Norton Crypto, the controversial cryptomining feature of Norton 360
Experts warn that the popular antivirus product Norton 360 has installed a cryptocurrency miner on its customers’ computers. Many users...
News
Over 3.7 million accounts were compromised in the FlexBooker data breach
The appointment scheduling service FlexBooker discloses a data breach that impacted over 3.7 million accounts. Threat actors compromised the FlexBooker...
Night Sky, a new ransomware operation in the threat landscape
Researchers warn of a new ransomware family, called ‘Night Sky,’ that uses a double-extortion model in attacks again businesses. Researchers...
North Korea-linked Konni APT targets Russian diplomatic bodies
North Korea-linked APT group Konni targets Russian Federation’s Ministry of Foreign Affairs (MID) new versions of malware implants. Security researchers...
Threat actors stole 1.1 million customer accounts from 17 well-known companies
NY OAG warned 17 companies that roughly 1.1 million of their customers have had their user accounts compromised in credential...
Google Docs comment feature abused in phishing campaign
Experts warn of a new phishing technique that abuses the commenting feature of Google Docs to send out emails that...
New iPhone malware spies via camera when device appears off
When removing malware from an iOS device, it is said that users need to restart the device to clear the...
France hits Google, Facebook with fines over ‘Cookies’ management
The French data privacy and protection authority hit Google and Facebook with 210 million euros ($237 million) in fines. France’s...
Hackers take over 1.1 million accounts by trying reused passwords
The New York State Office of the Attorney General has warned 17 companies that roughly 1.1 million customers have had...
Intercepting 2FA: Over 1200 man-in-the-middle phishing toolkits detected
Two-factor authentication (2FA) has been around for a while now and for the majority of tech users in the US...
Card skimmers strike Sotheby’s in Brightcove supply chain attack
Over 100 real estate websites have been compromised by the same web skimmer in a supply chain attack. So what...
NoReboot persistence technique fakes iPhone shutdown
Researchers devised a sophisticated persistence technique, named NoReboot, for iOS malware that fake shut downs. Researchers from Zecops devised a...
VMware fixed CVE-2021-22045 heap-overflow in Workstation, Fusion and ESXi
VMware addressed a heap-overflow issue (CVE-2021-22045) in Workstation, Fusion and CVE-2021-22045 products that can lead to code execution on the...
Workshop: Building Modern Applications with DevOps Security
In this workshop, you’ll learn how to leverage DevOps Security with your serverless applications running on AWS Lambda or containerized...
FTC warns legal action against businesses who fail to mitigate Log4J attacks
The US Federal Trade Commission (FTC) has warned legal action against companies who fail to secure their infrastructure against Log4Shell...
Careful! Uber flaw allows anyone to send an email from uber.com
On New Year’s Eve, Seif Elsallamy (@0x21SAFE on Twitter), a bug bounty hunter and security researcher, pointed out a phish-worthy security...
$10m of funds goes missing in what appears to be a cryptocurrency rug-pull
There’s a lot of concern in the cryptocurrency realm at the moment. A yield farming platform “utilizing arbitrage to gain...
Threat actors continue to exploit Log4j flaws in their attacks, Microsoft Warns
Threat actors continue to attempt to exploit Apache Log4J vulnerabilities in their campaigns to deploy malware on target systems, Microsoft...
Researchers used electromagnetic signals to classify malware infecting IoT devices
Cybersecurity researchers demonstrate how to use electromagnetic field emanations from IoT devices to detect malware. A team of academics (Duy-Phuc...
US-CERT Bulletin (SB22-003):Vulnerability Summary for the Week of December 27, 2021
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
UScellular discloses the second data breach in a year
UScellular, one of the largest wireless carriers in the US, has disclosed a data breach after the hack suffered in...
Customer support scammers take aim at NFT enthusiasts
Adidas has been making waves in the NFT space with a collection of footwear/bored ape crossover sales. WEN? EARLY ACCESS...
Attackers abused cloud video platform to inject an e-skimmer into 100 Real Estate sites
Threat actors compromised more than 100 real estate websites belonging to the same parent company by implanting an e-skimmer. Threat...
Purple Fox rootkit now bundled with Telegram installer
The Purple Fox rootkit is being spread as an installer for the popular Telegram instant messaging app for Windows, according...
