Prevent Cryptocurrency Cyber Extortion
Highly destructive cybercrime is on the rise, and most of it is being funded with anonymous cryptocurrency. We review cryptocurrency...
News
Brave launches FrodoPIR, a privacy-focused database query system
Brave Software developers have created a new privacy-centric database query system called FrodoPIR that retrieves data from servers without disclosing the...
Vice Society ransomware gang switches to new custom encryptor
The Vice Society ransomware operation has switched to using a custom ransomware encrypt that implements a strong, hybrid encryption scheme...
Comcast Xfinity accounts hacked in widespread 2FA bypass attacks
​Comcast Xfinity customers report their accounts being hacked in widespread attacks that bypass two-factor authentication. These compromised accounts are then...
FIN7 hackers create auto-attack platform to breach Exchange servers
The notorious FIN7 hacking group uses an automated attack system that exploits Microsoft Exchange and SQL injection vulnerabilities to breach...
Google Ad fraud campaign used adult content to make millions
A massive advertising fraud campaign using Google Ads and 'popunders' on adult sites is estimated to have generated millions of...
Okta’s source code stolen after GitHub repositories hacked
Okta, a leading provider of authentication services and Identity and Access Management (IAM) solutions, says that its private GitHub repositories were...
GodFather Android malware targets 400 banks, crypto exchanges
An Android banking malware named 'Godfather' has been targeting users in 16 countries, attempting to steal account credentials for over...
FBI warns of search engine ads pushing malware, phishing
The FBI warns that threat actors are using search engine advertisements to promote websites distributing ransomware or stealing login credentials...
Raspberry Robin worm drops fake malware to confuse researchers
The Raspberry Robin malware is now trying its hand at some trickery by dropping a fake payload to confuse researchers...
Hackers bombard PyPi platform with information-stealing malware
The PyPi python package repository is being bombarded by a wave of information-stealing malware hiding inside malicious packages uploaded to...
Ransomware gang uses new Microsoft Exchange exploit to breach servers
Play ransomware threat actors are using a new exploit chain that bypasses ProxyNotShell URL rewrite mitigations to gain remote code...
Corsair keyboard bug makes it type on its own, no malware involved
Corsair has confirmed that a bug in the firmware of K100 keyboards, and not malware, is behind previously entered text...
Restaurant CRM platform ‘SevenRooms’ confirms breach after data for sale
Restaurant customer management platform SevenRooms has confirmed it suffered a data breach after a threat actor began selling stolen data on...
Microsoft will turn off Exchange Online basic auth in January
Microsoft warned today that it will permanently turn off Exchange Online basic authentication starting early January 2023 to improve security....
Malicious ‘SentinelOne’ PyPI package steals data from developers
Threat actors have published a malicious Python package on PyPI, named 'SentinelOne,' that pretends to be the legitimate SDK client...
Ukraine’s DELTA military system users targeted by info-stealing malware
A compromised Ukrainian Ministry of Defense email account was found sending phishing emails and instant messages to users of the...
Zerobot malware now spreads by exploiting Apache vulnerabilities
The Zerobot botnet has been upgraded to infect new devices by exploiting security vulnerabilities affecting Internet-exposed and unpatched Apache servers. The...
T-Mobile hacker gets 10 years for $25 million phone unlock scheme
Argishti Khudaverdyan, the former owner of a T-Mobile retail store, was sentenced to 10 years in prison for a $25...
DraftKings warns data of 67K people was exposed in account hacks
Sports betting company DraftKings revealed last week that more than 67,000 customers had their personal information exposed following a credential attack in...
Glupteba malware is back in action after Google disruption
The Glupteba malware botnet has sprung back into action, infecting devices worldwide after its operation was disrupted by Google almost...
Microsoft finds macOS bug that lets malware bypass security checks
Apple has fixed a vulnerability attackers could leverage to deploy malware on vulnerable macOS devices via untrusted applications capable of...
Russians hacked JFK airport’s taxi dispatch system for profit
Two U.S. citizens were arrested for allegedly conspiring with Russian hackers to hack the John F. Kennedy International Airport (JFK)...
Play ransomware claims attack on German hotel chain H-Hotels
The Play ransomware gang has claimed responsibility for a cyber attack on H-Hotels (h-hotels.com) that has resulted in communication outages...
