Microsoft: Lazarus hackers breach CyberLink in supply chain attack
Microsoft says a North Korean hacking group has breached Taiwanese multimedia software company CyberLink and trojanized one of its installers...
cybersecurity
Kansas courts confirm data theft, ransom demand after cyberattack
The Kansas Judicial Branch has published an update on a cybersecurity incident it suffered last month, confirming that hackers stole...
Welltok data breach exposes data of 8.5 million US patients
Healthcare SaaS provider Welltok is warning that a data breach exposed the personal data of nearly 8.5 million patients in...
DarkGate and Pikabot malware emerge as Qakbot’s successors
A sophisticated phishing campaign pushing the DarkGate malware infections has recently added the PikaBot malware into the mix, making it...
Criminal IP Becomes VirusTotal IP and URL Scan Contributor
As cyber threats, particularly considering the rising number of ransomware attacks, become more prevalent, empowering one’s cybersecurity ecosystem is crucial....
Black Friday deal: Get 50% off Malwarebytes Premium + Privacy VPN
Malwarebytes' is running a Black Friday 2023 deal now through Cyber Monday, offering a 50% discount to the Malwarebytes Premium...
Hacktivists breach U.S. nuclear research lab, steal employee data
The Idaho National Laboratory (INL) confirms they suffered a cyberattack after 'SiegedSec' hacktivists leaked stolen human resources data online. INL...
Auto parts giant AutoZone warns of MOVEit data breach
AutoZone is warning tens of thousands of its customers that it suffered a data breach as part of the Clop...
Citrix warns admins to kill NetScaler user sessions to block hackers
Citrix reminded admins today that they must take additional measures after patching their NetScaler appliances against the CVE-2023-4966 'Citrix Bleed'...
Lumma malware can allegedly restore expired Google auth cookies
The Lumma information-stealer malware (aka 'LummaC2') is promoting a new feature that allegedly allows cybercriminals to restore expired Google cookies,...
CISA orders federal agencies to patch Looney Tunables Linux bug
Today, CISA ordered U.S. federal agencies to secure their systems against an actively exploited vulnerability that lets attackers gain root...
Rhysida ransomware gang claims British Library cyberattack
The Rhysida ransomware gang has claimed responsibility for a cyberattack on the British Library in October, which has caused a...
Lumma Stealer malware now uses trigonometry to evade detection
The Lumma information-stealing malware is now using an interesting tactic to evade detection by security software - the measuring of...
How to boost Security with Self-Service Password Resets
What happens when an employee at your organization forgets their password? If your workplace is like many, a forgotten password...
Kinsing malware exploits Apache ActiveMQ RCE to plant rootkits
The Kinsing malware operator is actively exploiting the CVE-2023-46604 critical vulnerability in the Apache ActiveMQ open-source message broker to compromise...
Tor Project removes relays because of for-profit, risky activity
The Tor Project has explained its recent decision to remove multiple network relays that represented a threat to the safety and...
Cybersecurity firm executive pleads guilty to hacking hospitals
The former chief operating officer of a cybersecurity company has pleaded guilty to hacking two hospitals, part of the Gwinnett...
Canadian government discloses data breach after contractor hacks
The Canadian government says two of its contractors have been hacked, exposing sensitive information belonging to an undisclosed number of...
Gamaredon’s LittleDrifter USB malware spreads beyond Ukraine
A recently discovered worm that researchers call LittleDrifter has been spreading over USB drives infecting systems in multiple countries as...
VX-Underground malware collective framed by Phobos ransomware
A new Phobos ransomware variant frames the popular VX-Underground malware-sharing collective, indicating the group is behind attacks using the encryptor....
Researchers extract RSA keys from SSH server signing errors
A team of academic researchers from universities in California and Massachusetts demonstrated that it’s possible under certain conditions for passive network...
Russian hackers use Ngrok feature and WinRAR exploit to attack embassies
After Sandworm and APT28 (known as Fancy Bear), another state-sponsored Russian hacker group, APT29, is leveraging the CVE-2023-38831 vulnerability in...
Exploit for CrushFTP RCE chain released, patch now
A proof-of-concept exploit was publicly released for a critical remote code execution vulnerability in the CrushFTP enterprise suite, allowing unauthenticated...
FCC adopts new rules to protect consumers from SIM-swapping attacks
The Federal Communications Commission (FCC) has revealed new rules to shield consumers from criminals who hijack their phone numbers in...
