Navigate
Home
Blog
Dashboard
Feeds
Articles
Search
Overview
Topics
Assistant
Home
Blog
Dashboard
Feeds
Articles
Search
Overview
Topics
Assistant
Login
Cybersecurity M&A Roundup: 37 Deals Announced in April 2022
Mystisk Netværksangreb Lammer Julegavefabrikken
Exclu Shutdown Underscores Outsized Role Messaging Apps Play in Cybercrime
Court rules that data scraping is legal in LinkedIn appeal | ZDNet
DeFi platform Qubit Finance begs hacker to return $80 million in stolen funds | ZDNet
Hemmelighedsfulde Koala Bjørn Afsløret i Dokumentlæk
Bolsters Raises $15M to Tackle Fakes and Frauds
Researchers Find New Android Spyware Campaign Targeting Uyghur Community
LOLBAS in the Wild: 11 Living-Off-The-Land Binaries Used for Malicious Purposes
DraftKings Account Takeovers Frame Sports-Betting Cybersecurity Dilemma
Too many default 'admin1234' passwords increase risk for industrial systems, research finds
Julenisserne Overvåger Brun Bjørn
Hygge Bjørn forårsager Strømafbrydelser i Norge
Hygge Bjørn Bag Stor Phishing Kampagne
Flotte Bjørn og Russiske Hackere Mislykkedes i Angreb på Julenisse-Centralen
BearShare: Revolutionens digitale hjemsted
When Being Attractive Gets Risky - How Does Your Attack Surface Look to an Attacker?
Sandheden bag EucalyptusNet Afsløret: Et Værktøj for Julemagi
UK and South Korea: Hackers use zero-day in supply-chain attack
Vietnamese Cybercriminals Targeting Facebook Business Accounts with Malvertising
Microsoft starts testing new Windows 11 Energy Saver feature
Python Package Index Targeted Again By VMConnect
Anonymous: Operation Russia after 100 days of war
Microsoft Launches Bug Bounty Program For AI Bing Across All Products
Google Smart Lock: The complete guide
FBI Says North Korean Hackers Behind $100 Million Horizon Bridge Crypto Theft
Hackers pretending to be Iranian govt use SMS messages to steal credit card info, create botnet | ZDNet
Microsoft shares fix for some Outlook hyperlinks not opening
Silverfort Banks $65 Million for Identity Threat Protection Platform
New Vulnerabilities Found in Adobe ColdFusion
EU data protection authority raises alarm over UN cybercrime treaty negotiations
Microsoft links Clop ransomware gang to MOVEit data-theft attacks
Microsoft fixes Windows 11 bug behind 0x800700b7 provisioning errors
Hackers Attack Administrative Organizations Using PowerMagic and CommonMagic Malware
Experts detailed a previously undetected VMware ESXi backdoor
RSA’s demise from quantum attacks is very much exaggerated, expert says
Utah Becomes Latest US State to Pass a Data Privacy Law
Microsoft: Exchange Server 2013 reaches end of support in April
NCSC Shares Guidance to Help Secure Large Construction Projects
White House wants input on open source security, memory-safe languages
Industry 4.0: CNC Machine Security Risks Part 1
Lazarus Group Exploits Critical Zoho ManageEngine Flaw to Deploy Stealthy QuiteRAT Malware
CISA adds CVE-2022-1388 flaw in F5 BIG-IP to its Known Exploited Vulnerabilities Catalog
Hundreds of Amazon RDS Snapshots Discovered Leaking Users' Data
Beware of cryptominers when torrenting 'Spider-Man: No Way Home' | ZDNet
How to use Tor browser (and why you should)
US Charges Russian Hackers Over Infamous Triton, Havex Cyberattacks on Energy Sector
Researchers Share New Insights Into RIG Exploit Kit Malware's Operations
Sandworm APT targets Ukraine with new SwiftSlicer wiper
Cybersecurity outlook for 2022
Alert: PoC Exploits Released for Citrix and VMware Vulnerabilities
SEC demands four-day disclosure limit for cybersecurity breaches
Cybersecurity Investment and M&A Activity Slowed in Q1, 2023
US recovers $30 million stolen from Axie Infinity by Lazarus hackers
Dental Care Data Breach May Impact 1 Million Texans
U.S. data privacy and security solutions emerging at the federal level
Former Navy IT Manager Sentenced to Prison for Hacking, Selling PII
Zimbra Zero-Day Demands Urgent Manual Update
Enzo Biochem Hit by Ransomware, 2.5 Million Patients' Data Compromised
The Week in Ransomware - January 14th 2022 - Russia finally takes action
Microsoft to stop locking vital security logs behind $57-per-user monthly plan
Windows feature that resets system clocks based on random data is wreaking havoc
FBI: North Korean hackers stole $100 million in Harmony crypto hack
North Korea's Lazarus Group Suspected in $31 Million CoinEx Heist
US government indicts Iranian nationals for ransomware and other cybercrimes
Dutch Police mails RaidForums members to warn they’re being watched
Budworm Hackers Resurface with New Espionage Attacks Aimed at U.S. Organization
Human Error the Leading Cause of Cloud Data Breaches
'Tape or Chewing Gum:' Twitter's Lapses Echo Worldwide
Microsoft disables MSIX protocol handler abused in Emotet attacks
SAP Patches High-Severity NetWeaver Vulnerabilities
Critical flaw fixed in SAP Business One product
CISA added SAP flaw to its Known Exploited Vulnerabilities Catalog
Bug-squashing summer: A month’s worth of 0-day fixes among tech giants
CISA warns admins to patch maximum severity SAP vulnerability
Vietnamese Hackers Deploy Python-Based Stealer via Facebook Messenger
Incomplete disclosures by Apple and Google create “huge blindspot” for 0-day hunters
Several Colombian government ministries hampered by ransomware attack
ORBCOMM ransomware attack causes trucking fleet management outage
OriginBotnet Attack Windows Machine Using Weaponized Word Document
Cybercriminals Using New ASMCrypt Malware Loader Flying Under the Radar
Meta's paid ad-free service targeted in Austrian privacy complaint
Hackers Use Google Ads to Deliver Bumblebee Malware
High-profile summer attacks linked to same aggressive ransomware group
Jericho Security Raises $3 Million for Awareness Training Powered by Generative AI
Tom Tugendhat criticizes fake AI attempts to ‘besmirch’ Keir Starmer and Sadiq Khan
Hilb Group Cyber Attack: 81K people's Personal Information Exposed
Hackers breach healthcare orgs via ScreenConnect remote access
Almost 42K Cisco IOS XE devices exploited, no patch available
QNAP: DeadBolt ransomware exploits a bug patched in December
AvosLocker Ransomware Variant Abuses Driver File to Disable Anti-Virus, Scans for Log4shell
Philadelphia: Hackers spent three months accessing city gov’t email accounts
Apple fixes three new zero-days exploited to hack iPhones, Macs
Leak of MSI UEFI signing keys stokes fears of “doomsday” supply chain attack
8-Point Security Checklist For Your Storage & Backups - 2024
SAP Patches Critical Vulnerability in Business One Product
Guide: How vCISOs, MSPs and MSSPs Can Keep their Customers Safe from Gen AI Risks
Exclusive: Ukraine says joint mission with US derailed Moscow’s cyberattacks
Python Package Index Faces Security Crisis With Validated Leaks
Experts discovered TeslaGun Panel used by TA505 to manage its ServHelper Backdoor
BigID unveils new data risk remediation guidance feature
StripedFly malware framework infects 1 million Windows, Linux hosts
A Closer Look at ChatGPT's Role in Automated Malware Creation
Yes, Containers Are Terrific, But Watch the Security Risks
Veeam Patches Two Critical Bugs in Veeam ONE
AI-generated disinformation a top concern for 2024 elections, Michigan secretary of state says
Ohio city severely disrupted by ransomware attack
Multiple "Nimbuspwn" Vulnerabilities Allowed Linux Privilege Escalation
Council for Scottish islands faces IT outage after ‘incident’
Loda Malware Attack Windows To Control RDP, Spread Malware, And Log User Inputs
New Reptar CPU flaw impacts Intel desktop and server systems
US links Russia to Ukraine DDoS attacks
Hamas-linked APT uses Rust-based SysJoker backdoor against Israel
Trickbot Malware Targeted Customers of 60 High-Profile Companies Since 2020
Spain arrests 34 cybercriminals who stole data of 4 million people
Google: Here comes our 'Open Source Maintenance Crew' | ZDNet
Australian Budget 2022 delivers AU$9.9 billion for spicy cyber
UK alludes to retaliatory cyber-attacks on Russia
Interpol Arrest Leader of SilverTerrier Cybercrime Gang Behind BEC Attacks
Cut Down on Alert Overload and Leverage Layered Security Measures
Flashpoint releases Ignite platform with threat intelligence reports, rule-based alerts
Apple patches zero-day kernel hole and much more – update now!
Open-source Blender project battling DDoS attacks since Saturday
Iranian hackers breach US aviation org via Zoho, Fortinet bugs
The AI race heats up: Google announces PaLM 2, its answer to GPT-4
10 Best IT Systems Management Tools - 2023
Cybersecurity experts raise concerns over EU Cyber Resilience Act’s vulnerability disclosure requirements
SEC official defends new cyber disclosure rule that some lawmakers seek to overturn
Pakistani APT Uses YouTube-Mimicking RAT to Spy on Android Devices
Trojanized Installers Used to Distribute Bumblebee Malware
Lloyd’s of London finds hypothetical cyberattack could cost world economy $3.5 trillion
Police Disrupt Ragnar Locker Ransomware Group
Apple Rushes to Patch 3 New Zero-Day Flaws: iOS, macOS, Safari, and More Vulnerable
Iranian Charming Kitten hackers targeted Israeli organizations in October
Sophisticated APT Clusters Target Southeast Asia
Not patched Log4j yet? Assume attackers are in your network, say CISA and FBI
Industrial and Commercial Bank of China hit by ransomware attack
The Cyber Trust Mark is a voluntary IoT label coming in 2024. What does it mean?
macOS Info-Stealer Malware 'MetaStealer' Targeting Businesses
Unauthorized “David Attenborough” AI clone narrates developer’s life, goes viral
Singapore’s Marina Bay Sands says 665,000 customers had data stolen during cyberattack
Exela Stealer Attacking Discord Users to Steal Login Credentials
Israel allows police to use Pegasus spyware to probe killings of Palestinian citizens
CISA to establish network of regional election advisers for 2024
Qubitstrike Targets Jupyter Notebooks with Crypto Mining and Rootkit Campaign
After Microsoft and X, Hackers Launch DDoS Attack on Telegram
Generative AI could erode customer trust, half of business leaders say
Kubernetes taps Sigstore to thwart open-source software supply chain attacks | ZDNet
N-Able's Take Control Agent Vulnerability Exposes Windows Systems
Thousands of Code Packages Vulnerable to Repojacking Attacks
UK Man Sentenced to 13 Years for Running Multi-Million Fraud Website
Cybersecurity workforce shortage reaches 4 million despite significant recruitment drive
CISA chief 'encouraged' by lack of attacks on midterms
Cyber Skills Gap Reaches 4 Million, Layoffs Hit Security Teams
Microsoft Warns of Fake Skills Assessment Portals Targeting IT Job Seekers
Ex-Ubiquiti Employee Imprisoned For $2m Crypto Extortion Scheme
Ransomware Mastermind Uncovered After Oversharing on Dark Web
APT36 Using Customized Malware to Attack Indian Government Linux and Windows Servers
Revisiting 16shop Phishing Kit, Trend-Interpol Partnership
Ransomware Group RansomedVC Closes Shop
OracleIV: Dockerized Botnet Launches DDoS Attack Against Docker Engine
Microsoft Teams phishing attack pushes DarkGate malware
New Kraken botnet is allowing operators to earn USD 3,000 every month
Ransomedvc to Shutdown Operations, Selling Out Infrastructure
US sanctions Russian who laundered money for Ryuk ransomware affiliate
The strongest data privacy bill this year focused on health. It's already a model for other states.
OpenAI confirms DDoS attacks behind ongoing ChatGPT outages
Tech Industry Leaders Endorse Regulating Artificial Intelligence at Rare Summit in Washington
Developers Warned of Malicious PyPI, NPM, Ruby Packages Targeting Macs
New Samsung data breach impacts UK store customers
Toronto Public Library confirms data stolen in ransomware attack
Cuba Ransomware Gang Continues to Evolve With Dangerous Backdoor
Lock your doors to Kerberos golden ticket attacks
How a Recession Will Affect CISOs?
Rapture, a Ransomware Family With Similarities to Paradise
CISA's Goldstein: Ukrainian response to Viasat hack proves need for redundancy, resilience
City of Philadelphia Releases Cyber-Breach Notice
Probe of school surveillance software finds privacy abuses, inaccurate results
Cybersecurity M&A Roundup for August 1-15, 2022
Boeing systems hit in reported Lockbit cyberattack
MOVEit Campaign Claims Millions More Victims
Campbell Soup says summer cyberattack caused limited business impact
Urgent: VMware Warns of Unpatched Critical Cloud Director Vulnerability
Sam Bankman-Fried convicted of multi-billion dollar FTX fraud
Two Russian Nationals Charged for Masterminding Mt. Gox Crypto Exchange Hack
Discord Adopts Temporary CDN Links To Prevent Malware
Generative AI to fuel stronger phishing campaigns, information operations at scale in 2024
Massive cybercrime URL shortening service uncovered via DNS data
Hackers warn University of Manchester students’ of imminent data leak
Watch Out! Hackers Begin Exploiting Recent Zyxel Firewalls RCE Vulnerability
How Telegram found itself in the middle of the war between Russia and Ukraine
'Looney Tunables' Linux Flaw Sees Snowballing Proof-of-Concept Exploits
North Korean Hackers Use Trojanized 3CX DesktopApp in Supply Chain Attacks
Risks of Sharing Sensitive Corporate data into ChatGPT
VPN sales rocket as Russia clamps down on web access at home | Cybernews
Hundreds of malicious Python packages found stealing sensitive data
Thales to buy app and data security firm Imperva in $3.6 billion deal
Randstorm Exploit: Bitcoin Wallets Created b/w 2011-2015 Vulnerable to Hacking
Social media is drowning in misinformation on the Israel-Hamas conflict
Cryptojacking Attack Patterns Checklist for Administrators and Security Professionals: Microsoft
Microsoft fixes Windows Server VMs broken by October updates
Google Warns How Hackers Could Abuse Calendar Service as a Covert C2 Channel
Cloudflare website downed by DDoS attack claimed by Anonymous Sudan
WP Fastest Cache plugin bug exposes 600K WordPress sites to attacks
Regulator Reveals Large Disparity in APP Fraud Reimbursement
Iran-linked spy APT MuddyWater ratchets up anti-Israel attacks: Report
Webinar: How vCISOs Can Navigating the Complex World of AI and LLM Security
New Research Exposes Airbnb as Breeding Ground For Cybercrime
US cyber insurance claims spike amid ransomware, funds transfer fraud, BEC attacks
PCI Data Security Standard v4.0 Released to Address Emerging Threats
YouTube cracks down on synthetic media with AI disclosure requirement
MySQL servers targeted by 'Ddostf' DDoS-as-a-Service botnet
Phishers Targeted Financial Services Most During H1 2022
How to avoid the Microsoft GitHub goof that exposed 38TB of sensitive employee data
Okta Employee's Use of Personal Google Account Leads to Security Breach
US surprises Nvidia by speeding up new AI chip export ban
Powerful JavaScript Dropper PindOS Distributes Bumblebee and IcedID Malware
California city warns of data breach after ransomware attack claims
Australia’s Casino Giant Crown Resorts disclosed data breach after Clop ransomware attack
MalasLocker Ransomware Attacks Users of Zimbra Servers
Meta Fights Sprawling Chinese 'Spamouflage' Operation
A new Linux flaw can be chained with other two bugs to gain full root privileges
Colombian energy supplier EPM hit by BlackCat ransomware attack
Riot Games Latest Video-Game Maker to Suffer Breach
Iranians hacked US companies, sent ransom demands to printers, indictment says
New Year's Surprise: Cybersecurity M&A, Funding Activity Snowballs in Q4
Researchers Warn of Cyber Attacks Targeting Data Center Providers Globally
Exploit Code Published for Critical-Severity VMware Security Defect
RAT malware campaign tries to evade detection using polyglot files
Twitter Restricts SMS-based 2FA To Twitter Blue Users – Other 2FA Will Work
Palo Alto Networks closely watched ahead of late Friday Q4 report
Cyber assistance bills for agriculture sector gain bipartisan attention in Senate
Security Vulnerability In Dahua IP Cameras Could Allow Device Takeover
UK hacker busted in Spain gets 5 years over Twitter hack and more
Scammers Mimic ChatGPT to Steal Business Credentials
Critical Flaws in PowerShell Gallery Enable Malicious Exploits
Ordr Raises $40 Million to Secure Connected Devices
SolarWinds: Here's how we're building everything around this new cybersecurity strategy | ZDNet
How Water Labbu Exploits Electron-Based Applications
GTA Online bug exploited to ban, corrupt players’ accounts
'Muddled Libra' Uses Oktapus-Related Smishing to Target Outsourcing Firms
NVIDIA releases GPU driver update to fix 29 security flaws
TellYouThePass ransomware joins Apache ActiveMQ RCE attacks
Microsoft Reclassifies SPNEGO Extended Negotiation Security Vulnerability as 'Critical'
Microsoft Azure-Based Kerberos Attacks Crack Open Cloud Accounts
Kaspersky releases a free decryptor for Yanluowang ransomware
Marina Bay Sands Singapore luxury resort breached
DOJ arrests man behind brazen $100 million attack on Mango Markets
Cybersecurity Leaders Spooked by SEC Lawsuit Against SolarWinds CISO
Japan's Nagoya Port Suspends Cargo Operations Following Ransomware Attack
Descope launches authentication and user management SaaS
Hackers Abuse Mitel Devices to Amplify DDoS Attacks by 4 Billion Times
Ransomware Diaries: Undercover with the Leader of Lockbit
'Poisoned' Tor Browser tracks Chinese users' online history, location
WailingCrab Malware Abuse Messaging Protocol for C2 Communications
UK military intelligence team wins Western Europe’s ‘largest cyber warfare exercise’ held in Estonia
Ransomware gangs increase efforts to enlist insiders for attacks
QNAP warns of new crypto-miner targeting its NAS devices
S3 Ep109: How one leaked email password could drain your business [Audio + Transcript]
New Windows updates cause UNSUPPORTED_PROCESSOR blue screens
11 Best Cloud Access Security Broker Software (CASB) - 2023
Will Russian Oil Ban Spur Increased Cyber-Attacks
Alert: New WailingCrab Malware Loader Spreading via Shipping-Themed Emails
Lessons Learned on Ransomware Prevention from the Rackspace Attack
Singapore must clamp down on security inertia before digital banking era can take off | ZDNet
Mystery solved in destructive attack that knocked out >10k Viasat modems
AI Boosts Malware Detection Rates by 70%
Debit card fraud leaves Ally Bank customers, small stores reeling
In Other News: US Hacking China, Unfixed PowerShell Gallery Flaws, Free Train Tickets
New PowerDrop Malware Targeting U.S. Aerospace Industry
Microsoft Confirms Exploitation of Two Exchange Server Zero-Days
U.S. Bank of the West Found a Debit Card Stealing Skimmers on ATMs
U.S. Offers $15 Million Bounty for Leaders of Conti Ransomware Gang
7 Key Findings from the 2022 SaaS Security Survey Report
Minecraft Servers Under Attack: Microsoft Warns About Cross-Platform DDoS Botnet
Russian APT29 Hackers Use DropBox and Google Drive for Hacking
Palo Alto to Acquire Israeli Software Supply Chain Startup
4 ways to secure your remote work setup
Gaps in Azure Service Fabric’s Security Call for User Vigilance
5 Years That Altered the Ransomware Landscape
How Do You Defend Against Software Supply Chain Attacks? - Cyber Security News
FjordPhantom Android Malware Targets Banks With Virtualization
Several Malware Families Using Pay-Per-Install Service to Expand Their Targets
Exfiltrator-22 Post-Exploitation Toolkit Nips At Cobalt Strike's Heels
Chinese gov’t hackers exploiting new Atlassian vulnerability, Microsoft says
Top 6 e-signature software tools
Two flaws in Samsung Galaxy Store can allow to install Apps and execute JS code
Hackers Use CAPTCHA Bypass Techniques to Create Five GitHub Accounts Every Minute
CISA Warns of Critical Vulnerabilities in 3 Industrial Control System Software
URL and DNS Filtering: The Dynamic Web Security Duo
Microsoft Warns About Phishing Attacks by Russia-linked Hackers
Amazon sends Mastercard, Google Play gift card order emails by mistake
WhatsApp Hit with €5.5m fine for GDPR Violations
‘Anomalous’ spyware stealing credentials in industrial firms
North Korea-linked BlueNoroff APT is behind the new RustBucket Mac Malware
Dallas to pay vendors $8.6M for their ransomware recovery services
How Hackers Phish for Your Users' Credentials and Sell Them
Tao Thomsen and the effort to back up what makes Ukraine uniquely Ukrainian
Top 7 Ecommerce Cybersecurity Threats in 2023
Deepfake Digital Identity Fraud Surges Tenfold, Sumsub Report Finds
FBI: Ransomware attacks are piling up the pressure on public services | ZDNet
Two arrested for attacking nuclear warning system | Cybernews
Of Cybercriminals and IP Addresses
Three new MOVEit bugs spur CISA warning as more victims report breaches
Reptile Rootkit employed in attacks against Linux systems in South Korea
US govt: Iranian hackers breached federal agency using Log4Shell exploit
Hackers Using Red Teaming Tools to Connect with C&C Servers
Make API Management Less Scary for Your Organization
'Long Live Log4Shell': CVE-2021-44228 Not Dead Yet
Web Filtering & Compliances for Wi-Fi Providers
Google Uncovers APT41's Use of Open Source GC2 Tool to Target Media and Job Sites
OpenAI admits that AI writing detectors don’t work
Cyber authorities have a plan to defend remote monitoring tools
STOP Ransomware vaccine released to block encryption
Gamaredon hackers target Ukrainian military orgs amid counteroffensive efforts
Adware cleaner apps promoted on Facebook sneaked into the Play Store
Social Blade Confirms Breach After Hacker Offers to Sell User Data
New AD CTS Attack Vector Enables Lateral Movement Between Microsoft tenant
Spyware Company QuaDreams Set to Close
Wireshark 4.0.8 Released - What's New!
High-profile ransomware gang suspects arrested in Ukraine
Europol Dismantles Ragnar Locker Ransomware Infrastructure, Nabs Key Developer
Security Affairs newsletter Round 358 by Pierluigi Paganini
Microsoft found TikTok Android flaw that let hackers hijack accounts
IBM offers integrated security management with QRadar release
Patch Now: 2 Apple Zero-Days Exploited in Wild
Cybercriminals Targeting Law Firms with GootLoader and FakeUpdates Malware
Chinese Hackers Target Building Management Systems
Ransomware attack knocks Rackspace’s Exchange servers offline
Crook sentenced to 18 months for stealing $20M in SIM swapping attack
AdSense fraud campaign relies on 10,890 sites that were infected since September 2022
Ardent Health Ransomware Attack: Multiple Hospitals Affected
CISOs Worried About Personal Liability For Breaches
SMBs Exposed to Attacks by Critical Vulnerability in DrayTek Vigor Routers
Massive Ad Fraud Scheme Targeted Over 11 Million Devices with 1,700 Spoofed Apps
PayPal Used to Send Malicious “Double Spear” Invoices
One Year Later: Log4Shell Remediation Slow, Painful Slog
Ukraine Asks for Hackers’ Help
Hack the Pentagon 3.0 Bug Bounty Program to Focus on Facility Control Systems
Majority of Security Managers Lack Threat Intelligence Skills
UK government announces crackdown on cryptocurrency adverts | ZDNet
UK Prime Minister announces world’s first AI Safety Institute
Malicious PyPI Module Poses as SentinelOne SDK
Statc Stealer, a new sophisticated info-stealing malware
Almost two million affected by data company Zeroed-In Technologies breach
Exploit Code Published for Critical VMware Security Flaw
Magento stores targeted in massive surge of TrojanOrders attacks
New Stealthy Linux Malware Targeting Endpoints & IoT Devices
Ragnar Locker ransomware group breached at least 52 organizations across 10 critical infrastructure sectors
DoppelPaymer ransomware supsects arrested in Germany and Ukraine
GitLab Released Emergency Fix For Critical Vulnerability – Update Now!
