Bl00dy Ransomware Gang Strikes Education Sector with Critical PaperCut Vulnerability
U.S. cybersecurity and intelligence agencies have warned of attacks carried out by a threat actor known as the Bl00dy Ransomware...
News
New Stealthy Variant of Linux Backdoor BPFDoor Emerges from the Shadows
A previously undocumented and mostly undetected variant of a Linux backdoor called BPFDoor has been spotted in the wild, cybersecurity...
New Phishing-as-a-Service Platform Lets Cybercriminals Generate Convincing Phishing Pages
A new phishing-as-a-service (PhaaS or PaaS) platform named Greatness has been leveraged by cybercriminals to target business users of the...
Netgear Routers’ Flaws Expose Users to Malware, Remote Attacks, and Surveillance
As many as five security flaws have been disclosed in Netgear RAX30 routers that could be chained to bypass authentication...
Toyota: Car location data of 2 million customers exposed for ten years
Toyota Motor Corporation disclosed a data breach on its cloud environment that exposed the car-location information of 2,150,000 customers for...
FBI: Bl00dy Ransomware targets education orgs in PaperCut attacks
The FBI and CISA issued a joint advisory to warn that the Bl00dy Ransomware gang is now also actively exploiting...
CISA warns of critical Ruckus bug used to infect Wi-Fi access points
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned today of a critical remote code execution (RCE) flaw in the...
The Week in Ransomware – May 12th 2023 – New Gangs Emerge
This week we have multiple reports of new ransomware families targeting the enterprise, named Cactus and Akira, both increasingly active...
Discord discloses data breach after support agent got hacked
Discord is notifying users of a data breach that occurred after the account of a third-party support agent was compromised....
US-CERT Vulnerability Summary for the Week of May 1, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Twitter rolls out encrypted DMs, but only for paying accounts
Twitter has launched its 'Encrypted Direct Messages' feature allowing paid Twitter Blue subscribers to send end-to-end encrypted messages to other...
Former Ubiquiti dev who extorted the firm gets six years in prison
Nickolas Sharp, a former senior developer of Ubiquiti, was sentenced to six years in prison for stealing company data, attempting...
Stealthier version of Linux BPFDoor malware spotted in the wild
A new, stealthier variant of the Linux malware 'BPFDoor' has been discovered, featuring more robust encryption and reverse shell communications....
WordPress Elementor plugin bug let attackers hijack accounts on 1M sites
One of WordPress's most popular Elementor plugins, "Essential Addons for Elementor," was found to be vulnerable to an unauthenticated privilege...
Brightly warns of SchoolDude data breach exposing credentials
U.S. tech company and Siemens subsidiary Brightly Software is notifying customers that their personal information and credentials were stolen by...
Babuk code used by 9 ransomware gangs to encrypt VMWare ESXi servers
An increasing number of ransomware operations are adopting the leaked Babuk ransomware source code to create Linux encryptors targeting VMware...
Multinational tech firm ABB hit by Black Basta ransomware attack
Swiss multinational company ABB, a leading electrification and automation technology provider, has suffered a Black Basta ransomware attack, reportedly impacting...
US-CERT Vulnerability Summary for the Week of May 1, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
New APT Group Red Stinger Targets Military and Critical Infrastructure in Eastern Europe
A previously undetected advanced persistent threat (APT) actor dubbed Red Stinger has been linked to attacks targeting Eastern Europe since...
Spanish Police Takes Down Massive Cybercrime Ring, 40 Arrested
The National Police of Spain said it arrested 40 individuals for their alleged involvement in an organized crime gang called...
Babuk Source Code Sparks 9 Different Ransomware Strains Targeting VMware ESXi Systems
Multiple threat actors have capitalized on the leak of Babuk (aka Babak or Babyk) ransomware code in September 2021 to...
How Attack Surface Management Supports Continuous Threat Exposure Management
According to Forrester, External Attack Surface Management (EASM) emerged as a market category in 2021 and gained popularity in 2022....
GitHub Extends Push Protection to Prevent Accidental Leaks of Keys and Other Secrets
GitHub has announced the general availability of a new security feature called push protection, which aims to prevent developers from...
Twitter Finally Rolling Out Encrypted Direct Messages — Starting with Verified Users
Twitter is officially beginning to roll out support for encrypted direct messages (DMs) on the platform, more than six months...
