affairs newsletter Round 429 by Pierluigi Paganini – International edition
JumpCloud, an IT firm serving 200,000 orgs, says it was hacked by nation-state
Remote code execution bug discovered in the popular JsonWebToken library
Charming Kiten's New Backdoor 'Sponsor' Targets Brazil, Israel, and U.A.E.
Firefox 114 is out: No 0-days, but one fascinating “teachable moment” bug
Google Warns How Hackers Could Abuse Calendar Service as a Covert C2 Channel
TinyMCE Text Editor Flaw Let Attackers Execute XSS payload
QR Code Phishing Campaign Targets Top US Energy Company
New Malware Campaign Targets Inexperienced Cyber Criminals with OpenBullet Configs
Google Smart Lock: The complete guide
Cyber-Attack Disrupts UK Property Deals
AWS Using MadPot Decoy System to Disrupt APTs, Botnets
Hackers pretending to be Iranian govt use SMS messages to steal credit card info, create botnet | ZDNet
Google Looker Studio abused in cryptocurrency phishing attacks
Police disrupts $98M online fraud ring with 33,000 victims
China Unleashes Flax Typhoon APT to Live Off the Land, Microsoft Warns
Cybersecurity regulations for passenger and freight railroads renewed by TSA
Buhti Ransomware Gang Switches Tactics, Utilizes Leaked LockBit and Babuk Code
ICS Patch Tuesday: Siemens Ruggedcom Devices Affected by Nozomi Component Flaws
Fastest Ransomware Encrypts 100k Files in Four Minutes
Code Intelligence unveils new LLM-powered software security testing solution
Citrix zero day exposes critical infrastructure, one provider hit
PoC exploits released for critical bugs in popular WordPress plugins
Staff Think Conti Group Is a Legit Employer – Podcast
Investment Fraud is Now Biggest Cybercrime Earner
New critical Citrix ADC and Gateway flaw exploited as zero-days
Over Three-Quarters of UK Adults Hit by Online Scams
CISA warns of Adobe ColdFusion bug exploited as a zero-day
NCSC Publishes New Guidance on Shadow IT
Virtual Event Today: Supply Chain Security Summit & Expo
FCC proposes record-breaking $300 million fine against robocaller
EncroChat dismantling led to 6,558 arrests and the seizure of $979M in criminal funds
France accuses Russian state hackers of targeting government systems, universities, think tanks
Serious Security: How dEliBeRaTe tYpOs might imProVe DNS security
Microsoft Denies Data Breach—Anonymous Sudan Claims 30 Million Customer Accounts Stolen
Cisco urges admins to fix IOS software zero-day exploited in attacks
The Power of Browser Fingerprinting: Personalized UX, Fraud Detection, and Secure Logins
TikTok flooded by 'Elon Musk' cryptocurrency giveaway scams
New Nitrogen malware pushed via Google Ads for ransomware attacks
Python Package Index Targeted Again By VMConnect
Evidence points to North Korea in CoinEx cryptocurrency hack, analysts say
Houthi-Backed Spyware Effort Targets Yemen Aid Workers
IPVanish review: A VPN with a wealth of options | ZDNet
EU data protection authority raises alarm over UN cybercrime treaty negotiations
New Research Delves into the World of Malicious LNK Files and Hackers Behind Them
ZDI Discusses First Automotive Pwn2Own
After Apple and Google, Mozilla Also Patches Zero-Day Exploited for Spyware Delivery
Microsoft now lets you enable the Windows App Installer again, here's how
Fake US govt job offers push Cobalt Strike in phishing attacks
40 Vulnerabilities Patched in Android With August 2023 Security Updates
PEACHPIT: Massive Ad Fraud Botnet Powered by Millions of Hacked Android and iOS
People think white AI-generated faces are more real than actual photos, study says
US Congress funds cybersecurity initiatives in FY2023 spending bill
U.K. Fraudster Behind iSpoof Scam Receives 13-Year Jail Term for Cyber Crimes
Industry Reactions to Qakbot Botnet Disruption: Feedback Friday
FBI Says North Korean Hackers Behind $100 Million Horizon Bridge Crypto Theft
Hacker Claims to Have Breached Many Uber Systems
IZ1H9 Botnet Targets IoT Devices With New Exploits
New Octo Banking Trojan Spreading via Fake Apps on Google Play Store
Court rules that data scraping is legal in LinkedIn appeal | ZDNet
Silverfort Banks $65 Million for Identity Threat Protection Platform
Cybercriminals Using PowerShell to Steal NTLMv2 Hashes from Compromised Windows
Andoryu Botnet Exploits Critical Ruckus Wireless Flaw for Widespread Attack
Utah Becomes Latest US State to Pass a Data Privacy Law
New Stealthy Bandit Stealer Targeting Web Browsers and Cryptocurrency Wallets
Genesis IAB Market Brings Polish to the Dark Web
Windows 11 can now install WSL from the Microsoft Store
Ransomware Group Leaks Files Allegedly Stolen From Boeing
Biden issues sweeping executive order that touches AI risk, deepfakes, privacy
NCSC Shares Guidance to Help Secure Large Construction Projects
Microsoft fixes Windows 11 bug behind 0x800700b7 provisioning errors
Buggy Microsoft Defender ASR rule deletes Windows app shortcuts
Cisco’s critical IOS XE software zero day is a ‘bad situation’
Fake Antivirus and Cleaner Apps Caught Installing SharkBot Android Banking Trojan
DarkGate Malware Activity Spikes as Developer Rents Out Malware to Affiliates
Wray: FBI Blocked Planned Cyberattack on Children's Hospital
RSA’s demise from quantum attacks is very much exaggerated, expert says
Security Affairs newsletter Round 360 by Pierluigi Paganini
S3 Ep110: Spotlight on cyberthreats – an expert speaks [Audio + Text]
Coca-Cola embraces controversial AI image generator with new “Y3000” flavor
Lazarus Group's 'DeathNote' Cluster Pivots to Defense Sector
Nearly 30% of critical WordPress plugin bugs don't get a patch
Hackers steal user database from European telecommunications standards body
Phishers Targeted Financial Services Most During H1 2022
Sandworm APT targets Ukraine with new SwiftSlicer wiper
CISA adds Owl Labs, Samsung, Realtek bugs to exploited vulnerability list
Massive DDoS Attacks at 633.7 Gbps Combining ACK, PUSH, RESET, and SYN Packets
SEC Charges SolarWinds and CISO With Misleading Investors
Experts detailed a previously undetected VMware ESXi backdoor
Microsoft announces new external attack surface audit tool
Square: Last week’s outage was caused by DNS issue, not a cyberattack
Apple patches double zero-day in browser and kernel – update now!
Microsoft: Iranian espionage campaign targeted satellite and defense sectors
Nvidia’s flagship AI chip reportedly 4.5x faster than the previous champ
Rapid7 Flags Multiple Flaws in Sigma Spectrum Infusion Pumps
Ukraine warns of “chemical attack” phishing pushing stealer malware
Cybersecurity Investment and M&A Activity Slowed in Q1, 2023
Suspected N. Korean Hackers Target S. Korea-US Drills
Cyberattack on IT provider CTS impacts dozens of UK law firms
ICO calls on social media firms to protect user's data from scraping
Omegle shuts down: it's been misused to commit “unspeakably heinous crimes”
North Korea's Lazarus Group Launders $900 Million in Cryptocurrency
Hydra, the world’s biggest cybercrime forum, shut down in police sting
ExelaStealer: A New Low-Cost Cybercrime Weapon Emerges
SOVA Android Banking Trojan Returns With New Capabilities and Targets
US agency attributes $540 million Ronin hack to North Korean APT group
More than $125 million taken from crypto platform Multichain
Tech industry leaders and White House clash over plan for improved cloud security
Vulnerability in Popular JsonWebToken Open Source Project Leads to Code Execution
US Recovers $15 Million From Ad Fraud Group
Lazarus hackers linked to the $35 million Atomic Wallet heist
Russia Cracks Down on 4 Dark Web Marketplaces for Stolen Credit Cards
First Microsoft, then Okta: New ransomware gang posts data from both
Mitsubishi Electric PLCs Exposed to Attacks by Engineering Software Flaws
Russia suffered record number of DDoS attacks last year: report
MOVEit Developer Patches Critical File Transfer Bug
WinRAR flaw enables remote code execution of arbitrary code
Spell-Checking in Google Chrome, Microsoft Edge Browsers Leaks Passwords
FBI: Lazarus hackers readying to cash out $41 million in stolen crypto
NodeStealer Malware Now Targets Facebook Business Accounts on Multiple Browsers
NSA Publishes ICS/OT Intrusion Detection Signatures and Analytics
Hackers Attack Unpatched Citrix NetScaler Systems to Deploy Ransomware
Ukrainian Police Bust Multimillion-Dollar Phishing Gang
U.S. data privacy and security solutions emerging at the federal level
Corporate Network Access Selling for Just $2000 on Dark Web
Chinese Hackers Caught Exploiting Popular Antivirus Products to Target Telecom Sector
Iran-linked APT Rocket Kitten exploited VMware bug in recent attacks
Hackers Started Exploiting Critical "Text4Shell" Apache Commons Text Vulnerability
Lazarus Group Targeting Defense Experts with Fake Interviews via Trojanized VNC Apps
Canadian Military, Police Impacted by Data Breach at Moving Companies
Record-Breaking 100 Million RPS DDoS Attack Exploits HTTP/2 Rapid Reset Flaw
Critical Atlassian Confluence bug exploited in Cerber ransomware attacks
Bl00dy Ransomware Gang Strikes Education Sector with Critical PaperCut Vulnerability
Cybercriminals Using Telekopye Telegram Bot to Craft Phishing Scams on a Grand Scale
Lapsus$ Hacker Group Exposed in Latest CSRB Report
Cybersecurity firm Dragos shared details about a failed extortion attempt it suffered
Silk Security Emerges from Stealth With $12.5 Million Seed Funding
Scammers are targeting college kids with fake bioscience job offers
US government indicts Iranian nationals for ransomware and other cybercrimes
Curl Releases Fixes For High-Severity Vulnerability
Hackers Exploiting Remote Desktop Program Flaws to Install PlugX Malware
New Russian-linked CosmicEnergy malware targets industrial systems
Google Feature Blamed for Retool Breach That Led to Cryptocurrency Firm Hacks
Microsoft disables MSIX protocol handler abused in Emotet attacks
Enzo Biochem Hit by Ransomware, 2.5 Million Patients' Data Compromised
Trickbot, Conti Sanctions Affect Top Cybercrime Brass
New WiKI-Eve attack can steal numerical passwords over WiFi
Comcast Xfinity accounts hacked in widespread 2FA bypass attacks
HelloKitty ransomware source code leaked on hacking forum
Hackers linked to North Korea targeted Indian medical org, energy sector
Caesars Entertainment Hacked: Over 6TB of Data Stolen
Critical F5 BIG-IP vulnerability exploited to wipe devices
Log4Shell, ProxyLogon and Atlassian bug top CISA's list of routinely exploited vulnerabilities in 2021
Operation ‘Duck Hunt’: Qakbot Malware Disrupted, $8.6 Million in Cryptocurrency Seized
SEC charges SolarWinds, its CISO with fraud
Meta Launches Paid Ad-Free Subscription in Europe to Satisfy Privacy Laws
Microsoft Exchange hack is focus of cyber board’s next review
Powerful JavaScript Dropper PindOS Distributes Bumblebee and IcedID Malware
Quasar RAT Leverages DLL Side-Loading to Fly Under the Radar
Over 300,000+ Fortinet Firewalls Vulnerable to Critical FortiOS RCE Bug
Russia shares list of 17,000 IPs allegedly DDoSing Russian orgs
Pirated Software Likely Cause of Airbus Breach
Access to hacked corporate networks still strong but sales fall
California Settles With Google Over Location Privacy Practices for $93 Million
Biden Issues Executive Order on Safe, Secure AI
Akira ransomware gang spotted targeting Cisco VPN products to hack organizations
Former OpenAI staffers slam CEO Sam Altman in new tell-all letter
White House wants input on open source security, memory-safe languages
Fake DDoS Protection Alerts Distribute Dangerous RAT
P2PInfect server botnet spreads using Redis replication feature
CVSS 4.0 Arrived As The New Vulnerability Scoring Standard
Zimbra Zero-Day Demands Urgent Manual Update
FTC warns of ‘staggering’ losses to social media scams since 2021
The Week in Ransomware - January 14th 2022 - Russia finally takes action
Dutch Police mails RaidForums members to warn they’re being watched
Fake Browser Updates Used in Malware Distribution
Iranians hacked US companies, sent ransom demands to printers, indictment says
95% of OpenAI employees have threatened to quit in standoff with board
Australia’s Casino Giant Crown Resorts disclosed data breach after Clop ransomware attack
RSA: Intel reference design to accelerate SASE, other security tasks
BeyondTrust, Cloudflare averted Okta attacks thanks to security chops
DHS cyber safety board to probe Lapsus$ hacks
Microsoft to stop locking vital security logs behind $57-per-user monthly plan
Power grid of Asian nation shows signs of intrusion by espionage group
Human Error the Leading Cause of Cloud Data Breaches
Colombian energy supplier EPM hit by BlackCat ransomware attack
GitHub Enterprise Server Gets New Security Capabilities
Hackers Sneak 'More_Eggs' Malware Into Resumes Sent to Corporate Hiring Managers
Microsoft addresses three zero-days for October’s Patch Tuesday
Pro-Ukraine group says it breached Russian card payment system
More than 2K organizations at risk of major attacks linked to SLP vulnerability
Study: Phishing Takes Up a Third of IT Time, Resources, and Budget
Fortinet urges to patch a critical RCE flaw in Fortigate firewalls
The 5 best VPN routers of 2023
From MuddyC3 to PhonyC2: Iran's MuddyWater Evolves with a New Cyber Weapon
Retailer Database Error Leaks Over One Million Customer Records
LockBit ransomware encryptors found targeting Mac devices
MalasLocker Ransomware Attacks Users of Zimbra Servers
Darktrace Acquires Attack Surface Management Company Cybersprint
Cisco patches IOS XE vulnerabilities actively being exploited
Apple warns Armenians of state-sponsored hacking attempts
US prison allegedly hit by ransomware attack
North Korean Hackers Exploiting Recent TeamCity Vulnerability
Chairman of House cybersecurity panel wants to overturn SEC disclosure rules
Scammers target older people online. Here are the 3 warning signs to watch for
“Clickless” iOS exploits infect Kaspersky iPhones with never-before-seen malware
FBI-Led Operation Duck Hunt Shuts Down QakBot Malware
Are Source Code Leaks the New Threat Software vendors Should Care About?
