GO#WEBBFUSCATOR campaign hides malware in NASA’s James Webb Space Telescope image
A malware campaign tracked as GO#WEBBFUSCATOR used an image taken from NASA’s James Webb Space Telescope (JWST) as a lure....
News
Experts spotted five malicious Google Chrome extensions used by 1.4M users
Researchers spotted 5 malicious Google Chrome extensions used to track users’ browsing activity and profit of retail affiliate programs. McAfee...
China-linked APT40 used ScanBox Framework in a long-running espionage campaign
Experts uncovered a cyber espionage campaign conducted by a China-linked APT group and aimed at several entities in the South...
Russian streaming platform Start discloses a data breach impacting 7.5M users
The Russian subscription-based streaming service Start discloses a data breach affecting 7.5 million users. The Russian media streaming platform START...
Cyber Security Managed Services 101
MSP partnerships are growing in line with rapid cloud migration and the evolving threat landscape. Discover how an MSP can...
US-CERT Bulletin (SB22-241):Vulnerability Summary for the Week of August 22, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
A new Google bug bounty program now covers Open Source projects
Google this week launched a new bug bounty program that covers the open source projects of the IT giant. Google...
Three campaigns delivering multiple malware, including ModernLoader and XMRig miner
Researchers spotted three campaigns delivering multiple malware, including ModernLoader, RedLine Stealer, and cryptocurrency miners Cisco Talos researchers observed three separate,...
A study on malicious plugins in WordPress Marketplaces
A group of researchers from the Georgia Institute of Technology discovered malicious plugins on tens of thousands of WordPress sites....
World’s largest distributors of books Baker & Taylor hit by ransomware
Baker & Taylor, one of the world’s largest distributors of books, revealed that it was hit by a ransomware attack....
Crooks are increasingly targeting DeFi platforms to steal cryptocurrency
The U.S. FBI warns investors that crooks are increasingly exploiting security issues in Decentralized Finance (DeFi) platforms to steal cryptocurrency....
US FTC sued US data broker Kochava for selling sensitive and geolocation data
The U.S. FTC sued US data broker Kochava for selling sensitive and precise geolocation data collected from hundreds of millions...
Twilio breach let attackers access Authy two-factor accounts of 93 users
Threat actors behind the Twilio hack also gained access to the accounts of 93 individual users of its Authy two-factor...
Nitrokod crypto miner infected systems across 11 countries since 2019
Researchers spotted a Turkish-based crypto miner malware campaign, tracked as Nitrokod, which infected systems across 11 countries. Check Point researchers...
CISA adds 10 new flaws to its Known Exploited Vulnerabilities Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added 10 new flaws to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity...
Scammers used a deepfake AI hologram of Binance executive to scam crypto projects
Scammers used a deepfake AI hologram of the Binance chief communications officer for fraudulent activities. Patrick Hillmann, chief communications officer...
COVID-19 data put for sale on Dark Web
Researchers discovered leaked PII stolen from Thailand’s Department of Medical Sciences containing information about citizens with COVID-19. Resecurity, a California-based...
Surveillance firm’s leaked docs show the purchase of an $8M iOS RCE zero-day exploit
Leaked documents show the surveillance firm Intellexa offering exploits for iOS and Android devices for $8 Million. Intellexa is an...
Experts warn of the first known phishing attack against PyPI
The Python Package Index (PyPI) warns of an ongoing phishing campaign to steal developer credentials and distribute malicious updates. The...
Security Affairs newsletter Round 381
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
New Agenda Ransomware appears in the threat landscape
Trend Micro researchers warn of a new ransomware family called Agenda, which has been used in attacks on organizations in...
Twilio hackers also breached the food delivery firm DoorDash
Twilio hackers also compromised the food delivery firm DoorDash, the attackers had access to company data, including customer and employee...
Unprecedented cyber attack hit State Infrastructure of Montenegro
The state Infrastructure of Montenegro was hit by a massive and “unprecedented” cyber attack, authorities announced. An unprecedented cyber attack...
Threat actor abuses Genshin Impact Anti-Cheat driver to disable antivirus
Threat actors abused a vulnerable anti-cheat driver for the Genshin Impact video game to disable antivirus software. Threat actors abused...