Microsoft: Stealthy Flax Typhoon hackers use LOLBins to evade detection
Google Bug Bounty Program Expands to Chrome V8, Google Cloud
US warning: North Korea's tech workers posing as freelance developers | ZDNet
Microsoft now lets you enable the Windows App Installer again, here's how
Healthcare provider Ardent Health Services disclosed a ransomware attack
Critical Vulnerability Found in Ray AI Framework
UK explains likelihood of catastrophic cyberattacks — and its response plans
These cybercriminals plant criminal evidence on human rights defender, lawyer devices | ZDNet
Purchase Scams Surge as Fraud Losses Hit £580m
Serious vulnerabilities in Matrix’s end-to-end encryption are being patched
Windows CE, Microsoft’s stunted middle child, reaches end of support at 26 years
Multiple AudioCodes Desk Phone and Zoom Zero Touch Flaws Enable Remote Attacks
Hackers Use ZeroFont Phishing To Target Microsoft Outlook Users
Android Spyware BouldSpy Linked to Iranian Government
Twitter confirms zero-day used to expose data of 5.4 million accounts
Royal Ransomware Targets US Healthcare
Name That Toon: Vicious Circle
BazarCall to Conti Ransomware via Trickbot and Cobalt Strike
High-speed AI drone beats world-champion racers for the first time
Beware: Malicious Google Ads Trick WinSCP Users into Installing Malware
Strike Security Scores Funding for 'Perpetual Pentesting' for SMBs
Microsoft is testing a built-in crypto wallet in Microsoft Edge
DOJ reverses itself, says good-faith security researchers should be left alone
Adafruit suffers GitHub data breach – don’t let this happen to you
NSA-linked Bvp47 Linux backdoor widely undetected for 10 years
Microsoft Warns of Cyber Attacks Attempting to Breach Cloud via SQL Server Instance
Pennsylvania water facility hit by Iranian hackers
TP-Link Tapo L530E smart bulb flaws allow hackers to steal user passwords
Mystery hackers are “hyperjacking” targets for insidious spying
Chinese hackers backdoor chat app with new Linux, macOS malware
Samsung shows we need an Apple approach to generative AI
Hackers Exploiting Spring4Shell Vulnerability to Deploy Mirai Botnet Malware
S3 Ep82: Bugs, bugs, bugs (and Colonial Pipeline again) [Podcast]
WinRAR flaw enables remote code execution of arbitrary code
Earth Preta Spear-Phishing Governments Worldwide
Highly Sophisticated Dolphin Malware Steals Sensitive Files and Store Them on Google Drive
The Vulnerable Maritime Supply Chain - a Threat to the Global Economy
Fifth of Government Workers Don't Care if Employer is Hacked
Google researchers fount multiple security issues in Intel TDX
Ransomware Deals Deathblow to 157-year-old College
DARPA $20M AI challenge kick off delayed until Dec 11th
Google to launch repository service with security-tested versions of open-source software packages
Top 10 Best Insider Risk Management Platforms - 2023
Researcher Tricks ChatGPT into Building Undetectable Steganography Malware
Microsoft code-sign check bypassed to drop Zloader malware
RTLS Systems Found Vulnerable to MiTM Attacks and Location Tampering
Microsoft brings back January 2022 Windows Server updates
Cops Arrest Suspected Multimillion-Dollar Fraud Mastermind
Police bust ransomware ring behind attacks in 71 countries
Last call for mWISE, the security conference for frontline practitioners.
CISA adds TP-Link, Apache, and Oracle bugs to its Known Exploited Vulnerabilities catalog
Here's a New Tool That Scans Open-Source Repositories for Malicious Packages
Canada bans WeChat and Kaspersky products on govt devices
Japanese Space Agency JAXA hacked in summer cyberattack
WhatsApp Secret Code Feature Lets Users Set Unique Locked Chat Passwords
GitHub Improves Secret Scanning Feature With Expanded Token Validity Checks
Hackers modify online stores’ 404 pages to steal credit cards
U.S. seized 18 web domains used for recruiting money mules
UK Government Urges Action to Enhance Supply Chain Security
Foxconn Confirms Ransomware Hit Factory in Mexico
Ransomware decryption: This tool could help some BianLian ransomware victims get files back
Spyware Vendors Caught Exploiting Zero-Day Vulnerabilities on Android and iOS Devices
Australian ports operator recovering after major cyber incident
Fake Reservation Links Prey on Weary Travelers
Clop ransomware likely exploiting MOVEit zero-day since 2021
Notepad++ Input Validation Flaws Leads to uncontrolled Search Path Vulnerability
Black Basta Ransomware Group Makes $100m Since 2022
Windows Task Manager refresh can be paused using CTRL key
Reporting Mandates to Clear Up Feds’ Hazy Look into Threat Landscape – Podcast
New Millenium RAT Sold on GitHub Attacking Windows Systems
Microsoft and Fortra crack down on malicious Cobalt Strike servers
DHS grants $375 million to state and local government cyber-resilience efforts
#RSAC: Securing Software Supply Chains Requires Outside-the-Box Thinking
Cyber Front Z, a Russian troll operation ousted from Facebook, was clumsy, ineffective, according to Meta
Conti Ransomware Operation Shut Down After Splitting into Smaller Groups
Google gives 50% bonus to Android 13 Beta bug bounty hunters
FCC proposes $45 million fine for health insurance robocaller
Cyberattack Knocks Thousands Offline in Europe
Norwegian Giant Tomra Suffers “Extensive” Attack
Redwire developing first commercial space greenhouse | Cybernews
Ukraine, Israel, South Korea top list of most-targeted countries for cyberattacks
Organizations Urged to Fix 41 Vulnerabilities Added to CISA’s Catalog of Exploited Flaws
End-to-end grocery shopping comes to WhatsApp | Cybernews
US disrupts Russia-linked Snake implant’s network
GitHub Updates Security Protocol For Operations Over SSH
Reasonable Valuations Drove Mergers and Acquisition Activity in Q3, 2023
Hackers exploit WordPress plugin flaw that gives full control of millions of sites
29 Weaponized Python PyPI Packages Aimed to Infect Developers With Malware
Almost 100,000 new mobile banking Trojan strains detected in 2021 | ZDNet
Chrome 108 Patches High-Severity Memory Safety Bugs
McAfee Agent bug lets hackers run code with Windows SYSTEM privileges
SOVA Android Banking Trojan Returns With New Capabilities and Targets
Camaro Dragon APT Group Exploits TP-Link Routers With Custom Implant
New Bumblebee malware replaces Conti's BazarLoader in cyberattacks
Ransomware profits drop 40% in 2022 as victims refuse to pay
Earth Bogle: Campaigns Target the Middle East with Geopolitical Lures
Microsoft Strengthens Cloud Logging Against Nation-State Threats
Espionage Group Wields Steganographic Backdoor Against Govs, Stock Exchange
State-sponsored Iranian hackers attack Turkish government, private organizations | ZDNet
Microsoft Teams' GIFShell Attack: What Is It and How You Can Protect Yourself from It
CISA adds two Zabbix flaws to its Known Exploited Vulnerabilities Catalog
US passes the Quantum Computing Cybersecurity Preparedness Act – and why not?
The 20 best Amazon security camera deals: Ring and Blink on sale
Break into Ethical Hacking with 18 Advanced Online Courses for Just $42.99
Malwarebytes, within a week, acquires a company and reportedly cuts staff
Brave takes on the creepy websites that override your privacy settings
Google: State hackers still exploiting Internet Explorer zero-days
Louisiana authorities investigating ransomware attack on city of Alexandria
Uber ‘Cough Girl’ Accused of Identity Theft
FBI: Cuba ransomware breached 49 US critical infrastructure orgs
Chinese "Override Panda" Hackers Resurface With New Espionage Attacks
Comm100 Chat Service Hacked In A Supply-Chain Attack
Instagram scammers as busy as ever: passwords and 2FA codes at risk
Ransomware Attacks Cost UK Unis Over £2m
#CCSE22: The Latest Cybersecurity Workforce Trends
Philadelphia Inquirer operations disrupted after cyberattack
FDCA JuleCTF Challenge 13 and 14 – Write Up Intro -
Secure Boot Bypass Flaws Affect Bootloaders of Many Devices Made in Past Decade
LoRaWAN's Protocol Stacks: The Forgotten Targets at Risk
Credit card info of 1.8 million people stolen from sports gear sites
Critical Security Flaw in Social Login Plugin for WordPress Exposes Users' Accounts
Nordic Choice Hotels hit by Conti ransomware, no ransom demand yet
Cisco fixes AnyConnect bug giving Windows SYSTEM privileges
Ongoing supply chain attack targets Python developers with WASP Stealer
Samsung Confirms Data Breach After Hackers Leak Galaxy Source Code
2022 Top Five Immediate Threats in Geopolitical Context
Potential Backdoor in Gigabyte PCs Exposes Supply Chain Risks
MacStealer - New macOS-Based Malware Steals Passwords, Cookies & Credit Cards From Browser
Critical Flaws in AMI MegaRAC BMC Software Expose Servers to Remote Attacks
Threat actors actively exploit Control Web Panel RCE following PoC release
Chrome Security Update: 15 Critical Vulnerabilities Fixed, Over $60,000 Rewarded
Top Russian meat producer hit with Windows BitLocker encryption attack
Conti, DeadBolt Target Delta, QNAP
Russia-linked APT29 targets diplomatic and government organizations
Time to update: Google Chrome browser patches high-severity security flaw
Apple patches new zero-day exploited to hack iPhones, iPads, Macs
New Android malware 'RatMilad' can steal your data, record audio
New Ransomware Group BianLian Activity Exploding
Chinese hackers create Linux version of the SideWalk Windows malware
New XLoader Botnet version uses new techniques to obscure its C2 servers
Microsoft Teams Targeted in Midnight Blizzard Phishing Attacks
GoBruteforcer: New Golang-Based Malware Breaches Web Servers Via Brute-Force Attacks
Microsoft touts first PCs to ship natively with secure Pluton chip
Malicious file analysis – Example 01
Barracuda Email Security Gateway (ESG) hacked via zero-day bug
Without Conti on the Scene, LockBit 2.0 Leads Ransomware Attacks
Nonprofits Form Cyber Coalition
Google disrupts the CryptBot info-stealing malware operation
How one group of 'fellas' is winning the meme war in support of Ukraine
Global advertising giant Omnicom suffers 'suspicious' IT incident
Apple spits at Facebook, Google and, oh, the whole internet really | ZDNet
Pope warns of AI risks so “violence and discrimination does not take root”
Multi-Continental Operation Leads to Arrest of Cybercrime Gang Leader
Kansas courts confirm data theft, ransom demand after cyberattack
Adware on Google Play and Apple Store installed 13 million times
API Attacks Soar Amid the Growing Application Surface Area
USPTO’s API Flaw Leads to Years-Long Data Leak
VHD Ransomware Linked to North Korea’s Lazarus Group
API Security Trends 2023 – Have Organizations Improved their Security Posture?
US dismantled the Russia-linked Cyclops Blink botnet
New TOITOIN Banking Trojan Targeting Latin American Businesses
Bug Hunter GPT - AI Assistant that Replies for Hacking Questions
NATO Condemns Alleged Iranian Cyberattack on Albania
Researchers Harvest, Analyze 100K Cybercrime Forum Credentials
Vietnam Post exposes 1.2TB of data, including email addresses
DangerousPassword Attacks Targeting Windows, macOS, and Linux Software Developers
Cybersecurity M&A Roundup: 28 Deals Announced in September 2023
New 'MMRat' Android Trojan Targeting Users in Southeast Asia
Google Pixel bug preventing users from making 911 calls caused by Microsoft Teams | ZDNet
Nearly-Impossible-to-Detect Linux Malware Target Financial Sectors
ASVEL basketball team confirms data breach after ransomware attack
LockBit Ransomware Now Targeting Apple macOS Devices
UK Cops Collar 7 Suspected Lapsus$ Gang Members
Privid: A Privacy-Preserving Surveillance Video Analytics System
CISA adds Palo Alto Networks PAN-OS to its Known Exploited Vulnerabilities Catalog
Why Signature-Based Detection Struggles to Keep Up with the New Attack
MFA Bypass Vulnerability Found In Box CMS And File Sharing Software
DarkHotel hacking campaign targets luxury Macao resorts
House Democrats propose major funding increase for CISA
Over 4,000 Sophos Firewall devices vulnerable to RCE attacks
Gilman Louie and the dance with Wolf Warriors
Ukraine: Sandworm hackers hit news agency with 5 data wipers
Windows security in ’22 — you need more than just antivirus software
Outdated IoT healthcare devices pose major security threats
S3 Ep104: Should hospital ransomware attackers be locked up for life? [Audio + Text]
C10p's MOVEit Campaign Represents a New Era in Cyberattacks
Binance blockchain suffers $570 million hack
Malware dev says they can revive expired Google auth cookies
AI-generated child sex imagery has every US attorney general calling for action
ShadowSyndicate: A New Cybercrime Group Linked to 7 Ransomware Families
Akira Ransomware Mutates to Target Linux Systems, Adds TTPs
India removes ban on VLC media player after cybersecurity concerns addressed
Proof of Concept Exploit Publicly Available for Critical Windows SmartScreen Flaw
Legit Security Raises $40 Million in Series B Financing
No More Ransom helps millions of ransomware victims in 6 years
Almost all developers are using AI despite security concerns, survey suggests
Hackers Exploited Atlassian Confluence Bug to Deploy Ljl Backdoor for Espionage
EU urged to prepare for quantum cyberattacks with coordinated action plan
Best Cyber Monday VPN deals 2022: Save on Surfshark, Atlas, and more
SonicWall SMA appliance infected by a custom malware allegedly developed by Chinese hackers
ESET APT Report: Attacks by China-, North Korea-, and Iran-aligned Threat Actors; Russia Eyes Ukraine and the EU
APIC/EPIC! Intel chips leak secrets even the kernel shouldn’t see…
Australia charges dev of Imminent Monitor RAT used by domestic abusers
Cisco Patches High-Severity Vulnerabilities in Networking Software
CISA, Claroty highlight severe vulnerabilities in popular power distribution unit product
Cloud CVEs Surge 200% in a Year
Telegram to ban channels that called for anti-Semitic riots in Russia's Dagestan - founder
Never-before-seen malware is nuking data in Russia’s courts and mayors’ offices
Quarter of Crypto Tokens in 2022 Linked to Pump-and-Dump
Mitsubishi Electric faked safety and quality control tests for decades
Cisco Emergency Responder Vulnerability Let Remote Attacker Login as Root User
Microsoft Outlook flooded with spam due to broken email filters
DarkHotel APT Targets Wynn, Macao Hotels to Rip Off Guest Data
India Passes New Digital Personal Data Protection Bill (DPDPB), Putting Users' Privacy First
'BlazeStealer' Python Malware Allows Complete Takeover of Developer Machines
10 Best ZTNA Solutions (Zero Trust Network Access) in 2023
Massive Phishing Attack Targeting 40+ Prominent Companies
Ukrainian software developers share their stories and photos from the war zone | ZDNet
How safe is society’s critical infrastructure from infosec attacks?
LockBit ransomware gang now also claims City of Oakland breach
Apple Releases Security Patches For Older iPhone and iPad Models
TikTok Fined Over $5m for Cookie Violations
Intel investigating leak of Intel Boot Guard private keys after MSI breach
The strange similarities between Lockbit 3.0 and Blackmatter ransomware
Over 12,000 Computers Compromised by Info Stealers Linked to Users of Cybercrime Forums
Barracuda thought it drove 0-day hackers out of customers’ networks. It was wrong.
Cyberespionage APT Now Identified as Three Separate Actors
DEV-0569 group uses Google Ads to distribute Royal Ransomware
Chinese hackers used VMware ESXi zero-day to backdoor VMs
Experts spotted a new variant of UpdateAgent macOS malware dropper written in Swift
Hacker says hijacking libraries, stealing AWS keys was ethical research
Google exposes tactics of a Conti ransomware access broker
North Korea Blamed For CyberLink Supply Chain Attacks
One Year After Log4Shell, Most Firms Are Still Exposed to Attack
5.4 million Twitter users' stolen data leaked online — more shared privately
Australia may not be able to fill Coalition's 1,900 proposed cyber jobs
Interested in cybersecurity? Join us for Security SOS Week 2022!
Microsoft Squashes Zero-Day, Actively Exploited Bugs in Dec. Update
Pro-Russian group Killnet claims responsibility for DDoS attack that has taken down the European Parliament site
USB drive malware attacks spiking again in first half of 2023
Dark Pink APT group linked to new KamiKakaBot attacks in Southeast Asia
Cyberattacks pivot from large health systems to smaller hospitals, specialty clinics
GUAC 0.1 Beta: Google's Breakthrough Framework for Secure Software Supply Chains
NPM packages found containing the TurkoRat infostealer
Ukraine Police dismantled a transnational fraud group that made €200 million per year
Fortinet Discloses Critical Authentication Bypass Vulnerability Under Exploit
Wazuh - The free and open source XDR platform
MTTR “not a viable metric” for complex software system reliability and security
Industrial Cellular Routers at Risk: 11 New Vulnerabilities Expose OT Networks
US rejects AI copyright for famous state fair-winning Midjourney art
New Windows 11 test build adds Smart App control, better Microsoft 365 account management | ZDNet
New Windows PowerToy OCR tool will let you copy text from images
Chinese researchers urge to adopt methods to destroy Starlink | CyberNews
Android TV box on Amazon came pre-installed with malware
Okta confirms support engineer's laptop was hacked in January
Five ways your data may be at risk — and what to do about it
GoDaddy admits: Crooks hit us with malware, poisoned customer websites
Slovenia's largest power provider HSE hit by ransomware attack
AWS Will Begin Charging for the Use of Public IPv4 Addresses
Exploits released for two Samsung Galaxy App Store vulnerabilities
Okta revealed that its private GitHub repositories were hacked this month
Regulator: “Harmful” Web Design Could Break Data Protection Laws
WordFly breach affects arts institutions | Cybernews
U.S. Government Recovers $2.4 Million From A Business Emails Hack
Ransomware groups go after a new target: Russian organizations
Unknown APT group is targeting Russian government entities
Redfly Group Compromises National Power Grid
Ukraine Secret Service Arrests Hacker Helping Russian Invaders
Over 10% of Enterprise IT Assets Found Missing Endpoint Protection
New Phishing Attack Exploits Cloudflare R2 Hosting Service to Steal Cloud Passwords
Section 702 surveillance powers are necessary, but FBI access needs limits, panel says
U.S. Offers $10 Million Bounty for Information on 6 Russian Military Hackers
Zimbra Zero-day XSS Vulnerability Actively Exploited by Hackers
New Linux Kernel Cgroups Vulnerability Could Let Attackers Escape Container
CISA adds VMware’s Cloud Foundation bug to Known Exploited Vulnerabilities Catalog
In a Post-Macro World, Container Files Emerge as Malware-Delivery Replacement
WordPress Plugin Used in 1M+ Websites Patched to Close Critical Bug
Microsoft Sharepoint outage caused by use of wrong TLS certificate
T-Mobile confirms Lapsus$ hackers breached internal systems
CISA, FBI Warns of Critical Atlassian Zero-Day Flaw Under Active Attack
Organizations tempt risk as they deploy code more frequently
Zoom trains its AI model with some user data, without giving them an opt-out option
Patch now to address a Windows zero-day
CherryBlos Malware Uses OCR to Pluck Android Users' Cryptocurrency
FBI: Use a Burner Phone at the Olympics
Discord: A Playground for Nation-State Hackers Targeting Critical Infrastructure
Microsoft fixes bug behind Windows 10 freezes, desktop issues
Ongoing scam tricks kids playing Roblox and Fortnite
Russian Sandworm hackers pose as Ukrainian telcos to drop malware
CipherStash Raises $3 Million for Encryption-in-Use Technology
Microsoft will roll out MFA-enforcing policies for admin portal access
Examining the Black Basta Ransomware’s Infection Routine
US Critical Infrastructure Targeted by AvosLocker Ransomware
The strange link between Industrial Spy and the Cuba ransomware operation
A basic text-color trick can fool phishing filters
New Chaos Malware Variant Ditches Wiper for Encryption
Brand Names in Finance, Telecom, Tech Lead Successful Phishing Lures
The $64k Question: How Does AI Phishing Stack Up Against Human Social Engineers?