Researchers Share New Insights Into RIG Exploit Kit Malware's Operations
Dangerous Android phone 0-day bugs revealed – patch or work around them now!
FCC’s proposal to strengthen emergency alert security might not go far enough
Cyber assistance bills for agriculture sector gain bipartisan attention in Senate
U.S. Banned Chinese Telecom & Surveillance Cameras That Pose National Security Threat
Black Friday 2022 deal: NordPass Premium password manager is 50% off
Iranian Cyber Spies Use 'LionTail' Malware in Latest Attacks
Microsoft: KB5008212 Windows security update breaks Outlook search
Boeing Breached by LockBit Ransomware Gang? Investigation Inprogress
When Attacks Surge, Turn to Data to Strengthen Detection and Response
Rapid7 Announces Layoffs, Office Closings Under Restructuring Plan
Cisco hacked by Yanluowang ransomware gang, 2.8GB allegedly stolen
Microsoft now rolling out Copilot to Windows 10 devices
Interpol: Human Trafficking is Fueling Fraud Epidemic
Google Expands Its Bug Bounty Program to Tackle Artificial Intelligence Threats
SolarWinds: Here's how we're building everything around this new cybersecurity strategy | ZDNet
AI-Generated Phishing Emails Almost Impossible to Detect, Report Finds
Ragnar Locker ransomware’s dark web extortion sites seized by police
Twitter Restricts SMS-based 2FA To Twitter Blue Users – Other 2FA Will Work
Budworm Hackers Resurface with New Espionage Attacks Aimed at U.S. Organization
The FBI's Perspective on Ransomware
Apple pays $25M to settle employment discrimination case
Google quietly corrects previously submitted disclosure for critical webp 0-day
‘Data poisoning’ anti-AI theft tools emerge — but are they ethical?
Citrix Issues Patches for Critical Flaw Affecting ADC and Gateway Products
Meta Fights Sprawling Chinese 'Spamouflage' Operation
Gmail App Passwords: What they are, how to create one, and why to use them
Best Security Solutions for Marketers - 2024
UK hacker busted in Spain gets 5 years over Twitter hack and more
Kaspersky releases a free decryptor for Yanluowang ransomware
Yellen Says Ransomware Attack on China's Biggest Bank Minimally Disrupted Treasury Market Trades
NATO Condemns Alleged Iranian Cyberattack on Albania
Okta revises original statement, says 366 customers affected by Lapsus$ breach
8 habits of highly secure remote workers
Alert: Juniper Firewalls, Openfire, and Apache RocketMQ Under Attack from New Exploits
DOJ arrests man behind brazen $100 million attack on Mango Markets
Hackers claim to publish prominent Israeli hospital’s patient data
Palo Alto Networks closely watched ahead of late Friday Q4 report
Report claims to reveal identity of Russian hacktivist leader
Microsoft: Windows LAPS is incompatible with legacy policies
A High-severity bug in F5 BIG-IP can lead to code execution and DoS
BYOD Security Gap: Survey Finds 49% of European Firms Unprotected
StripedFly malware framework infects 1 million Windows, Linux hosts
Singapore public health services hit by DDoS attacks
Insider Q&A: Pentagon AI Chief on Network-Centric Warfare, Generative AI Challenges
Rising ‘Firebrick Ostrich’ BEC Group Launches Industrial-Scale Cyberattacks
'Poisoned' Tor Browser tracks Chinese users' online history, location
Microsoft Azure-Based Kerberos Attacks Crack Open Cloud Accounts
Suncor Energy continues probe of cyber incident disrupting gas station payments
Amazon to make MFA mandatory for 'root' AWS accounts by mid-2024
Riot Games Latest Video-Game Maker to Suffer Breach
UK military intelligence team wins Western Europe’s ‘largest cyber warfare exercise’ held in Estonia
Cyberattackers leaked data of 27,000 NYC Bar Association membersers
New Exploit Bypasses Existing Spectre-v2 Mitigations in Intel, AMD, Arm CPUs
MGM still responding to wide-ranging cyberattack as rumors run rampant
Cisco Releases Security Patches for New Vulnerabilities Impacting Multiple Products
First Directory of Virtual CISO Providers Launched by Cynomi
Chinese APT Targets Hong Kong in Supply Chain Attack
Ransomware has gone down because sanctions against Russia are making life harder for attackers | ZDNet
Samsung Galaxy S23 hacked twice on first day of Pwn2Own Toronto
Hackers Impersonate Hacks to Steal Millions
ZenRAT Malware Uncovered in Bitwarden Impersonation
Weight Management Companies Settle Data Privacy Suit
<strong>Attack of drones: airborne cybersecurity nightmare</strong>
Windows feature that resets system clocks based on random data is wreaking havoc
Mirai-based botnet updates ‘arsenal of exploits’ on routers, IoT devices
Don't get scammed by fake ChatGPT apps: Here's what to look out for
Exploit Code Published for Critical-Severity VMware Security Defect
Threat actors behind Las Vegas casino attacks are social-engineering mavens
IBM rebuilds QRadar for hybrid clouds and AI workloads
Hackers Trick Windows Users With Malicious Ads to Deliver Malware
Ransomware Diaries: Undercover with the Leader of Lockbit
Exploitation of New Citrix Zero-Day Likely to Increase, Organizations Warned
NATO allies express support for collective response to cyberattacks
Researchers Warn of Cyber Attacks Targeting Data Center Providers Globally
Zero Day Summer: Microsoft Warns of Fresh New Software Exploits
Citrix Patches Critical Vulnerability in Secure Access Client for Ubuntu
Warning: Hackers Actively Exploiting Zero-Day in Fortra's GoAnywhere MFT
How Water Labbu Exploits Electron-Based Applications
Chilean government warns of Black Basta ransomware attacks after customs incident
Anonymous: Operation Russia after 100 days of war
Where Advanced Cyberttackers Are Heading Next: Disruptive Hits, New Tech
AI Boosts Malware Detection Rates by 70%
Threat Actors Modify Malware DGA Patterns to Improve C2 Communication and Complicate Analysis
Ransomware gangs increase efforts to enlist insiders for attacks
FBI seized other domains used by the shadow eBook library Z-Library
Log4Shell remains a big threat and a common cause for security breaches
New Python Variant of Chaes Malware Targets Banking and Logistics Industries
Ransomware Misconceptions Abound, To the Benefit of Attackers
QR Code Campaign Targets Major Energy Firm
Lazarus Group Exploits Critical Zoho ManageEngine Flaw to Deploy Stealthy QuiteRAT Malware
Caesars Entertainment Reveals Major Ransomware Breach
US CISA, CrowdStrike Release Free Log4j Scanners
Belgian Police Under Fire After Major Ransomware Leak
Senegal shuts off mobile internet after arrest of opposition leader
Comprehensive Traceability for Android Supply-Chain Security
Conti leaks: pro-Ukrainian member exposed more gang’s chats and Trickbot’s source code | CyberNews
Bing Chat AI is down, affecting Windows Copilot and more
'Play' Ransomware Group Targeting MSPs Worldwide in New Campaign
Winamp releases new version after four years in development
Inserted AI-generated Microsoft poll about woman’s death rankles The Guardian
Countries pledge to not pay ransoms, but experts question impact
Hackers exploit Looney Tunables Linux bug, steal cloud creds
Zero-Day Attacks Exploited Critical Vulnerability in Citrix ADC and Gateway
ClearFake Campaign Expands to Deliver Atomic Stealer on Mac Systems
Elon Musk in Hot Water With FTC Over Twitter Privacy Issues
US Sanctions Ryuk Ransomware’s Russian Money Launderer
New Malware Tools Pose 'Clear and Present Threat' to ICS Environments
New PowerDrop Malware Targeting U.S. Aerospace Industry
Freelance Market Flooded With North Korean IT Actors
Mystery solved in destructive attack that knocked out >10k Viasat modems
Difference Between Agent-Based and Network-Based Internal Vulnerability Scanning
Report: New ransomware gang emerges in Vietnam
Threat Actor Farnetwork Linked to Five Ransomware Schemes
New Vulnerabilities Found in Adobe ColdFusion
Why Is Security Important for Businesses?
