Facebook Messenger phishing wave targets 100K business accounts per week
Hackers use a massive network of fake and compromised Facebook accounts to send out millions of Messenger phishing messages to...
News
Iranian hackers backdoor 34 orgs with new Sponsor malware
A nation-state threat actor known as 'Charming Kitten' (Phosphorus, TA453, APT35/42) has been observed deploying a previously unknown backdoor malware...
MGM Resorts shuts down IT systems after cyberattack
MGM Resorts International disclosed today that it is dealing with a cybersecurity issue that impacted some of its systems, including...
CISA warns govt agencies to secure iPhones against spyware attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered federal agencies today to patch security vulnerabilities abused as part of...
New WiKI-Eve attack can steal numerical passwords over WiFi
A new attack dubbed 'WiKI-Eve' can intercept the cleartext transmissions of smartphones connected to modern WiFi routers and deduce individual...
Google Chrome Remote Code Execution Vulnerability
A vulnerability was identified in Google Chrome. A remote attacker could exploit this vulnerability to trigger remote code execution on...
Evil Telegram Mods Removed From Google Play
Security researchers have revealed a number of lookalike Telegram apps on the official Play store which were modified to contain...
AP Stylebook Breach May Have Hit Hundreds of Journalists
The Associated Press (AP) has warned that users of a popular writing style guide have been hit by phishing attacks...
IT Systems Encrypted After UK School Hit By Ransomware
A spate of cyber-attacks against UK schools has claimed its latest victim after a Maidstone secondary school suffered a serious...
Pentagon Urges Collaboration in Cyber Defense
In a discussion at the FedTalks event in Washington last Thursday, Leslie A. Beavers, principal deputy chief information officer at...
Lazarus Group Targets macOS in Supply Chain Assault
Cybersecurity firm ESET has detected a significant supply chain attack targeting macOS devices. The Lazarus Group, known for its advanced...
Ransomware Attack Wipes Out Four Months of Sri Lankan Government Data
Investigations have begun into a massive ransomware attack that has affected Sri Lanka’s government cloud system, Lanka Government Cloud (LGC).The...
Cuba Ransomware Group Unleashes Undetectable Malware
Security researchers at Kaspersky have unveiled research into the activities of the notorious ransomware group known as Cuba. According to...
US-CERT Vulnerability Summary for the Week of September 4, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infocanonical_ltd. -- snapd_for_linuxUsing the TIOCLINUX ioctl request, a malicious snap could inject...
New HijackLoader Modular Malware Loader Making Waves in the Cybercrime World
A new malware loader called HijackLoader is gaining traction among the cybercriminal community to deliver various payloads such as DanaBot,...
Google Chrome Rolls Out Support for ‘Privacy Sandbox’ to Bid Farewell to Tracking Cookies
Google has officially begun its rollout of Privacy Sandbox in the Chrome web browser to a majority of its users,...
Vietnamese Hackers Deploy Python-Based Stealer via Facebook Messenger
A new phishing attack is leveraging Facebook Messenger to propagate messages with malicious attachments from a "swarm of fake and...
Cybercriminals Using PowerShell to Steal NTLMv2 Hashes from Compromised Windows
A new cyber attack campaign is leveraging the PowerShell script associated with a legitimate red teaming tool to plunder NTLMv2...
How to Prevent API Breaches: A Guide to Robust Security
With the growing reliance on web applications and digital platforms, the use of application programming interfaces (APIs) has become increasingly...
Charming Kitten’s New Backdoor ‘Sponsor’ Targets Brazil, Israel, and U.A.E.
The Iranian threat actor known as Charming Kitten has been linked to a new wave of attacks targeting different entities...
US-CERT Vulnerability Summary for the Week of August 28, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoearcms -- ear_appAn issue found in Earcms Ear App v.20181124 allows a...
Microsoft Teams phishing attack pushes DarkGate malware
A new phishing campaign is abusing Microsoft Teams messages to send malicious attachments that install the DarkGate Loader malware. The...
US-CERT Vulnerability Summary for the Week of August 28, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoearcms -- ear_appAn issue found in Earcms Ear App v.20181124 allows a...
Millions Infected by Spyware Hidden in Fake Telegram Apps on Google Play
Spyware masquerading as modified versions of Telegram have been spotted in the Google Play Store that's designed to harvest sensitive...