Backdoor Implant on Hacked Cisco Devices Modified to Evade Detection
Ethereum feature abused to steal $60 million from 99K victims
Saving Ukraine’s cultural heritage with a click
Freelance Market Flooded With North Korean IT Actors
Android’s new biometric spec for 'strong security' is anything but
Rockwell Automation Warns Customers of Cisco Zero-Day Affecting Stratix Switches
Henry Schein data breach: banking details exposed
Chinese Hackers Target Taiwanese Financial Institutions with a new Stealthy Backdoor
WordPress Stripe payment plugin bug leaks customer order details
NVIDIA Confirms Employee Credentials Stolen in Cyberattack
Hackers stole data undetected from US, European orgs since 2019
Android RAT Group Targets Indian Defense Personnel
Log4shell exploits now used mostly for DDoS botnets, cryptominers
NSA and CISA Shared Best Practices To Harden CI/CD Cloud Deployments
Vulnerabilities in Popular Keyboard and Mouse Android Apps Expose User Data
Convincing Microsoft phishing uses fake Office 365 spam alerts
EXCLUSIVE: Rounding up a cyber posse for Ukraine
Microsoft: China's Behind Atlassian Confluence Attacks; PoCs Available
Qakbot Takedown Aftermath: Mitigations and Protecting Against Future Threats
Google reveals Spanish IT firm's links to spyware targeting Chrome, Firefox and Microsoft Defender
Elon Musk Says X, Formerly Twitter, Will Have Voice and Video Calls, Updates Privacy Policy
Threat Actors Adopt Havoc Framework for Post-Exploitation in Targeted Attacks
NSA and CISA: Here's how to improve your Kubernetes cluster security | ZDNet
This cruel Android malware wipes phones after stealing money | ZDNet
1M+ WordPress Sites Hacked via Zero-Day Plug-in Bugs
Anonymous targets oligarchs’ Russian businesses: Marathon Group hacked
Rash of New Ransomware Variants Springs Up in the Wild
Critical SonicWall firewall patch not released for all devices
Facebook Banned Spyware Vendors from U.S., China, Russia, Israel, and India
New Fractureiser malware used CurseForge Minecraft mods to infect Windows, Linux
FIN8 cybercrime group using updated backdoor amid shift to ransomware
North Korean state-backed hackers breached major Russian missile maker
Conti claims responsibility for an attack on wind turbine giant Nordex | CyberNews
MOVEit Transfer customers warned of new flaw as PoC info surfaces
Plex warns users to reset passwords after a data breach
YoroTrooper APT group targets CIS countries and embassies
Rhysida ransomware gang is auctioning data stolen from the British Library
Anonymous launched its offensive on Russia in response to the invasion of Ukraine
Vice Society ransomware gang is using a custom locker
Bancor Announces a $1 Million Bug Bounty Program ahead of V3 Mainnet Launch
FBI Dismantle the Notorious Qakbot Infrastructure Used For Ransomware Attacks
RICO class-action data privacy lawsuit filed against H&R Block, Google, Meta
Boston crook jailed for scamming elderly online | Cybernews
'Hack DHS' Participants Awarded $125,000 for Over 100 Vulnerabilities
Identity-Based Attacks Soared in Past Year: Report
Big Prizes, Cash on Offer for Joining 'DDosia' Anti-Ukraine Cyberattack Project
Murder suspect admits she tracked cheating partner with hidden AirTag
Pension Firms Report 4000% Surge in Breaches
Hackers behind Twilio data breach also targeted Cloudflare employees
The OWASP Top 10: What They Are and How to Test Them
CISA Warns of 5 Actively Exploited Security Flaws: Urgent Action Required
Hackers Infect Windows Users with Weaponized MSIX App Packages
2K warns users their info has been stolen following breach of its help desk
Chrome Security Update: Patches Widely Exploited Zero-Day Flaw
Beware of MalDoc in PDF: A New Polyglot Attack Allowing Attackers to Evade Antivirus
Milesight Industrial Router Vulnerability Possibly Exploited in Attacks
Be aware of exposure of sensitive data on Wi-Fi settings for Canon inkjet printers
Maine govt notifies 1.3 million people of MOVEit data breach
North Korean hackers exploit known bug in ‘high-profile’ software vendor
'KandyKorn' macOS Malware Lures Crypto Engineers
TellYouThePass ransomware returns as a cross-platform Golang threat
Seiko says ransomware attack led to leak of 60,000 ‘items’ of personal data
FBI, CISA, and NSA reveal top exploited vulnerabilities of 2022
CISA funding to top $3 billion under Biden's FY 2024 budget
Atlassian Vulnerabilities Let attackers To Conduct DoS & RCE Attacks
UK’s Top 10 Universities Failing on DMARC
Command-and-control framework PhonyC2 attributed to Iran’s Muddywater group
Hack DHS: Homeland Security's first bug bounty turns up 122 vulnerabilities | ZDNet
Chinese law enforcement linked to largest covert influence operation ever discovered
New critical AI vulnerabilities in TorchServe put thousands of AI models at risk
Vietnamese Hackers Using New Delphi-Powered Malware to Target Indian Marketers
Nvidia hid how many GPUs it was selling to cryptocurrency miners, says SEC
The Reality of Cyberinsurance in 2023
Apple zero-click iMessage exploit used to infect iPhones with spyware
FormBook Tops Check Point's Most Wanted Malware List For September
Russian artists’ Spotify accounts defaced by pro-Ukraine hackers
Mass Phishing Campaign Attacking Zimbra Users’ to Steal Login Credentials
Royal Ransomware Possibly Rebranding After Targeting 350 Organizations Worldwide
Beware of Modified Zoom App that Delivers Banking Malware IcedID Malware
UK introducing mandatory cyber incident reporting for managed service providers
Suspected N. Korean Hackers Target S. Korea-US Drills
Google Releases Android Update to Patch Actively Exploited Vulnerability
Addressing the State of AI’s Impact on Cyber Disinformation/Misinformation
Coker nomination for cyber director role advances to Senate
How to Automate Offboarding to Keep Your Company Safe
FBI and CISA warn of opportunistic Rhysida ransomware attacks
Microsoft tops CISA’s list of exploited CVEs used in ransomware attacks
FCC proposes cybersecurity pilot program for schools, libraries as attacks increase
Microsoft will take nearly a year to finish patching new 0-day Secure Boot bug
Americans Receive Two Billion Spam Calls Per Month
Meta, Alphabet, ByteDance must face social media addiction lawsuits
US car dealer admits data breach
Raccoon Malware Resurfaces in Dark Web with New Stealing Capabilities
BIG-IP Vulnerability Allows Attackers to Execute Remote Code
EP committee rejects “mass surveillance” proposal, similar to UK’s Online Safety Bill
New Threat: Stealthy HeadCrab Malware Compromised Over 1,200 Redis Servers
Cisco urges IOS XE customers to patch as thousands of devices remain infected
FortiOS Flaw Exploited as Zero-Day in Attacks on Government and Organizations
Dridex Omicron phishing taunts with funeral helpline number
Second New 'IsaacWiper' Data Wiper Targets Ukraine After Russian Invasion
Malicious Apps Disguised as Banks and Government Agencies Targeting Indian Android Users
Iran-Linked Imperial Kitten Cyber Group Targeting Middle East's Tech Sectors
Microsoft adds on-premises Exchange, SharePoint to bug bounty program
Tallahassee Memorial HealthCare, Florida, has taken IT systems offline after cyberattack
Organizations Warned of Top 10 Cybersecurity Misconfigurations Seen by CISA, NSA
INTERPOL Nabs Hacking Crew OPERA1ER's Leader Behind $11 Million Cybercrime
LummaC2 Malware Deploys New Trigonometry-Based Anti-Sandbox Technique
Millions of Oregon, Louisiana state IDs stolen in MOVEit breach
Tempur Sealy responding to cyberattack that disrupted operations
Bumblebee, a new malware loader used by multiple crimeware threat actors
Wiz debuts PEACH tenant isolation framework for cloud applications
Ransomware crooks exploit unpatched 0-day in Cisco security appliances
China proposes UN treaty criminalizes ‘dissemination of false information’
Hackers trojanize PuTTY SSH client to backdoor media company
Point Of Sale Device (POS) Penetration Testing - A Practical Guide 2023
Lazarus hackers now push Linux malware via fake job offers
Notorious Phishing-as-a-Service Platform Shuttered
Gamblers’ data compromised after casino giant Strendus fails to set password
CrowdStrike grows subscriber base as customers consolidate security services
SASE in the spotlight as businesses prioritize edge network security
US Announces IPStorm Botnet Takedown and Its Creator's Guilty Plea
China-linked influence campaign targets Canadian lawmakers, prime minister
North Korean Lazarus Hackers Targeting Energy Providers Around the World
CISA researchers: Russia's Fancy Bear infiltrated US satellite network
Hackers Meddle With Bing Chat Ads To Promote Malicious Links
Another $40m Dispersed to Western Union Fraud Victims
Russia’s Cyber Tactics in Ukraine Shift to Focus on Espionage
BlackLotus Secure Boot Bypass Malware Set to Ramp Up
Unmasking NIS2: Europe’s Secret Weapon Against Cybersecurity Threats
Bitcoin ATM operator CoinFlip breach exposes thousands
Windows, hardware, Xbox sales are dim spots in a solid Microsoft earnings report
British Army general says UK now conducting ‘hunt forward’ operations
CISA seeks to address visibility, resilience in 3-year strategic plan
Study: More Than Half of Browser Extensions Pose Security Risks
“Do not open robots,” warns Oregon State amid college food delivery bomb prank
Critical vulnerabilities in Exim threaten over 250k email servers worldwide
Russian hackers switch to LOTL technique to cause power outage
10 Best Free Penetration Testing Tools 2022 - Cyber Security News
Eureka: With GPT-4 overseeing training, robots can learn much faster
Stark#Mule Malware Campaign Targets Koreans, Uses US Army Documents
Leaked ransomware documents show Conti helping Putin from the shadows
GoldenJackal state hackers silently attacking govts since 2019
Major Security Flaw Discovered in Metabase BI Software – Urgent Update Required
Atlassian fixes critical command injection bug in Bitbucket Server
Hackers Hide Malware in Windows Logo, Target Middle East Governments
GitHub reveals reason behind last week’s string of outages
TETRA:BURST — 5 New Vulnerabilities Exposed in Widely Used Radio Communication System
SaaS Security Posture Management (SSPM) as a Layer in Your Identity Fabric
Intel Addresses 80 Firmware, Software Vulnerabilities
Google Exposes 18 Zero-Day Flaws in Samsung Exynos Chips
3,464,756 Malware Installation Packages Targeted Mobile Users in 2021
Former employee charged for attacking water treatment plant
Hackers Targeting Microsoft’s MS SQL Servers Extensively - New Study
North Korean Cyberspies Target GitHub Developers
Cryptomining Attack Exploits Docker API Misconfiguration Since 2019
Okta entangled by Twilio phishing attack
Vulnerable TP-Link Routers Can be Exploited By Multiple Hackers
Vice Society ransomware claims attack on Cincinnati State college
Ransomware has gone down because sanctions against Russia are making life harder for attackers | ZDNet
Microsoft Patch Tuesday September Arrives With 80+ Bug Fixes
Cyber Agency: Voting Software Vulnerable in Some States
New Bad Magic APT used CommonMagic framework in the area of Russo-Ukrainian conflict
RomCom hackers target NATO Summit attendees in phishing attacks
UK cyber agency announces Ollie Whitehouse as its first ever CTO
Log4j zero-day gets security fix just as scans for vulnerable systems ramp up
Security Affairs newsletter Round 404 by Pierluigi Paganini
Automotive parts giant AutoZone disclosed data breach after MOVEit hack
Bitter APT group targets China’s nuclear energy sector
Staying On Top of TLS Attacks With SSL Certificate - Cyber Security News
US Researchers Spot New Hertzbleed Flaw Affecting AMD and Intel CPUs
Record-Breaking Year for DDoS Attacks Targeting Russia
NCSC’s Free Email Security Check Spots Domain Issues
Email marketing firm hacked to steal crypto-focused mailing lists
COSMICENERGY - New OT Malware Causes Electric Power Disruption
Government, Union-Themed Lures Used to Deliver Cobalt Strike Payloads
TikTok Initiates Project Clover Amid European Data Security Concerns
New Reptile Rootkit Malware Attacking Linux Systems Using Port Knocking
Russian Cyclops Blink botnet launches assault against Asus routers | ZDNet
Government Shutdown Poised to Stress Nation's Cybersecurity Supply Chain
Researchers Warn of Critical Security Bugs in Schneider Electric Modicon PLCs
You can log into Google Workspace more securely with this major update
ChatGPT-Powered Malware Analysis
Network Resilience Coalition launches to improve patch, vulnerability management
Ransomware Business Models: Future Pivots and Trends
Singapore public health services hit by DDoS attacks
Spanish Police Arrest Alleged Radioactive Monitoring Hackers
Escanor RAT Malware Deployed Via Microsoft Office and PDF Documents
Microsoft Teams Exploit Tool Auto-Delivers Malware
Cytrox's Predator Spyware Target Android Users with Zero-Day Exploits
Ivanti Zero-Day Vulnerability Exploited in Attack on Norwegian Government
Biden issues sweeping executive order that touches AI risk, deepfakes, privacy
#mWISE: Chinese Cyber Power Bigger Than the Rest of the World Combined
Webinar Today: Using Governance and Privilege to Gain Control Over Third-Party Access
Boeing says cyber incident affects parts and distribution business
Boeing Confirms Distribution Business Hit by Cyberattack
U.S. Cyberspace Ambassador nominee lays out ambitious agenda
Serious Breach at Uber Spotlights Hacker Social Deception
Hacker groups support protestors in Iran using Telegram, Signal and Darkweb
What You Need To Know About Penetration Testing as a Service - Cyber Security News
VMware addressed a critical bug in Carbon Black App Control
CISA Warns Of PaperCut Print Software Vulnerabilities Under Attack
A compliance fight in Germany could hurt Microsoft customers
Threat Report: The High Tech Industry Targeted the Most with 46% of NLX-Tagged Attack Traffic
Spyware Gamed 1.5M Users of Google Play Store
State Department announces $10M bounty for Russian intelligence hackers behind NotPetya
Does the Free World Need a Global Cyber Alliance?
Russian and Chinese interference networks are ‘building audiences’ ahead of 2024, warns Meta
Phishing campaign used QR codes to target large energy company
Arid Viper Hacking Group Using Upgraded Malware in Middle East Cyber Attacks
Bill to block warrantless sales of private data to law enforcement advances in House
Emotet continues its reign as the most widely used malware | Cybernews
FBI “Contains” Cyber-Incident on its Network
Counties in New Mexico, Arkansas begin 2022 with ransomware attacks | ZDNet
After Zero-Day Attacks, MOVEit Turns to Security Service Packs
Microsoft Revokes Many Signed Drivers Used by Chinese Cybercriminals
Attacker Apparently Didn't Have to Breach a Single System to Pwn Uber
NSA, Viasat say 2022 hack was two incidents; Russian sanctions resulted from investigation
Senators slam Ticketmaster for reporting just one bot case to FTC despite Taylor Swift fiasco claims
Little Rock School District approves $250K payment in ransomware settlement
The lightning onset of AI—what suddenly changed? An Ars Frontiers 2023 recap
Universities and colleges cope silently with ransomware attacks
ChatGPT Browser Extension Hijacks Facebook Business Accounts
Google Improves Chrome Protections Against Use-After-Free Bug Exploitation
GitHub Makes Passkey For Passwordless Logins Publicly Available
Zoom flaw enabled hijacking of accounts with access to meetings, team chat
Ensign unveils cybersecurity employment scheme for individuals with autism | ZDNet
DHS Tells Federal Agencies to Improve Asset Visibility, Vulnerability Detection
It's a truly cruel scam. Here's the dramatic way Google is trying to stop it | ZDNet
CISA orders federal agencies to secure Internet-exposed network devices
Critical Security Flaws Exposed in Nagios XI Network Monitoring Software
Hackers Abuse Cloudflare Tunnels Feature to Gain Stealthy Persistent Access
Crypto.com pauses withdrawals and resets 2FA following suspicious activity | ZDNet
Google to block Bard conversations from being indexed on Search
Google Bard AI Causes $100 Billion Loss With Wrong Answers
Webinar: Locking Down Financial and Accounting Data — Best Data Security Strategies
Costa Rica’s new president declares state of emergency after Conti ransomware attack
Hackers use new, fake crypto app to breach networks, steal cryptocurrency
Australia's anti-trolling Bill enters Parliament retaining defamation focus | ZDNet
Research questions potentially dangerous implications of Ukraine's IT Army
Motel One Discloses Ransomware Attack Impacting Customer Data
Raccoon Stealer is back with a new version to steal your passwords
Bitzlato crypto exchange seized for ransomware, drugs money laundering
WinRAR Security Flaw Could Allow Command Execution
Royal Ransomware Threat Takes Aim at U.S. Healthcare System
US Government Says North Korean IT Workers Enable DPRK Hacking Operations
Winter Vivern APT hackers use fake antivirus scans to install malware
Facebook to Pay $725 Million to Resolve Cambridge Analytica Scandal Case
Crypto and the US government are headed for a decisive showdown
Hackrate releases ethical hacking monitoring platform HackGATE
China to disclose secret US ‘global reconnaissance system,’ claims official
The Week in Ransomware - March 25th 2022 - Critical infrastructure
Apple Issues Urgent Security Patches for Zero-Day Vulnerabilities
New malware campaign uses MSIX packages to infect Windows PCs
Cybersecurity Threat 1H 2023 Brief with Generative AI
Facebook Parent Settles Suit in Cambridge Analytica Scandal
Rockstar Games reportedly sold games with Razor 1911 cracks on Steam
U.S. Warns Against North Korean Hackers Posing as IT Freelancers
In Cybersecurity, What You Can’t See Can Hurt You
MetaMask warns of new 'Address Poisoning' cryptocurrency scam
Democrats accuse GOP of scuttling incident reporting in massive defense bill
Results Overview: 2022 MITRE ATT&CK Evaluation – Wizard Spider and Sandworm Edition
French Electricity Provider Fined for Storing Users’ Passwords with Weak MD5 Algorithm
Unpatched Zimbra Platforms Are Probably Compromised, CISA Says
Android apps with 45 million installs used data harvesting SDK
Healthcare giant CHS reports first data breach in GoAnywhere hacks
Hacking group hides backdoor malware inside Windows logo image
Code Execution Vulnerabilities Fixed In DaVinci Resolve Video Editor
BlackCat Ransomware gang breached over 60 orgs worldwide
URGENT! Apple slips out zero-day update for older iPhones and iPads
US, UK, Canada and Australia Link Iranian Government Agency to Ransomware Attacks
10 Best Cybersecurity Risk Management Tools - 2023
Rackspace: Customer email data accessed in ransomware attack
Singapore identifies six generative AI risks, sets up foundation to guide adoption
Microsoft Patch Tuesday for August 2022 fixed actively exploited zero-day
Massive ad-fraud op dismantled after hitting millions of iOS devices
GitHub rolls out passkeys in move toward passwordless authentication
New Chinese Malware Framework Attack Windows, Linux & Mac Systems
Rewards Platform Flaw, Let attackers Steal User’s Personal Information
Vulnerability with 9.8 severity in Control Web Panel is under active exploit
Police Raid Rounds Up Core Members of DoppelPaymer Ransomware Gang
Google Ready to Roll Out Android Privacy Sandbox in Beta
Box CEO on the ‘perfect storm’ of challenges in cybersecurity
ARCrypt Ransomware Adapts TOR Communication Channels to Avoid detection
Optus Confirms Hack Exposed Data of Nearly 2.1 Million Australians
CISA warns of attacks using Microsoft Word, Adobe bugs
Continuous Security: PTaaS Bridges the Gap within Application Security
DarkGate Malware Spreading via Messaging Services Posing as PDF Files
Zyxel Firewalls Under Attack! Urgent Patching Required
Google's GUAC Aims to Democratize Software Supply Chain Security Metadata
BotenaGo botnet source code has been leaked to GitHub.
Investors Betting Big on Upwind for CNAPP Tech
Update Chrome Browser Now to Patch New Actively Exploited Zero-Day Flaw
Critical CVE-2022-1162 flaw in GitLab allowed threat actors to take over accounts
Microsoft accidentally exposed 38 terabytes of data from employee workstations
Microsoft doc details the dos and don’ts of Mac ransomware <u>
Russian Hackers Spotted Targeting U.S. Military Weapons and Hardware Supplier
Log4j: Mirai botnet found targeting ZyXEL networking devices | ZDNet
Holiday Season Cyber Alert: Reflectiz Declares War on Magecart
These file types are the ones most commonly used by hackers to hide their malware
Microsoft dishes the dirt on Apple’s “Achilles heel” shortly after fixing similar Windows bug
Internet shutdown in Gabon continues into third day following national elections
Nvidia thinks AI boom is far from over as GPU sales drive big earnings win
Microsoft Breach Exposed 60,000 State Department Emails
OpenAI CEO Sam Altman asked to step down
How Shady Code Commits Compromise the Security of the Open-Source Ecosystem
CSAF Is the Future of Vulnerability Management
Windows 11 KB5021255 and KB5021234 cumulative updates released
Indian power generation giant Tata Power hit by a cyber attack
First Microsoft Pluton-powered Windows 11 PCs to start rolling out this year | ZDNet
VNC instances exposed to Internet pose critical infrastructures at risk
Microsoft's latest Windows 11 test build adds new group policies, drops SMB1 enablement by default | ZDNet
DHS warns of malicious AI use against critical infrastructure
Apple in patch emergency after spotting two bugs | Cybernews
In Other News: LastPass Vault Hacking, Russia Targets Ukraine Energy Facility, NXP Breach
Board Members Struggling to Understand Cyber Risks
New ‘White Rabbit’ Ransomware May Be New FIN8 Tool
Finnish intelligence agency warns Russia treating Finland as a ‘hostile country’
Nvidia introduces the H200, an AI-crunching monster GPU that may speed up ChatGPT
The ransomware problem isn't going away, and these grim figures prove it
The Week in Ransomware - September 15th 2023 - Russian Roulette
Adobe ColdFusion Critical Vulnerabilities Exploited Despite Patches
Cybersecurity threat extends to utility credit ratings: Fitch
Hacktivist Group 'Mysterious Team Bangladesh' Goes on DDoS Rampage
How to protect your ADFS from password spraying attacks
Predictive AI in Cybersecurity: Outcomes Demonstrate All AI is Not Created Equally
Microsoft is rebranding 'Office' to Microsoft 365
BlackLotus UEFI Bootkit Source Code Leaked on GitHub
Supply Chain Startup Chainguard Scores $61 Million Series B
How Huawei made a cutting-edge chip in China and surprised the US
Alert: OracleIV DDoS Botnet Targets Public Docker Engine APIs to Hijack Containers
Big data trove dumped after LA Unified School District says no to ransomware crooks
NY AG issues $450k penalty to US Radiology after unpatched bug led to ransomware attack
28 countries reach landmark agreement on “safe and responsible” AI development
Microsoft Exchange servers hacked to deploy Cuba ransomware
City of Dallas Details Ransomware Attack Impact, Costs
Intel Released Urgent Patch For Reptar Vulnerability In Its CPUs
The Importance of Continuous Security Monitoring for a Robust Cybersecurity Strategy
Russia inches closer to its splinternet dream
Threat Actors Employ Remote Admin Tools to Gain Access over Corporate Networks
Huawei, Vivo phones tag Google app as TrojanSMS-PA malware
Ukrainian Cyber Cops Bust $200m Fraud Ring
Citrix Hypervisor gets hotfix for new Reptar Intel CPU flaw
HackerOne apologizes to Ukrainian hackers for mistakenly blocking payouts
Qatar & Rwanda Partner to Boost Cybersecurity in Africa
Vulnerabilities found affecting OT products from German companies Festo and CODESYS
Atlassian says ongoing outage might last two more weeks
New Chinese APT campaign found targeting European embassies
SentinelOne to acquire cybersecurity consulting firm Krebs Stamos Group
How to locate a user's GPG key in Thunderbird
CISA warns - upgrade your cybersecurity now to defend against "potential critical threats" | ZDNet
Stealthy Kamran Spyware Targeting Urdu-speaking Users in Gilgit-Baltistan
Warning: Hackers Actively Exploiting Zero-Day in Fortra's GoAnywhere MFT
Remote execution holes in Log4j, Exchange and Confluence lead Five Eyes 2021 exploited CVE list | ZDNet
Raspberry Robin Malware Attacks Against Telecom and Government Sectors
ChatGPT Jailbreaking Forums Proliferate in Dark Web Communities
Strategic App Management: Simplifying, Securing, and Optimizing Device Workflows
Council of Europe report calls use of Pegasus spyware by several countries potentially illegal
French Bank Denies Access to Russian Workforce
A Second Major British Police Force Suffers a Cyberattack in Less Than a Month
Windows 11’s new kiosk mode lets admins limit available apps
Free Decryptor Available for 'Key Group' Ransomware
Fraud researchers impersonated on X to push crypto-stealing sites
US Shuts Down Bulletproof Hosting Service LolekHosted, Charges Its Polish Operator
59.4 million compromised payment card records posted for sale on dark web in 2022: report
The Week in Ransomware - November 3rd 2023 - Hive's Back
Arlo will end support for these older cameras in April. Here's what you need to know
FBI Dismantles QakBot Malware, Frees 700,000 Computers, Seizes $8.6 Million
VMware disclosed a critical and unpatched authentication bypass flaw in VMware Cloud Director Appliance
CISA Warns Against Malicious Use of Legitimate RMM Software
Signature Techniques of Asian APT Groups Revealed
A new jailbreak for John Deere tractors rides the right-to-repair wave
4 data-driven priorities for security leaders in 2024
Singapore to step up security measures in aftermath of phishing scams | ZDNet
Patch Tuesday: Microsoft Issues Fix for Actively Exploited 'Follina' Vulnerability
Top cybersecurity product news of the week
Microsoft Sentinel adds threat monitoring for GitHub repos
More details emerge on China's widespread Ukraine-related hacking efforts
Russian security service detains two hackers allegedly working for Ukraine
Adobe Co-Founder And The Innovator Of PDF Files Passes At 82
Meta whistleblower testimony adds fuel to push for online kids safety bill
Holiday Cybersecurity Staffing Levels a Difficult Balancing Act for Companies
US Executives Targeted in Phishing Attacks Exploiting Flaw in Indeed Job Platform
New RansomHouse group sets up extortion market, adds first victims
CISA Unveils Cybersecurity Strategic Plan for Next 3 Years
LockBit ransomware exploits Citrix Bleed in attacks, 10K servers exposed
Zimbra Zero-Day Exploited to Hack Government Emails
Burp Suite 2023.10.3.4 Released for Professional & Community - What's New!
Microsoft now lets you play a game during Windows 11 installs
Experts Warn of Surge in Multipurpose Malware
Android Private Compute Core: Google explains the "important" new privacy infrastructure
Ransomware Attack Prevention Checklist - 2023
Broadcom Planning to Complete Deal for $69 Billion Acquisition of VMWare After Regulators Give OK
Ghost Security Snags $15M Investment for API Security Tech
New Backdoor Created Using Leaked CIA's Hive Malware Discovered in the Wild
These four types of ransomware make up nearly three-quarters of reported incidents | ZDNet
Windows 11 23H2 coming this fall as a small enablement package
Hackers exploit Roblox’s scripting engine to install Trojan | CyberNews
Elementor Fixes Critical Bug in Popular WordPress Plugin
British and Ukrainian cyber officials meet in London for threat intelligence talks
Adobe emergency patch fixes new ColdFusion zero-day used in attacks
Supercharged Version of Amadey Infostealer & Malware Dropper Bypasses AVs
VMware's Head of Cybersecurity Strategy Discusses Modern Bank Heists
SANS Ransomware Summit 2022, Can You Detect This?