Where to invest to close the cyber skills gap
U.S. Bank of the West Found a Debit Card Stealing Skimmers on ATMs
Microsoft Confirms Exploitation of Two Exchange Server Zero-Days
U.S. Offers $15 Million Bounty for Leaders of Conti Ransomware Gang
Why Ensuring Supply Chain Security in the Space Sector is Critical
CitrixBleed sparks race to patch, hunt for malicious activity
Uncovering a Kingminer Botnet Attack Using Trend Micro Managed XDR
Russian National Sanctioned For Virtual Currency Money Laundering
IT Systems Encrypted After UK School Hit By Ransomware
'Muddled Libra' Uses Oktapus-Related Smishing to Target Outsourcing Firms
Third Nigerian pleads guilty in BEC scams dating back nearly a decade
Eastern European energy and defense firms targeted with MATA backdoor
How Shady Code Commits Compromise the Security of the Open-Source Ecosystem
Verisoul Raises $3.25 Million in Seed Funding to Detect Fake Users
GitLab Patches Critical Pipeline Execution Vulnerability
Hackers breached International Criminal Court’s systems last week
'CitrixBleed' Linked to Ransomware Hit on China's State-Owned Bank
New Report: Child Sexual Abuse Content and Online Risks to Children on the Rise
An info-stealer campaign is now targeting Facebook users with revealing photos
Initial access broker or ransomware gang has 'exclusive' access to Mitel zero-day exploit: report
New ESXiArgs Ransomware Variant Emerges After CISA Releases Decryptor Tool
Okta defends 2-week gap in response to identity token theft, says 134 customers affected
TellYouThePass ransomware joins Apache ActiveMQ RCE attacks
4 ways to secure your remote work setup
Lorenz Ransomware Gang Exploits Mitel VoIP Appliance Vulnerability in Attacks
CISA urges security upgrades as DDoS continues to target Rapid Reset zero day
Akira ransomware compromised at least 63 victims since March, report says
New Year's Surprise: Cybersecurity M&A, Funding Activity Snowballs in Q4
Unpatched DNS Bug Puts Millions of Routers, IoT Devices at Risk
Cybersecurity M&A Roundup: 39 Deals Announced in September 2022
Australian ports operator recovering after major cyber incident
White House hosts Counter Ransomware Initiative summit, with a focus on not paying hackers
DPRK Hackers Masquerade as Tech Recruiters, Job Seekers
Were you caught up in the latest data breach? Here's how to find out
Magecart Hackers Hide in 404 Error Pages
Lorenz Ransomware Exploit Mitel VoIP Systems to Breach Business Networks
Traffic interception and MitM attacks among security risks of Russian TLS certs
Microsoft Azure HDInsight Plagued With XSS Vulnerabilities
Mozi Botnet Likely Killed by Its Creators
North Korean Hackers Pose as Job Recruiters and Seekers in Malware Campaigns
Dallas County confirms cybersecurity 'incident' after ransomware gang claims attack
Hackers Steal Over 50,000 Payment Card Records Using E-Skimmer
Microsoft Defender now auto-isolates compromised accounts
Scattered Spider hackers use old Intel driver to bypass security
US Government Releases Security Guidance for Open Source Software in OT, ICS
New backdoor tool spotted in use against targets in Brazil, Israel, UAE
7 Key Findings from the 2022 SaaS Security Survey Report
RedLine/Vidar Abuses EV Certificates, Shifts to Ransomware
Gaming Company Ubisoft Confirms It was Hacked, Resets Staff Passwords
New Telegram Bot "Telekopye" Powering Large-scale Phishing Scams from Russia
Japan's Nagoya Port Suspends Cargo Operations Following Ransomware Attack
Experts released PoC exploit for MOVEit Transfer CVE-2023-34362 flaw
Wizard Spider hackers hire cold callers to scare ransomware victims into paying up | ZDNet
Japan Aviation Electronics says servers accessed during cyberattack
Lawmakers press FCC for action on Chinese-made cellular modules
25 Best Cloud Service Providers (Public and Private) in 2023
Civil rights groups launch effort to stop IRS use of 'flawed' ID.me facial recognition | ZDNet
Costa Rica declares a state of emergency over Conti cyberattack | CyberNews
Mortgage giant Mr. Cooper using alternative payment options after cyberattack
Ukraine energy facility took unique Sandworm hit on day of missile strikes, report says
Caesars shakes off cyberattack with strong Q3 Las Vegas demand
Microsoft: Hackers target Azure cloud VMs via breached SQL servers
Notorious Mystic Stealer Attacks 40 Web Browsers & 70 Extensions to Steal Login Credentials
Marina Bay Sands discloses data breach impacting 665,000 customers
LockBit Using Remote Monitoring Tools to Infect Employees with Ransomware
Experts Warn of Severe Flaws Affecting Milesight Routers and Titan SFTP Servers
Ukraine’s deputy minister of digital transformation on building a military tech sector from scratch
Google Play Protect adds real-time scanning to fight Android malware
JetBrains vulnerability being exploited by North Korean gov’t hackers, Microsoft says
For top cybersecurity talent, companies pay over $500,000: Report
“This vulnerability is now under mass exploitation.” Citrix Bleed bug bites hard
Exploit released for critical VMware vRealize RCE vulnerability
IAM Credentials in Public GitHub Repositories Harvested in Minutes
How Do You Defend Against Software Supply Chain Attacks? - Cyber Security News
ALPHV/BlackCat Ransomware Gang Targets Businesses Via Google Ads
Ransomware gangs now exploiting critical TeamCity RCE flaw
Mass Exploitation of Zero-Day Bug in MOVEit File Transfer Underway
Critical vulnerability in Atlassian Confluence server is under “mass exploitation”
Exploitation of Control Web Panel Vulnerability Starts After PoC Publication
Recently Patched TeamCity Vulnerability Exploited to Hack Servers
CISA Warns of Actively Exploited Critical Oracle Fusion Middleware Vulnerability
New AtlasCross hackers use American Red Cross as phishing lure
Mass Exploitation of 'Citrix Bleed' Vulnerability Underway
Malicious KMSPico installers steal your cryptocurrency wallets
US Cyber Command wrapped second ‘hunt forward’ mission to Lithuania
Evasive Jupyter Infostealer Campaign Showcases Dangerous Variant
SANS Ransomware Summit 2022, Can You Detect This?
Malicious ISO File Leads to Domain Wide Ransomware - The DFIR Report
New 'HrServ.dll' Web Shell Detected in APT Attack Targeting Afghan Government
CONTInuing the Bazar Ransomware Story
European governments targeted by Chinese hackers with a Zimbra webmail zero-day - The Record by Recorded Future
Atlassian confirms ransomware is exploiting latest Confluence bug
TikTok Fined $368m For Child Data Privacy Offenses
CISA to warn critical infrastructure of ransomware-vulnerable devices
RedEyes Hacking Group Uses Steganography Technique to Deploy Malware on PC & Mobile Phones
Top 10 Best DevOps Tools to Shift Your Security
Microsoft shares fix for some Outlook hyperlinks not opening
Finland says Chinese ship to blame for subsea pipeline break
Ukraine, Israel, South Korea top list of most-targeted countries for cyberattacks
Iran-linked Charming Kitten APT enhanced its POWERSTAR Backdoor
Microsoft extends Purview Audit log retention after July breach
New Custom Malware Attacking Remote Desktop Protocol Clients to Steal Data
FjordPhantom Android Malware Targets Banks With Virtualization
Prevalent introduces Alfred, a generative AI butler for risk management
CopperStealer Malware Crew Resurfaces with New Rootkit and Phishing Kit Modules
Microsoft Warns of New Phishing Campaign Targeting Corporations via Teams Messages
Exfiltrator-22 Post-Exploitation Toolkit Nips At Cobalt Strike's Heels
Boeing Admits Cyberattack; Lockbit Claims Zero-Day Exploit Was Used to Gain Access
Randstorm Exploit: Bitcoin Wallets Created b/w 2011-2015 Vulnerable to Hacking
WP Fastest Cache Plugin Exposes Over 600K+ WordPress Sites to SQL Injection Attacks
Microsoft finally fixes broken Surface Pro X laptop cameras
In Other News: US Hacking China, Unfixed PowerShell Gallery Flaws, Free Train Tickets
CISA Warns of Critical Vulnerabilities in 3 Industrial Control System Software
CISA Sets a Deadline - Patch Juniper Junos OS Flaws Before November 17
URL and DNS Filtering: The Dynamic Web Security Duo
Reddit names seasoned IT security leader as new CISO
Sandbox blockchain game breached to send emails linking to malware
A Look Into Purple Fox’s Server Infrastructure
New ransomware decryptor recovers data from partially encrypted files
Proton unveils new password manager with end-to-end encryption for all data
Top 6 e-signature software tools
Hacker Group Uses Malicious Browser Extension To Steal Emails
Windows 11 KB5025305 adds prioritized Windows updates setting
Cyberattacks Targeting E-commerce Applications
Yamaha Motor Confirms Data Breach Following Ransomware Attack
CISA adds 12 new flaws to its Known Exploited Vulnerabilities Catalog
FBI warns about ongoing Google Voice authentication scams
Patch Tuesday: Microsoft fixes a zero-day, and two curious bugs that take the Secure out of Secure Boot
Microsoft November 2023 Patch Tuesday fixes 5 zero-days, 58 flaws
Apple Re-Releases Urgent Zero-Day Patches With Fix for Website Access Issue
Two flaws in Samsung Galaxy Store can allow to install Apps and execute JS code
Experts warn of a surge of attacks exploiting a Realtek Jungle SDK RCE (CVE-2021-35394)
Apple fixes new Webkit zero-day used in attacks against iPhones, Macs
Divided oversight panel recommends new limits for Section 702 searches
US offers $10 million for Russian military hackers behind NotPetya attacks | CyberNews
Ransomware attacks now target unpatched WS_FTP servers
DXC Technology says global network is not compromised following Latitude Financial breach
Cloudflare Users Exposed to Attacks Launched From Within Cloudflare: Researchers
UK ICO and NCSC Set to Share Anonymized Threat Intelligence
In Other News: Energy Services Firm Hacked, Tech CEO Gets Prison Time, X Glitch Leads to CIA Channel Hijack
Microsoft Warns About Phishing Attacks by Russia-linked Hackers
Researchers warn of 100,000 industrial control systems exposed online
‘Anomalous’ spyware stealing credentials in industrial firms
Critical flaw in JetBrains TeamCity exploited weeks after patch issued
Gaps in Azure Service Fabric’s Security Call for User Vigilance
WhatsApp Hit with €5.5m fine for GDPR Violations
Sophisticated Phishing Campaign Deploying Agent Tesla, OriginBotnet, and RedLine Clipper
Iran-Linked OilRig Targets Middle East Governments in 8-Month Cyber Campaign
Non-bank financial institutions must report data security breaches: FTC
Critical Citrix NetScaler Flaw Exploited to Target from Government, Tech Firms
Dallas to pay vendors $8.6M for their ransomware recovery services
Researchers Find 34 Windows Drivers Vulnerable to Full Device Takeover
Massive cybercrime URL shortening service uncovered via DNS data
Hackers Abusing Skype and Teams to Deliver the DarkGate Malware
North Korea-linked BlueNoroff APT is behind the new RustBucket Mac Malware
How to Prevent API Breaches: A Guide to Robust Security
