Chinese PostalFurious Gang Strikes UAE Users with Sneaky SMS Phishing Scheme
A Chinese-speaking phishing gang dubbed PostalFurious has been linked to a new SMS campaign that's targeting users in the U.A.E....
News
Cyclops Ransomware Gang Offers Go-Based Info Stealer to Cybercriminals
Threat actors associated with the Cyclops ransomware have been observed offering an information stealer malware that's designed to capture sensitive...
Zyxel Firewalls Under Attack! Urgent Patching Required
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday placed two recently disclosed flaws in Zyxel firewalls to its...
The Genesis Market Takedown – Keep Users Credentials Secure
For years, "dark" markets have contained stolen credentials for sale. One of the larger and more notorious markets was the...
Microsoft links Clop ransomware gang to MOVEit data-theft attacks
Microsoft has linked the Clop ransomware gang to recent attacks exploiting a zero-day vulnerability in the MOVEit Transfer platform to...
New tool scans iPhones for ‘Triangulation’ malware infection
Cybersecurity firm Kaspersky has released a tool to detect if Apple iPhones and other iOS devices are infected with a...
Clop ransomware claims responsibility for MOVEit extortion attacks
The Clop ransomware gang has told BleepingComputer they are behind the MOVEit Transfer data-theft attacks, where a zero-day vulnerability was...
SpinOk Android malware found in more apps with 30 million installs
The SpinOk malware was found in a new batch of Android apps on Google Play, reportedly installed an additional 30...
KeePass v2.54 fixes bug that leaked cleartext master password
KeePass has released version 2.54, fixing the CVE-2023-32784 vulnerability that allows the extraction of the cleartext master password from the...
GIGABYTE releases new firmware to fix recently disclosed security flaws
Gigabyte B660M GAMING X DDR4 Source: GIGABYTE.com GIGABYTE has released firmware updates to fix security vulnerabilities in over 270 motherboards...
Microsoft: Lace Tempest Hackers Behind Active Exploitation of MOVEit Transfer App
Microsoft has officially linked the ongoing active exploitation of a critical flaw in the Progress Software MOVEit Transfer application to...
The Annual Report: 2024 Plans and Priorities for SaaS Security
Over 55% of security executives report that they have experienced a SaaS security incident in the past two years —...
US-CERT Vulnerability Summary for the Week of May 22, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of...
Magento, WooCommerce, WordPress, and Shopify Exploited in Web Skimmer Attack
Cybersecurity researchers have unearthed a new ongoing Magecart-style web skimmer campaign that's designed to steal personally identifiable information (PII) and...
Alarming Surge in TrueBot Activity Revealed with New Delivery Vectors
A surge in TrueBot activity was observed in May 2023, cybersecurity researchers disclosed. "TrueBot is a downloader trojan botnet that...
Brazilian Cybercriminals Using LOLBaS and CMD Scripts to Drain Bank Accounts
An unknown cybercrime threat actor has been observed targeting Spanish- and Portuguese-speaking victims to compromise online banking accounts in Mexico,...
CISA orders govt agencies to patch MOVEit bug used for data theft
CISA has added an actively exploited security bug in the Progress MOVEit Transfer managed file transfer (MFT) solution to its...
Atomic Wallet hacks lead to over $35 million in crypto stolen
The developers of Atomic Wallet are investigating reports of large-scale theft of cryptocurrency from users' wallets, with over $35 million...
Hackers hijack legitimate sites to host credit card stealer scripts
A new Magecart credit card stealing campaign hijacks legitimate sites to act as "makeshift" command and control (C2) servers to...
US-CERT Vulnerability Summary for the Week of May 22, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of...
Zyxel shares tips on protecting firewalls from ongoing attacks
Zyxel has published a security advisory containing guidance on protecting firewall and VPN devices from ongoing attacks and detecting signs...
Online sellers targeted by new information-stealing malware campaign
Online sellers are targeted in a new campaign to push the Vidar information-stealing malware, allowing threat actors to steal credentials...
US-CERT Vulnerability Summary for the Week of May 22, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of...
FTC Slams Amazon with $30.8M Fine for Privacy Violations Involving Alexa and Ring
The U.S. Federal Trade Commission (FTC) has fined Amazon a cumulative $30.8 million over a series of privacy lapses regarding...