Discord is investigating cause of ‘You have been blocked’ errors
MOVEit Gang Targets SysAid Customers With Zero-Day Attacks
McLaren Health Care Hacked: Attackers Claim 6 TB of Patient Data Stolen
Heroku admits that customer credentials were stolen in cyberattack
Chinese-linked hackers targeted U.S. state legislature, researchers say
New Windows malware scans victims’ mobile phones for data to steal
NATO’s Christian-Marc Lifländer on how the alliance can take a ‘proactive’ cyber stance
Ukraine says it hacked Russian aviation agency, leaks data
The Week in Ransomware - December 1st 2023 - Police hits affiliates
'Frenzied mob' steals more than $156 million from crypto platform Nomad
Hackers use new Agent Raccoon malware to backdoor US targets
Russian Hacker Vladimir Dunaev Convicted for Creating TrickBot Malware
Phishers who breached Twilio and fooled Cloudflare could easily get you, too
Threat Advisory: E-commerce Bots Use Domain Registration Services for Mass Account Fraud
SecurityWeek to Host CISO Forum Virtually September 13-14, 2022: Registration is Open
Google starts rolling out passkey support for Google Accounts
Hackers Using PowerPoint Mouseover Trick to Infect System with Malware
#ISC2Events: Supply Chain Security is a Multifaceted Challenge
LastPass confirms credential stuffing attack against some of its users
Worok Hackers Target High-Profile Asian Companies and Governments
Iranian Cyber Spies Use 'LionTail' Malware in Latest Attacks
Stealthy APT Gelsemium Seen Targeting Southeast Asian Government
Analysis and Config Extraction of Lu0Bot, a Node.js Malware with Considerable Capabilities
BORN Ontario child registry data breach affects 3.4 million people
Google: Russian Hackers Target Ukrainians, European Allies via Phishing Attacks
Nigerian social media accounts targeted in influence campaign centered on Ukraine invasion
DoNot Team Hackers Updated its Malware Toolkit with Improved Capabilities
Zyxel firewall and VPN devices affected by critical flaws
Metabase Critical Flaw Permit Attackers to Act as Servers - Critical Update
New ‘Robin Banks’ phishing service targets BofA, Citi, and Wells Fargo
Critical bug could have let hackers commandeer millions of Android devices
Qualcomm, Lenovo Released Multiple Bug Fixes
US Nuclear Security Administration criticized by watchdog over cybersecurity failures
Apple Patches Remote Code Execution Flaws in iOS, macOS
FritzFrog botnet returns to attack healthcare, education, government sectors | ZDNet
EU Council president proposes ‘European cyber force’ with ‘offensive capabilities’
Agent Racoon Backdoor Targets Organizations in Middle East, Africa, and U.S.
House GOP members blast new SEC cyber incident disclosure rules
Russian region launches chatbot to report ‘extremist’ neighbors
Mustang Panda Hackers Targets Philippines Government Amid South China Sea Tensions
Cisco fixed critical RCE bug in ClamAV Open-Source Antivirus engine
SquirrelWaffle Adds a Twist of Fraud to Exchange Server Malspamming
How to customize Windows 11 desktop experience
Zoom’s AI terms overhaul sets stage for broader data use scrutiny
Palestinian Lawyer Sues Pegasus Spyware Maker in France
The “Windows App” for Mac, iOS, and browsers is a fancy remote desktop, for now
Uber reaches non-prosecution deal with feds after concealing data breach
Android malware steals user credentials using optical character recognition
Strengthening Password Security may Lower Cyber Insurance Premiums
HP rushes to fix bricked printers after faulty firmware update
Think Tank Urges Labour to Promote “Securonomics” Agenda
China-Linked Hackers Strike Worldwide: 17 Nations Hit in 3-Year Cyber Campaign
DDoS Attacks Abuse Network Middleboxes for Reflection, Amplification
FIN8 Modifies 'Sardonic' Backdoor to Deliver BlackCat Ransomware
Google loses bid to throw out ‘Incognito’ lawsuit, placing private browsing under scrutiny
Cryptocoin ATMs ruled illegal – “Shut down at once”, says regulator
This Week in Security News - February 25, 2022
#CYBERUK23: Russian Cyber Offensive Exhibits ‘Unprecedented’ Speed and Agility
Over 1,300 fake AnyDesk sites push Vidar info-stealing malware
Google Issues Urgent Chrome Update to Patch Actively Exploited Zero-Day Vulnerability
Majority of DOD cyber incident reports are incomplete, GAO finds
Investment Fraud Gang May Have Made $500m
Freecycle Breach May Have Hit Millions of Users
UK Electoral Commission data breach exposes 8 years of voter data
Microsoft fixes three zero-days in its 75-flaw February Patch Tuesday
New Citrix ADC Zero-Day Scanner Tool Released With IOCs
Kansas courts closed, electronic systems down after alleged ransomware attack
Microsoft: Russian malware hijacks ADFS to log in as anyone in Windows
Facebook ads push Android adware with 7 million installs on Google Play
ServiceNow embeds AI-powered customer-assist features throughout products
CISA sees increase in zero-day exploitation, official says
AI chatbot scares Snapchat users by posting mysterious video
Hackers use in-house Zoho ServiceDesk exploit to drop webshells
Hackers modify open-source ‘SapphireStealer’ malware, leading to multiple variants
China-linked hackers spy on Android users through fake messenger apps
Caesars Confirms Ransomware Hack, Stolen Loyalty Program Database
Cisco Finds Second Zero-Day as Number of Hacked Devices Apparently Drops
In Other News: Hacking Encrypted Linux Computers, Android Fuzzing, Skype Leaking IPs
Ukrainian arrested for selling data of 300M people to Russians
New Android 14 Security Feature: IT Admins Can Now Disable 2G Networks
Microsoft Warns of 'Ice Phishing' Threat on Web3 and Decentralized Networks
Free Download Manager Site Compromised to Distribute Linux Malware to Users for 3+ Years
Warning: PyTorch Models Vulnerable to Remote Code Execution via ShellTorch
Alien Illuminati Lizard stirs skepticism in its newly launched conspiracy test
Resolving Availability vs. Security, a Constant Conflict in IT
When Email Security Meets SaaS Security: Uncovering Risky Auto-Forwarding Rules
Windows 11 23H2 getting an energy report with app's power usage
New CacheWarp AMD CPU attack lets hackers gain root in Linux VMs
Australia launches federal cybercrime centre as part of national plan | ZDNet
Canada Bans WeChat and Kaspersky Apps On Government Devices
Tyson Foods claimed by Snatch ransomware gang
US Govt launches Artificial Intelligence Cyber Challenge
Microsoft Exposes Russian Hackers' Sneaky Phishing Tactics via Microsoft Teams Chats
This Week in Security News - January 28th, 2022
Mozi Botnet Likely Killed by Its Creators
14 Cybersecurity Best Practices to Instill In Your End-Users
What is Crowdsourced Threat Intelligence?
Kyndryl enters MSSP market with new end-to-end security capabilities
Swedish Data Protection Authority Warns Companies Against Google Analytics Use
Sprawling Qakbot Malware Takedown Spans 700,000 Infected Machines
iLeakage - New Attack Let Hackers Steal Emails, Passwords On Apple Safari
Dutch hacker jailed for extortion, selling stolen data on RaidForums
CISA Warns of Attacks Exploiting Recent Vulnerabilities in Zabbix Monitoring Tool
Roblox Developers Targeted with of Dozen Malicious Packages
Key GOP Lawmaker Calls for Renewal of Surveillance Tool as He Proposes Changes to Protect Privacy
Boeing Investigates LockBit Ransomware Breach Claims
Security Affairs newsletter Round 354
Infostealers Spread Via AI-Generated YouTube Videos
Financial Industry Faces Soaring Ransomware Threat
Global Ransomware Damages to Exceed $30bn by 2023
The tech sector teardown is more catharsis than crisis
Microsoft ID Security Gaps That Let Threat Actor Steal Signing Key
Twilio and Cloudflare attacks part of larger campaign, says analyst | Cybernews
TransForm says ransomware data breach affects 267,000 patients
Concerns grow as LockBit knockoffs increasingly target popular vulnerabilities
White House Denies Mulling Massive Cyberattacks Against Russia
Sophisticated BEC scammers bypass Microsoft 365 multi-factor authentication
Sophisticated DarkTortilla Malware Serves Imposter Cisco, Grammarly Pages
ShadowSyndicate Cybercrime gang has used 7 ransomware families over the past year
Government of Canada Bans WeChat and Kaspersky Apps
UK data regulator orders end to spreadsheet FOI requests after serious data breaches
Amazon unveils three satellite user terminals, plans broadband service in 2024
KeePass v2.54 fixes bug that leaked cleartext master password
The Week in Ransomware - April 1st 2022 - 'I can fight with a keyboard'
FBI Confirms Lazarus Group Was Behind $100m Harmony Hack
CISA Adds Critical RocketMQ Bug to Must-Patch List
Welltok MOVEit hack impacts 1.6M individuals
Experts investigate WhatsApp data leak: 500M user records for sale
White House Unveils Artificial Intelligence ‘Bill of Rights’
Conti ransomware gang grows brash and flames out. What's next?
N. Korean Hackers 'Mixing' macOS Malware Tactics to Evade Detection
Microsoft: Windows Server 2012 reaches end of support in October
PlugX malware hides on USB devices to infect new Windows hosts
Access to hacked corporate networks still strong but sales fall
LayerX Enterprise Browser Security Extension – Secure the Modern Workspace
British Library Still Reeling After Major Cyber Incident
KillNet Claims DDoS Attack Against Royal Family Website
Apple backports BLASTPASS zero-day fix to older iPhones
Multiple Videolan VLC Player Flaws Leads to Memory Corruption: Update Now!
Russian Hackers Linked to 'Largest Ever Cyber Attack' on Danish Critical Infrastructure
OpenAI introduces custom AI assistants called “GPTs” that play different roles
YouTube cracking down on AI clones of artists, content creators
DHS creates Cyber Safety Review Board to review significant cybersecurity incidents
Unlocking the Benefits and Trade-Offs of Agentless Cloud Security
White House releases final zero-trust strategy for federal government
Microsoft: October Windows 10 security updates fail to install
The Power of Browser Fingerprinting: Personalized UX, Fraud Detection, and Secure Logins
Critical vulnerability in Atlassian Confluence server is under “mass exploitation”
Immaculate AI images of Pope Francis trick the masses
High-severity Microsoft Exchange 0-day under attack threatens 220,000 servers
A custom PowerShell RAT uses to target German users using Ukraine crisis as bait
Alert: Microsoft Releases Patch Updates for 5 New Zero-Day Vulnerabilities
Russian man pleads guilty to laundering Ryuk ransomware money
Chipmaker Patch Tuesday: Intel, AMD Address Over 130 Vulnerabilities
Congressman calls on CISA to investigate air travel vulnerabilities after outage
CISA rolls dice on public service campaign to raise cyber awareness
Best browser for privacy 2022: Secure web browsing | ZDNet
UNC3524 APT uses IP cameras to deploy backdoors and target Exchange
Malicious extension lets attackers control Google Chrome remotely
Atlassian Warns of New Critical Confluence Vulnerability Threatening Data Loss
Instagram Credential Phishing Attacks Bypass Microsoft Email Security, Target Thousands
Finland, Europol take down PIILOPUOTI dark web marketplace
SYN Ventures Announces $75 Million Seed Fund for US Cybersecurity Firms
Chrome and Edge zero-day: “This exploit is in the wild”, so check your versions now
New MITM Attack on Wi-Fi Networks Let Attackers Stealthily Hijack the Traffic
Adobe teases generative AI video tools
New HeadCrab malware infects 1,200 Redis servers to mine Monero
Microsoft wants you to learn more about new features in Windows 11
Wyze Cam flaw lets hackers remotely access your saved videos
DDoS Extortion Attack Flagged as Possible REvil Resurgence
Comprehensive, Easy Cybersecurity for Lean IT Security Teams Starts with XDR
How to Use a UTM Solution & Win Time, Money and Resources
Google Chrome's organize tabs will automatically reorder tabs
Lumu Raises $30 Million for Threat Detection and Response Platform
NIST Publishes Final Version of 800-82r3 OT Security Guide
U.S. White House releases ambitious agenda to mitigate the risks of quantum computing
Google Mandates Data Deletion Policy For Android Apps
Juniper Networks adds cloud firewall to its SASE stack | ZDNet
CacheWarp : A New Flaw in AMD's SEV Let Attackers Hijack Encrypted Virtual Machines
Rapid7 Announces Layoffs, Office Closings Under Restructuring Plan
Microsoft 365 users get workaround for ‘Something Went Wrong’ errors
Microsoft Edge will switch to Adobe Acrobat’s PDF rendering engine
Signal tests usernames that keep your phone number private
Predictions 2023: Big Tech's Coming Security Shopping Spree
Russia Cracks Down on 4 Dark Web Marketplaces for Stolen Credit Cards
Blackbaud agrees to $49.5 million settlement for ransomware data breach
New Unpatched Bug Could Let Attackers Steal Money from PayPal Users
Preventative medicine for securing IoT tech in healthcare organizations
Hackers Hijack Facebook Business Accounts to Run Malicious Ads
GitGuardian’s honeytokens in codebase to fish out DevOps intrusion
Meta’s “massively multilingual” AI model translates up to 100 languages, speech or text
macOS Under Attack: Examining the Growing Threat and User Perspectives
Hackers can steal cryptographic keys by video-recording power LEDs 60 feet away
LinkedIn Smart Links Abused in Phishing Campaign Targeting Microsoft Accounts
Amazon is shutting down web ranking site Alexa.com
Pennsylvania school district to stay open despite ransomware attack
Western Digital Hack - Attackers Stole Personal Information of Customers
Google patches 43 Android Vulnerabilities Including 3 actively exploited zero-days
Apple issues emergency patch to address alleged spyware vulnerability
Flax Typhoon Group Abusing Built-in Operating System Tools to Deploy Malware
Industrial Giant Thyssenkrupp Again Targeted by Cybercriminals
Molerats hackers deploy new malware in highly evasive campaign
Hackers adopt Sliver toolkit as a Cobalt Strike alternative
FIN7 Cybercrime Operation Continues to Evolve Despite Arrests
State-of-the-art EDRs are not perfect, fail to detect common attacks
The Week in Ransomware - October 27th 2023 - Breaking Records
Morgan Stanley Fined $6.5 Million for Exposing Customer Information
CVE-2023-46604 (Apache ActiveMQ) Vulnerability Exploited to Infect Systems With Cryptominers and Rootkits
SpecterOps’ open source pentesting software receives major updates
Beware: Tainted VPNs Being Used to Spread EyeSpy Surveillanceware
NoReboot attack fakes iOS phone shutdown to spy on you | ZDNet
Four Men Face 20 Years For Money Laundering Charges
Manchester Police Officers’ Data Breached in Third-Party Attack
How to secure your home and office network: The best DNS blockers and firewalls | ZDNet
QNAP Operating Systems Flaw Let Attackers Launch DoS Attacks
AuthMind Scores $8.5M Seed Funding for ITDR Tech
The Yanluowang ransomware group in their own words
GhostLocker - A New Generation of Raas from Hacktivist Groups
S4x23 Review Part 4: Cybersecurity for Industrial IoT
New Google Chrome 0-Day Vulnerability Exploited in the Wild
Critical GitLab vulnerability lets attackers take over accounts
What is DNS Filtering? How Does It Works? A Detailed Overview
12K Misconfigured Elasticsearch Buckets Ravaged by Extortionists
Microsoft removes LSA Protection from Windows settings to fix bug
Offboarding processes pose security risks as job turnover increases: Report
We interviewed Linux OS through an AI bot to discover its secrets
Google tells users of some Android phones: Nuke voice calling to avoid infection
Over 30 Countries Take Part in NATO's 'Locked Shields 2022' Cyber Exercise
European police takes down call centers behind cryptocurrency scams
Belgian intelligence fears Chinese tech giant Alibaba may be spying on logistics
Google: Predator spyware infected Android devices using zero-days
FBI Warns of Rising Trend of Dual Ransomware Attacks Targeting U.S. Companies
ChromeLoader a simple vessel for more sinister threats
Iranian cyber spies are targeting dissidents in Germany, warns intelligence service
New SysJocker backdoor targets Windows, macOS, and Linux
PyPI contributors targeted by JuiceLedger in latest attack against open source
Alert: Brazilian Hackers Targeting Users of Over 30 Portuguese Banks
LOBSHOT: A Stealthy, Financial Trojan and Info Stealer Delivered through Google Ads
NHS is Most Scammed UK Government
Cybersecurity firm executive pleads guilty to hacking hospitals
Personal info of Canadian Armed Forces, RCMP stolen in cyberattack
New SH1MMER ChromeOS Exploit Jailbreaks Chromebooks
Zero Day in Ubiquitous Apache Log4j Tool Under Active Attack
Researchers found the first Linux variant of the RTM locker
UK Cybersecurity Center Says ‘Deepfakes’ and Other AI Tools Pose a Threat to the Next Election
New Mirai Variant Campaigns are Targeting IoT Devices
Q&A: TIAA's CIO touts top AI projects, details worker skills needed now
Half of AI Open Source Projects Reference Buggy Packages
Apple Fixes Zero-day Vulnerabilities Exploited To Attack iPhones, Macs, and iPads
US Airports in Cyberattack Crosshairs for Pro-Russian Group Killnet
Better Phishing, Easy Malicious Implants: How AI Could Change Cyberattacks
U.S. Cybersecurity Agency Adds 6 Flaws to Known Exploited Vulnerabilities Catalog
Police Bust €38m BEC Gang
Multinational tech firm ABB hit by Black Basta ransomware attack
DeadBolt ransomware now targets ASUSTOR devices, asks 50 BTC for master key
Okta Wraps Up Lapsus$ Investigation, Pledges More Third-Party Controls
NSA chief trumpets intelligence sharing with Ukraine, American public
North Korean Attackers Exploiting Critical CI/CD Vulnerability
AMD investigates RansomHouse hack claims, theft of 450GB data
Amazon, Facebook, Twitter on EU list of companies facing DSA content rules
iPhone Users Urged to Update to Patch 2 Zero-Days Under Attack
RedEnergy Stealer-as-a-Ransomware employed in attacks in the wild
State-Sponsored Sidewinder Hacker Group's Covert Attack Infrastructure Uncovered
Apache Commons Vulnerability: Patch but Don't Panic
BreachForums Administrator Baphomet Shuts Down Infamous Hacking Forum
Relentless Russian Cyberattacks on Ukraine Raise Important Policy Questions
Hacked home computer of engineer led to second LastPass data breach
Microsoft publicly discloses details on critical ChromeOS flaw
Top 5 Marketing Tech SaaS Security Challenges
Hackers Can Exploit 'Forced Authentication' to Steal Windows NTLM Tokens
5 social engineering assumptions that are wrong
Security Affairs newsletter Round 426 by Pierluigi Paganini – International edition
Hackers claim multiple attacks on Israel and leak confidential files
Albania Cuts Diplomatic Ties With Iran Over July Cyberattack
Windows 10 KB5025221 and KB5025229 updates released
Apple fixed the eighth actively exploited zero-day this year
Sophisticated Email Attacks Target Cryptocurrency Wallets
Critical Zero-Days in Atera Windows Installers Expose Users to Privilege Escalation Attacks
New Condi Malware Hijacking TP-Link Wi-Fi Routers for DDoS Botnet Attacks
Cyberattacks on Kenya Drop in Third Quarter
Hackers email stolen student data to parents of Nevada school district
The Rise of S3 Ransomware: How to Identify and Combat It
What is ransomware? Everything you need to know about one of the biggest menaces on the web | ZDNet
RIG Exploit Kit still infects enterprise users via Internet Explorer
WinRAR Vulnerability Affects Traders Worldwide
YoroTrooper Stealing Credentials and Information from Government and Energy Organizations
Wireshark 3.6.8 Released - What's New !! - Cyber Security News
Hackers Actively Exploit F5 BIG-IP Bug
Emotet malware distributed as fake W-9 tax forms from the IRS
Hackers Use New .NET Loader Malware to Deliver Wide Range of Payloads
KuCoin's Twitter account hacked to promote crypto scam
A new PyPI Package was found delivering fileless Linux Malware
Conti extortion gangs behind surge of BazarCall phishing attacks
'Proxyjacking' Cybercriminals Exploit Log4J in Emerging, Lucrative Cloud Attacks
New Chaos malware infects Windows, Linux devices for DDoS attacks
Spyware infections continue as the U.S. federal government takes notice
Microsoft disrupted APT28 attacks on Ukraine through a court order
APT “Mysterious Elephant” Emerges in Q2 2023, Kaspersky Reports
Authorities pushing for secure AI development practices
INTERPOL + Trend to Fight African Cybercrime Networks
Innocent pregnant woman jailed amid faulty facial recognition trend
Microsoft Releases Patches for 130 Vulnerabilities, Including 6 Under Active Attack
Police Shutter 13,000 Sites in Piracy Crackdown
Bored Ape Yacht Club, Otherside NFTs stolen in Discord server hack
Ukraine at D+684: A hacktivist auxiliary is actively recruiting.
'Elektra-Leak' Attackers Harvest AWS Cloud Keys in GitHub Campaign
Officials warn of asymmetric cyberattacks as Ukraine conflict simmers
US Offers $10m Reward For Alleged Prolific Ransomware Actor
QNAP warns of new DeadBolt ransomware encrypting NAS devices
Intel’s oft-delayed “Sapphire Rapids” Xeon CPUs are finally coming in early 2023
North Korea Funding Nuclear Program with Cyber Activity
10 Best Enterprise Remote Access Software - 2023
NATO-Member Albania Cut Ties With Iran Over Cyber-Attack
Microsoft's out-of-band patch fixes Windows AD authentication failures | ZDNet
S3 Ep131: Can you really have fun with FORTRAN?
Infostealer Lumma Evolves With New Anti-Sandbox Method
Personal Information of 11 Million Patients Stolen in Data Breach at HCA Healthcare
Hackers hammer SpringShell vulnerability in attempt to install cryptominers
CISA Releases Recovery Tool for VMware Ransomware Victims
Highly invasive backdoor snuck into open source packages targets developers
Expanding Attack Blueprints 2022 Annual Cybersecurity Report
Robin Banks phishing service returns to steal banking accounts
Iranian cyberspies deploy new malware implant on Microsoft Exchange Servers
App used by hundreds of schools leaking children's data
New Stealer-as-a-Ransomware Delivered Through Fake Updates
AI Helps Uncover Russian State-Sponsored Disinformation in Hungary
Microsoft attributes Charlie Hebdo attacks to Iranian nation-state threat group
The Week in Ransomware - May 13th 2022 - A National Emergency
Facebook Take Down ChatGP-themed Malware Attacks That Stole FB Accounts
ClearFake a New Malware Attacking Mac users via fake browser updates
FBI warns of residential proxies used in credential stuffing attacks
‘We hacked the hackers:’ DOJ, FBI take down Hive ransomware after spending months inside gang systems
CISA adds five vulnerabilities in Juniper devices to its Known Exploited Vulnerabilities catalog
China-linked APT likely linked to Fortinet zero-day attacks
Confidence in File Upload Security is Alarmingly Low. Why?