Microsoft Teams down: Ongoing outage behind message failures, delays
Russia’s APT29 Targets Embassies With Ngrok and WinRAR Exploit
Rockwell Automation Warns Customers of Cisco Zero-Day Affecting Stratix Switches
Critical systems restored at English council following ransomware attack
FraudGPT, a new malicious generative AI tool appears in the threat landscape
Watch Out For Malicious Python Packages That Can Hijack Your Computer
Two arrested for attacking nuclear warning system | Cybernews
FBI: Ransomware attacks are piling up the pressure on public services | ZDNet
Alert: New Kubernetes Vulnerabilities Enable Remote Attacks on Windows Endpoints
Cisco: Hackers targeting zero-day found in internet-exposed routers
Azure HDInsight Flaws Allowed Data Access, Session Hijacking, Payload Delivery
Online Safety Bill passes final parliament debate, set to become UK law
Vietnamese Cybercriminals Targeting Facebook Business Accounts with Malvertising
Mortgage giant Mr. Cooper says customer data exposed in breach
Cuba Ransomware Group’s New Variant Found Using Optimized Infection Techniques
Oklahoma Cops Say Rape Victims’ Data May Have Been Leaked
WordPress plugin installed on 1 million+ sites logged plaintext passwords
Stealthy 'SockDetour' Backdoor Used in Attacks on U.S. Defense Contractors
Google Bard launches in EU, overcoming data privacy concerns in the region
It's past time you started using a password manager (whether you like it or not) | ZDNet
Microsoft: Some Outlook.com users can't send emails with attachments
Pirated Final Cut Pro for macOS Offers Stealth Malware Delivery
Of Cybercriminals and IP Addresses
Zaraza Malware Exploits Web Browsers To Steal Stored Passwords And Data
Political fallout in cybercrime circles upping the threat to Western targets
UK fines Equifax $13.6 million for 2017 data breach
Sneaky hackers reverse defense mitigations when detected
Chinese Hackers Use DLL Hijacking to Target Asian Gamblers
1,000s of Phishing Attacks Blast Off From InterPlanetary File System
Microsoft: May Windows updates cause AD authentication failures
Vulnerabilities Allow Hackers to Hijack, Disrupt Socomec UPS Devices
Descope launches authentication and user management SaaS
Casio discloses data breach impacting customers in 149 countries
A new Linux flaw can be chained with other two bugs to gain full root privileges
HelloKitty ransomware now exploiting Apache ActiveMQ flaw in attacks
Hackers Using Red Teaming Tools to Connect with C&C Servers
GitHub Vulnerability Let Attackers Hijack Thousands of Repositories
Zero-Click iPhone Exploit Drops Spyware on Exiled Russian Journalist
FBI’s Qakbot operation opens door for more botnet takedowns
Mirai Botnet Variant 'Pandora' Hijacks Android TVs for Cyberattacks
Pentagon's 2023 Cyber Strategy Focuses on Helping Allies
UK Government Backs Down on Anti-Encryption Stance
White House Unveils Artificial Intelligence ‘Bill of Rights’
QNAP warns of new crypto-miner targeting its NAS devices
The Team8 Foundry Method for Selecting Investable Startups
STOP Ransomware vaccine released to block encryption
Dastardly From BurpSuite: Lightweight Web App Security Scanner
Adware cleaner apps promoted on Facebook sneaked into the Play Store
MuddyC2Go: New C2 Framework Iranian Hackers Using Against Israel
Microsoft Paint in Windows 11 gets a background removal tool
New Botnet Malware 'Horabot' Targets Spanish-Speaking Users in Latin America
Ducktail Infostealer, DarkGate RAT Linked to Same Threat Actors
Quishing Campaigns Spike 50% in September
Vendors Assessing Impact of Spring4Shell Vulnerability
4 ways to secure your remote work setup
US and UK sanction 11 TrickBot and Conti cybercrime gang members
Confidence in File Upload Security is Alarmingly Low. Why?
US Urges Critical Infrastructure Firms to Get “Shields Ready”
#NITAM: Average Annual Cost of Insider Incidents Reaches $16.2m Per Or
Meta, Alphabet, ByteDance must face social media addiction lawsuits
Russian Threat Actor “farnetwork” Linked With 5 Ransomware Strains
MPs Dangerously Uninformed About Facial Recognition – Report
Security Risks to Boom in the Era of Widespread Generative AI Adoption
Frontegg releases new identity, user management solution for SaaS products
Mysterious Kill Switch Disrupts Mozi IoT Botnet Operations
Webinar: Identity Threat Detection & Response (ITDR) – Rips in Your Identity Fabric
Millions of Facebook Business Accounts Bitten by Python Malware
Russian security service detains two hackers allegedly working for Ukraine
New AD CTS Attack Vector Enables Lateral Movement Between Microsoft tenant
Microsoft found TikTok Android flaw that let hackers hijack accounts
EU Formalizes Cybersecurity Support For Ukraine
Cisco fixed a critical Bypass Authentication flaw in Cisco ESA and Secure Email and Web Manager
California Signs Internet Privacy Legislation to Boost Children's Safety Online
Russian Hackers Caught Exploiting Roundcube Webmail Zero-Day
Iranian APT Group Utilize IIS-based Backdoors to Compromise Windows servers
Critical Flaws in PowerShell Gallery Enable Malicious Exploits
Russian APT29 Hackers Use DropBox and Google Drive for Hacking
48 Malicious npm Packages Found Deploying Reverse Shells on Developer Systems
FIN8 cybercrime group using updated backdoor amid shift to ransomware
Palo Alto Networks flags top cyberthreats, offers new zero-day protections
Vulnerability Management Fatigue Fueled by Non-Exploitable Bugs
Securing Your SaaS: Best Practices and Proven Strategies
Webworm hackers modify old malware in new attacks to evade attribution
Chinese Hackers Target Building Management Systems
Overhaul your ethical hacking skills with this training bundle deal
Unpatched Citrix NetScaler Devices Targeted by Ransomware Group FIN8
Google: Chinese state hackers target Ukraine’s government
Former SpaceX Engineers Get $8 Million in Funding for AI Security Firm Wraithwatch
iLeakage Attack Exploits Safari to Steal Sensitive Data From Macs, iPhones
HD Moore's Rumble Raises $15M Series A Investment
Guard against SMS phishing in your organization
Security Affairs newsletter Round 358 by Pierluigi Paganini
Perception Point launches MSP program to help partners tackle threats
Stealc, a new advanced infostealer appears in the threat landscape
SpyNote Android Trojan Emerges As Recent Spyware Threat For Android
FBI, CISA Warn of Rising AvosLocker Ransomware Attacks Against Critical Infrastructure
Forrester: GenAI Will Lead to Breaches and Privacy Fines in 2024
Microsoft Pays $20m to Settle Another FTC COPPA Case
DARPA Challenges AI Pros to Safeguard US Infrastructure
Malicious NuGet packages abuse MSBuild to install malware
AvosLocker Ransomware Variant Using New Trick to Disable Antivirus Protection
IBM offers integrated security management with QRadar release
More than $100 million stolen from Poloniex crypto platform
Microsoft fixes Outlook prompts to reopen closed windows
BlackCat ransomware hits Azure Storage with Sphynx encryptor
AI Safety Summit: Biden Administration Launches US AI Safety Institute
GitHub Improves Secret Scanning Feature With Expanded Token Validity Checks
Google Chrome Rolls Out Support for 'Privacy Sandbox' to Bid Farewell to Tracking Cookies
Majority of Security Managers Lack Threat Intelligence Skills
Hack the Pentagon 3.0 Bug Bounty Program to Focus on Facility Control Systems
Cybersecurity: These are the new things to worry about in 2023
New BiBi-Linux wiper malware targets Israeli orgs in destructive attacks
Cybercriminals Targeting Law Firms with GootLoader and FakeUpdates Malware
Software supply chain security fixes gain prominence at RSA
Massive Ad Fraud Scheme Targeted Over 11 Million Devices with 1,700 Spoofed Apps
Russia’s Sandworm hacking unit targets Ukrainian telecom providers
Experts spotted a backdoor that borrows code from CIA’s Hive malware
Swatting started in the gaming world and it’s coming for the rest of us
FBI: BlackCat ransomware breached at least 60 entities worldwide
After Major Cloud Hacks, Microsoft Unveils ‘Secure Future Initiative’
AI-generated child sex imagery has every US attorney general calling for action
One Year Later: Log4Shell Remediation Slow, Painful Slog
Ragnar Locker ransomware group breached at least 52 organizations across 10 critical infrastructure sectors
Feel-good story of the week: 2 ransomware gangs meet their demise
GitLab Released Emergency Fix For Critical Vulnerability – Update Now!
Cyber incident reports hit ‘all-time high,’ warns UK NCSC
Dozens of Kernel Drivers Allow Attackers to Alter Firmware, Escalate Privileges
Ransomware attack knocks Rackspace’s Exchange servers offline
Okta breach: 134 customers exposed in October support system hack
BlackLotus is the first bootkit bypassing UEFI Secure Boot on Windows 11
SecuriDropper: New Android Dropper-as-a-Service Bypasses Google's Defenses
US warning: North Korea's tech workers posing as freelance developers | ZDNet
FBI Blames North Korean Hackers for $41 Million Stake.com Heist
Malicious PyPI Module Poses as SentinelOne SDK
IT Security Analyst Pleaded Guilty for Attacking his Own Company
Panaseer Launches Guidance on Security Controls Ahead of EU’s New Legislation
Critical RCE Flaw Discovered in Fortinet FortiGate Firewalls - Patch Now!
Researchers spot an increase in Jupyter infostealer infections
Iran-Affiliated Group Targets Israeli Firms Amid Israel-Hamas Conflict
Google Chrome zero-day jumps onto CISA's known vulnerability list
Socks5Systemz proxy service infects 10,000 systems worldwide
Over Half of Users Report Kubernetes/Container Security Incidents
Check Point to Acquire SASE Security Firm Perimeter 81 for $490 Million
Intel Sued Over 'Downfall' CPU Vulnerability
APT28 Targets Ukrainian Government Entities with Fake "Windows Update" Emails
Twitter confirms zero-day used to expose data of 5.4 million accounts
Canadian banking tech giant Moneris says it prevented ransomware attack
Webinar: Kickstarting Your SaaS Security Strategy & Program
DOJ reverses itself, says good-faith security researchers should be left alone
For the SEC, the fraud case against SolarWinds is a cybersecurity warning shot
FBI seizes 13 more domains linked to DDoS-for-hire services
Xage Targets New Markets with $20 Million Investment
New Vulnerability in Popular WordPress Plugin Exposes Over 2 Million Sites to Cyberattacks
Booking.com's OAuth Implementation Allows Full Account Takeover
Google Virus Total leaks list of spooky email addresses
Philadelphia discloses email compromise 5 months after initial detection
Foxconn: Mexico factory operations 'gradually returning to normal' after ransomware attack
MGM Resorts ransomware attack led to $100 million loss, data theft
PCI Secure Software Standard version 1.2 sets out new payment security requirements
Name That Toon: Vicious Circle
Pennsylvania water facility hit by Iranian hackers
Google Fixes Actively Exploited Zero-day Vulnerability : Patch Now!
