Microsoft urges Exchange admins to remove some antivirus exclusions
Microsoft says admins should remove some previously recommended antivirus exclusions for Exchange servers to boost the servers' security. As the company explained,...
News
Forsage DeFi platform founders indicted for $340 million scam
A Federal grand jury in the District of Oregon has indicted four Russian nationals founders of Forsage decentralized finance (DeFi) cryptocurrency...
Brave browser to block “open in app” prompts, pool-party attacks
The next major version of the privacy-focused Brave browser will start blocking annoyances like "open in app" prompts and will feature better...
Stanford University discloses data breach affecting PhD applicants
Stanford University disclosed a data breach after files containing Economics Ph.D. program admission information were downloaded from its website between...
News Corp says state hackers were on its network for two years
Mass media and publishing giant News Corporation (News Corp) says that attackers behind a breach disclosed in 2022 first gained access...
Dutch Police arrest three ransomware actors extorting €2.5 million
The Amsterdam cybercrime police team has arrested three men for ransomware activity that generated €2.5 million from extorting small and...
TELUS investigating leak of stolen source code, employee data
Canada's second-largest telecom, TELUS is investigating a potential data breach after a threat actor shared samples online of what appears to...
How to Use AI in Cybersecurity and Avoid Being Trapped
The use of AI in cybersecurity is growing rapidly and is having a significant impact on threat detection, incident response,...
Google Teams Up with Ecosystem Partners to Enhance Security of SoC Processors
Google said it's working with ecosystem partners to harden the security of firmware that interacts with Android. While the Android...
CISA Sounds Alarm on Cybersecurity Threats Amid Russia’s Invasion Anniversary
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is urging organizations and individuals to increase their cyber vigilance, as Russia's...
How to Tackle the Top SaaS Challenges of 2023
Are you prepared to tackle the top SaaS challenges of 2023? With high-profile data breaches affecting major companies like Nissan...
Even Top-Ranked Android Apps in Google Play Store Provide Misleading Data Safety Labels
An investigation into data safety labels for Android apps available on the Google Play Store has uncovered "serious loopholes" that...
US-CERT Bulletin (SB23-052):Vulnerability Summary for the Week of February 13, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
New S1deload Malware Hijacking Users’ Social Media Accounts and Mining Cryptocurrency
An active malware campaign has set its sights on Facebook and YouTube users by leveraging a new information stealer to...
Lazarus Group Likely Using New WinorDLL64 Backdoor to Exfiltrate Sensitive Data
A new backdoor associated with a malware downloader named Wslink has been discovered, with the tool likely used by the...
New Hacking Cluster ‘Clasiopa’ Targeting Materials Research Organizations in Asia
Materials research organizations in Asia have been targeted by a previously unknown threat actor using a distinct set of tools....
The Secret Vulnerability Finance Execs are Missing
The (Other) Risk in Finance# A few years ago, a Washington-based real estate developer received a document link from First...
Experts Sound Alarm Over Growing Attacks Exploiting Zoho ManageEngine Products
Multiple threat actors have been observed opportunistically weaponizing a now-patched critical security vulnerability impacting several Zoho ManageEngine products since January...
Hackers Using Trojanized macOS Apps to Deploy Evasive Cryptocurrency Mining Malware
Trojanized versions of legitimate applications are being used to deploy evasive cryptocurrency mining malware on macOS systems. Jamf Threat Labs,...
Python Developers Warned of Trojanized PyPI Packages Mimicking Popular Libraries
Cybersecurity researchers are warning of "imposter packages" mimicking popular libraries available on the Python Package Index (PyPI) repository. The 41...
Gcore Thwarts Massive 650 Gbps DDoS Attack on Free Plan Client
At the beginning of January, Gcore faced an incident involving several L3/L4 DDoS attacks with a peak volume of 650...
U.S. Cybersecurity Agency CISA Adds Three New Vulnerabilities in KEV Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added three security flaws to its Known Exploited Vulnerabilities (KEV)...
Attackers Flood NPM Repository with Over 15,000 Spam Packages Containing Phishing Links
In what's a continuing assault on the open source ecosystem, over 15,000 spam packages have flooded the npm repository in...
Threat Actors Adopt Havoc Framework for Post-Exploitation in Targeted Attacks
An open source command-and-control (C2) framework known as Havoc is being adopted by threat actors as an alternative to other...