CISA Released a New Tool to Detect Hacking Activity in Microsoft Cloud Environments
F5 Warns of a New Critical BIG-IP Remote Code Execution Vulnerability
Attackers Weaponizing QR Codes to Steal Employees Microsoft Credentials
How Ukraine's Cyber Police fights fraud, scams, and attacks on critical infrastructure
Cyber Safety Review Board to probe Lapsus$ ransomware spree
Critical Adobe ColdFusion Flaw Added to CISA's Exploited Vulnerability Catalog
Online Fraud Up 233%
Lenovo PC/Laptop Flaws Enable Attackers to Run Arbitrary Code
Backdoor deployment overtakes ransomware as top attacker action
iPhones and Macs get patches for two vulnerabilities
At TED AI 2023, experts debate whether we’ve created “the new electricity”
SLP Protocol Vulnerability Lets Attackers Launch Powerful 2,200x DDoS Attack
Apple sends experts to India after hacker threat warning
Ransomware gang files SEC complaint over victim’s undisclosed breach
P2P Worm Attacking 307,000 Redis Instances on Linux and Windows Systems
Trustwave relaunches Advanced Continual Threat Hunting with human-led methodology
Top ways businesses can manage the risk implications of the SEC cybersecurity disclosure rule
Criminal IP Becomes VirusTotal IP and URL Scan Contributor
FBI: Hackers Are Extorting Plastic Surgery Patients
Mobile Banking Trojans Surge, Doubling in Volume
USBs Still a Major OT Infection Vector
Over 17,000 WordPress Sites Compromised by Balada Injector in September 2023
CISA adds Samsung and D-link bugs to its Known Exploited Vulnerabilities catalog
Clop ransomware likely testing MOVEit zero-day since 2021
A Third of UK Businesses Experience Cyber-Attacks at Least Once a Week
FBI Director Warns of Increased Iranian Attacks
Spotlight on 2023 Dan Kaminsky Fellow: Dr. Gus Andrews
Apple fixes doorLock bug that can disable iPhones and iPads
New BlackGuard password-stealing malware sold on hacker forums
DownEx cyberespionage operation targets Central Asia
Apple delivers first-ever Rapid Security Response “cyberattack” patch – leaves some users confused
SecurityWeek's 2023 ICS Cybersecurity Conference Kicks Off in Atlanta
Dozens of countries will pledge to stop paying ransomware gangs
CSA Launches First Zero Trust Certification
WhatsApp now lets you lock chats with a password or fingerprint
Hackers Using Leaked CIA's Hive Multi-Platform Attack Kit in the Wild
New powerful Prynt Stealer malware sells for just $100 per month
Researchers want more detail on industrial control system alerts
S3 Ep146: Tell us about that breach! (If you want to.)
Fluhorse: Flutter-Based Android Malware Targets Credit Cards and 2FA Codes
3CX Supply Chain Attack Tied to Financial Trading App Breach
Third Log4J Bug Can Trigger DoS; Apache Issues Patch
Russia-linked APT Gamaredon starts stealing data from victims between 30 and 50 minutes after the initial compromise
Exploring the Dark Side: OSINT Tools and Techniques for Unmasking Dark Web Operations
Ransomed.vc gang claims to shut down after six affiliates allegedly arrested
Allen & Overy law firm breached, LockBit takes credit
DP World cyberattack blocks thousands of containers in ports
New Microsoft Azure AD CTS feature can be abused for lateral movement
Mirai DDoS malware variant expands targets with 13 router exploits
All You Need to Know About Emotet in 2022
T-Mobile hacker gets 10 years for $25 million phone unlock scheme
Play Ransomware's Attack Playbook Unmasks it as Another Hive Affiliate like Nokoyawa
Black Basta Ransomware Received Over $100 Million From Victims
University loses 77TB of research data due to backup error
Lazarus X_TRADER Hack Impacts Critical Infrastructure Beyond 3CX Breach
VMware warns of critical vulnerability affecting vCenter Server product
Amazon Wants Businesses to Ditch ID Cards and Install Palm Scanners
Facebook’s In-app Browser on iOS Tracks ‘Anything You Do on Any Website’
PJ&A says cyberattack exposed data of nearly 9 million patients
DroxiDat-Cobalt Strike Duo Targets Power Generator Network
France says Russian state hackers breached numerous critical networks
Google Mandates Android Apps to Offer Easy Account Deletion In-App and Online
DeFi on the ropes as digital thefts double | Cybernews
VMware addressed an information disclosure flaw in VMware Tanzu Application Service for VMs and Isolation Segment
Rhysida Ransomware Attacking Windows Machine Through VPN Devices and RDP
Android phones are vulnerable to fingerprint brute-force attacks
Security Affairs newsletter Round 396
Lazarus hackers linked to the $35 million Atomic Wallet heist
Dashlane passwordless login removes need for master passwords
Russian APT Hackers Used COVID-19 Lures to Target European Diplomats
China-Linked BRONZE PRESIDENT APT targets Government officials worldwide
Microsoft fixes bug behind Windows LSA protection warnings, again
A surveillance tower in Mexico becomes an unsettling landmark for privacy advocates
China, Huawei, and the eavesdropping threat
AI-powered grocery bot suggests recipe for toxic gas, “poison bread sandwich”
Huntress Scores $40M Funding, Plans International Expansion
Notorious State-Sponsored Hacker Group Stealthy Infrastructure Uncovered
Regulator Issues Privacy Ultimatum to UK’s Top Websites
Auto parts giant AutoZone warns of MOVEit data breach
The fight to cut off the crypto funding Russia’s invasion of Ukraine
Flipper Zero: How to install third-party firmware (and why you should)
Ivanti warns of new actively exploited MobileIron zero-day bug
US bans sales of Huawei, Hikvision, ZTE, and Dahua equipment
Fake Browser Updates Targeting Mac Systems With Infostealer
Medtech, hospitals on alert for cyberattacks after Russia's invasion of Ukraine
Capita warns customers they should assume data was stolen
Lack of Visibility: The Challenge of Protecting Websites from Third-Party Scripts
Flipper Zero can now spam Android, Windows users with Bluetooth alerts
Report: China installing industrial robots at breakneck speed
Half of CISOs Now Report to CEO as Influence Grows
NYC transit worker alleges pay violations after Kronos ransomware disruption
MaliBot: A New Android Banking Trojan Spotted in the Wild
An Iowa school district is using ChatGPT to decide which books to ban
IBM QRadar SIEM Bug Let Remote Attacker Trigger DoS
S3 Ep108: You hid THREE BILLION dollars in a popcorn tin?
QNAP extends critical updates for some unsupported NAS devices
Trickbot is using MikroTik routers to ply its trade. Now we know why
Attackers impersonate CircleCI platform to compromise GitHub accounts
US and South Korea accuse North Korea of using hospital ransoms to fund more hacking
The Rising Threat of Secrets Sprawl and the Need for Action
FBI seizes BreachForums after arresting its owner Pompompurin in March
New Rust-based SysJoker backdoor linked to Hamas hackers
WordPress plugin lets users become admins – Patch early, patch often!
Iranian hacker group Cyber Av3ngers hacked the Municipal Water Authority of Aliquippa in Pennsylvania
Intel Sued Over 'Downfall' CPU Vulnerability
Russian hacking tool floods social networks with bots, researchers say
Inside the Code of a New XWorm Variant
OT and IT Visibility and Efficiency Barriers
Apple fixes zero-day spyware implant bug – patch now!
The 5 best VPN trials of 2023
New MOVEit Transfer zero-day mass-exploited in data theft attacks
Russian APTs Furiously Phish Ukraine – Google
CISA adds 15 vulnerabilities to list of flaws exploited in attacks
Russian-speaking threat actor "farnetwork" linked to 5 ransomware gangs
Threat Group UNC3944 Abusing Azure Serial Console for Total VM Takeover
House Intelligence panel proposes its own rewrite of surveillance powers
ICS Security Event S4 2022 Review
Infisical Snags $2.8M Seed Funding for Secrets Sprawl Security Tech
CISA orders govt agencies to patch bugs exploited by Russian hackers
Funky AI-generated spiraling medieval village captivates social media
Third Flaw Uncovered in MOVEit Transfer App Amidst Cl0p Ransomware Mass Attack
Google Drive users angry over losing months of stored data
Australian Taxation Office issues capital gains warning for crypto and NFT sellers | ZDNet
Chinese Cyberspies Used Forged Authentication Tokens to Hack Government Emails
Hacking of Netgear Routers - PoC Disclosed for 5 Vulnerabilities
Microsoft “lobotomized” AI-powered Bing Chat, and its fans aren’t happy
Privacy watchdog chair Sharon Bradford Franklin on the fraught surveillance renewal debate
VMware Patches Code Execution Vulnerability in vCenter Server
815 Million Indians' Aadhaar Data Exposed on the Dark Web
What can you get for $200? Several megabytes of ChatGPT training data
Chinese state-sponsored hackers have become more brazen, prompting an NSA advisory
Threat hunting with MITRE ATT&CK and Wazuh
MOVEit Hackers Turn to SysAid Servers Zero-Day Vulnerability
A search bar is among the Task Manager improvements in new Windows 11 build
FBI Focuses on Cybersecurity With $90M Budget Request
Dashlane: Pricing, features, and how to get started
Africa Cyber Surge II law enforcement operation has led to the arrest of 14 suspects
Thousands of Citrix Servers Exposed to Zero-Day Bug
Google Plans To Roll Out IP Protection Feature In Chrome Browser
New Ransomware Gang RA Group Hits U.S. and South Korean Organizations
Dead or Alive? An Emotet Story
Emotet Tops List of July's Most Widely Used Malware
CISA warns of critical flaws in ICS and SCADA software from multiple vendors
WordPress Websites Hacked via Royal Elementor Plugin Zero-Day
Microsoft May 2023 Patch Tuesday fixes 3 zero-days, 38 flaws
Boeing Investigating Ransomware Attack Claims
How the US government’s cyber priorities will impact businesses
Top 5 Insider Threats to Look Out For in 2023
Monitoring the dark web to identify threats to energy sector organizations
Healthcare in the Crosshairs of North Korean Cyber Operations
Actions to Take to Defeat Initial Access Brokers
New Stealc malware-as-a-service targets web browsers, crypto wallets, email clients
QNAP Warns of New DeadBolt Ransomware Attacks Exploiting Photo Station Flaw
Microsoft Launches Defender Bug Bounty Program
Collide+Power, Downfall, and Inception: New Side-Channel Attacks Affecting Modern CPUs
PyPI Implements Mandatory Two-Factor Authentication for Project Owners
Tesla Returns as Pwn2Own Hacker Takeover Target
US CISA warns of Rockwell Automation ControlLogix flaws
Critical ManageEngine RCE bug now exploited to open reverse shells
Karakurt Ensnares Conti, Diavol Ransomware Groups in Its Web
Ransomware empire on streak: extortion demands up by 45% | CyberNews
QR Code Phishing Campaign Targets Top US Energy Company
Massive Exploit Against WooCommerce Payments Underway Bug on 600,000 Websites
An international police operation dismantled the spoofing service iSpoof
CERT-UA Uncovers Gamaredon's Rapid Data Exfiltration Tactics Following Initial Compromise
Copycat and fad hackers will be the bane of supply chain security in 2022 | ZDNet
Security Affairs newsletter Round 424 by Pierluigi Paganini – International edition
TSA No-Fly List Snafu Highlights Risk of Keeping Sensitive Data in Dev Environments
Albania cuts diplomatic ties with Iran after July cyberattack
Security Affairs newsletter Round 447 by Pierluigi Paganini
Canada: Lawmakers Targeted by China-Linked 'Spamouflage' Disinformation
Zero-Day Bug Allows Crypto Hackers to Drain $1.6M From Bitcoin ATMs
Nuclear and Oil & Gas are Major Targets of Ransomware Groups in 2024
NY reaches $1M breach settlement with First American Title Insurance
The Emotet botnet is back, and it has some new tricks to spread malware | ZDNet
CISO Conversations: U.S. Marine Corps, SAIC Security Leaders on Organizational Differences
TikTok’s Parent Company Admits Using the Platform’s Data to Track Journalists
.US Harbors Prolific Malicious Link Shortening Service
CISA adds Fortra MFT, TerraMaster NAS, Intel driver Flaws, to its Known Exploited Vulnerabilities Catalog
Microsoft fixes MoTW zero-day used to drop malware via ISO files
Access broker found exploiting Log4j vulnerability in VMware
Top 3 Malware Threatening Businesses in Q2 2023
Tech bigwigs: Hit the brakes on AI rollouts
Microsoft Announced AI Bug Bounty Program that Rewards Up to $15,000
Cyber pros avoid smart devices: there is a good reason
DeleFriend Weakness Puts Google Workspace Security at Risk
Recent Cyberattacks Increasingly Target Open-source Web Servers
Apple patch fixes zero-day kernel hole reported by Kaspersky – update now!
The United States has a new cyber czar — for a little while, anyway
Applying AI to API Security
CONTInuing the Bazar Ransomware Story
Chinese APT ToddyCat Targets Asian Telecoms, Governments
Should Ukraine rein in its patriotic hackers?
LinkedIn Becomes the Most Impersonated Brand for Phishing Attacks
Adobe fixes patch bypass for exploited ColdFusion CVE-2023-29298 flaw
Microsoft updates guidance for ‘ProxyNotShell’ bugs after researchers get around mitigations
Emotet Botnet Started Distributing Quantum and BlackCat Ransomware
Metaverse Version of the Dark Web Could be Nearly Impenetrable
Ransomware attack on Ohio city impacts multiple services
12 Android settings that'll strengthen your security
Hackers already installed web shells on 581 Citrix servers in CVE-2023-3519 attacks
Phishers Using Ukraine Invasion to Solicit Cryptocurrency
What is Security Keys for Apple ID and why does it matter?
Microsoft confirms Copilot AI assistant coming to Windows 10
#RSAC: Three US Federal Agencies Suffer Cyber Intrusion Campaign
PayPal Warns 35,000 Users of Credential Stuffing Attacks
Analysts Slam Twitter's Decision to Disable SMS-Based 2FA
Microsoft addresses three zero-days for October’s Patch Tuesday
Hacker Group Selling Stolen Databases From Public Authorities
Zoom for Mac patches sneaky “spy-on-me” bug – update now!
Interpol Shuts Down Phishing Service '16shops'
Chrome emergency update fixes actively exploited a zero-day bug
Are period tracking apps safe? | ZDNet
PayPal accounts breached in large-scale credential stuffing attack
Half of Execs Request Security Bypass Over Past Year
ChromeLoader Malware Poses as Steam, Nintendo Game Mods
Google Initiates the End of Passwords, Making Passkeys the Default for Users
Pair of Galaxy App Store Bugs Offer Cyberattackers Mobile Device Access
Manchester Police officers' data exposed in ransomware attack
Analyzing Cyber and Influence Operations in the Russia-Ukraine Conflict
Security Affairs newsletter Round 375 by Pierluigi Paganini
Apple patches info-stealing, zero day bugs in iPads and Macs
Multiple threat actors exploited Progress Telerik bug to breach U.S. federal agency
Microsoft: Windows issue causes file copying, saving failures
FBI Warns of Emerging Ransomware Initial Access Techniques
Researchers break down WhisperGate wiper malware used in Ukraine website defacement | ZDNet
Former Navy IT Manager Sentenced for Selling People’s Sensitive Information on Dark web
US Treasury Sanctions Sinbad.io for Alleged Role in Lazarus Group’s Money Laundering
How one Russian nonprofit is trying to crack through the Kremlin’s censorship wall
Microsoft: Hackers turn Exchange servers into malware control centers
Marina Bay Sands discloses data breach impacting 665,000 customers
Nexus, an emerging Android banking Trojan targets 450 financial apps
Google Workspace will require two admins to sign off on critical changes
The Week in Ransomware - March 24th 2023 - Clop overload
European Police Arrest 100 Suspects in BEC Crackdown
StripedFly Malware Operated Unnoticed for 5 Years, Infecting 1 Million Devices
New “Stable Video Diffusion” AI model can animate any still image
US Sanctions Force Evil Corp to Change Tactics
Chinese Threat Actors Target Europe in SmugX Campaign
U.S. doubles reward for tips on North Korean-backed hackers
Kansas MSP shuts down cloud services to fend off cyberattack
New Atomic macOS info-stealing malware targets 50 crypto wallets
Debunking the top five Bitcoin misconceptions
U.K. Police Arrest 142 in Global Crackdown on 'iSpoof' Phone Spoofing Service
More hackers adopt Sliver toolkit as a Cobalt Strike alternative
MITRE Engenuity ATT&CK Tests
McLaren Health Care says data breach impacted 2.2 million people
Hackers exploiting critical WordPress WooCommerce Payments bug
Apple co-founder Wozniak suffers possible stroke in Mexico
APT41 Spies Broke Into 6 US State Networks via a Livestock App
FTC Accuses Data Broker of Selling Sensitive Location Data
WannaCry 5 years on: Still a top threat
Viasat confirms satellite modems were wiped with AcidRain malware
Meet 'Jack' from Romania! Mastermind Behind Golden Chickens Malware
Samba ‘Fruit’ Bug Allows RCE, Full Root User Access
A Technical Analysis of CVE-2022-22583 and CVE-2022-32800
451 PyPI packages install Chrome extensions to steal crypto
‘Scattered Spider’ group launches ransomware attacks while expanding targets in hospitality, retail
AI-powered Bing Chat gains three distinct personalities
Android security: Flaw in an audio codec left two-thirds of smartphones at risk of snooping, say researchers | ZDNet
Researchers disclosed a remote code execution flaw in Fastjson Library
Italian National Cybersecurity Agency (ACN) warns of massive ransomware campaign targeting VMware ESXi servers
KyberSwap says $54.7 million of user cryptocurrency stolen during attack
Windows 10 KB5023696 and KB5023697 updates released
As China pushes its digital currency plans, the US falls behind
D-Link confirms data breach after employee phishing attack
NSO Group returns with triple iOS 15/16 zero-click spyware attack
Google Releases Assured OSS For Free to Detect Vulnerabilities
Hackers steal at least $100 million from Binance-linked blockchain
The Week in Ransomware - May 12th 2023 - New Gangs Emerge
Atlassian CISO warns that new vulnerability can cause ‘significant data loss’
An ongoing SOC skills shortage could spell trouble for compliance
Zimbra zero-day exploited to steal government emails by 4 groups
S3 Ep112: Data breaches can haunt you more than once! [Audio + Text]
North Korea's Top APT Swindled $1B From Crypto Investors in 2022
The People Hacker: AI a Game-Changer in Social Engineering Attacks
Security Affairs newsletter Round 385
Goodbye passwords? 1Password says it will soon support passkeys
Alleged covert wiretap on Russian messaging service blown by expired TLS certificate
Microsoft: Russia Has Launched Hundreds of Cyber Operations in Ukraine
Microsoft warns of Remote Desktop freezes on Windows 11 22H2
Experts warn attackers started exploiting Citrix ShareFile RCE flaw CVE-2023-24489
Thousands of Citrix servers still vulnerable to CVE-2022-27510 and CVE-2022-27518
Microsoft shares temp fix for Outlook crashes when sending emails
Zoho urges admins to patch critical ManageEngine bug immediately
Approximately 2000 Citrix NetScaler servers were backdoored in a massive campaign
This tiny device is sending updated iPhones into a never-ending DoS loop
'Designed for peacetime, not war:' How Ukraine is forcing companies to rethink content moderation
Google makes passkeys the default sign-in for personal accounts
A Hackers Pot of Gold: Your MSP's Data
Yet more digital spies targeting iPhones exposed by security researchers
Ransomware detection with Wazuh SIEM and XDR platform
Conti Ransomware Operation Shut Down After Brand Becomes Toxic
Why Now? The Rise of Attack Surface Management
Hackers exploit three-year-old Telerik flaws to deploy Cobalt Strike
Accelerated Ransomware Attacks Pressure Targeted Companies to Speed Response
X kept 98% of posts reported for hate against Israelis and Palestinians
Tech spend to hit milestone as businesses react to AI security scare
Cyber-Criminals Exploit Gaza Crisis With Fake Charity
Android Security Updates Patch 3 Exploited Vulnerabilities
Google links WinRAR exploitation to multiple state hacking groups
Chaos Malware Resurfaces With All-New DDoS & Cryptomining Modules
How to automatically lock your Windows PC with Dynamic Lock
Windows 10 22H2 is coming, here's everything we know
Report: Clipminer Botnet Operators Rake in $1.7 Million
“We must regulate AI,” FTC Chair Khan says
Twitter C-Level Resignations Continue As Blue Program Creates New Cyber-Risks
No Bing, no Edge, no upselling: De-crufted Windows 11 coming to Europe soon
Fortinet: Patched Critical Flaw May Have Been Exploited
Clop ransomware gang is back, hits 21 victims in a single month
U.S. Sanctions Cryptocurrency Mixer Blender for Helping North Korea Launder Millions
Hackers Using Dark Web Quantum Builder To Launch Agent Tesla RAT
FortiSIEM Injection Flaw Let Attackers Execute Malicious Commands
Cisco Devices Hacked via IOS XE Zero-Day Vulnerability
BoostSecurity Exits Stealth With DevSecOps Automation Platform, $12M in Seed Funding
TrickBot Ravages Customers of Amazon, PayPal and Other Top Brands
Container security probes provide continuous penetration testing
Mitre shared 2022 CWE Top 25 most dangerous software weaknesses
Over 250 Dark Web Vendors Arrested Worldwide In 'SpecTor' Operation
Hackers Released Updated Version of Black Hat AI Tool WormGPT V2
British Council exposed more than 100,000 files with student records
Ukrainian DDoS Attacks Should Put US on Notice–Researchers
Zoho plugs another critical security hole in Desktop Central
Microsoft rolls out Phone Link for iOS to all Windows 11 users
Vice Society gang is using a custom PowerShell tool for data exfiltration
Microsoft Edge is losing tablet-friendly "Web Select" feature
Police Crack Comms to Bust Money Laundering Group
The Week in Ransomware - February 4th 2022 - Critical Infrastructure
Three Nigerian men arrested in INTERPOL Operation Killer Bee
Wormhole Crypto Platform: 'Funds Are Safe' After $314M Heist
Active Mirai Botnet Variant Exploiting Zyxel Devices for DDoS Attacks
What is ransomware? Everything you need to know and how to reduce your risk
LastPass users furious after being locked out due to MFA resets
'DangerousSavanna' Hackers Targeted Financial Institutions in Africa For Two Years
CI/CD Risks: Protecting Your Software Development Pipelines
Ransomware gang behind MOEVit attacks are targeting new zero-day, Microsoft says
New ChatGPT Attack Technique Spreads Malicious Packages
New Bluetooth Hack Could Let Attackers Remotely Unlock Smart Locks and Cars
F5 expands security portfolio with App Infrastructure Protection
Are smartphone thermal cameras sensitive enough to uncover PIN codes?
Microsoft Defender tags Office updates as ransomware activity
US Bans Huawei, ZTE Telecoms Gear Over Security Risk
CircleCI Urges Customers to Rotate Secrets Following Security Incident
Government Agencies Warn of Increase in Cyberattacks Targeting MSPs
Ukrainian police arrest 5 members of ransomware affiliate | ZDNet
Meta Launches Paid Ad-Free Subscription in Europe to Satisfy Privacy Laws
Russian APT Gamaredon uses USB worm LitterDrifter against Ukraine
Bitwarden Password Manager Flaw Let Attackers Steal User's Credentials
Lazarus Group Malware Targets Legitimate Software
Apple issues emergency patches for spyware-style 0-day exploits – update now!