Multiple AudioCodes Desk Phone and Zoom Zero Touch Flaws Enable Remote Attacks
New APT Group Using Custom Malware to Attack Manufacturing & IT Industries
Blackbaud agrees to $49.5 million settlement with AGs of nearly all 50 states
Suspected Russian Money Launderer Extradited to US
Ardent Health Ransomware Attack: Multiple Hospitals Affected
Police just launched an e-commerce fraud crackdown. Here's how to protect yourself from scammers
Q&A: Cisco CIO sees AI embedded in every product and process
Serious vulnerabilities in Matrix’s end-to-end encryption are being patched
Google researchers fount multiple security issues in Intel TDX
US, European agencies dismantle Qakbot network used for ransomware and scams
North Korea-linked hackers stole $626 million in virtual assets in 2022
First Weekly Chrome Security Update Patches High-Severity Vulnerabilities
AWS Mandates Multi-Factor Authentication from 2024
TikTok slapped with $368 million fine over child privacy violations
Copycat Criminals mimicking Lockbit gang in northern Europe
North Korean Attackers Exploiting Critical CI/CD Vulnerability
UK and US Sanction 11 Russians Tied to Conti/TrickBot Ransomware
BIG-IP Vulnerability Allows Attackers to Execute Remote Code
Chinese hackers backdoor chat app with new Linux, macOS malware
Critical GitHub Vulnerability Exposes 4,000+ Repositories to Repojacking Attack
TrojanSMS malware spreading via two malicious Android app stores | CyberNews
S3 Ep82: Bugs, bugs, bugs (and Colonial Pipeline again) [Podcast]
Half of Ransomware Groups Operating in 2023 Are New
Wake-Up Call as 3AM Ransomware Variant Is Discovered
CISA panel pitches idea of a National Cybersecurity Alert System
Cops Arrest Suspected Multimillion-Dollar Fraud Mastermind
In Other News: Africa Cybercrime Crackdown, Unpatched macOS Flaw, Investor Disclosures
Zero Day Threat Protection for Your Network
Spyware Vendors Caught Exploiting Zero-Day Vulnerabilities on Android and iOS Devices
Pay our ransom instead of a GDPR fine, cybercrime gang tells its targets
Police operation 'SpecTor' arrests 288 dark web drug vendors and buyers
DARPA $20M AI challenge kick off delayed until Dec 11th
Webinar Today: Using Governance and Privilege to Gain Control Over Third-Party Access
Camaro Dragon APT Group Exploits TP-Link Routers With Custom Implant
UAE, Israel Ink Pivotal Joint Cyber-Threat Intelligence Agreement
Manchester Police Officers’ Data Breached in Third-Party Attack
Microsoft: Over 100 threat actors deploy ransomware in attacks
Russian artists’ Spotify accounts defaced by pro-Ukraine hackers
Global Economy Could Lose $3.5trn in Systemic Cyber-Attack
McAfee Agent bug lets hackers run code with Windows SYSTEM privileges
815 Million Indians' Aadhaar Data Exposed on the Dark Web
Google: State hackers still exploiting Internet Explorer zero-days
Zoom’s AI terms overhaul sets stage for broader data use scrutiny
Deepfake Digital Identity Fraud Surges Tenfold, Sumsub Report Finds
What is SSL and Why it is Important?
Microsoft fixes known issue causing Outlook freezes, slow starts
High-speed AI drone beats world-champion racers for the first time
The Grinch stole the Holidays: how bots affect Black Friday
3CX hack highlights risk of cascading software supply-chain compromises
Brave takes on the creepy websites that override your privacy settings
New EarlyRAT malware linked to North Korean Andariel hacking group
Break into Ethical Hacking with 18 Advanced Online Courses for Just $42.99
Singapore must clamp down on security inertia before digital banking era can take off | ZDNet
LAUSD says Vice Society ransomware gang stole contractors’ SSNs
Google will provide dark web monitoring to all US Gmail users and more
Sanctions Hitting Russian Cyber-Criminals Hard
SpyNote malware spies on Android users, steals banking credentials
More Russian journalists investigating possible spyware infections
Critical infrastructure also hit by supply chain attack behind 3CX breach
Android's October 2023 Security Updates Patch Two Exploited Vulnerabilities
Europol warns of criminal use of ChatGPT
Hackers exploit critical VMware flaw to drop ransomware, miners
FBI Charges 6, Seizes 48 Domains Linked to DDoS-for-Hire Service Platforms
Researchers Uncover 7000 Malicious Open Source Packages
Sprawling Qakbot Malware Takedown Spans 700,000 Infected Machines
Moldovan accused of running cybercrime marketplace to face charges in US
Wildfires, cyberattacks, and cheating students turned off the internet in the third quarter
Web skimmers hit 300+ sites hidden inside Google Tag Manager containers
The Vulnerable Maritime Supply Chain - a Threat to the Global Economy
GitHub Updates Security Protocol For Operations Over SSH
FBI nukes Russian Snake data theft malware with self-destruct command
Android Security Updates: Over 40 Vulnerabilities Including Critical RCE Patched
New PoC Exploit for Apache ActiveMQ Flaw Could Let Attackers Fly Under the Radar
Fake Reservation Links Prey on Weary Travelers
High-profile ransomware gang suspects arrested in Ukraine
EU Urged to Prepare for Quantum Cyber-Attacks
Google: State hackers attack security researchers with new zero-day
Beijing 2022 Winter Olympics app bursting with privacy risks
Visual Voice Mail on Android may be vulnerable to eavesdropping
Social media hearings highlight lack of trust, transparency in sector
S3 Ep97: Did your iPhone get pwned? How would you know? [Audio + Text]
TP-Link Tapo L530E smart bulb flaws allow hackers to steal user passwords
Over a Dozen New BMC Firmware Flaws Expose OT and IoT Devices to Remote Attacks
SolarWinds Patches High-Severity Flaws in Access Rights Manager
FTC orders non-bank financial firms to report breaches in 30 days
Uber reaches non-prosecution deal with feds after concealing data breach
Acting White House Cyber Director Withdraws Nomination
L2 Network Security Control Bypass Flaws Impact Multiple Cisco Products
Google warns: Android 'patch gap' is leaving these smartphones vulnerable to attack
Microsoft: Octo Tempest is one of the most dangerous financial hacking groups
Hackers Using Fake Certificates to Infiltrate Corporate Networks
Fortinet Customers Told to Urgently Patch Remotely Exploitable Vulnerability
Fake antivirus updates used to deploy Cobalt Strike in Ukraine
Advanced 'StripedFly' Malware With 1 Million Infections Shows Similarities to NSA-Linked Tools
Last call for mWISE, the security conference for frontline practitioners.
Microsoft warning: Some files might not be deleted when you reset a Windows PC | ZDNet
Cisco fixes critical bugs in SMB routers, exploits available
U.S Federal Agency Hacked - Attackers Exploited Telerik Vulnerability in IIS Server
Julenisserne Overvåger Brun Bjørn
Flotte Bjørn og Russiske Hackere Mislykkedes i Angreb på Julenisse-Centralen
Hygge Bjørn forårsager Strømafbrydelser i Norge
Hygge Bjørn Bag Stor Phishing Kampagne
BearShare: Revolutionens digitale hjemsted
Hemmelighedsfulde Koala Bjørn Afsløret i Dokumentlæk
GitHub Says Recent Attack Involving Stolen OAuth Tokens Was "Highly Targeted"
WailingCrab Malware Abuse Messaging Protocol for C2 Communications
Mystisk Netværksangreb Lammer Julegavefabrikken
Sandheden bag EucalyptusNet Afsløret: Et Værktøj for Julemagi
CISA adds zero-day bugs in iPhones, Macs, and iPads to its Known Exploited Vulnerabilities catalog
The IBM mainframe: How it runs and why it survives
Redwire developing first commercial space greenhouse | Cybernews
Vast majority of organizations are no longer vulnerable to MOVEit
#CCSE22: The Latest Cybersecurity Workforce Trends
Microsoft code-sign check bypassed to drop Zloader malware
Hackers Exploiting Spring4Shell Vulnerability to Deploy Mirai Botnet Malware
New Attack Alert: Freeze[.]rs Injector Weaponized for XWorm Malware Attacks
Boeing Investigating Ransomware Attack Claims
Ransomware Attacks Cost UK Unis Over £2m
Cybercriminals register .AI domains of trusted brands for malicious activity
Comm100 Chat Service Hacked In A Supply-Chain Attack
Half of Cyber-Attacks Go Unreported
Chinese "Override Panda" Hackers Resurface With New Espionage Attacks
CISA updates zero trust maturity model to provide an easier launch
LoRaWAN's Protocol Stacks: The Forgotten Targets at Risk
Pizza Hut Australia warns 193,000 customers of a data breach
Secure Boot Bypass Flaws Affect Bootloaders of Many Devices Made in Past Decade
Chinese Hackers Launch Covert Espionage Attacks on 24 Cambodian Organizations
Researchers call for UK, EU to heed scientific evaluation of client-side scanning proposals
RTLS Systems Found Vulnerable to MiTM Attacks and Location Tampering
WhatsApp Secret Code Feature Lets Users Set Unique Locked Chat Passwords
Researchers Warn of ReverseRAT Backdoor Targeting Indian Government Agencies
Cyberattack on British telecom Lyca prevented customers from making calls, topping up
What is phishing? Everything you need to know to protect against scam emails - and worse
Almost 100,000 new mobile banking Trojan strains detected in 2021 | ZDNet
Facebook's Create React App builds are breaking today — how to fix
FDCA JuleCTF Challenge 13 and 14 – Write Up Intro -
NSA, Cyber Command nominee says Section 702 is ‘irreplaceable,’ weighs in on other topics
Industry 4.0: CNC Machine Security Risks Part 1
Cyberattack Knocks Thousands Offline in Europe
Organizations Urged to Fix 41 Vulnerabilities Added to CISA’s Catalog of Exploited Flaws
Japanese Space Agency JAXA hacked in summer cyberattack
Alert: New WailingCrab Malware Loader Spreading via Shipping-Themed Emails
Morgan Stanley agrees to $60 million settlement in data breach lawsuit | ZDNet
Hackers exploit WordPress plugin flaw that gives full control of millions of sites
Android Spyware BouldSpy Linked to Iranian Government
End-to-end grocery shopping comes to WhatsApp | Cybernews
Reptile Rootkit employed in attacks against Linux systems in South Korea
Credit card info of 1.8 million people stolen from sports gear sites
D-Link confirms data breach after employee phishing attack
Mustang Panda Hackers Targets Philippines Government Amid South China Sea Tensions
Amid Military Buildup, China Deploys Mustang Panda in the Philippines
Developer sabotages own npm module prompting open-source supply chain security questions
Critical QNAP NAS Zero-Day Bug Exploited to Deliver DeadBolt Ransomware
UK Government Urges Action to Enhance Supply Chain Security
There’s a new way to flip bits in DRAM, and it works against the latest defenses
S3 Ep104: Should hospital ransomware attackers be locked up for life? [Audio + Text]
What is Crowdsourced Threat Intelligence?
