Protecting collocated servers from DDoS attacks using GRE tunnels
For any company that relies heavily on online sales and transactions, the increasing number of cyberattacks targeting e-commerce websites is...
News
IceFire ransomware now encrypts both Linux and Windows systems
Threat actors linked to the IceFire ransomware operation now actively target Linux systems worldwide with a new dedicated encryptor. SentinelLabs...
AT&T alerts 9 million customers of data breach after vendor hack
AT&T is notifying roughly 9 million customers that some of their information was exposed after a marketing vendor was hacked...
GitHub makes 2FA mandatory next week for active developers
GitHub will start requiring active developers to enable two-factor authentication (2FA) on their accounts beginning next week, on March 13....
FBI warns of cryptocurrency theft via “play-to-earn” games
Cybercriminals are now using fake rewards in so-called "play-to-earn" mobile and online games to steal millions worth of cryptocurrency, according...
Akamai mitigates record-breaking 900Gbps DDoS attack in Asia
Akamai reports having mitigated the largest DDoS (distributed denial of service) attack ever launched against a customer based in the...
SonicWall devices infected by malware that survives firmware upgrades
A suspected Chinese hacking campaign has been targeting unpatched SonicWall Secure Mobile Access (SMA) appliances to install custom malware that...
Police seize Netwire RAT malware infrastructure, arrest admin
An international law enforcement operation involving the FBI and police agencies worldwide led to the arrest of the suspected administrator...
Microsoft: Business email compromise attacks can take just hours
Microsoft’s Security Intelligence team recently investigated a business email compromise (BEC) attack and found that attackers move rapidly, with some...
Xenomorph Android malware now steals data from 400 banks
The Xenomorph Android malware has released a new version that adds significant capabilities to conduct malicious attacks, including a new...
CISA warns of critical VMware RCE flaw exploited in attacks
CISA has added a critical severity vulnerability in VMware's Cloud Foundation to its catalog of security flaws exploited in the...
Mental health provider Cerebral alerts 3.1M people of data breach
Healthcare platform Cerebral is sending data breach notices to 3.18 million people who have interacted with its websites, applications, and...
Security researchers targeted with new malware via job offers on LinkedIn
A suspected North Korean hacking group is targeting security researchers and media organizations in the U.S. and Europe with fake job...
Blackbaud to pay $3M for misleading ransomware attack disclosure
Cloud software provider Blackbaud has agreed to pay $3 million to settle charges brought by the Securities and Exchange Commission...
Brazil seizing Flipper Zero shipments to prevent use in crime
The Brazilian National Telecommunications Agency is seizing incoming Flipper Zero purchases due to its alleged use in criminal activity, with...
New GoBruteforcer malware targets phpMyAdmin, MySQL, FTP, Postgres
A newly discovered Golang-based botnet malware scans for and infects web servers running phpMyAdmin, MySQL, FTP, and Postgres services. According...
Clop ransomware gang begins extorting GoAnywhere zero-day victims
The Clop ransomware gang has begun extorting companies whose data was stolen using a zero-day vulnerability in the Fortra GoAnywhere...
CISA warns of actively exploited Plex bug after LastPass breach
CISA has added an almost three-year-old high-severity remote code execution (RCE) vulnerability in the Plex Media Server to its catalog...
The Week in Ransomware – March 10th 2023 – Police Take Action
This week's biggest news was the coordinated, international law enforcement operation between Europol, the FBI, the Netherlands, Germany, and Ukraine...
IceFire Ransomware Exploits IBM Aspera Faspex to Attack Linux-Powered Enterprise Networks
A previously known Windows-based ransomware strain known as IceFire has expanded its focus to target Linux enterprise networks belonging to...
Hackers Exploiting Remote Desktop Software Flaws to Deploy PlugX Malware
Security vulnerabilities in remote desktop programs such as Sunlogin and AweSun are being exploited by threat actors to deploy the...
Acer confirms breach after 160GB of data for sale on hacking forum
Taiwanese computer giant Acer confirmed that it suffered a data breach after threat actors hacked a server hosting private documents...
Android March 2023 update fixes two critical code execution flaws
Google has released March 2023 security updates for Android, fixing a total of 60 flaws, and among them, two critical-severity...
DuckDuckGo launches AI-powered search query answering tool
Privacy-focused search engine DuckDuckGo has launched the first beta version of DuckAssist, an AI-assisted feature that writes accurate summaries to...
