How to defend your website against card skimmers
Black Friday and the holiday season are approaching, and shoppers are forecast to spend record amounts again this year. Retail...
News
Utah Imaging Associates data breach impacts 583,643 patients
Utah-based radiology medical center Utah Imaging Associates discloses a data breach that impacted 583,643 former and current patients. Utah Imaging...
Iran’s Mahan Air claims it has failed a cyber attack, hackers say the opposite
Iranian airline Mahan Air was hit by a cyberattack on Sunday morning, the “Hooshyarane Vatan” hacker group claimed responsibility for...
New Memento ransomware uses password-protected WinRAR archives to block access to the files
Memento ransomware group locks files inside WinRAR password-protected archives after having observed that its encryption process is blocked by security...
The Internet is not safe enough for women, and Sue Krautbauer has some ideas about why: Lock and Code S02E22
Decades ago, the promise of the Internet was clear: No one, depending on their age, gender, race, income, or place...
US SEC warns investors of ongoing fraudulent communications claiming from the SEC
The Securities and Exchange Commission (SEC) warns investors of attacks impersonating its officials in government impersonator schemes. The Securities and...
Experts found 11 malicious Python packages in the PyPI repository
Researchers discovered 11 malicious Python packages in the PyPI repository that can steal Discord access tokens, passwords, and conduct attacks....
Researchers were able to access the payment portal of the Conti gang
The Conti ransomware group has suffered a data breach that exposed its attack infrastructure and allowed researcher to access it....
Attackers compromise Microsoft Exchange servers to hijack internal email chains
A malware campaign aimed at Microsoft Exchange servers exploits ProxyShell and ProxyLogon issues and uses stolen internal reply-chain emails. A...
Security Affairs newsletter Round 341
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free...
U.S. banking regulators order banks to notify cybersecurity incidents in 36 hours
U.S. banking regulators have approved a new rule that orders banks to notify federal regulators of significant cybersecurity incidents within 36...
Study reveals top 200 most common passwords
The annual study on top-used passwords published by Nordpass revealed that we are still using weak credentials that expose us...
The newer cybercrime triad: TrickBot-Emotet-Conti
Advanced Intelligence researchers argue that the restarting of the Emotet botnet was driven by Conti ransomware gang. Early this year,...
Tor Project calls to bring more than 200 obfs4 bridges online by December
The Tor Project offers rewards to users who will set up a Tor server after observing a significant drop in...
Canadian teenager stole $36 Million in cryptocurrency via SIM Swapping
A Canadian teen has been arrested for his alleged role in the theft of roughly $36.5 million worth of cryptocurrency....
California Pizza Kitchen discloses a data breach
American pizza chain California Pizza Kitchen (CPK) suffered a data breach that might have exposed personal information of its employees....
Malwarebytes CrackMe – contest summary
On October 29 we published our third CrackMe Challenge and announced two parallel tracks for the contest: “The fastest solve”...
North Korea-linked TA406 cyberespionage group activity in 2021
North Korea-linked TA406 APT group has intensified its attacks in 2021, particularly credential harvesting campaigns. A report published by Proofpoint...
Conti ransomware operations made at least $25.5 million since July 2021
Researchers revealed that Conti ransomware operators earned at least $25.5 million from ransom payments since July 2021. A study conducted...
Android banking Trojan BrazKing is back with significant evasion improvements
The BrazKing Android banking trojan is back with significant improvements and dynamic banking overlays to avoid detection. Researchers from IBM...
Patch now! FatPipe VPN zero-day actively exploited
According to its marketing team, a FatPipe MPVPN can make your VPN “900% more secure.” Well, I don’t know about...
Microsoft addresses a high-severity vulnerability in Azure AD
Microsoft recently addressed an information disclosure vulnerability, tracked as CVE-2021-42306, affecting Azure AD. Microsoft has recently addressed an information disclosure...
Phishers target TikTok influencers with verification promises and copyright threats
Influencers on TikTok are feeling the pinch of scams and phishing thanks to targeted campaigns hungry for fresh logins. The...
Attackers deploy Linux backdoor on e-stores compromised with software skimmer
Researchers discovered threat actors installing a Linux backdoor on compromised e-commerce servers after deploying a credit card skimmer into e-stores....