Finland Charges Psychotherapy Hacker With Extortion
This Mac ransomware is old but it could still cause you big problems
Microsoft: Update On-Premises Exchange Server Now
Windows Copilot arrives in the fall with Windows 11 23H2
Nordic Choice Hotels hit by Conti ransomware, no ransom demand yet
New Graphiron info-stealer used in attacks against Ukraine
MOVEit Transfer software zero-day actively exploited in the wild
Toronto Public Library services down following weekend cyberattack
F5 fixes BIG-IP auth bypass allowing remote code execution attacks
Critical F5 BIG-IP Flaw Allows Remote Code Execution Attacks
Attackers Exploiting Critical F5 BIG-IP Vulnerability
Alert: F5 Warns of Active Attacks Exploiting BIG-IP Vulnerability
F5 Warns of Critical Remote Code Execution Vulnerability in BIG-IP
Cybersecurity M&A Roundup for First Half of September 2023
Black Basta Ransomware Group Makes $100m Since 2022
Cyber insurance claims spiked in first half of 2023 as ransomware attacks surged: report
Cisco Counterfeiter Pleads Guilty to $100m Scheme
Canada bans WeChat, Kaspersky apps on government mobile phones
US passes the Quantum Computing Cybersecurity Preparedness Act – and why not?
Samsung Confirms Data Breach After Hackers Leak Galaxy Source Code
Cisco fixes AnyConnect bug giving Windows SYSTEM privileges
Unauthorized “David Attenborough” AI clone narrates developer’s life, goes viral
Former Ubiquiti employee charged with hacking and extorting company
deBridge Finance crypto platform targeted by Lazarus hackers
Brazilian hackers target Portuguese financial institutions
Four Russians Charged with Dragonfly Attacks on Critical Infrastructure
Searching for AI Tools? Watch Out for Rogue Sites Distributing RedLine Malware
Hackers stealing Steam accounts in Browser-in-the-Browser attacks
New Flaws in TPM 2.0 Library Pose Threat to Billions of IoT and Enterprises Devices
Microsoft sheds light on a year of Russian hybrid warfare in Ukraine
How Hackers Phish for Your Users' Credentials and Sell Them
Log4j RCE activity began on December 1 as botnets start using vulnerability | ZDNet
Notepad++ Input Validation Flaws Leads to uncontrolled Search Path Vulnerability
Hungry for AI? New supercomputer contains 16 dinner-plate-size chips
CISA adds TP-Link, Apache, and Oracle bugs to its Known Exploited Vulnerabilities catalog
Hackers Can Bypass Fingerprint Locks On Phones With BrutePrint Attack
FCC proposes $45 million fine for health insurance robocaller
Chrome Security Update: 15 Critical Vulnerabilities Fixed, Over $60,000 Rewarded
Almost two million affected by data company Zeroed-In Technologies breach
S3 Ep71: VMware escapes, PHP holes, WP plugin woes, and scary scams [Podcast + Transcript]
BlackSuit Ransomware Attacks Windows and Linux Users
8-Point Security Checklist For Your Storage & Backups - 2024
Stolen GitHub Credentials Used to Push Fake Dependabot Commits
Wireshark 4.0.8 Released - What's New!
Crook sentenced to 18 months for stealing $20M in SIM swapping attack
Threat actors actively exploit Control Web Panel RCE following PoC release
Apple finally adds encryption to iCloud backups
CREST publishes guide for enhancing cyber resilience in developing countries
Why and how to create corporate genAI policies
Open-source repositories flooded by 144,000 phishing packages
Google Play Store File Manager App Drops Android Malware To Attack Android Users
LofyGang Cybercrime Group Used 200 Malicious NPM Packages for Supply Chain Attacks
Critical Flaws in AMI MegaRAC BMC Software Expose Servers to Remote Attacks
Hundreds of malicious Python packages found stealing sensitive data
Introducing AI-guided Remediation for IaC Security / KICS
GitHub repos bombarded by info-stealing commits masked as Dependabot
A Data Exfiltration Attack Scenario: The Porsche Experience
Malicious NuGet Package Targeting .NET Developers with SeroXen RAT
Open-source supply chain attacks expand to the banking sector
Zenly App Vulnerabilities Could Allow Account Takeover
Stealthy, Thieving Python Packages Slither Onto Windows Systems
Thousands of Code Packages Vulnerable to Repojacking Attacks
Threat Actor Phishing PyPI Users Identified
Potential Backdoor in Gigabyte PCs Exposes Supply Chain Risks
GCHQ reveals British government was hacked by foreign cyber spies 20 years ago
Dental Care Data Breach May Impact 1 Million Texans
Beware, Developers: BlazeStealer Malware Discovered in Python Packages on PyPI
A flaw in Amazon Ring could expose user’s camera recordings
Tao Thomsen and the effort to back up what makes Ukraine uniquely Ukrainian
Time to update: Google Chrome browser patches high-severity security flaw
GCHQ Updates Security Guidance for Boards
Experts spotted a new variant of UpdateAgent macOS malware dropper written in Swift
CI/CD Risks: Protecting Your Software Development Pipelines
Louisiana authorities investigating ransomware attack on city of Alexandria
Highly invasive backdoor snuck into open source packages targets developers
Telegram, AWS, and Alibaba Cloud Users Targeted in Latest Supply Chain Attack
Apple patches new zero-day exploited to hack iPhones, iPads, Macs
Norwegian Giant Tomra Suffers “Extensive” Attack
China-linked APT group VANGUARD PANDA uses a new tradecraft in recent attacks
Beastmode Mirai botnet now includes exploits for Totolink routers
UK NHS suffers outage after cyberattack on managed service provider
Microsoft Teams Targeted in Midnight Blizzard Phishing Attacks
Chinese hackers create Linux version of the SideWalk Windows malware
New Android Malware on Google Play Installed Over 620,000 Times
Fifth of ICS Bugs Have No Patch Available
Huawei, Vivo phones tag Google app as TrojanSMS-PA malware
Conti, DeadBolt Target Delta, QNAP
Meta is launching tests to create money-making opportunities in the metaverse | CyberNews
Hackers use Binance Smart Chain contracts to store malicious scripts
CISOs to face new budget hurdles in 2023 as economic anxiety lingers
Hackers leak 190GB of alleged Samsung data, source code
Fronton IOT Botnet Packs Disinformation Punch
Hackers use VPN provider's code certificate to sign malware
Global advertising giant Omnicom suffers 'suspicious' IT incident
How one group of 'fellas' is winning the meme war in support of Ukraine
Apple spits at Facebook, Google and, oh, the whole internet really | ZDNet
Money Message ransomware gang claims MSI breach, demands $4 million
Experts warn of ransomware attacks against government organizations of small states
Burger King forgets to put a password on their systems, again
SpinOne adds new capabilities to secure SaaS applications and data
Critical Security Flaw in Social Login Plugin for WordPress Exposes Users' Accounts
How Network Detection & Response (NDR) Technology is Used Against Cyber Threats
Without Conti on the Scene, LockBit 2.0 Leads Ransomware Attacks
Malicious file analysis – Example 01
Cloudflare sees surge in hyper-volumetric HTTP DDoS attacks
2022 Top Five Immediate Threats in Geopolitical Context
Multi-Continental Operation Leads to Arrest of Cybercrime Gang Leader
Scams Now Make Up 75% of Cyber-Threats
NSA-linked Bvp47 Linux backdoor widely undetected for 10 years
25 Major Car Brands Get Failing Marks From Mozilla for Security and Privacy
The Week in Ransomware - November 11th 2022 - LockBit feeling the heat
New Mélofée Linux malware linked to Chinese APT groups
Kansas courts closed, electronic systems down after alleged ransomware attack
House Democrats propose major funding increase for CISA
Patch Now: 2 Apple Zero-Days Exploited in Wild
Outdated IoT healthcare devices pose major security threats
Pro-Ukraine hackers leak Russian data in hopes someone will make sense of it
'Operation Jacana' Reveals DinodasRAT Custom Backdoor
Cloudflare DDoS Protection Flaws Allowed Security Bypass Via Cloudflare
New HijackLoader Modular Malware Loader Making Waves in the Cybercrime World
Henry Schein data breach: banking details exposed
Tech Titans Promise Watermarks to Expose AI Creations
CISA Publishes Plan to Enhance Open Source Security
Cybersecurity M&A Roundup: 37 Deals Announced in April 2022
Hacking campaign targets sites using WordPress WooCommerce Payments Plugin
Microsoft force-migrating Windows Mail & Calendar apps to Outlook app in August
US Charges Russian Hackers Over Infamous Triton, Havex Cyberattacks on Energy Sector
Royal Ransom Demands Exceed $275M, Rebrand in Offing
Kinsing Actors Exploiting Recent Linux Flaw to Breach Cloud Environments
Microsoft Addresses 3 Zero-Days & 3 Critical Bugs for March Patch Tuesday
Ransomware attack on Ohio city impacts multiple services
Blockchain engineers’ Macs are targets of North Korea-linked malware
China-Linked 'Redfly' Group Targeted Power Grid
Cisco Meeting Server Flaw Let Attacker Trigger a DoS Attack
UK and US sanction 11 Russians connected to notorious Trickbot group
Okta Reveals Breach Via Stolen Credential
Beware: Fake Exploit for WinRAR Vulnerability on GitHub Infects Users with VenomRAT
'Long Live Log4Shell': CVE-2021-44228 Not Dead Yet
US and Japan Warn of Chinese Router Attacks
3CX makes progress restoring Windows app from state-linked supply chain attack
FTC denies blame for Xbox plans leaked in unredacted filing
Meta faces EU ban on Facebook, Instagram targeted advertising
Curve Finance suffers second crypto cyberattack
Dallas: Royal ransomware gang infiltrated networks weeks before striking
Upstate New York nonprofit hospitals still facing issues after LockBit ransomware attack
Montana Becomes First US State to Pass TikTok Ban
Best VPNs for small and home-based businesses in 2021 | ZDNet
Binance's Smart Chain Exploited in New 'EtherHiding' Malware Campaign
Patch Now: APTs Continue to Pummel WinRAR Bug
Russia-linked attackers hit UK Ministry of Defence, leak stolen data
MOVEit Hackers Turn to SysAid Servers Zero-Day Vulnerability
Major Phishing-as-a-Service Syndicate 'BulletProofLink' Dismantled by Malaysian Authorities
Apple emergency update fixes new zero-day used to hack iPhones
S3 Ep103: Scammers in the Slammer (and other stories) [Audio + Text]
What to consider when choosing cybersecurity providers
Hatch Bank discloses data breach after GoAnywhere MFT hack
Victims reported $2.7 billion in social media scam losses since 2021: FTC
Iranian Cyberspies Deployed New Backdoor to 34 Organizations
Hackers breach healthcare orgs via ScreenConnect remote access
CISA Warns Of PaperCut Print Software Vulnerabilities Under Attack
MOVEit mass exploit timeline: How the file-transfer service attacks entangled victims
Ransomware Attack Wipes Out Four Months of Sri Lankan Government Data
Millions of Java Apps Remain Vulnerable to Log4Shell
Facebook Messenger phishing wave targets 100K business accounts per week
CISA shares vulnerabilities, misconfigs used by ransomware gangs
Malicious Android Apps Sold For Up to $20,000 on Darknet
Zero-Day Alert: Lace Tempest Exploits SysAid IT Support Software Vulnerability
DarkHotel APT Targets Wynn, Macao Hotels to Rip Off Guest Data
QNAP warns of critical command injection flaws in QTS OS, apps
LockBit ransomware gang now also claims City of Oakland breach
D.C. Board of Elections: Hackers may have breached entire voter roll
CISA Warns of Flaws in Siemens, GE Digital, and Contec Industrial Control Systems
Stealc Malware Steals Passwords & Credit Cards From Chrome & Firefox
Supershell - Open-Source Botnet That Obtain SSH Shell Access
Magento stores targeted in massive surge of TrojanOrders attacks
Microsoft Patches Two Zero Days This Month
Threat Actors Leverage File-Sharing Service and Reverse Proxies for Credential Harvesting
CISA added 9 new flaws to the Known Exploited Vulnerabilities Catalog, including Magento e Chrome bugs
Firmware attack can drop persistent malware in hidden SSD area
Burp Suite 2023.10.3.4 Released for Professional & Community - What's New!
