Fighting off cyberattacks? Make sure user credentials aren’t compromised
As an IT professional, you know that threat actors work overtime to get your end-users’ credentials. Whether it’s 3 PM...
cybersecurity
SpyNote Android malware spreads via fake volcano eruption alerts
The Android 'SpyNote' malware was observed in attacks targeting Italy using a fake 'IT-alert' public alert service that infected visitors...
D-Link confirms data breach after employee phishing attack
Taiwanese networking equipment manufacturer D-Link confirmed a data breach linked to information stolen from its network and put up for...
Malicious Notepad++ Google ads evade detection for months
A new Google Search malvertizing campaign targets users looking to download the popular Notepad++ text editor, employing advanced techniques to...
KwikTrip all but says IT outage was caused by a cyberattack
Kwik Trip has released another statement on an ongoing outage, all but confirming it suffered a cyberattack that has led...
Amazon adds passkey support as new passwordless login option
Amazon has quietly added passkey support as a new passwordless login option for customers, offering better protection from information-stealing malware...
Over 40,000 admin portal accounts use ‘admin’ as a password
Security researchers found that IT administrators are using tens of thousands of weak passwords to protect access to portals, leaving...
Persistent Espionage Campaign Targets APAC Governments
Cybersecurity experts at Kaspersky have unveiled a covert and highly advanced espionage campaign, codenamed “TetrisPhantom.”The persistent operation has specifically targeted...
Steam enforces SMS verification to curb malware-ridden updates
Valve has announced implementing additional security measures for developers publishing games on Steam, including SMS-based confirmation codes. This is to...
CISA, FBI urge admins to patch Atlassian Confluence immediately
CISA, FBI, and MS-ISAC warned network admins today to immediately patch their Atlassian Confluence servers against a maximum severity flaw...
Signal says there is no evidence rumored zero-day bug is real
Signal messenger has investigated rumors spreading online over the weekend of a zero-day security vulnerability related to the 'Generate Link...
Women Political Leaders Summit targeted in RomCom malware phishing
A new, lightweight variant of the RomCom backdoor was deployed against participants of the Women Political Leaders (WPL) Summit in...
Fake ‘RedAlert’ rocket alert app for Israel installs Android spyware
Israeli Android users are targeted by a malicious version of the 'RedAlert – Rocket Alerts' app that, while it offers...
Discord still a hotbed of malware activity — Now APTs join the fun
Discord continues to be a breeding ground for malicious activity by hackers and now APT groups, with it commonly used...
Russian Sandworm hackers breached 11 Ukrainian telcos since May
The state-sponsored Russian hacking group tracked as 'Sandworm' has compromised eleven telecommunication service providers in Ukraine between May and September...
Kansas courts IT systems offline after ‘security incident’
Information systems of state courts across Kansas are still offline after they've been disrupted in what the Kansas judicial branch...
Cisco warns of new IOS XE zero-day actively exploited in attacks
Cisco warned admins today of a new maximum severity authentication bypass zero-day in its IOS XE software that lets unauthenticated...
Hackers exploit critical flaw in WordPress Royal Elementor plugin
A critical severity vulnerability impacting Royal Elementor Addons and Templates up to version 1.3.78 is reported to be actively exploited...
Growing Concern Over Role of Hacktivism in Israel-Hamas Conflict
Hacktivists have claimed to hit Israeli websites through DDoS and defacement attacks following the outbreak of conflict between Israel and...
Ubuntu discovers ‘hate speech’ in release 23.10 — how to upgrade?
Ubuntu, the most popular Linux distribution, has pulled its Desktop release 23.10 after its Ukrainian translations were discovered to contain...
AI algorithm detects MitM attacks on unmanned military vehicles
Professors at the University of South Australia and Charles Sturt University have developed an algorithm to detect and intercept man-in-the-middle...
DarkGate malware spreads through compromised Skype accounts
Between July and September, DarkGate malware attacks have used compromised Skype accounts to infect targets through messages containing VBA loader...
23andMe hit with lawsuits after hacker leaks stolen genetics data
Genetic testing provider 23andMe faces multiple class action lawsuits in the U.S. following a large-scale data breach that is believed...
Microsoft plans to kill off NTLM authentication in Windows 11
Microsoft announced earlier this week that the NTLM authentication protocol will be killed off in Windows 11 in the future. NTLM (short for...
