The surge of fake COVID-19 test results, vaccines and vaccination certificates on the Dark Web
Threat actors are offering fake COVID-19 test results and vaccination certificates in blackmarkets and hacking forums on the Dark Web....
News
30 million Americans affected by the Astoria Company data breach
Researchers discovered the availability in the DarK Web of 30M of records of Americans affected by the Astoria Company data...
Cisco Jabber for Windows, macOS, Android and iOS is affected by a critical issue
Cisco has addressed a critical arbitrary program execution flaw in its Cisco Jabber client software for Windows, macOS, Android, and...
Software renewal scammers unmasked
We’ve been tracking a fraudulent scheme involving renewal notifications for several months now. It came to our attention because the...
GitHub Awards $25,000 Bug Bounty to the Google Employee
GitHub awarded $25,000 to the security researcher, Teddy Katz for discovering a bug and patching it. On March 17, bug...
Russia’s Central Bank has warned of hackers targeting banks’ mobile apps
The Central Bank of Russia has warned of the emergence of a group of hackers investigating vulnerabilities in banks' mobile...
Email Scam Under the Name of IRS Try to gain EFIN of Tax Preparers
A lot of people are familiar with the US Internal Revenue Service (IRS) scam letters about the tax season that...
Rapid7 Recognized as a Strong Performer in the Inaugural Forrester Wave™ for MDR, Q1 2021
Independent research firm cites Rapid7 MDR’s “security professionals with extensive incident response and threat hunting experience” delivering a “white-glove, behavioral...
Billions of FBS Records Exposed in Online Trading Broker Data Leak
Ata Hakcil led the team of white hat hackers from WizCase in identifying a major data leak on online trading broker FBS’...
Black Kingdom ransomware is targeting Microsoft Exchange servers
Security experts reported that a second ransomware gang, named Black Kingdom, is targeting Microsoft Exchange servers. After the public disclosure...
A day before elections, hackers leaked details of millions of Israeli voters
Hackers have exposed personal and voter registration details of over 6.5 million Israeli voters, less than 24 hours before the...
92% of worldwide Microsoft Exchange IPs are now patched or mitigated
Microsoft revealed that 92% of all on-premises Microsoft Exchange servers exposed online affected by the ProxyLogon vulnerabilities are now patched....
Sierra Wireless halted production at its manufacturing sites due to ransomware attack
This week, IoT company Sierra Wireless disclosed a ransomware attack that hit its internal IT systems on March 20 and...
When contractors attack: two years in jail for vengeful IT admin
An IT contractor working for an IT consultancy company took it upon himself to perform an act of revenge against...
The human impact of a Royal Mail phishing scam
Last week, we looked at a Royal Mail themed scam which has very quickly become the weapon of choice for...
Taxpayers Personal Data Exposed Online in the UK
Different local councils in the UK have conveyed SMS to a huge number of citizens to encourage them to cover...
Russian Kryuchkov pleaded guilty to conspiring to hack Tesla’s computer network
Tesla CEO Elon Musk commented in Russian on the news that Russian Egor Kryuchkov had pleaded guilty on Twitter on...
US Sentences Russian, Macedonian For Roles in Transantional Cybercrime Enterprise
The United States has sentenced nationals from Russia and North Macedonia to prison for their roles in a transnational cybercrime...
Due to a Cyber Attack, MangaDex Website Taken Down for 2 Weeks
A few days ago, on 17th March, MangaDex found that a malicious actor, who already had access to an administrative...
Hackers used 11 Zero-Days to Attack Windows, iOS, Android Users
Malware trackers at Google keep on pointing out a complex APT group that burned through at least 11 zero-days exploits...
MDR Vendor Must-Haves, Part 1: Deep Observation of Real-Time Endpoint Data
This blog post is part of an ongoing series about evaluating Managed Detection and Response (MDR) providers. For more insights,...
Defending Against the Zero Day: Analyzing Attacker Behavior Post-Exploitation of Microsoft Exchange
In recent weeks, there has been quite a lot of reporting on the exploitation of the latest disclosed vulnerabilities in...
Google fixes an Android vulnerability actively exploited in the wild
Google addressed a zero-day vulnerability affecting Android devices that use Qualcomm chipsets which is actively exploited in the wild. Google...
CISA is warning of vulnerabilities in GE Power Management Devices
U.S. Cybersecurity & Infrastructure Security Agency (CISA) warns of flaws in GE Power Management Devices that could allow an attacker...