Up to 29,000 unpatched QNAP storage devices are sitting ducks to ransomware
Iranian hackers launch malware attacks on Israel’s tech sector
Google Chrome & Microsoft Edge to get 'Save Frame' feature for YouTube
Fortinet fixed a critical flaw in FortiOS and FortiProxy
Docker Under Siege: Cybercriminals Compromise Honeypots to Ramp Up Attacks
Cyberattacks on governments and public services were way up this spring, research shows
Multiple DDoS botnets were observed targeting Zyxel devices
Ransomware Criminals Are Dumping Kids' Private Files Online After School Hacks
Remote workers are still more vulnerable to hackers than they should be. Here's what to do
The Week in Ransomware - August 4th 2023 - Targeting VMware ESXi
Log4j RCE activity began on December 1 as botnets start using vulnerability | ZDNet
Live Webinar: Overcoming Generative AI Data Leakage Risks
Exploit Released for Cisco IOS XE Zero-day Vulnerability
ALPHV ransomware gang claims attack on Florida circuit court
SAP releases security updates for two critical-severity flaws
Cyberattack on health services provider impacts 5 Canadian hospitals
Data Encrypted in 75% of Ransomware Attacks on Healthcare Organization
Goldoson Malware Found in Dozens of Google Play Store Apps
Linux Cheerscrypt ransomware is linked to Chinese DEV-0401 APT group
Free Akira ransomware decryptor helps recover your files
SonicWall warns web content filtering is broken on Windows 11 22H2
Internet disruptions observed as Russia targets critical infrastructure in Ukraine
New Agent Tesla Malware Variant Using ZPAQ Compression in Email Attacks
Qbot and Zerologon Lead To Full Domain Compromise
Log4j vulnerability now used to install Dridex banking malware
London Police Arrested 17-Year-Old Hacker Suspected of Uber and GTA 6 Breaches
US charges founders of Tornado Cash mixer used by Lazarus hackers
Security Affairs newsletter Round 353
High-Severity Flaws Fixed in Firefox 115 Update
DOJ touts work with Kaseya, urges more ransomware victims to contact CISA, FBI
As Congress weighs budget priorities, top cyber execs urge CISA funding support
Cyber incident reports hit ‘all-time high,’ warns UK NCSC
Google Play adds security audit badges for Android VPN apps
SSNDOB Marketplace Admin Jailed for Selling millions of Americans Data
LemonDuck Malware Attacking Docker to Mine cryptocurrency
Evasive QBot Malware Leverages Short-lived Residential IPs for Dynamic Attacks
Researchers Shed Light on APT31's Advanced Backdoors and Data Exfiltration Tactics
Firm accused of COVID fraud targeting minorities | Cybernews
Evil Extractor Infostealer Targets Windows In Recent Phishing Campaign
Cyberattacks through Browser Extensions – the Importance of MFA
Rorschach ransomware has the fastest file-encrypting routine to date
Mass-Exploitation Campaign Targets Citrix NetScalers With Backdoors
Weight Watchers fined $1.5 million for collecting kids’ data | CyberNews
Shoppers Warned Stay Alert this Black Friday as Hackers Renew Efforts
Splunk to cut 7% of staff in latest layoff round this year
Top 10 AI Security Risks According to OWASP
North Korean hackers mix code from proven malware campaigns to avoid detection
Atlassian confirms ransomware is exploiting latest Confluence bug
Kaspersky Releases Tool to Detect Zero-Click iOS Attacks
Datto, SailPoint acquired for more than $6B each amid growing cyber consolidation
FBI probes into Pennsylvanian water utility hack by pro-Iran group
Ukraine cops bust illegal Russian money ring
Samsung notifies UK store customers of data breach
FBI Disables "Cyclops Blink" Botnet Controlled by Russian Intelligence Agency
OpenAI Reveals ChatGPT Is Being DDoS-ed
BlackLotus bootkit bypasses UEFI Secure Boot on patched Windows 11
File sharing site Anonfiles shuts down due to overwhelming abuse
Japan’s Nagoya port resumes operations after ransomware attack
Singapore officially deactivates contact tracing system, to 'refurbish' wearables
Webinar: Kickstarting Your SaaS Security Strategy & Program
Hackers Exploiting Critical Citrix NetScaler Zero-day Flaw To Deploy Webshells
Water Labbu Abuses Malicious DApps to Steal Cryptocurrency
DarkBERT: A New AI Trained Exclusively on the Dark Web
City of Toronto confirms data theft, Clop claims responsibility
Sandworm APT Hunts for ASUS Routers with Cyclops Blink Botnet
KwikTrip all but says IT outage was caused by a cyberattack
Citrix urges immediate patching of critically vulnerable product lines
Hackers Exploit Google Workspace to Exfiltrate Data and Deploy Ransomware
Euro Police Bust Multimillion-Dollar Crypto Fraud Gang
Next-gen OSDP was supposed to make it harder to break in to secure facilities. It failed.
FTC: Americans lost $770 million from social media fraud surge
ÆPIC and SQUIP Vulnerabilities Found in Intel and AMD Processors
Windows 10 KB5019959 and KB5019966 updates released
QNAP users still struggling with Deadbolt ransomware after forced firmware updates | ZDNet
What are the Hidden Dangers of .zip Domains and How Can they Mislead Users?
Emotet botnet switches to 64-bit modules, increases activity
GitHub makes 2FA mandatory next week for active developers
Windows 11 22H2 is released, here are the new features
The hidden C2: Lampion trojan release 212 is on the rise and using a C2 server for two years
Rust-based Realst Infostealer Targeting Apple macOS Users' Cryptocurrency Wallets
F5 warns its customers of tens of flaws in its products
Windows 10 to let admins control how optional updates are deployed
RCE exploit for Wyze Cam v3 publicly released, patch now
Exploit Activity Surges 150% in Q2
Windows 10 KB5023773 preview update released with 10 fixes
Critical FortiOS and FortiProxy Vulnerability Likely Exploited - Patch Now!
Spanish Bank Globalcaja Hit By Ransomware Attack
Battling Moscow's hackers prior to invasion gave Kyiv 'full dress rehearsal' for today's cyber warfare
LockBit 3.0 Ransomware Builder Leak Gives Rise to Hundreds of New Variants
Okta breach impacts all of its customers
U.S. and U.K. Warn of Russian Hackers Exploiting Cisco Router Flaws for Espionage
Google Dynamic Search Ads Abused to Unleash Malware 'Deluge'
Patch Tuesday fixes 4 critical RCE bugs, and a bunch of Office holes
Microsoft: Windows 10 22H2 is the final version of Windows 10
Google Cloud Introduces Security AI Workbench for Faster Threat Detection and Analysis
Google announces lawsuit and action against blockchain botnet Glupteba | ZDNet
Hawaiʻi Community College pays ransom after attackers steal personal info of 28,000 people
VMware has no evidence of zero-day exploitation in ESXiArgs ransomware attacks
Ransomware has hit 3,800 servers, but CISA says this tool might help
Apple’s first Rapid Security Response patch fails to install on iPhones
Android malware: A million people downloaded these malicious apps before they were finally removed from Google Play
FBI: Now scammers are using fake video meetings to steal your money | ZDNet
US DoJ Announces Plan to Shakeup Cybercrime Investigations
ICS/OTICS Patch Tuesday: Siemens and Schneider Electric Releases Patch for 50 vulnerabilities
IAM Credentials in Public GitHub Repositories Harvested in Minutes
New botnet malware exploits two zero-days to infect NVRs and routers
Okta confirms recent hack affected all customers within the affected system
US Gov Mercenary Spyware Clampdown Hits Cytrox, Intellexa
Mondelēz settlement in NotPetya case renews concerns about cyber insurance coverage
UK IT Pros Worried About C-Suite Training Gap Ahead of AI Safety Summi
Cybercriminals See Allure in BEC Attacks Over Ransomware
Lazarus hackers hijack Microsoft IIS servers to spread malware
How to Apply MITRE ATT&CK to Your Organization
The feds are creating a 'strike force' to protect technology from foreign theft
Amazon fake crypto token investment scam steals Bitcoin from victims | ZDNet
What is SYN Attack? How the Attack works and How to Prevent the SYN Attack
LLM Security Startup Lasso Emerges From Stealth Mode
How to Deploy Generative AI Safely and Responsibly
State-Sponsored APTs Dangle Job Opps to Lure In Spy Victims
Microsoft OneNote will block 120 dangerous file extensions
White faces generated by AI more convincing than real photos
Vulnerabilities in PiiGAB Product Could Expose Industrial Organizations to Attacks
Pro-Hamas Hacktivists Targeting Israeli Entities with Wiper Malware
Serious hackers – or just a bunch of script kiddies? | Cybernews
CISA adds Sophos Web Appliance bug to its Known Exploited Vulnerabilities catalog
AI researchers claim 93% accuracy in detecting keystrokes over Zoom audio
Massive macOS Campaign Targets Crypto Wallets, Data
LastPass hack caused by an unpatched Plex software on an employee’s PC
20-Year-Old BreachForums Founder Faces Up to 5 Years in Prison
'Volt Typhoon' Breaks Fresh Ground for China-Backed Cyber Campaigns
Nessus Vulnerability Let Attackers Alter Rules Variables
Experts Warn of
New GPS Attacks Targeting Commercial Flights Navigation Systems
Chinese hackers breached U.S. and European government email through Microsoft bug
Adobe, Microsoft and Citrix vulnerabilities draw warnings from CISA
Money Message gang leaked private code signing keys from MSI data breach
JumpCloud hack linked to North Korea after OPSEC mistake
New AXLocker Ransomware Steals Victims' Discord Tokens
FTC orders non-bank financial firms to report breaches in 30 days
French government recommends against using foreign chat apps
ICS Security Firm Dragos Raises $74 Million in Series D Extension
Hackers are actively exploiting CVE-2022-47966 flaw in Zoho ManageEngine
FBI and CISA warn of increasing Royal ransomware attack risks
CISA warns of actively exploited Windows, Sophos, and Oracle bugs
Kubernetes clusters under attack in hundreds of organizations
S3 Ep118: Guess your password? No need if it’s stolen already! [Audio + Text]
S3 Ep122: Stop calling every breach “sophisticated”! [Audio + Text]
Trafficstealer Exploits Container APIs for Malicious Redirections
Hackers Attacking Power Generator Systems to Infect With Ransomware
CISA warns of critical ManageEngine RCE bug used in attacks
Ukraine calls for volunteer hackers to protect critical infrastructure: report | ZDNet
$30 Million worth of cryptocurrency stolen by Lazarus from Axie Infinity was recovered
Flipper Zero now has an app store to install third-party apps
Mortgage giant Mr. Cooper using alternative payment options after cyberattack
Researchers Uncover Undetectable Crypto Mining Technique on Azure Automation
Iranian APT Group Utilize IIS-based Backdoors to Compromise Windows servers
14 Kubernetes and Cloud Security Challenges and How to Solve Them
The heated debate over cryptocurrency mining in Ukraine
Security chiefs fear ‘CISO scapegoating’ following Uber-Sullivan verdict
BazarLoader to Conti Ransomware in 32 Hours
Anonymous Hacking Group Declares “Cyber War” Against Russia
Hackers Targeting U.S. and German Firms Monitor Victims' Desktops with Screenshotter
Thanksgiving hack on North Carolina city caused leak of employee data
Uber's Ex-CISO Appeals Conviction Over 2016 Data Breach
US launches “Shields Ready” campaign to secure critical infrastructure
SAP Patches Critical Security Flaws in Monitoring Solutions
EU governments reject requiring manufacturers to report vulnerabilities to central cyber agency
FIN8 deploys ALPHV ransomware using Sardonic malware variant
What is a Security Operations Center (SOC)? A Detailed Overview
Critical Flaw Exposes ArcServe Backup to Remote Code Execution
Fidelity National Financial Takes Down Systems Following Cyberattack
Russia-linked Armageddon APT targets Ukrainian state organizations, CERT-UA warns
CISA launches pilot program offering ‘cutting-edge’ services to critical infrastructure orgs
Global cybersecurity workforce grows, but still confronts shortfall of 4M people
Russia’s Sandworm hackers attempted a third blackout in Ukraine
Fresh (Buggy) Clop Ransomware Variant Targets Linux Systems
KeePass fixed the bug that allows the extraction of the cleartext master password
Those scary warnings of juice jacking in airports and hotels? They’re nonsense
Mexico-Based Hacker Targets Global Banks with Android Malware
Microsoft ties January Ukraine attack to notorious Sandworm group
Ex-Conti members and FIN7 devs team up to push new Domino malware
2000+ Citrix NetScalers Hacked to Deploy Webshell
GitHub Copilot update stops AI model from revealing secrets
ViperSoftX uses more sophisticated encryption and anti-analysis techniques
White House hosts Counter Ransomware Initiative summit, with a focus on not paying hackers
CyberSec Community Rolls Out ETHOS – An Open Early Warning System
LOLEKHosted admin arrested for aiding Netwalker ransomware gang
Global Cyber Attacks Rise by 7% in Q1 2023
Key Cybercriminals Behind Notorious Ransomware Families Arrested in Ukraine
VMware: 70% drop in Linux ESXi VM performance with Retbleed fixes
Fewer ransomware victims are paying up. But there's a catch
100,000 Stolen ChatGPT Account Credentials Found on Dark Web
RomCom malware spread via Google Ads for ChatGPT, GIMP, more
FBI warns of ransomware attacks targeting US agriculture sector
CircleCI warns of security breach — rotate your secrets!
Four Must-haves to Strengthen Your Endpoint Security
Hackers Can Abuse Low-Power Mode to Run Malware on Powered-Off iPhones
Ransomware attack spree hits thousands of VMware servers
U.S., U.K., and Global Partners Release Secure AI System Development Guidelines
Group behind Emotet botnet malware testing new methods to get around Microsoft security
Researcher Discloses OpenCart Vulnerability; Company Reacts Aggressively
Microsoft App Store Sizzling with New ‘Electron Bot’ Malware
Microsoft's new cybersecurity service combines tech and human experts | ZDNet
Large-scale Akira Ransomware Attacking Unsecured Computers
American Airlines discloses data breach after employee email compromise
SAP releases patches for ICMAD vulnerabilities, log4j issues, more | ZDNet
Early warning threat information platform launched for OT
AtlasVPN offers 83% off in privacy promotion
CEO guilty of selling counterfeit Cisco devices to military, govt orgs
Bittrex crypto scam targets defunct platform’s ex clients
Nearly 30,000 QNAP Devices Exposed to New Bug
Robo-debt Royal Commission, eSafety capabilities and anti-trolling laws on the Australian election agenda | ZDNet
APT Attacks From 'Earth Estries' Hit Gov't, Tech With Custom Malware
Gitlab fixes bug that exploited internal policies to trigger hostile pipelines
Hackers ‘may have had access to the full voter roll,’ Washington, DC officials say
US teen pleads guilty to his role in credential stuffing attack on betting site
Lapsus$ Data Kidnappers Claim Snatches From Microsoft, Okta
Tri Counties Bank breach exposes user financial data
What is OAuth 2.0 ? How it Works ? A Detailed Explanation of Authorization Framework
EnemyBot malware adds exploits for critical bugs in VMware, F5 BIG-IP
Russia-linked Black Basta ransomware has extorted at least $100 million
FTC warns of LGBTQ+ extortion scams – be aware before you share!
An In-Depth Look at ICS Vulnerabilities Part 2
Peloton Treadmill Vulnerabilities Risk Users Data
Google Paid Over $12 Million As Bug Bounty Rewards In 2022
Fortinet warns of a spike of the activity linked to AndoryuBot DDoS botnet
Iranian Threat Actor Neptunium Associated With Charlie Hebdo Cyber-Attacks
Critically Underrated: Studying the Data Distribution Service (DDS) Protocol
Okta: October data breach affects all customer support system users
UK urges to disconnect Chinese security cameras in government buildings
Dig Security Announces New Integration With CrowdStrike
Many cyber operations conducted by Russia are yet to be publicly disclosed, says Dutch intelligence
Secure Your CI/CD Pipeline with Secret Management Best Practices
US Treasury Sanctions Iranian Minister Over Hacking of Govt and Allies
Microsoft says Intel driver bug crashes apps on Windows PCs
Four Convicted in $18m Investment Fraud Scheme
Android security: Analysis, advice, and next-level knowledge
3 Lifehacks While Analyzing Orcus RAT in a Malware Sandbox
Software Supply Chain Attacks Soar 742% in Three Years
S3 Ep128: So you want to be a cybercriminal? [Audio + Text]
Progress Software facing dozens of class action lawsuits, SEC investigation following MOVEit incident
Easily Exploitable Microsoft Visual Studio Bug Opens Developers to Takeover
Spyware App Compromised Over 60,000 Android Devices to Steal Sensitive Data
GuLoader Malware Utilizing New Techniques to Evade Security Software
Microsoft fixes bug that made Task Manager partially unreadable
Moscow Exchange Downed by Cyber-attack
Chinese hackers breach US critical infrastructure in stealthy attacks
XLoader MacOS Malware Variant Returns With OfficeNote Facade
Cuba Ransomware Group Steals Credentials Via Veeam Exploit
AMD confirms GPU driver bug overclocks CPUs without permission
How to Manage Your Attack Surface?
Why Ensuring Supply Chain Security in the Space Sector is Critical
Initial access broker posts targeting banks increase on dark web
Meta spins off PyTorch Foundation to make AI framework vendor neutral
Feds Hit DDoS-for-Hire Services with 48 Domain Seizures
Five arrested in takedown of Lolek bulletproof hosting service
Ransomware Victims Surge as Threat Actors Pivot to Zero-Day Exploits
Large supermarket chain in southern Africa hit with ransomware
Russian National Arrested in Canada Over LockBit Ransomware Attacks
Lazarus Group Adds Linux Malware to Arsenal in Operation Dream Job
New 'HrServ.dll' Web Shell Detected in APT Attack Targeting Afghan Government
Emergency VMware ESXi update fixes Windows Server 2022 VM boot issues
New critical Citrix ADC and Gateway flaw exploited as zero-days
Dridex Malware Deliver Entropy Ransomware to Target Exchange Server
Axis Door Controller Vulnerability Exposes Facilities to Physical, Cyber Threats
US uncovers “Swiss Army knife” for hacking industrial control systems
Phishing Sites Use ChatGPT as Lure
Google ads push malicious CPU-Z app from fake Windows news site
Ethereum dev imprisoned for helping North Korea evade sanctions
Patch Tuesday includes 6 Windows zero-day flaws; patch now!
Authorities warn dangerous new malware can shut down, sabotage industrial sites
GitHub begins 2FA rollout for code contributors
New BrutePrint Attack Lets Attackers Unlock Smartphones with Fingerprint Brute-Force
Ransomware Reaches New Heights
Ransomware is only getting faster: Six steps to a stronger defense
Google: We stopped these hackers who were targeting job hunters and crypto firms | ZDNet
How the initial access broker market leads to ransomware attacks | ZDNet
A big bet to kill the password for good
There’s a new way to flip bits in DRAM, and it works against the latest defenses
BlackCat ransomware gang behind Reddit breach from February
Global Cyberattacks: How to Manage Risk in Times of Chaos
Netscaler ADC bug exploited to breach US critical infrastructure org
Severe Vulnerabilities Reported in Microsoft Azure Bastion and Container Registry
Charming Kitten Sharpens Its Claws with PowerShell Backdoor
Fake ChatGPT Chrome Extension Hijacking Facebook Accounts for Malicious Advertising
Women Political Leaders Summit targeted in RomCom malware phishing
Skiff Banks $10.5M for E2E Encrypted Workplace Collaboration
Hackers Earn Over $1 Million at Pwn2Own Toronto 2023
Segway Hit by Magecart Attack Hiding in a Favicon
US sanctions Iran’s Ministry of Intelligence over Albania cyberattack
Cyber Command, NSA nominee now double-blocked
All Okta customer support users exposed in October breach, company discloses
Zero-Day Alert: Google Chrome Under Active Attack, Exploiting New Vulnerability
Space Race: Defenses Emerge as Satellite-Focused Cyberattacks Ramp Up
Google Authenticator will now sync your 2FA codes to use on different devices
Canadian government impacted by data breaches of its contractors
FTC Looking at Rules to Corral Tech Firms' Data Collection
The Ultimate SaaS Security Admin Guide - 2024
AI-powered Bing Chat loses its mind when fed Ars Technica article
Microsoft November 2023 Patch Tuesday fixes 5 zero-days, 58 flaws
New Go-based Zerobot Botnet Exploiting Dozen of IoT Vulnerabilities to Expand its Network
XWorm Malware Attacks Windows To Take RDP Control and Drop Ransomware
Unveiling the Unseen: Identifying Data Exfiltration with Machine Learning
Imagine Making Shadowy Data Brokers Erase Your Personal Info. Californians May Soon Live the Dream
CISA, HHS Release Cybersecurity Healthcare Toolkit
QNAP alerts NAS customers of new DeadBolt ransomware attacks
Ukraine cyber officials warn of a ‘surge’ in Smokeloader attacks on financial, government entities
Crypto Crime Down 62% but Ransomware Activity Surges
Ads, NFTs and other badness: Pour one out for the decline of dumb TVs
Security Affairs newsletter Round 433 by Pierluigi Paganini – International edition
APT Groups Using HrServ Web Shell to Hack Windows Systems
Dallas Police Department Compromised in Ransomware Attack
Where is the Origin QAKBOT Uses Valid Code Signing
Sweden Orders Four Companies to Stop Using Google Tool
Apple just released iOS 16.5.1 with security fixes
REvil's TOR sites come alive to redirect to new ransomware operation
FTC Accuses CafePress of Data Breach
Attack Surface Management 2022 Midyear Review Part 3
CERT-UA Warns of SmokeLoader and RoarBAT Malware Attacks Against Ukraine
Operation Triangulation iOS Attack Details Revealed
Researchers Develop RCE Exploit for the Latest F5 BIG-IP Vulnerability
Suspect in $70 million ransomware attack extradited to the US | CyberNews
LockBit Developing Ransomware for Apple M1 Chips, Embedded Systems
North Korean Hackers Target macOS Crypto Engineers With Kandykorn
Ukraine energy facility hit by two waves of cyberattacks from Russia’s Sandworm group
Exploit released for 9.8-severity PaperCut flaw already under attack
An In-Depth Look at ICS Vulnerabilities Part 3
SEC to require companies to disclose cybersecurity incidents
#RSAC: Experts Urge Applying Lessons Learned from Russia-Ukraine Cyberwar to Potential China-Taiwan Scenario
Experts warn against ransomware complacency
CISA warns of critical Ruckus bug used to infect Wi-Fi access points
Convincing, Malicious Google Ads Look to Lift Password Manager Logins
AI gains “values” with Anthropic’s new Constitutional AI chatbot approach
Microsoft Visual Studio Code flaw lets extensions steal passwords
FBI: Hackers are actively exploiting this flaw on ManageEngine Desktop Central servers | ZDNet
Apple releasing iOS 16 with Lockdown, Safety Check security features
New RA Group ransomware targets U.S. orgs in double-extortion attacks
No More Ransom Has Helped Over 1.5m Victims
FBI warns of patched Barracuda ESG appliances still being hacked
Microsoft pledges to bolster security as part of ‘Secure Future’ initiative
Kwik Trip IT systems outage caused by mysterious ‘network incident’
FBI takes down Hive ransomware group in an undercover operation
Attackers Can Compromise Most Cloud Data in Just 3 Steps
MDR: Empowering Organizations with Enhanced Security
Ransomware attack on indie game maker wiped all player accounts
Researchers Warn Against Zoho ManageEngine Exploit Attacks
Cybrary Raises $25 Million to Tackle Cybersecurity Workforce Training
Shutterfly says Clop ransomware attack did not impact customer data
Quasar RAT Leverages DLL Side-Loading to Fly Under the Radar
UK Crypto Firm Loses $200m in Cyber-Attack
These ransomware victims are paying more to recover data
File-transfer services, rich with sensitive data, are under attack
CISA Advisory Details How Hackers Targeted Defense Industrial Base Organization
China's 'Volt Typhoon' APT Now Exploits Zoho ManageEngine
Russia jails Group-IB co-founder for 14 years in treason case
GRU hacking tools targeting Ukrainian military devices detailed by Five Eyes
LastPass Hack: Engineer's Failure to Update Plex Software Led to Massive Data Breach
CISO Conversations: CISOs in Cloud-based Services Discuss the Process of Leadership
Zoho ManageEngine PoC Exploit to be Released Soon - Patch Before It's Too Late!
Kaspersky deemed a 'threat' to US national security | CyberNews
Fortinet Quietly Patched Pre-Auth RCE Flaw In Fortigate Firmware
Progress Software Releases Urgent Hotfixes for Multiple Security Flaws in WS_FTP Server
Critical SolarWinds RCE Bugs Enable Unauthorized Network Takeover
Nation State Hackers Exploiting Zero-Day in Roundcube Webmail Software
Hackers Actively Exploiting Citrix ADC and Gateway Zero-Day Vulnerability
NIST Updates Supply Chain Cybersecurity Guidance
Customers prefer Trend Micro in XDR, Endpoint & Cloud
CISA Urges Organizations to Patch Actively Exploited F5 BIG-IP Vulnerability
Serious Security: That KeePass “master password crack”, and what we can learn from it
Cybersecurity Experts Warn Against Valentine's Day Romance Scams
Anonymous Declares Cyber-War on Pro-Russian Hacker Gang Killnet
Russian Threat Actor “farnetwork” Linked With 5 Ransomware Strains
Google offers free DDoS protection to Ukrainian organizations | CyberNews
Ukraine Shutters Major Russian Bot Farm
What's the best way to ensure your privacy with a web browser?
