NodeStealer Malware Now Targets Facebook Business Accounts on Multiple Browsers
An ongoing campaign is targeting Facebook Business accounts with bogus messages to harvest victims' credentials using a variant of the...
News
The Interdependence between Automated Threat Intelligence Collection and Humans
The volume of cybersecurity vulnerabilities is rising, with close to 30% more vulnerabilities found in 2022 vs. 2018. Costs are...
Google Agrees to $93 Million Settlement in California’s Location-Privacy Lawsuit
Google has agreed to pay $93 million to settle a lawsuit filed by the U.S. state of California over allegations...
Cybercriminals Combine Phishing and EV Certificates to Deliver Ransomware Payloads
The threat actors behind RedLine and Vidar information stealers have been observed pivoting to ransomware through phishing campaigns that spread...
DDoS 2.0: IoT Sparks New DDoS Alert
The Internet of Things (IoT) is transforming efficiency in various sectors like healthcare and logistics but has also introduced new...
Fake Cisco Webex Google Ads abuse tracking templates to push malware
Threat actors use Google Ads tracking templates as a loophole to create convincing Webex software search ads that redirect users...
Criminal IP Elevates Payment Security with PCI DSS Level 1 Certification
With payment card information being an enticing target for cyber attackers, the safeguarding of payment card transactions is of utmost...
Manchester Police officers’ data exposed in ransomware attack
United Kingdom's Greater Manchester Police (GMP) said earlier today that some of its employees' personal information was impacted by a...
Iranian hackers breach defense orgs in password spray attacks
Image: Midjourney Microsoft says an Iranian-backed threat group has targeted thousands of organizations in the U.S. and worldwide in password...
Windows 11 ‘ThemeBleed’ RCE bug gets proof-of-concept exploit
Proof-of-concept exploit code has been published for a Windows Themes vulnerability tracked as CVE-2023-38146 that allows remote attackers to execute code....
MGM casino’s ESXi servers allegedly encrypted in ransomware attack
An affiliate of the BlackCat ransomware group, also known as APLHV, is behind the attack that disrupted MGM Resorts’ operations, forcing...
Caesars Entertainment confirms ransom payment, customer data theft
Caesars Entertainment, self-described as the largest U.S. casino chain with the most extensive loyalty program in the industry, says it...
Auckland transport authority hit by suspected ransomware attack
The Auckland Transport (AT) transportation authority in New Zealand is dealing with a widespread outage caused by a cyber incident,...
Microsoft Monthly Security Update (September 2023)
Microsoft has released monthly security update for their products: Vulnerable ProductRisk LevelImpactsNotesBrowser Low Risk Windows High RiskElevation of Privilege Denial of Service...
Avoid These 5 IT Offboarding Pitfalls
Employee offboarding is no one's favorite task, yet it is a critical IT process that needs to be executed diligently...
Free Download Manager Site Compromised to Distribute Linux Malware to Users for 3+ Years
A download manager site served Linux users malware that stealthily stole passwords and other sensitive information for more than three...
Microsoft Uncovers Flaws in ncurses Library Affecting Linux and macOS Systems
A set of memory corruption flaws have been discovered in the ncurses (short for new curses) programming library that could...
US-CERT Vulnerability Summary for the Week of September 4, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infocanonical_ltd. -- snapd_for_linuxUsing the TIOCLINUX ioctl request, a malicious snap could inject...
PSA: Ongoing Webex malvertising campaign drops BatLoader
A new malvertising campaign is targeting corporate users who are downloading the popular web conferencing software Webex. Threat actors have...
N-Able’s Take Control Agent Vulnerability Exposes Windows Systems to Privilege Escalation
A high-severity security flaw has been disclosed in N-Able's Take Control Agent that could be exploited by a local unprivileged...
Russian Journalist’s iPhone Compromised by NSO Group’s Zero-Click Spyware
The iPhone belonging to Galina Timchenko, a prominent Russian journalist and critic of the government, was compromised with NSO Group's...
Hackers use new 3AM ransomware to save failed LockBit attack
A new ransomware strain called 3AM has been uncovered after a threat actor used it in an attack that failed...
How end-user phishing training works (and why it doesn’t)
It always takes two for a phishing attack to work – an attacker to send the bait and an insider...
Rollbar discloses data breach after hackers stole access tokens
Software bug-tracking company Rollbar disclosed a data breach after unknown attackers hacked its systems in early August and gained access...