Hacker says hijacking libraries, stealing AWS keys was ethical research
US Government Has Three Weeks to Patch Cyclops Blink Bug
14 Suspected Cybercriminals Arrested Across Africa in Coordinated Crackdown
Bandit Malware Attacks 17 Browsers, FTP & Email Clients to Steal Credentials
Montana Signs Ban on TikTok Usage on Personal Devices
Intel investigating leak of Intel Boot Guard private keys after MSI breach
Microsoft fixes Secure Boot zero-day used by BlackLotus UEFI malware
EnemyBot Malware Targets Web Servers, CMS Tools and Android OS
5.4 million Twitter users' stolen data leaked online — more shared privately
Privacy watchdog chair Sharon Bradford Franklin on the fraught surveillance renewal debate
Fraud researchers impersonated on X to push crypto-stealing sites
Former Ubiquiti employee gets 6 years in jail for stealing confidential data and extorting company
Over 12,000 Computers Compromised by Info Stealers Linked to Users of Cybercrime Forums
Atlassian warns of exploit for Confluence data wiping bug, get patching
Okta names Sitel in Lapsus$ security incident impacting up to 366 customers | ZDNet
Microsoft shares details for a Gatekeeper Bypass bug in Apple macOS
Your end-users are reusing passwords – that’s a big problem
Nearly 70% of FortiGate Firewalls are vulnerable to new bug, experts say
Terminator antivirus killer is a vulnerable Windows driver in disguise
Cyberattacks pivot from large health systems to smaller hospitals, specialty clinics
Kyocera AVX says ransomware attack impacted 39,000 individuals
Building automation giant Johnson Controls hit by ransomware attack
Home
Blog
Dashboard
Feeds
Articles
Search
Overview
Topics
Assistant
Login
Home
Blog
Dashboard
Feeds
Articles
Search
Overview
Topics
Assistant
Login
Qubitstrike attacks rootkit Jupyter Linux servers to steal credentials
CISOs are struggling to get cybersecurity budgets: Report
SANS Survey Shows Drop in 2023 ICS/OT Security Budgets
Data Theft Overtakes Ransomware as Top Concern for IT Decision Makers
Stealthy APT Gelsemium Seen Targeting Southeast Asian Government
Threat Report: The High Tech Industry Targeted the Most with 46% of NLX-Tagged Attack Traffic
Ex-NSA Employee Pleads Guilty to Leaking Classified Data to Russia
New GoldDigger Android Trojan Drains Victim Bank Accounts
Johnson Controls Hit by Ransomware
Expensive Investigations Drive Surging Data Breach Costs
Police Issue “Quishing” Email Warning
Fresh Wave of Malicious npm Packages Threaten Kubernetes Configs and SSH Keys
Microsoft Edge is testing a new video translation feature
New 'Looney Tunables' Linux bug gives root on major distros
Estes reports cyberattack caused ongoing tech outage
Supply Chain Attackers Escalate With GitHub Dependabot Impersonation
Why Small Businesses Need a Malware Sandbox ? - Top 3 Reasons in 2023
Warning: Unpatched Cisco Zero-Day Vulnerability Actively Targeted in the Wild
GoldDigger Android Trojan Targets Banking Apps in Asia Pacific Countries
Microsoft Edge is losing tablet-friendly "Web Select" feature
Looney Tunables: New Linux Flaw Enables Privilege Escalation on Major Distributions
China's Offensive Cyber Operations in Africa Support Soft Power Efforts
ChatGPT “not a reliable” tool for detecting vulnerabilities in developed code
AuditBoard adds new AI and analytics capabilities for risk and compliance
China Poised to Disrupt US Critical Infrastructure with Cyber-Attacks,
MGM Resorts' Systems Restored After 10-Days Following Ransomware Attack
Google ads push malicious CPU-Z app from fake Windows news site
Google TAG Detects State-Backed Threat Actors Exploiting WinRAR Flaw
Half of Cybersecurity Professionals Report Increase in Cyber-Attacks
libcue Library Flaw Opens GNOME Linux Systems Vulnerable to RCE Attacks
Hacker Group GhostSec Unveils New Generation Ransomware Implant
Google Given Max Severity Score for lipwebp Zero-day Exploited in Wild
American Family Insurance confirms cyberattack is behind IT outages
Researchers Uncover Malware Posing as WordPress Caching Plugin
French Cybercriminal Pleads Guilty for Hacking Corporate Data
New ZeroFont phishing tricks Outlook into showing fake AV-scans
‘War has no rules’: Hacktivists scorn Red Cross’ new guidelines
Russian Zero-Day Acquisition Firm Offers $20 Million for Android, iOS Exploits
What is ransomware? Everything you need to know and how to reduce your risk
Police arrests Ragnar Locker ransomware developer in France
Qakbot hackers now pushing Cyclops/Ransom Knight ransomware, Cisco says
D-Link Confirms Data Breach: Employee Falls Victim to Phishing Attack
UN Chief Appoints 39-Member Panel to Advise on International Governance of Artificial Intelligence
Lyca Mobile investigates customer data leak after cyberattack
Android Banking Trojan Zanubis Evolves to Target Peruvian Users
Eureka: With GPT-4 overseeing training, robots can learn much faster
Authorities Seized RagnarLocker Ransomware Dark Web Site
Cybercriminals Using New ASMCrypt Malware Loader Flying Under the Radar
Hackers use malicious 404 error pages to steal credit cards
Over 10,000 Cisco devices hacked in IOS XE zero-day attacks
Fake Bitwarden sites push new ZenRAT password-stealing malware
Addressing the People Problem in Cybersecurity
MGM Resorts Refused to Pay Hackers’ Ransom Demand in Cyberattack
Microsoft Patch Tuesday Haunted by Zero-Days, Wormable Bug
Motel One Discloses Ransomware Attack Impacting Customer Data
C-suite leaders to boost cybersecurity compliance amid SEC disclosure rule: Deloitte
European Police Hackathon Hunts Down Traffickers
Simpson Manufacturing shuts down IT systems after cyberattack
Incomplete disclosures by Apple and Google create “huge blindspot” for 0-day hunters
CyberEPQ Course Triples Student Intake for the Coming Year
Okta Support System Hacked, Sensitive Customer Data Stolen
'Gold Melody' Access Broker Plays on Unpatched Servers' Strings
CISA working on updated National Cyber Incident Response Plan
Florida court pauses many proceedings following cyberattack
Hackers Shifting Towards Non-Executable .txt & .log Files to Deliver Malware
New Jupyter Infostealer Version Emerges with Sophisticated Stealth Tactics
Google, Yahoo announce new email authentication requirements for 2024
New WordPress backdoor creates rogue admin to hijack websites
Titan File Transfer Server Flaws Let Attackers Execute Remote Code
iLeakage - New Attack Let Hackers Steal Emails, Passwords On Apple Safari
“Catastrophic” AI harms among warnings in declaration signed by 28 nations
A Primer on Cyber Risk Acceptance and What it Means to Your Business
Simple Membership Plugin Flaws Expose WordPress Sites
Federal judge issues injunction limiting officials’ ability to control disinformation
India targets Microsoft, Amazon tech support scammers in nationwide crackdown
Iranian Hackers Launches Destructive Cyberattacks on Israeli Tech and Education Sectors
Qualcomm Releases Patch for 3 new Zero-Days Under Active Exploitation
Exploit released for Microsoft SharePoint Server auth bypass flaw
Apple Releases iOS 16 Update to Patch Exploited Vulnerability
CISA urges use of memory safe code in software development
Data Breach at Singapore’s Marina Bay Sands Affects 665,000 Customers
MGM Resorts Computers Back Up After 10 Days as Analysts Eye Effects of Casino Cyberattacks
#CyberMonth: Google Makes Passkeys Default Sign-In Option
$200 Million in Cryptocurrency Stolen in Mixin Network Hack
New BBTok Banking Malware Server-Side Software Generates Victim-Specific Payload
Trend Micro fixes endpoint protection zero-day used in attacks
Leading CISO Creates Model for Ransomware Payment Decisions
DarkGate Opens Organizations for Attack via Skype, Teams
Watch Out For These Backdoored Android TV Boxes Already Available
“Project Volterra” review: Microsoft’s $600 Arm PC that almost doesn’t suck
Mandiant Intelligence Chief Raises Alarm Over China's 'Volt Typhoon' Hackers in US Critical Infrastructure
BianLian extortion group claims recent Air Canada breach
Cyber venture capital funding on pace to hit four-year low
CISA Kicks Off Cybersecurity Awareness Month With New Program
Qualcomm Sys Hackers Actively Exploit 3 new Zero-Days - Patch Now
NIST Publishes Final Version of 800-82r3 OT Security Guide
SIM Box Fraud to Drive 700% Surge in Roaming Scams
Windows 11 ‘Moment 4’ update released, here are the many new features
Kinsing Cyberattackers Debut 'Looney Tunables' Cloud Exploits
People are speaking with ChatGPT for hours, bringing 2013’s Her closer to reality
Lost and Stolen Devices: A Gateway to Data Breaches and Leaks
OpenAI’s new AI image generator pushes the limits in detail and prompt fidelity
Microsoft: Human-operated ransomware attacks tripled over past year
California Law Restricting Companies' Use of Information From Kids Online Is Halted by Federal Judge
Exela Stealer Attacking Discord Users to Steal Login Credentials
White House rolls out zero trust strategy for federal agencies | ZDNet
1Password Detects Suspicious Activity Following Okta Support Breach
Q&A: UK Ambassador on Creating New Cybersecurity Agencies Around the World
Fake Ledger Live app in Microsoft Store steals $768,000 in crypto
GitHub passkeys generally available for passwordless sign-ins
Critical Flaw in NextGen's Mirth Connect Could Expose Healthcare Data
Microsoft Blames Nation-State Threat Actor for Confluence Zero-Day Attacks
North Korean hackers exploit known bug in ‘high-profile’ software vendor
Jony Ive and OpenAI’s Altman reportedly collaborating on mysterious AI device
China-Linked Budworm Targeting Middle Eastern Telco and Asian Government Agencies
Meta launches consumer AI chatbots with celebrity avatars in its social apps
AWS bets on accuracy in generative AI deployment race
CISA Unveils New HBOM Framework to Track Hardware Components
Qakbot Gang Still Active Despite FBI Takedown
Ragnar Locker Ransomware Boss Arrested in Paris
Cloudflare Observed The Peak DDOS Attack of 201 Million HTTP Requests Per Second
In Chernihiv, a project preserving the past — with technology of the future
US Treasury inks cybersecurity agreement with United Arab Emirates
Chrome Flags Third Zero-Day This Month That's Tied to Spying Exploits
T-Mobile denies rumors of a breach affecting employee data
Ragnar Locker ransomware site taken down by FBI, Europol
APIs: Unveiling the Silent Killer of Cyber Security Risk Across Industries
Octo Tempest Group Threatens Physical Violence as Social Engineering Tactic
Qubitstrike Targets Jupyter Notebooks with Crypto Mining and Rootkit Campaign
Half of Small Businesses Hit by Cyber-Attack Over the Past Year
Vanta bakes generative AI into core security and compliance product