CISA warns of attacks against Citrix NetScaler ADC and Gateway Devices
Cookies for MFA Bypass Gain Traction Among Cyberattackers
North Korean Attackers Targeted Crypto Companies in JumpCloud Breach
Hackers target Wordpress plugin flaw after PoC exploit released
Cisco patches IOS XE vulnerabilities actively being exploited
CISA Issues MuddyWater Warning
Mirai Variant IZ1H9 Adds 13 Exploits to Arsenal
Ukraine dismantles more bot farms spreading Russian disinformation
Hackers Exploiting 0-day RCE Flaws in the Wild to Deploy Mirai Malware
Microsoft Issues Patches for 121 Flaws, Including Zero-Day Under Active Attack
Atomic Wallet Customers Lose Over $35m in Crypto Attacks
Medical and IoT Devices From More Than 100 Vendors Vulnerable to Attack
OT Network Security Myths Busted in a Pair of Hacks
LA officials confirm ransomware group leaked students’ personal data
Scattered Spider Hops Nimbly from Cloud to On-Prem in Complex Attack
Chinese Hackers Launch Covert Espionage Attacks on 24 Cambodian Organizations
Multi-million investment scammers busted in four-country Europol raid
CISA orders govt agencies to patch iPhone bugs exploited in attacks
Astrix Security Nabs $15M to Tackle Attack Surface Sprawl
All Log4j, logback bugs we know so far and why you MUST ditch 2.15
VMware warns of exploit available for critical vRealize RCE bug
Hackers Stole Access Tokens from Okta’s Support Unit
Chinese APT15 hackers resurface with new Graphican malware
New CaddyWiper data wiping malware hits Ukrainian networks
Microsoft: Windows 11 apps might not start after system restore
General Electric Data Breach: Hacker Claims Sale of Leaked GE Information
Hackers Using Money-Making Scripts to Deliver Multiple Malware
Casio discloses data breach impacting customers in 149 countries
Bitdefender releases free decryptor for LockerGoga ransomware
OT/IoT and OpenTitan, an Open Source Silicon Root of Trust
New Windows malware also steals data from victims’ mobile phones
Legacy VMware Bug Exploited in Global Ransomware Campaign
Holiday 2022 deal: 20% off Zero2Automated malware analysis training
To Ease the Cybersecurity Worker Shortage, Broaden the Candidate Pipeline
Amid Military Buildup, China Deploys Mustang Panda in the Philippines
US Offers $10m for Russian NotPetya Sandworm Team
LastPass vs 1Password: Battle of the password manager titans | ZDNet
US Dismantles IPStorm Botnet Proxy Service
Prolific cyber extortion group Karakurt might be a Conti side hustle
Log4j was the right incident for inaugural review, safety board says
Number of Ransomware Attacks on Industrial Orgs Drops Following Conti Shutdown
How to enable tracker blocking in Opera One (and why you should)
Windows 10 KB5021233 and KB5021237 updates released
FBI joins other intelligence agencies in warning about Russia
Microsoft and Partners Disrupt ZLoader Botnet
Microsoft shares fix for cameras not working on Surface laptops
Unknown Hacker Steals $100m From California-Based Cryptocurrency Firm Harmony
Microsoft: KB5021233 causes blue screens with 0xc000021a errors
Justice Department Appoints First Director of National Cryptocurrency Enforcement Team
Procter & Gamble confirms data theft via GoAnywhere zero-day
Serious Security: TPM 2.0 vulns – is your super-secure data at risk?
New 'Turtle’ macOS Ransomware Analyzed
MOVEit attack spree makes Clop this summer’s most-prolific ransomware group
TikTok hints it have transferred US data to China | China
Adobe fixed ColdFusion flaw listed as under active exploit
Identity Threat Detection and Response: Rips in Your Identity Fabric
Hackers Use Telegram and Signal to Assist Protestors in Iran
Police shut down 48 DDoS-for-hire services, arrest 7 alleged administrators
Why you should be using secure DNS on your Chromebook | ZDNet
KidSecurity’s user data compromised after app failed to set password
Apple released patches for recently disclosed WebKit zero-day in older iPhones and iPads
Developers can’t seem to stop exposing credentials in publicly accessible code
Spanish police arrest 34 alleged cybercriminals for scamming operation
Russian hackers are seeking alternative money-laundering options
Spotify’s new royalties scheme angers indie musicians
UK cyber agency warns of potentially fundamental flaw in AI technology
Serious Security: Why learning to touch-type could protect you from audio snooping
North Korea-linked APT spreads tainted versions of PuTTY via WhatsApp
Examining Ransomware Payments From a Data-Science Lens
Fake crypto sites lure wannabe thieves by spamming login credentials
Hackers Behind Twilio Breach Also Targeted Cloudflare Employees
U.K. Water Supplier Hit with Clop Ransomware Attack
FTC sues Walmart, retailer to defend “aggressively” | CyberNews
Microsoft will enable Exchange Extended Protection by default this fall
Industrial organizations may worry too much about ICS vulnerabilities
OwnCloud "graphapi" App Vulnerability Exposes Sensitive Data
Russia hammered by pro-Ukrainian hackers following invasion
Suspected China-based hackers target Uzbekistan gov’t, South Koreans, Cisco says
Security Affairs newsletter Round 409 by Pierluigi Paganini
Legislation to rein in AI’s use in hiring grows
Botnet that hid for 18 months boasted some of the coolest tradecraft ever
Software Supply Chain Attacks Leveraging Open-Sources Repos Growing
Windows 11 will soon let you uninstall more inbox apps
UK Cops Lead Action Against Fraud Site that Made £100m
Mental health provider Cerebral alerts 3.1M people of data breach
Microsoft Releases Fix for New Zero-Day with May 2022 Patch Tuesday Updates
Clop ransomware gang begins extorting GoAnywhere zero-day victims
KFC & Pizza Hut Discloses Data Breach - Users Personal Information Stolen
Supreme Court poised to rewrite how social media confronts disinformation
Microsoft reminds users Windows will disable insecure TLS soon
Developers Beware: Malicious Rust Libraries Caught Transmitting OS Info to Telegram Channel
Linux version of RTM Locker ransomware targets VMware ESXi servers
FBI warns that BEC attacks now also target food shipments
Ukraine investigates multiple intrusion vectors in last week's website defacements, data wiper attacks
Microsoft fixes two 0-days on Patch Tuesday – update now!
Avoid Using Atlas VPN Until A Fix Arrives For The Zero-Day
Okta employee data breached in third-party healthcare attack
TikTok flooded by 'Elon Musk' cryptocurrency giveaway scams
Synology Releases Patch for Critical RCE Vulnerability Affecting VPN Plus Servers
Data of 800K Chess.com players scraped and released
White House shares the 69 initiatives slated to shore up national cybersecurity
Hydra, the world’s biggest cybercrime forum, shut down in police sting
Trio Arrested in COVID PPE Fraud Probe
Microsoft Exchange gets ‘better’ patch to mitigate critical bug
Second data wiper attack hits Ukraine computer networks
FTC settles with genetic testing firm accused of violating customer privacy
The Week in Ransomware - May 26th 2023 - Cities Under Attack
Facebook Blocked Russia and Belarus Hackers Targeting Ukraine
OwnCloud Critical Vulnerability Exploited in the Wild
Many Internet-Exposed Servers Affected by Exploited Redis Vulnerability
The CISO Mantra: Get Ready to Do More With Less
HYAS Unveils New Tool for Continuous DNS Monitoring
Hands-on Review: Stellar Cyber Security Operations Platform for MSSPs
Russia's LitterDrifter USB Worm Spreads Beyond Ukraine
Meta, US hospitals sued for using healthcare data to target ads
Long-running surveillance campaigns target Uyghurs with BadBazaar and MOONSHINE spyware
The role of cloud services, public tools in the Russia-Ukraine cyber conflict | ZDNet
A suspected cyberattack on Italy’s state railway disrupts ticket sales | CyberNews
LastPass users warned their master passwords are compromised
Microsoft removes Windows 11 update block for PCs with gaming issues
K-12 Schools Improve Protection Against Online Attacks, but Many Are Vulnerable to Ransomware Gangs
Experts Detail New RCE Vulnerability Affecting Google Chrome Dev Channel
Russian Disinformation Campaign Records High-Profile Individuals on Camera
FakeCalls Vishing Malware Targets South Korean Users via Popular Financial Apps
OMB issues zero-trust strategy for federal agencies
Microsoft: Windows 11 21H2 reaching end of service in October
‘Massive’ new ESXiArgs ransomware campaign has compromised thousands of victims
CISA Trials Ransomware Warning System for Critical Infrastructure Orgs
Internet disruptions, cyberattacks hit Ukraine following Russian missile strikes
The Black Friday 2022 Security, IT, VPN, & Antivirus Deals
EmoCheck now detects new 64-bit versions of Emotet malware
#GermanyRIP. Kremlin-loyal hacktivists wage DDoSes to retaliate for tank aid
OpenAI Released ChatGPT Enterprise With SOC 2 Compliant & Data Encryption
FBI: Hackers increasingly exploit DeFi bugs to steal cryptocurrency
CISA shares free tools to help secure data in the cloud
Over 100K hacking forums accounts exposed by info-stealing malware
Emotet botnet tests new techniques after global crackdown
Researchers Find Way to Recover Cryptographic Keys by Analyzing LED Flickers
Iron Tiger APT is behind a supply chain attack that employed messaging app MiMi
Russia's Sandworm APT Launches Swarm of Wiper Attacks in Ukraine
Lazarus Group Hacked Software Vendor to Steal Source Code, Attack Supply Chain
The Rise of Ransomware in Healthcare: What IT Leaders Need to Know
Adobe warns customers of a critical ColdFusion RCE exploited in attacks
Rackspace Confirms Play Ransomware Gang Responsible for Recent Breach
Rackspace executives stand by ransomware response
2.2 Million Impacted by Data Breach at McLaren Health Care
FUD Malware obfuscation engine BatCloak continues to evolve
Security Affairs newsletter Round 366 by Pierluigi Paganini
F5 fixes two remote code execution flaws in BIG-IP, BIG-IQ
Alert: 330,000 FortiGate Firewalls Still Unpatched to CVE-2023-27997 RCE Flaw
CISA Alerts: High-Severity SLP Vulnerability Now Under Active Exploitation
New FjordPhantom Android Malware Targets Banking Apps in Southeast Asia
Chrome 118 Patches 20 Vulnerabilities
3CX Supply chain attack allowed targeting cryptocurrency companies
Transform Your Data Security Posture – Learn from SoFi's DSPM Success
QNAP: Patch Critical Remote Code Injection Bug
An Ever Surf Wallet Vulnerability Could Allow Crypto Thefts
Android app from China executed 0-day exploit on millions of devices
Zero-Day Alert: 10K Cisco IOS XE Systems Now Compromised
Why robotexts are scammers' favorite new tool
Risky Business: Enterprises Can’t Shake Log4j flaw
The U.S. CISA and FBI warn of Royal ransomware operation
WordPress Ninja Forms plugin flaw lets hackers steal submitted data
Security firm Rubrik is latest to be felled by GoAnywhere vulnerability
Deep Packet Inspection vs. Metadata Analysis of Network Detection & Response (NDR) Solutions
Android 14 to let you block connections to unencrypted cellular networks
New LLM-based SOC tool to help automate security response
Exploring the Realm of Malicious Generative AI: A New Digital Security Challenge
North Korea aims 'TraderTraitor' malware at cryptocurrency workers
The Week in Ransomware - October 20th 2023 - Fighting Back
Entitle debuts with automated SaaS permissions-management application
Inside Conti leaks: The Panama Papers of ransomware
UK NCSC issues new guidance on post-quantum cryptography migration
CISA Warns of Attacks Exploiting Sophos Web Appliance Vulnerability
Amid Sweeping Change, Cyber Defenders Face Escalating Visibility — and Pressure
LastPass DevOps Engineer Targeted for Cloud Decryption Keys
France’s government is giving the police more surveillance power
EnemyBot Linux Botnet Now Exploits Web Server, Android and CMS Vulnerabilities
Google Goes After CryptBot Distributors
WooCommerce Payments WP Plugin Flaw Goes Under Active Attack
CISA adds three Microsoft Patch Tuesday bugs to vulnerability list
Breaching airgap security: using your phone’s compass as a microphone!
Clop ransomware gang claims the hack of hundreds of victims exploiting MOVEit Transfer bug
PHP Packagist supply chain poisoned by hacker “looking for a job”
Microsoft Discloses Codesys Flaws Allowing Shutdown of Industrial Operations, Spying
Iranian Group Cobalt Sapling Targets Saudi Arabia With New Persona
US government orders States to conduct cyber security audits of public water systems
Hackers exploit critical Juniper RCE bug chain after PoC release
Remote code execution flaws in Spring and Spring Cloud frameworks put Java apps at risk
Ransomware: Is the party almost over for the cyber crooks? | ZDNet
Patch Tuesday: Adobe Patches 30 Acrobat, Reader Vulns
Two US Doctors Convicted of $30m Medicare Fraud
More than $8 million made from NFT wash trading: Chainalysis | ZDNet
Iranian Cyber Espionage Group Targets Financial and Government Sectors in Middle East
Most internet-exposed Cacti servers exposed to hacking
DHS plans to overhaul disinformation efforts to 'increase trust with the public'
Critical ManageEngine Desktop Server Bug Opens Orgs to Malware
MadCat ransom gang caught stealing from other criminals
NTC Vulkan leak shows evolving Russian cyberwar capabilities
Researchers Discover Reply URL Takeover in Azure
INTERPOL Uses Trend Threat Intelligence to Fight Cyber Crime
This Campaign Delivers Three Malware Via Pirated Software Videos On YouTube
Mozi malware botnet goes dark after mysterious use of kill-switch
VMware vCenter Server Flaw Let Attacker Execute Remote Code
Microsoft now rolling out Copilot to Windows 10 devices
10 ways to speed up your internet connection today
Israeli man sentenced to 80 months in prison for providing hacker-for-hire services
Apple backs national right-to-repair bill, offering parts, manuals, and tools
Hackers Abusing Windows Search Feature to Install Remote Access Trojans
YouTube Videos Distributing Aurora Stealer Malware via Highly Evasive Loader
Industry 4.0: CNC Machine Security Risks Part 2
Ransomware attacks on industrial infrastructure doubled in 2022: Dragos
McLaren Health Care breach exposes medical data of 2.3M+ individuals
Grimes says anyone can AI-generate her voice “without penalty”
10 Best Remote Administration Tools (RAT Tools) - 2023
Researchers extract RSA keys from SSH server signing errors
#BHUSA: Identity Compromise Now the Cause of Most Breaches, CrowdStrike Finds
CISA adds three new bugs to Known Exploited Vulnerabilities Catalog
Pwn2Own Vancouver 2023 Day 2: Microsoft Teams, Oracle VirtualBox, and Tesla hacked
Apple fixes new WebKit zero-day exploited to hack iPhones, Macs
Adobe Warns of 'Critical' Security Flaws in Enterprise Products
The internet in Ukraine is still mostly online. Could Starlink be a backup if it goes out?
5 tech gadgets I never leave home without (and they make great gifts)
Bluebottle Cybercrime Group Preys on Financial Sector in French-Speaking African Nations
Hackers knock out 7-Eleven stores in Denmark | Cybernews
GPT-4 will hunt for trends in medical records thanks to Microsoft and Epic
CISA Calls Urgent Attention to UEFI Attack Surfaces
Apple backports fix for actively exploited iOS zero-day to older iPhones
Stop using your browser's built-in password manager. Here's why
Apple Releases iOS and macOS Updates to Patch Actively Exploited Zero-Day Flaw
Community Health Systems data breach caused by GoAnywhere MFT hack
VMware Aria vulnerable to critical SSH authentication bypass flaw
The Danger of Forgotten Pixels on Websites: A New Case Study
A top Ukrainian security official on defending the nation against cyber attacks
New PoC Exploit for Apache ActiveMQ Flaw Could Let Attackers Fly Under the Radar
Emotet Strikes Again - Lnk File Leads to Domain Wide Ransomware - The DFIR Report
SpecTor operation: 288 individuals arrested in the seizure of marketplace Monopoly Market
Thousands of images on Docker Hub leak auth secrets, private keys
New All-in-One "EvilExtractor" Stealer for Windows Systems Surfaces on the Dark Web
Hitachi Energy confirms data breach after Clop GoAnywhere attacks
Health Tech Vendor to Pay $31m After Kickback Allegations
FSB arrests Russian hackers working for Ukrainian cyber forces
WordPress force installs critical Jetpack patch on 5 million sites
Massive phishing campaign uses 500+ domains to steal credentials
Microsoft: December Windows Server updates break Hyper-V VM creation
Microsoft Cloud Hack Exposed More than Exchange, Outlook Emails
Next Generation CVSS v4.0 Vulnerability Scoring System Released: What's New!
Cybercriminals Turn to Android Loaders on Dark Web to Evade Google Play Security
Battle could be brewing over new FCC data breach reporting rules
Growing Concern Over Role of Hacktivism in Israel-Hamas Conflict
Threat Actors Leverage File-Sharing Service and Reverse Proxies for Credential Harvesting
US effort to rip and replace hardware made in China is ballooning in cost
CES 2023 Day 3: HTC and Google make announcements, plus other top stories
Diavol Ransomware
U.S. Sanctions Virtual Currency Mixer Tornado Cash for Alleged Use in Laundering
Researcher Explains How SSRF Vulnerabilities Risk Java RMI Services
Microsoft retires Visual Studio for Mac, support ends in a year
More than 100 arrested in UK as fraud-as-a-service iSpoof website seized by police
Hive ransomware disrupted after FBI hacks gang's systems
Ransomware ecosystem becoming more diverse for 2023
Cisco fixes privilege escalation bug in Cisco Secure Client
FBI warning on MGM hacker group Scattered Spider, urges victims to come forward
Malicious Chatbots Target Casinos in Southeast Asia
10 Best Advanced Endpoint Security Tools - 2023
FritzFrog botnet returns with new attacks after more than a year of inactivity
Russia-linked drug marketplace Solaris hacked by its rival
Apple releases last week’s security patches for older iPhones, iPads, and Macs
Name That Toon: Modern Monarchy
Ransomware tracker: The latest figures [November 2023]
Hands on with Windows 11's new Task Manager
North Korean APT Gets Around Macro-Blocking With LNK Switch-Up
CISA Advises FCC Covered List For Risk Management
North Korean hackers exploit critical TeamCity flaw to breach networks
DEADBOLT ransomware rears its head again, attacks QNAP devices
Microsoft fixes critical Azure CLI flaw that leaked credentials in logs
Thinking of a new career? Consider Cybersecurity with these free courses
Experts Uncover the Identity of Mastermind Behind Golden Chickens Malware Service
Microsoft Tightens OneNote Security by Auto-Blocking 120 Risky File Extensions
The VC View: The DevSecOps Evolution and Getting "Shift Left" Right
Threat Actors Using ChatGPT Lure to Target iPhone and Android Users
Windows 11 browser change: Europe applauds, outrage everywhere else
Chinese hackers target Australian govt with ScanBox malware
Microsoft March 2023 Patch Tuesday fixes 2 zero-days, 83 flaws
MKS Instruments falls victim to ransomware attack
Hosting Ars, part three: CI/CD, or how I learned to stop worrying and love DevOps
CVE-2023-23560 flaw exposes 100 Lexmark printer models to hack
Microsoft: 0ktapus Cyberattackers Evolve to 'Most Dangerous' Status
Kali Linux 2022.2 released with 10 new tools, WSL improvements, and more
Okta breach: 134 customers exposed in October support system hack
The VC View: Incident Response and SOC Evolution
Biometric Authentication Isn't Bulletproof —Here's How to Secure It
Royal ransomware expands attacks by targeting Linux ESXi servers
Technical Details, IoCs Available for Actively Exploited BIG-IP Vulnerability
VMware Releases Patches for New Vulnerabilities Affecting Multiple Products
Biden AI order could lead to reforms in how federal agencies work with data brokers
ICYMI: Dark Web Happenings Edition With Evil Corp., MSP Targeting & More
Closing the Door DeadBolt Ransomware Locks Out Vendors With Multitiered Extortion Scheme
New wave of data-destroying ransomware attacks hits QNAP NAS devices
While Russian tanks attack, Ukrainian supporters hack back
Paladin Cloud launches new tool for attack surface discovery and management
Russia leads in content removal requests to Google
MongoDB rolls out queryable encryption to secure sensitive data workflows
FBI Lifts the Lid on Notorious Scattered Spider Group
Chinese actors behind attacks on industrial enterprises and public institutions
New Argo CD Bug Could Let Hackers Steal Secret Info from Kubernetes Apps
Massive 3CX Supply-Chain Attack Let Hackers Inject Backdoor on Crypto Firms
Security Affairs newsletter Round 355
Hackers are Actively Using the new.zip Domain for Malicious Attacks
TSMC says some of its data was swept up in a hack on a hardware supplier
Windows is in Moscow’s crosshairs, too
3CX threat actor named as company focuses on security upgrades, customer retention
Data Distribution Service: Mitigating Risks Part 3
Nova Scotia says all victims of MOVEit breach have been notified
Scammers target older people online. Here are the 3 warning signs to watch for
SMBs hit by rise in legitimate tool-based attacks
CISA Warns of Hackers Exploiting Recent Zoho ManageEngine Vulnerability
'ShroudedSnooper' Backdoors Use Ultra-Stealth in Mideast Telecom Attacks
In Other News: Ex-Uber Security Chief Appeal, New Offerings From Tech Giants, Crypto Bounty
CWP bugs allow code execution as root on Linux servers, patch now
Auth0 warns that some source code repos may have been stolen
Is this ThinkPad-inspired phone the best for business users? It sure looks like it
CISA: New Whirlpool backdoor used in Barracuda ESG hacks
Google 0-day browser bug under attack, patch available
MPs Dangerously Uninformed About Facial Recognition – Report
Xiaomi Phones’ TEE Vulnerability May Allow Forge Mobile Payments
Dallas County confirms cybersecurity 'incident' after ransomware gang claims attack
Rorschach Ransomware Emerges: Experts Warn of Advanced Evasion Strategies
PyPI open-source code repository deals with manic malware maelstrom
The MOVEit spree is as bad as — or worse than — you think it is
Zero-day in Salesforce email services exploited in targeted phishing Facebook campaign
Bug in Minecraft mods allows hackers to exploit players' devices
CardinalOps Launches MITRE ATT&CK Security Layers for Measuring Detection Posture
Apple Rolls Out Urgent Patches for Zero-Day Flaws Impacting iPhones, iPads and Macs
CISA adds Zimbra bug exploited in attacks against NATO countries to its Known Exploited Vulnerabilities catalog
Hackers drain bitcoin ATMs of $1.5 million by exploiting 0-day bug
Beanstalk DeFi platform loses $182 million in flash-loan attack
New 'Pig Butchering' Scam in West Africa Impersonates US Financial Advisors
Study: Africa Cybersecurity Improves But Lacks Cross-Border Frameworks
LastPass Massive Hack Tied to Engineer Failure to Update Plex on Home Computer
North Korean State Actors Attack Critical Bug in TeamCity Server
US Government: North Korean Threat Actors Are Targeting Cryptocurrency Organizations
Hackers Steal Over $1.6 Million in Crypto from General Bytes Bitcoin ATMs Using Zero-Day Flaw
REvil says they breached electronics giant Midea Group | Cybernews
New CVSS Version Unveiled Amid Rising Cyber Threats
Test your outrage over Google's new Topics advertising system
The Week in Ransomware - August 5th 2022 - A look at cyber insurance
U.S. Offers $10 Million Bounty for Capture of Notorious Russian Ransomware Operator
Data Distribution Service: Exploring Vulnerabilities and Risks Part 2
Critical Infrastructure Stakeholders Gather for Day 2 of SecurityWeek's 2023 ICS Cybersecurity Conference
North Korean APTs Stole ~$400M in Crypto in 2021
Iranian Hackers Target Women Involved in Human Rights and Middle East Politics
US sanctions orgs behind North Korea’s ‘illicit’ IT worker army
Singapore to build nationwide quantum-safe network
Passkeys may not be for you, but they are safe and easy—here’s why
Clop Ransomware Gang Likely Exploiting MOVEit Transfer Vulnerability Since 2021
ICBC Ransomware Attack – China’s Largest Bank Forced To Use USBs
Hackers behind 3CX breach also breached US critical infrastructure
MuddyC2Go: New C2 Framework Iranian Hackers Using Against Israel
Comcast Xfinity accounts hacked in widespread 2FA bypass attacks
ChatGPT Leveraged to Enhance Software Supply Chain Security
Eastern European energy and defense firms targeted with MATA backdoor
Recent legal developments bode well for security researchers, but challenges remain
Newly Uncovered PyPI Package Drops Fileless Cryptominer to Linux Systems
The sign-in menu is the latest frontier for Microsoft ads in Windows 11
BEC scammers impersonate CEOs on virtual meeting platforms
After Russia’s invasion of Ukraine, it's time to hunker down
Defenders detected a 28-fold surge in Emotet email spam | CyberNews
FBI: Hackers used malicious PHP code to grab credit card data | ZDNet
North Korean hackers named behind the $620 million Ronin hack | CyberNews
Rackspace: Play Ransomware gang used a previously unknown exploit to access its Hosted Exchange email environment
Critical Atlassian Bug Exploited in Ransomware Attacks
CitrixBleed worries mount as nation state, criminal groups launch exploits
Hackers Infect Linux Machines with Rootkits via Apache ActiveMQ Vulnerability
Gamblers’ data compromised after casino giant fails to set password
E-commerce Fraud Surges By Over 50% Annually
VirusTotal AI code analysis expands Windows, Linux script support
More than $100 million stolen from Poloniex crypto platform
10 Best SIEM Tools for SOC Operations - 2023
Microsoft Blames Massive DDoS Attack for Azure, Outlook, and OneDrive Disruptions
What is Malware Attack? Types, Methods, Distribution, Protection - Guide
Google Suing Cybercriminals Who Delivered Malware via Fake Bard Downloads
Microsoft adds HSTS support to Exchange Server 2016 and 2019
Aussie PM says, “Shut down your phone every 24 hours for 5 mins” – but that’s not enough on its own
Apple warns Armenians of state-sponsored hacking attempts
How Continuous Pen Testing Protects Web Apps from Emerging Threats
Sysdig Launches Realtime Attack Graph for Cloud Environments
Microsoft fixes WSUS servers not pushing Windows 11 22H2 updates
Security Affairs newsletter Round 422 by Pierluigi Paganini – International edition
Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022
D.C. Board of Elections: Hackers may have breached entire voter roll
#CyberMonth: ENISA Celebrates 10 Years of European Cybersecurity Month with New, Proactive Slogan
'DarkTortilla' Malware Wraps in Sophistication for High-Volume RAT Infections
Apple fixes eighth zero-day used to hack iPhones and Macs this year
Iran-linked Mercury APT exploited Log4Shell in SysAid Apps for initial access
No human at wheel: Baidu secures fully driverless robotaxi license in China | Cybernews
Clop ransomware claims to be behind GoAnywhere zero-day attacks
Cisco: Hackers targeting zero-day found in internet-exposed routers
SEC Charges SolarWinds and CISO With Misleading Investors
White House unveils consumer labeling program to strengthen IoT security
NFT Investors Lose $1.7M in OpenSea Phishing Attack
US Doubles Reward for Info on North Korean Hackers
US govt grants academics $12M to develop cyberattack defense tools
Hackers breach US water facility via exposed Unitronics PLCs
Magniber Ransomware Now Targets Windows 11 Machines
Threat Report Portugal: Q3 & Q4 2022
Meta Takes Action Against Multiple Foreign Influence Campaigns
Vulnerability in Cisco Enterprise Switches Allows Attackers to Modify Encrypted Traffic
STARK#MULE Targets Koreans with U.S. Military-themed Document Lures
US disrupts prolific botnet controlled by Russian military, DOJ says
Experts Sound Alarm Over Growing Attacks Exploiting Zoho ManageEngine Products
Apple Patches 3 Zero-Days Likely Exploited by Spyware Vendor to Hack iPhones
Interpol takes down phishing-as-a-service platform used by 70,000 people
Wallarm touts API leak protection with new scanning feature
Windows 11 KB5031455 preview update enables Moment 4 features by default
Washington State Department of Transportation working to recover from cyberattack
Encrypted Messaging App Exclu Used by Criminal Groups Cracked by Joint Law Enforcement
Linux Foundation Announces OpenPubkey Open Source Cryptographic Protocol
Russia's cyber personnel has 'underperformed' in Ukraine: U.S. Defense official
Forrester: GenAI Will Lead to Breaches and Privacy Fines in 2024
British Afrobeat singer pleads guilty to stealing $6 million in hacks on financial accounts
Chinese scientist pleads guilty to stealing US agricultural tech | ZDNet
Daixin Team targets health organizations with ransomware, US agencies warn
Hackers target Tatsu WordPress plugin in millions of attacks
Flipper Zero - Now You Install 3rd-Party Apps With The Penetrating Testing Device
Stolen ChatGPT premium accounts up for sale on the dark web
Pilfered Keys Free App Infected by Malware Steals Keychain Data
Why you should install iOS 15.5 now | ZDNet
FAA clears Musk's SpaceX for Starship rocket lift off
US govt warns Americans of escalating SMS phishing attacks
MOVEit mass exploit timeline: How the file-transfer service attacks entangled victims
Apple zero-day spyware patches extended to cover older Macs, iPhones and iPads
Ukrainian Man Arrested for Alleged Role in Ransomware Attack on Kaseya, Others
#InfosecurityEurope: Armis Highlights Riskiest Devices in Critical Infrastructure
APT29 is targeting Ministries of Foreign Affairs of NATO-aligned countries
A Post-exploitation Look at Coinminers Abusing WebLogic Vulnerabilities
Understanding Active Directory Attack Paths to Improve Security
WinRAR SFX archives can run PowerShell without being detected
Lazarus APT exploits Zoho ManageEngine flaw to target an Internet backbone infrastructure provider
US Gov Warning: Start Hunting for Iranian APTs That Exploited Log4j
Ransomware Actors Extort University Via Alert System
Boeing Admits Cyberattack; Lockbit Claims Zero-Day Exploit Was Used to Gain Access
Senate proposes surveillance bill without FBI warrant requirement
AvosLocker ransomware reboots in Safe Mode to bypass security tools
New Chrome Feature Alerts Users About Malicious Extensions
Microsoft Patch Tuesday fix Outlook zero-day actively exploited
IcedID Botnet Distributors Abuse Google PPC to Distribute Malware
Sextortion Rears Its Ugly Head Again
Adobe warns of critical ColdFusion RCE bug exploited in attacks
Hackers Lure Cybersecurity Researchers With Fake LinkedIn Recruiter Profiles
Emotet Banking Trojan Resurfaces, Skating Past Email Security
Russian Sandworm APT impersonates Ukrainian telcos to deliver malware
LLM meets Malware: Starting the Era of Autonomous Threat
LockBit apologizes for ransomware attack on hospital, offers decryptor
Children in UK abusing AI to create explicit images of classmates
New CosmicEnergy ICS malware threatens energy grid assets
Zero Day Threat Protection for Your Network
FTC opens inquiry into cloud market competition, security
Hatch Bank data breach caused by the exploitation of the GoAnywhere MFT zero-day
Cyberattack Victims Often Attacked by Multiple Adversaries: Research
Gold Ulrick Hackers Still in Action Despite Massive Conti Ransomware Leak
Hive ransomware servers shut down at last, says FBI
Top Information Security Threats for Businesses 2023
CISA Launches Project to Assess Effectiveness of Security Controls
miniOrange’s WordPress Social Login and Register plugin was affected by a critical auth bypass bug
Pentagon CIO on the future of DoD's cybersecurity
CISA added 2 more security flaws to its Known Exploited Vulnerabilities Catalog
PWNYOURHOME, FINDMYPWN, LATENTIMAGE: 3 iOS Zero-Click exploits used by NSO Group in 2022
Wireshark 4.2.0 Released - What’s New!
