Thousands of Citrix servers vulnerable to patched critical flaws
Thousands of Citrix ADC and Gateway deployments remain vulnerable to two critical-severity security issues that the vendor fixed in recent months....
News
Ransomware attack at Louisiana hospital impacts 270,000 patients
The Lake Charles Memorial Health System (LCMHS) is sending out notices of a data breach affecting thousands of people who...
BlueNoroff introduces new methods bypassing MoTW
BlueNoroff group is a financially motivated threat actor eager to profit from its cyberattack capabilities. We have published technical details...
Hackers steal $8 million from users running trojanized BitKeep apps
Multiple BitKeep crypto wallet users reported that their wallets were emptied during Christmas after hackers triggered transactions that didn't require...
EarSpy attack eavesdrops on Android phones via motion sensors
A team of researchers has developed an eavesdropping attack for Android devices that can, to various degrees, recognize the caller's...
BTC.com lost $3 million worth of cryptocurrency in cyberattack
BTC.com, one of the world's largest cryptocurrency mining pools, announced it was the victim of a cyberattack that resulted in...
Hacker claims to be selling Twitter data of 400 million users
A threat actor claims to be selling public and private data of 400 million Twitter users scraped in 2021 using...
CISO’s Challenges Involved with Business Leader & SOC
Yohei Ishihara, IoT security evangelist at Trend Micro, discussed the challenges CISOs facing within organizations driving industrial IoT. If you...
New info-stealer malware infects software pirates via fake cracks sites
A new information-stealing malware named ‘RisePro’ is being distributed through fake cracks sites operated by the PrivateLoader pay-per-install (PPI) malware...
Hackers exploit bug in WordPress gift card plugin with 50K installs
Hackers are actively targeting a critical flaw in YITH WooCommerce Gift Cards Premium, a WordPress plugin used on over 50,000...
Massive Twitter data leak investigated by EU privacy watchdog
Source: DALL-E The Irish Data Protection Commission (DPC) has launched an inquiry following last month's news reports of a massive Twitter...
The Week in Ransomware – December 23rd 2022 – Targeting Microsoft Exchange
Reports this week illustrate how threat actors consider Microsoft Exchange as a prime target for gaining initial access to corporate...
IcedID Botnet Distributors Abuse Google PPC to Distribute Malware
We analyze the latest changes in IcedID botnet from a campaign that abuses Google pay per click (PPC) ads to...
North Korea linked threat actors have stolen an estimated billion worth of cryptocurrency and other virtual assets in the past five years
North Korea-linked threat actors have stolen an estimated $1.2 billion worth of cryptocurrency and other virtual assets in the past...
The nbsp data breach suffered by LastPass in August may have been more severe than previously thought
The data breach suffered by LastPass in August 2022 may have been more severe than previously thought.In August password management software...
Microsoft spotted an upgraded variant of the Zerobot botnet that spreads by exploiting Apache vulnerabilities
Microsoft spotted an upgraded variant of the Zerobot botnet that spreads by exploiting Apache vulnerabilities.Microsoft Threat Intelligence Center (MSTIC) researchers...
Ghost CMS vulnerable to critical authentication bypass flaw
A critical vulnerability in the Ghost CMS newsletter subscription system could allow external users to create newsletters or modify existing...
Leading sports betting firm BetMGM discloses data breach
Leading sports betting company BetMGM disclosed a data breach after a threat actor stole personal information belonging to an undisclosed...
DuckDuckGo now blocks Google sign-in pop-ups on all sites
DuckDuckGo apps and extensions are now blocking Google Sign-in pop-ups on all its apps and browser extensions, removing what it...
Lastpass: Hackers stole customer vault data in cloud storage breach
LastPass revealed today that attackers stole customer vault data after breaching its cloud storage earlier this year using information stolen...
Ransomware and wiper signed with stolen certificates
Introduction On July 17, 2022, Albanian news outlets reported a massive cyberattack that affected Albanian government e-services. A few weeks...
North Korea linked threat actors have stolen an estimated billion worth of cryptocurrency and other virtual assets in the past five years
North Korea-linked threat actors have stolen an estimated $1.2 billion worth of cryptocurrency and other virtual assets in the past...
Microsoft spotted an upgraded variant of the Zerobot botnet that spreads by exploiting Apache vulnerabilities
Microsoft spotted an upgraded variant of the Zerobot botnet that spreads by exploiting Apache vulnerabilities.Microsoft Threat Intelligence Center (MSTIC) researchers...
The Vice Society ransomware group has adopted new custom ransomware with a strong encryption scheme in recent intrusions
The Vice Society ransomware group has adopted new custom ransomware, with a strong encryption scheme, in recent intrusions.SentinelOne researchers discovered...