Unpatched Vulnerabilities Expose Yifan Industrial Routers to Attacks
Amazon sends Mastercard, Google Play gift card order emails by mistake
Hong Kong crypto business Mixin says hackers stole $200 million in assets
India raids tech-support fraud compounds after tip from Amazon, Microsoft
Chinese Hackers TAG-74 Targets South Korean Organizations in a Multi-Year Campaign
Top Dutch cyber official Hans de Vries on cyber defense in times of war
Red Cross releases ethical guidelines for hacktivists in war
Cybersecurity Awareness Month Celebrates 20 Years
New Magecart Campaign Alters 404 Error Pages to Steal Shoppers' Credit Cards
Government Shutdown Poised to Stress Nation's Cybersecurity Supply Chain
Citrix Devices Under Attack: NetScaler Flaw Exploited to Capture User Credentials
SAP Patches for XSS, Log Injection & Other Vulnerabilities
Millions of Exim mail servers exposed to zero-day RCE attacks
Nigerian Police dismantle cybercrime recruitment, mentoring hub
Coalition to give NGOs free access to cybersecurity services to protect against attacks
FBI Warns of Dual Ransomware Attacks and Data Destruction Trends
Google Cloud Chronicle Security Unifies SOAR and SIEM Solutions
Google and Yahoo say they will crack down on spam with new measures
CISA: Agencies seeing steep decrease in known exploited vulnerabilities on federal networks
Microsoft overhauls cyber strategy to finally embrace security by default
Thales Acquired Cyber Security Company Imperva in a $3.6 Billion Deal
Researchers Find Malicious npm Packages Targeting Sensitive Data
Middle East telcos targeted by new malware with suspected nation-state backing
Qualcomm Patches 3 Zero-Days Reported by Google
Cyber-Attacks on Ukraine Surge 123%, But Success Rates Plummet
Philadelphia: Hackers spent three months accessing city gov’t email accounts
Google is retiring its Gmail Basic HTML view in January 2024
New Admin Takeover Vulnerability Exposed in Synology's DiskStation Manager
Microsoft Warns of Cyber Attacks Attempting to Breach Cloud via SQL Server Instance
Ex-Navy IT head gets 5 years for selling people’s data on darkweb
Firefox, Chrome Updates Patch High-Severity Vulnerabilities
Head of US Cybersecurity Agency Sees Progress on Election Security, With More Work Needed for 2024
China APT Cracks Cisco Firmware in Attacks Against the US and Japan
Attacks on EMEA Financial Services Double in a Year
Developers can’t seem to stop exposing credentials in publicly accessible code
Operation Behind Predator Mobile Spyware Is 'Industrial Scale'
Crypto firm Nansen asks users to reset passwords after vendor breach
Microsoft Defender Thwarts Large-Scale Akira Ransomware Attack
Nigerian Pleads Guilty in US to Million-Dollar BEC Scheme Role
Pro-Ukraine group says it took down Trigona ransomware website
New Supermicro BMC Vulnerabilities Could Expose Many Servers to Remote Attacks
Arm warns of Mali GPU flaws likely exploited in targeted attacks
Gone in 130 seconds: New Tesla hack gives thieves their own personal key
Too Rich To Ransomware? MGM Brushes Off $100M in Losses
Microsoft Warns of North Korean Attacks Exploiting JetBrains TeamCity Flaw
Critical OAuth Flaws Uncovered in Grammarly, Vidio, and Bukalapak Platforms
AI Adoption Surges But Security Awareness Lags Behind
Cloudflare DDoS protections ironically bypassed using Cloudflare
Cyberattacks in Arizona, Missouri limit access to community services
New Trojan ZenRAT masquerades as Bitwarden password manager
Spy Trojan SpyNote Unveiled in Attacks on Gamers
CISA Warns of Old JBoss RichFaces Vulnerability Being Exploited in Attacks
Russian flight booking system suffers ‘massive’ cyberattack
Firefox 118 Released With the Fix for 6 High-Severity Vulnerabilities
Fake WinRAR proof-of-concept exploit drops VenomRAT malware
Chrome 118 Patches 20 Vulnerabilities
Arm patches bugs in Mali GPUs that affect Android phones and Chromebooks
Microsoft Azure Developers Awash in PII-Stealing npm Packages
Apple and Chrome Zero-Days Exploited to Hack Egyptian ex-MP with Predator Spyware
Palo Alto Networks updates Prisma Cloud with integrated cloud security
Nearly 100,000 Industrial Control Systems Exposed to the Internet
BORN Ontario child registry data breach affects 3.4 million people
GitLab urges users to install security updates for critical pipeline flaw
US Government Proposes SBOM Rules for Contractors
Elusive Sandman APT Targets Telecom Giants With LuaJIT Toolkit
CapraRAT Android Malware Hijack Android Phones Mimicking YouTube App
#mWISE: Why Zero Days Are Set for Highest Year on Record
Turla Updates Kazuar Backdoor with Advanced Anti-Analysis to Evade Detection
Apple Issues Emergency Patches for More Zero-Days
Threat actors claim to have compromised MGM Resorts’ Okta environment
Revisiting 16shop Phishing Kit, Trend-Interpol Partnership
NATO official: Alliance needs to consider 'a more structural cooperation' with Microsoft, Google
Former US Cyber Director Inglis on Israel, Russia and ONCD’s future
Okta says its support system was breached using stolen credentials
Cloudflare Dashboard and APIs down after data center power outage
Hackers Earn $400k on First Day at Pwn2Own Toronto 2023
High-Severity Flaws in ConnectedIO's 3G/4G Routers Raise Concerns for IoT Security
D-Link Hacked: Hackers Steal Source Code and Customer Personal Information
Hackers Use ZeroFont Phishing To Target Microsoft Outlook Users
How to Keep Your Business Running in a Contested Environment
Iranian Crambus Actors Modify Windows Firewall Rules To Enable Remote Access
Generative AI could erode customer trust, half of business leaders say
City of Philadelphia discloses data breach after five months
Internet-Wide Zero-Day Bug Fuels Largest-Ever DDoS Event
Pentagon moves closer to picking leader for top cyber job
European Telecommunications Standards Institute Discloses Data Breach
SASE Firm Cato Networks Raises $238 Million at $3 Billion Valuation
New CVSS 4.0 vulnerability severity rating standard released
Microsoft, American Express most spoofed brands in financial services phishing emails
UK appoints Neal-Hopes as commander of National Cyber Force
Critical, Unpatched Cisco Zero-Day Bug Is Under Active Exploit
China's Malicious Cyber Activity Informing War Preparations, Pentagon
AWS kicks off cloud race to mandate MFA by default
TetrisPhantom: Cyber Espionage via Secure USBs Targets APAC Governments
Dangerous privilege escalation bugs found in Linux package manager Snap
Aviation sector organization hit by exploit of CVE duo
UK logistics firm blames ransomware attack for insolvency, 730 redundancies
Hacktivists take sides in Israel-Palestinian war
AI language models can exceed PNG and FLAC in lossless compression, says study
ShadowSyndicate hackers linked to multiple ransomware ops, 85 servers
Microsoft October 2023 Patch Tuesday fixes 3 zero-days, 104 flaws
CrowdStrike to Acquire Cloud-Native App Security Startup Bionic for $350 Million
Google to bolster phishing and malware delivery defenses in 2024
Cisco Zero-Day Exploited to Implant Malicious Lua Backdoor on Thousands of Devices
QNAP Releases Patch for 2 Critical Flaws Threatening Your NAS Devices
British government quietly sacks entire board of independent AI advisers
CISA furloughs will cut deep if government shuts down
Russian hackers target Ukrainian government systems involved in war crimes investigations
OriginBotnet Attack Windows Machine Using Weaponized Word Document
Rockwell Automation Acquires ICS/OT Security Firm Verve Industrial
Business-oriented threat involving ‘several types of malware all at once’ remains active
Nation-state Hackers Exploiting Confluence Zero-day Vulnerability
Immersive Labs adds custom 'workforce exercising' for each organizational role
Microsoft Breach Exposed 60,000 State Department Emails
Number of Internet-Exposed ICS Drops Below 100,000: Report
IT Admins Set Admin Portal Passwords to ‘admin’ - Almost 40,000 Entries Found
Large Michigan healthcare provider confirms ransomware attack
CISA and NFL Collaborate to Secure Super Bowl LVIII
Intel fixes high-severity CPU bug that causes “very strange behavior”
GPUs from all major suppliers are vulnerable to new pixel-stealing attack
LightSpy iPhone Spyware Linked to Chinese APT41 Group
Maltego’s New SSL Certificate Spotter to Detect Suspicious Certificate
Generative AI Startup Nexusflow Raises $10.6 Million
Ukrainian Hacker Suspected to be Behind "Free Download Manager" Malware Attack
Windows 11's new ‘Never Combine’ icons feature is almost usable
Atlassian Confluence Hit by Newly Actively Exploited Zero-Day – Patch Now
Deep Instinct goes deeper with 'preventive' storage protection
AI Security Firm Cranium Raises $25 Million
#mWISE: US to Implement Game-Changing Cyber Mandates on Medical Device
Spyware was used against Catalan targets and UK prime minister and Foreign Office
US Government Releases Anti-Phishing Guidance
BunnyLoader Malware Targets Browsers and Cryptocurrency
Iranian APT Group OilRig Using New Menorah Malware for Covert Operations
Windows 11 KB5030310 update adds recommended websites, fixes 24 issues
ToddyCat hackers use 'disposable' malware to target Asian telecoms
NCSC Launches Cyber Incident Exercise Scheme
Critical Infrastructure Organizations Warned of Snatch Ransomware Attacks
Failure to verify OAuth tokens enables account takeover on websites
Papercut Print Manager Flaw Let Attackers Perform Sophisticated Attacks
Cybersecurity M&A Roundup for First Half of October 2023
FAIR Institute wants to quantify just how much a cyberattack costs
Critical updates for Microsoft Office and Visual Studio drive September's Patch Tuesday
Almost US 900 Schools Breached Via MOVEit
Enhancing your application security program with continuous monitoring
UK National Cyber Force operations to become ‘more embedded’ with policing
Signal Messenger Introduces PQXDH Quantum-Resistant Encryption
Thanks to AI, the future of programming may involve YELLING IN ALL CAPS
Twistlock Founders Score Whopping $51M Seed Funding for Gutsy
Critical MQTT-Related Bugs Open Industrial Networks to RCE Via Moxa
SolarWinds Access Rights Manager Flaw Let Attackers Execute Remote Code
Curl Bug Hype Fizzles After Patching Reveal
Lacework adds multiple extensions to its multicloud security platform
Insider risks are getting increasingly costly
Apple Emergency Update for New Zero-Day Used to Hack iPhones
Live Exploitation Underscores Urgency to Patch Critical WS-FTP Server Flaw
So far, AI hasn’t been profitable for Big Tech
Exim SMTP Service Zero-day Flaw Let Attackers Execute Remote Code
Cisco’s big bet on Splunk accelerates market shifts