Ardent confirms hospitals disrupted over ransomware attack
‘Elephant Beetle’ spends months in victim networks to divert transactions
APT Hackers Behind SysJoker Attacking Critical Industrial Sectors
Apple Opens Application for Security Research Device Program
Researchers Warn of 674% Surge in Deadbolt Ransomware
White House: Arrested Russian hacker was behind Colonial Pipeline attack
DOJ disrupts Russia-backed Cyclops Blink botnet
Global 2000 companies failing to adopt key domain security measures
Microsoft Defender update causes Windows Hardware Stack Protection mess
Hackers Steal Over $600M in Major Crypto Heist
FBI Charges 6, Seizes 48 Domains Linked to DDoS-for-Hire Service Platforms
drIBAN Fraud Operations Target Corporate Banking Customers
Dark Pink APT targets Govt entities in South Asia
Operation ChattyGoblin: Hackers Targeting Gambling Firms via Chat Apps
UK security centre urges companies to boost their defences after cyberattacks on Ukraine | ZDNet
How to protect your privacy in Windows 11
The Vulnerability of Zero Trust: Lessons from the Storm 0558 Hack
Over 19,000 End-of-life Cisco VPN Routers Open for RCE Attacks
SEC charges SolarWinds CISO with fraud for misleading investors before major cyberattack
ALPHV/BlackCat Ransomware Gang Targets Businesses Via Google Ads
UK rolls back controversial encryption rules of Online Safety Bill
CISA Issues Urgent Warning: Adobe ColdFusion Vulnerability Exploited in the Wild
Discord hops the generative AI train with ChatGPT-style tools
How the war in Ukraine has strengthened the Kremlin's ties with cybercriminals
New MacStealer Targets Catalina, Newer MacOS Versions
Researchers spot an increase in Jupyter infostealer infections
S3 Ep133: Apple takes “tight-lipped” to a whole new level
Dutch intelligence: Many cyberattacks by Russia are not yet public knowledge
Pro-Ukraine hackers CH01 defaced tens of Russian websites on the invasion anniversary
US Cyber Safety Board to Review Cloud Attacks
Application Security Startup Aikido Security Raises €5 Million
US Announces Charges, Arrests Over Multi-Million-Dollar Cybercrime Schemes
New York man defrauded thousands using credit cards sold on dark web
Call for Submissions to UK's New Computer Misuse Act
Critical SOCKS5 Vulnerability in cURL Puts Enterprise Systems at Risk
‘We are unstoppable': How a team of Polish programmers built a digital tool to evade Russian censorship
Hawai'i Community College pays ransomware gang to prevent data leak
Windows: Still insecure after all these years
Hackers are using this old trick to dodge security protections
Clop ransomware gang starts extorting MOVEit data-theft victims
Reptar: New Intel CPU Vulnerability Impacts Multi-Tenant Virtualized Environments
First American Title Insurance Settles $1M Breach Case with NY Authorities
AI vs. Hollywood: Writers battle “plagiarism machines” in union talks
Iranian APT Targets US With Drokbk Spyware via GitHub
Styx Marketplace Provides Hub for Financial Cybercrime
Microsoft launched its new Microsoft Defender Bounty Program
Google announced its Mobile VRP (vulnerability rewards program)
Experts warn of a surge in NetSupport RAT attacks
Ransomware gangs rely more on weaponizing vulnerabilities
Multiple Vulnerabilities Found In ownCloud File Sharing App
Meta to Appeal €390m GDPR Fine
Microsoft links data wiping attacks to new Russian GRU hacking group
Elon Musk's Twitter followers targeted in fake crypto giveaway scam
Navy unveils its first cyber strategy
Critical Citrix NetScaler Flaw Exploited to Target from Government, Tech Firms
North Korea's Kimsuky Evolves into Full-Fledged, Prolific APT
Kroll Suffers Data Breach: Employee Falls Victim to SIM Swapping Attack
Identity-based security threats are growing rapidly: report
The best personal safety alarms of 2023
PixPirate: New Android Banking Trojan Targeting Brazilian Financial Institutions
10-year-old Windows bug with 'opt-in' fix exploited in 3CX attack
New Inception attack leaks sensitive data from all AMD Zen CPUs
New Lenovo BIOS updates fix security bugs in hundreds of models
FBI shares AvosLocker ransomware technical details, defense tips
Misconfiguration and vulnerabilities biggest risks in cloud security: Report
Thousands of secrets lurk in app images on Docker Hub
EvilExtractor malware activity spikes in Europe and the U.S.
Elon Musk’s new AI model doesn’t shy from questions about cocaine and orgies
UK Shoppers Lost Nearly £11m to Fraud Last Festive Season
US sanctions North Korean ‘Kimsuky’ hackers after surveillance satellite launch
Security Affairs newsletter Round 381
JumpCloud breach traced back to North Korean state hackers
GitHub to mandate 2FA for all code contributors by 2023
Apple re-released Rapid Security Response to fix recently disclosed zero-day
API Security Flaw Impacted Grammarly, Vidio and Bukalapak
A mysterious satellite hack has victims far beyond Ukraine
CISA’s top 10 misconfigurations reveal ‘systemic weaknesses’
Google Adopts Passkeys as Default Sign-in Method for All Users
Novel Ransomware Comes to the Sophisticated SOVA Android Banking Trojan
Cisco releases security fix for widely-exploited IOS XE software vulnerability
Ransomware Targets Unpatched WS_FTP Servers
European Commission's Despina Spanou on why cyber officials must 'learn lessons from crises'
Yellow Pages Canada Hit by Cyber-Attack, Black Basta Claims Credit
Industrial and Commercial Bank of China dealing with LockBit ransomware attack
Phishing attempts from FancyBear and Ghostwriter stepping up says Google | ZDNet
Crypto Wallets Under Attack By DoubleFinger Malware
New Variant of Spectre Attack Bypasses Intel and Arm Hardware Mitigations
CISA launches incident, ransomware reporting rulemaking RFI
Emotet Spam Abuses Unconventional IP Address Formats to Spread Malware
Top Three Challenges Hindering SMB Cybersecurity
FBI warns of 2022 Beijing Olympics cyberattack, privacy risks
New Yorker Gets Four Years for $9m COVID Fraud Scheme
US Agencies: Karakurt extortion group demanding up to $13 million in attacks
Daixin Team group claimed the hack of North Texas Municipal Water District
CISA warns of breach risks from IDOR web app vulnerabilities
Doctor Paid $60,000 in Bitcoin to Hire Dark Web Hitmen
Webinar Today: Blast Radius & Simulated Attack Paths
Go ahead and unplug this door device before reading. You’ll thank us later.
Russia-based RansomBoggs Ransomware Targeted Several Ukrainian Organizations
HiatusRAT Malware Resurfaces: Taiwan Firms and U.S. Military Under Attack
How the FBI nuked Qakbot malware from infected Windows PCs
ChatGPT for Digital Forensic - AI-Powered Cybercrime Investigation
Russian APT Intensifies Cyber Espionage Activities Amid Ukrainian Coun
Asylum Ambuscade hackers mix cybercrime with espionage
Ransomware attacks more than doubled last year – these cybersecurity basics can protect you | ZDNet
CitrixBleed sparks race to patch, hunt for malicious activity
Magecart Hackers Hide in 404 Error Pages
Apple Patches Actively Exploited iOS Zero-Days
Apple's disappearing Rapid Security Response update (u)
Microsoft to Block Excel Add-ins to Stop Office Exploits
Android Apps Fail to Protect User Data During Device Transfer
Okta: Breach Affected All Customer Support Users
Windows 11 KB5031354 cumulative update released with new features
Security Affairs newsletter Round 365 by Pierluigi Paganini
CISA Adds Three Security Flaws with Active Exploitation to KEV Catalog
Cybercriminals bypass Windows security with driver-vulnerability exploit
Retail Sector Prepares for Annual Holiday Cybercrime Onslaught
Cyberattack on Japan’s Space Agency JAXA Confirmed!
Facebook Bans Spy-for-Hire Firms for Targeting 50K People
Crypto Hack Let Hackers Stolen $160 Million From Crypto Firm Wintermute
Experts Uncover DarkCasino: New Emerging APT Threat Exploiting WinRAR Flaw
Fortinet Addressed Critical RCE Vulnerability In FortiNAC Systems
ChatGPT, Other Generative AI Apps Prone to Compromise, Manipulation
Microsoft Fixes Exploited Zero-Days in WordPad, Skype for Business
Konni Group Using Russian-Language Malicious Word Docs in Latest Attacks
Chinese hackers abuse VLC Media Player to launch malware loader
Microsoft Details Critical Apple macOS Vulnerability Allowing SIP Protection Bypass
Apple's Rapid Security Response Patches Are Breaking Websites
Cyber Attacks Strike Ukraine's State Bodies in Espionage Operation
Group-IB Co-Founder Sentenced to 14 Years in Russian Prison for Alleged High Treason
Hackers can steal your Tesla Model 3, Y using new Bluetooth attack
New Cryptocurrency Mining Campaign Targets Linux Systems and IoT Devices
Microsoft Edge is testing a new video translation feature
ViperSoftX info-stealing malware now targets password managers
US, UK Warn of Iranian Cyberattacks on Government, Commercial Networks
BleepingComputer's most popular cybersecurity stories of 2022
Ukraine intelligence takes credit for Russia’s aviation agency hack
Lazarus hackers deploy fake VMware PyPI packages in VMConnect attacks
Microsoft: Ransomware groups, nation-states exploiting Atlassian Confluence vulnerability
Ukraine invasion: How a digital cold war with Russia threatens the IT industry | ZDNet
A massive campaign delivered a proxy server application to 400,000 Windows systems
Law enforcement takes down crypto exchange allegedly used to launder $15 million in ransomware payments
U.K. and U.S. Sanction 7 Russians for TrickBot, Ryuk, and Conti Ransomware Attacks
Stronger Cloud Security in Azure Function Using Custom Cloud Container
1.1 quintillion operations per second: US has world’s fastest supercomputer
FIN7 hackers evolve toolset, work with multiple ransomware gangs
Top 15 Best Ethical Hacking Tools - 2023
Healthcare Data Breaches Impact 88 Million Americans This Year
Unprecedented federal suit, joined by states, accuses Meta platforms of harming children
NAS Vendor Says Several of Its Products Likely Contain Linux 'Dirty Pipe' Flaw
Data of all serving police officers Police Service of Northern Ireland (PSNI) mistakenly published online
International Arrests Over 'Criminal' Crypto Exchange
Top 10 Passwordless Authentication Tools - 2023
Royal ransomware claims attack on Queensland University of Technology
$620 million in crypto stolen from Axie Infinity's Ronin bridge
Lazarus Sub-Group Labyrinth Chollima Uncovered as Mastermind in 3CX Supply Chain Attack
Citrix NetScaler Zero-Day Exploited to Compromise Government Organizations
Elon Musk deep fakes promote new BitVex cryptocurrency scam
Familiar names top 2021's most-exploited vulnerabilities list
Meet Nord Security: The company behind NordVPN wants to be your one-stop privacy suite | ZDNet
Key Cybersecurity Takeaways from 2022
QNAP warns of a new wave of DeadBolt ransomware attacks against its NAS devices
Millions of PC motherboards were sold with a firmware backdoor
Hacker Conversations: Casey Ellis, Hacker and Ringmaster at Bugcrowd
Over 39,000 Unauthenticated Redis Instances Found Exposed on the Internet
New CACTUS ransomware appeared in the threat landscape
Detecting Exploitation of Local Vulnerabilities Through Trend Micro Vision One and Cloud One
Big Tech Vendors Object to US Gov SBOM Mandate
EncroChat takedown led to 6,500 arrests and $979 million seized
New WinTapix.sys Malware Engages in Multi-Stage Attack Across Middle East
Automotive giant Denso confirms hack, Pandora ransomware group takes credit | ZDNet
Largest companies pausing ads on X over antisemitic storm, Musk vows revenge
Hackers Selling Powerful Infostealers on Underground Forums
Apple Boosts Security With New iMessage, Apple ID, and iCloud Protections
LockBit ransomware suspect nabbed in Canada, faces charges in the US
Russian Security Services Arrest Suspected Ukrainian Hackers
China hacks the US military and government — the Feds blame Microsoft
Lazarus Group Targeting Microsoft Web Servers to Launch Espionage Malware
Admins of Genesis Market marketplace sold their infrastructure on a hacker forum
Deadbolt Ransomware Targeting Asustor NAS Devices
Best early Black Friday VPN deals 2022: Save today on Surfshark, Atlas, and more
Over 500 ESXiArgs Ransomware infections in one day, but they dropped the day after
AI Tools Flaw Lead to Access Bypass & Compromise Sensitive information
Brazil seizing Flipper Zero shipments to prevent use in crime
European govt email servers hacked using Roundcube zero-day
Businesses detect cyberattacks faster despite increasingly sophisticated adversaries
Windows 11 22H2 KB5017389 preview update released with 30 changes
Once Again, Malware Discovered Hidden in npm
Microsoft's first Patch Tuesday of 2023 delivers a massive 98 fixes
Feel-good story of the week: 2 ransomware gangs meet their demise
Wiz Says 62% of AWS Environments Exposed to Zenbleed Exploitation
New GootLoader Malware Variant Evades Detection and Spreads Rapidly
A new wave of DeadBolt Ransomware attacks hit QNAP NAS devices 
Predator AI ChatGPT Integration Poses Risk to Cloud Services
Deadbolt ransomware hits more than 3,600 QNAP NAS devices
Design Flaw in Google Workspace Could Let Attackers Gain Unauthorized Access
CISA warns of actively exploited Juniper pre-auth RCE exploit chain
The Week in Ransomware - December 23rd 2022 - Targeting Microsoft Exchange
Norwegian Entities Targeted in Ongoing Attacks Exploiting Ivanti EPMM Vulnerability
FTC sues Intuit for misleading TurboTax 'free tax filing' ads
Judge sides with Microsoft in FTC injunction, unlocking final Activision battles
New Windows 11 policy lets admins control optional updates installation
Singapore pushed to introduce security measures amidst online banking scams | ZDNet
BlackCat ransomware fails to extort Australian commercial law giant
The Hidden Dangers of Public Wi-Fi
Ransomware is scary, but another scam is costing victims much, much more, says FBI | ZDNet
Microsoft: Notorious FIN7 hackers return in Clop ransomware attacks
UK warns of increased attacks from Russian, Iranian hackers
Biden’s Cyber Command and NSA nominee seen as a pick for continuity
Bad Bots Now Account For 30% of All Internet Traffic
US defense contractors hit by stealthy SockDetour Windows backdoor
Emotet malware infects users again after fixing broken installer
Police Celebrate Arrest of 59 Suspected Scammers
FTC to fine CafePress for cover up of massive data breach
SIM swapper gets 8 years in prison for account hacks, crypto theft
Ex-Amazon Manager Whole Stole $10 Million Sentenced to 16 Years
After Log4J, White House worries about the next big open source flaw | ZDNet
10 Best Secure Web Gateway Vendors in 2023
New York proposes ‘nation-leading’ hospital cybersecurity regulations
Top Suspect of OPERA1ER Hacker Group Arrested by Authorities
Sourcegraph website breached using leaked admin access token
South Korea exposes 38 Chinese-run fake news websites
Microsoft unveils AI-powered Microsoft 365 Copilot assistant
Cyberthreats grow as US, NATO countries press Russia sanctions
ChatGPT rolls out voice chat feature for all users
Ukraine says local govt sites hacked to push fake capitulation news
Ardent Health Services Grapples With Ransomware Disruption
Intel’s loss is AMD’s gain as EPYC server CPUs benefit from Intel’s delays
Spotify ejects thousands of AI-made songs in purge of fake streams
Iranian Government Hackers Exploit Log4Shell in SysAid Apps for Initial Access
Federal agencies investigating data breach at nuclear research lab
HCA confirms breach after hacker steals data of 11 million patients
Broadcom cuts at least 2,800 VMware jobs following $69 billion acquisition
LimeRAT Malware Analysis: Extracting the Config
Exchange Online mail delivery issues caused by anti-spam rules
New 'MichaelKors' Ransomware-as-a-Service Targeting Linux and VMware ESXi Systems
PicassoLoader Malware Used in Ongoing Attacks on Ukraine and Poland
Windows 11 KB5032190 update enables Moment 4 features for everyone
New Ransomware Spotted: White Rabbit and Its Evasion Tactics
CISA adds flaw in Citrix ShareFile to its Known Exploited Vulnerabilities catalog
Dell Compellent hardcoded key exposes VMware vCenter admin creds
Microsoft Releases Patches for 74 New Vulnerabilities in August Update
BlackByte ransomware claims City of Augusta cyberattack
Top 10 Best Practices for Cybersecurity Professionals to Securing Your Database
Apple fixes two new iOS zero-days in emergency updates
Yamaha Motor confirms ransomware attack on Philippines subsidiary
Critical Zero-Day Flaw Exploited in MOVEit Transfer
Cyber-Attack Disrupts UK Property Deals
US offering $10 million for info on Russian military hackers accused of NotPetya attacks
Google ads push BumbleBee malware used by ransomware gangs
CISA Warns of Active Attacks Exploiting Fortra MFT, TerraMaster NAS, and Intel Driver Flaws
Researchers Warn of Kavach 2FA Phishing Attacks Targeting Indian Govt. Officials
New York health network restores services a