Critical Vulnerability in WordPress Backup Migration Plugin
WordPress has released updates addressing a critical vulnerability (CVE-2023-6553) in their Backup Migration plugin. The vulnerability has a Common Vulnerability...
News
QakBot Malware Resurfaces with New Tactics, Targeting the Hospitality Industry
A new wave of phishing messages distributing the QakBot malware has been observed, more than three months after a law...
Four U.S. Nationals Charged in $80 Million Pig Butchering Crypto Scam
Four U.S. nationals have been charged for participating in an illicit scheme that earned them more than $80 million via...
MongoDB Suffers Security Breach, Exposing Customer Data
MongoDB on Saturday disclosed it's actively investigating a security incident that has led to unauthorized access to "certain" corporate systems,...
New Security Vulnerabilities Uncovered in pfSense Firewall Software – Patch Now
Multiple security vulnerabilities have been discovered in the open-source Netgate pfSense firewall solution called pfSense that could be chained by...
CISA Urges Manufacturers Eliminate Default Passwords to Thwart Cyber Threats
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is urging manufacturers to get rid of default passwords on internet-exposed systems...
Crypto Hardware Wallet Ledger’s Supply Chain Breach Results in $600,000 Theft
Crypto hardware wallet maker Ledger published a new version of its "@ledgerhq/connect-kit" npm module after unidentified threat actors pushed malicious...
China’s MIIT Introduces Color-Coded Action Plan for Data Security Incidents
China's Ministry of Industry and Information Technology (MIIT) on Friday unveiled draft proposals detailing its plans to tackle data security...
New KV-Botnet Targeting Cisco, DrayTek, and Fortinet Devices for Stealthy Attacks
A new botnet consisting of firewalls and routers from Cisco, DrayTek, Fortinet, and NETGEAR is being used as a covert...
Microsoft Warns of Storm-0539: The Rising Threat Behind Holiday Gift Card Frauds
Microsoft is warning of an uptick in malicious activity from an emerging threat cluster it's tracking as Storm-0539 for orchestrating...
WordPress Hosting Service Kinsta Targeted By Google Phishing Ads
WordPress hosting provider Kinsta is warning customers that Google ads have been observed promoting phishing sites to steal hosting credentials....
Rhadamanthys Stealer Malware Evolves With More Powerful Features
The developers of the Rhadamanthys information-stealing malware have recently released two major versions to add improvements and enhancements across the...
What To Do When Receiving Unprompted Mfa Otp Codes
Receiving an unprompted one-time passcode (OTP) sent as an email or text should be a cause for concern as it...
Qbot Malware Returns In Campaign Targeting Hospitality Industry
The QakBot malware is once again being distributed in phishing campaigns after the botnet was disrupted by law enforcement over...
Mongodb Says Customer Data Was Exposed In A Cyberattack
MongoDB is warning that its corporate systems were breached and that customer data was exposed in a cyberattack that was...
Qnap Viostor Nvr Vulnerability Actively Exploited By Malware Botnet
A Mirai-based botnet named 'InfectedSlurs' is exploiting a remote code execution (RCE) vulnerability in QNAP VioStor NVR (Network Video Recorder)...
Microsoft Unveils New More Secure Windows Protected Print Mode
Microsoft announced a new Windows Protected Print Mode (WPP), introducing significant security enhancements to the Windows print system. "WPP builds...
Multiple High Severity Vulnerabilities in Samsung Products
Samsung has released security updates addressing multiple high severity vulnerabilities (CVE-2023-42564, CVE-2023-42563, CVE-2023-42562, CVE-2023-42561, CVE-2023-42568, CVE-2023-42560, CVE-2023-42567, CVE-2023-42566, CVE-2023-42565) in...
Multiple High Severity Vulnerabilities in Samsung Products
Samsung has released security updates addressing multiple high severity vulnerabilities (CVE-2023-42564, CVE-2023-42563, CVE-2023-42562, CVE-2023-42561, CVE-2023-42568, CVE-2023-42560, CVE-2023-42567, CVE-2023-42566, CVE-2023-42565) in...
Malvertising Via Dynamic Search Ads Delivers Malware Bonanza
Most, if not all malvertising incidents result from a threat actor either injecting code within an existing ad, or intentionally...
Ransomware Review November 2023
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on...
Malvertiser Copies Pc News Site To Deliver Infostealer
The majority of malvertising campaigns delivering malicious utilities that we have tracked so far typically deceive victims with pages that...
Credit Card Skimming On The Rise For The Holiday Shopping Season
As we head into shopping season, customers aren’t the only ones getting excited. More online shopping means more opportunities for...
Atomic Stealer Distributed To Mac Users Via Fake Browser Updates
Atomic Stealer, also known as AMOS, is a popular stealer for Mac OS. Back in September, we described how malicious...
