Four in-the-wild exploits, 13 critical patches headline bumper Patch Tuesday
The list of July 2021 Patch Tuesday updates looks endless. 117 patches with no less than 42 CVEs assigned to...
News
Sussex-Based Couple Loses £15,000 to Scammers
Loreta and Mindaugas from Horsham, Sussex, were lured in a fake bonus offer from a fraudster who seemed to be...
TrickBot Makes a Comeback with a VNC Module
The ongoing revival of malicious TrickBot malware has been revealed by cybersecurity researchers and shows that the Russia-based transnational cybercriminals...
Chinese Hackers Stole Call Details of Nepal Telecom
China launched a destructive "cyber attack" on Nepal Telecom which resulted in Chinese hackers stealing the phone numbers of all...
Ukraine Seized Gaming Consoles used for Illegal Crypto Mining
The Security Service of Ukraine (SBU), Ukraine's top law enforcement agency, reported last week that it had discovered a large-scale...
Arrests of members of Tetrade seed groups Grandoreiro and Melcoz
Spain’s Ministry of the Interior has announced the arrest of 16 individuals connected to the Grandoreiro and Melcoz (also known...
LuminousMoth APT: Sweeping attacks for the chosen few
APT actors are known for the frequently targeted nature of their attacks. Typically, they will handpick a set of targets...
Trickbot improve its VNC module in recent attacks
Trickbot botnet is back, its authors implemented updates for the VNC module used for remote control of infected systems. The...
China-linked hacking group DEV-0322 behind Solarwinds Serv-U zero-day attacks
Microsoft attributes the recent attacks that have targeted SolarWinds file transfer servers to a China-linked APT group that the experts tracked as...
The infrastructure and websites used by REvil ransomware gang are not reachable
The infrastructure and leak sites used by the REvil ransomware gang for its operations went offline last night. Starting last...
This couple lost £15,000 to scammers. We followed the money – and found millions in stolen crypto
A CyberNews investigation uncovered a network of wallet addresses used by a scammer group to store and cash out millions...
Adobe patches critical vulnerabilities in Reader, Acrobat, and Illustrator
Adobe addressed multiple critical vulnerabilities in several products, including Adobe Acrobat and Reader application. Adobe addressed multiple critical remote code...
Vulnerability in Less.js Causes Website to Leak AWS Secret Keys
Cybersecurity researchers at Canadian firm Software Secured identified a critical flaw in Less.js, a widely used preprocessor language. According to...
Russian banks to launch a system against telephone fraud
Financial organizations are planning to launch a pilot project of a system for accounting and analyzing telephone fraud, said Alexey...
$350,000 Stolen from Users by Fake Cryptocurrency Mining Apps
The year 2021 will be remembered as a watershed moment for cryptocurrencies. Despite its ups and downs, Bitcoin is still...
Stolen Credit Card Data Hidden in Images by Magecart Hackers for Vague Exfiltration
Magecart-affiliated cybercriminals have adopted a new approach for obfuscating malware code within comment blocks and embedding stolen credit card data...
Mint Mobile Suffered a Data Breach
The US-based telecommunication firm Mint Mobile has announced that it has suffered a data violation which has let several telephone...
ModiPwn flaw in Modicon PLCs bypasses security mechanisms
ModiPwn flaw (CVE-2021-22779) in some of Schneider Electric’s Modicon PLCs can allow attackers to bypass authentication mechanisms and take over...
Social media partially disrupted in Cuba amid anti-government protests
NetBlocks reported partial disruption to social media and messaging platforms in Cuba from 12 July 2021 shortly after Cubans went...
American retailer Guess discloses data breach after ransomware attack
American clothing brand and retailer Guess discloses a data breach after the February ransomware attack and is notifying the affected customers. In...
SolarWinds fixes critical Serv-U zero-day exploited in the wild
SolarWinds confirmed that a threat actor is actively exploiting a new zero-day vulnerability in Serv-U products and urges customers to fix it....
Threat actors scrape 600 million LinkedIn profiles and are selling the data online – again
Researchers from Cyber News Team have spotted threat actors offering for sale 600 million LinkedIn profiles scraped from the platform,...
Nope, that isn’t Elon Musk, and he isn’t offering a free Topmist Dust watch either
Elon Musk is an incredibly popular target for scammers and spammers on social media. Attach his name to something he...
DNS-over-HTTPS takes another small step towards global domination
Firefox recently announced that it will be rolling out DNS-over-HTTPS (or DoH) soon to one percent of its Canadian users...
