Tipalti investigates claims of data stolen in ransomware attack
Updated 12/4/23 to include information from Roblox. Tipalti says they are investigating claims that the ALPHV ransomware gang breached its network...
cybersecurity
Fake WordPress security advisory pushes backdoor plugin
WordPress administrators are being emailed fake WordPress security advisories for a fictitious vulnerability tracked as CVE-2023-45124 to infect sites with...
Rust-Based Botnet P2Pinfect Targets MIPS Architecture
The cross-platform botnet known as P2Pinfect has been observed taking a significant leap in sophistication. Since its emergence in July 2023,...
North Korea’s state hackers stole $3 billion in crypto since 2017
North Korean-backed state hackers have stolen an estimated $3 billion in a long string of hacks targeting the cryptocurrency industry...
New proxy malware targets Mac users through pirated software
Cybercriminals are targeting Mac users with a new proxy trojan malware bundled with popular, copyrighted macOS software being offered on...
Linux version of Qilin ransomware focuses on VMware ESXi
A sample of the Qilin ransomware gang's VMware ESXi encryptor has been found and it could be one of the...
Over 20,000 vulnerable Microsoft Exchange servers exposed to attacks
Tens of thousands of Microsoft Exchange email servers in Europe, the U.S., and Asia exposed on the public internet are...
US Health Dept urges hospitals to patch critical Citrix Bleed bug
The U.S. Department of Health and Human Services (HHS) warned hospitals this week to patch the critical 'Citrix Bleed' Netscaler...
LogoFAIL attack can install UEFI bootkits through bootup logos
Multiple security vulnerabilities collectively named LogoFAIL affect image-parsing components in the UEFI code from various vendors. Researchers warn that they...
Hackers use new Agent Raccoon malware to backdoor US targets
A novel malware named 'Agent Raccoon' (or Agent Racoon) is being used in cyberattacks against organizations in the United States,...
VMware fixes critical Cloud Director auth bypass unpatched for 2 weeks
VMware has fixed a critical authentication bypass vulnerability in Cloud Director appliance deployments, a bug that was left unpatched for over...
French government recommends against using foreign chat apps
Prime Minister of France Élisabeth Borne signed a circular last week requesting all government employees to uninstall foreign communication apps such...
The Week in Ransomware – December 1st 2023 – Police hits affiliates
An international law enforcement operation claims to have dismantled a ransomware affiliate operation in Ukraine, which was responsible for attacks...
TrickBot malware dev pleads guilty, faces 35 years in prison
On Thursday, a Russian national pleaded guilty to charges related to his involvement in developing and deploying the Trickbot malware,...
Zyxel warns of multiple critical vulnerabilities in NAS devices
Zyxel has addressed multiple security issues, including three critical ones that could allow an unauthenticated attacker to execute operating system commands on...
Cactus ransomware exploiting Qlik Sense flaws to breach networks
Cactus ransomware has been exploiting critical vulnerabilities in the Qlik Sense data analytics solution to get initial access on corporate networks....
Staples confirms cyberattack behind service outages, delivery issues
Image: Stan Zemanek (CC BY-SA 3.0) American office supply retailer Staples took down some of its systems earlier this week after...
FjordPhantom Android malware uses virtualization to evade detection
A new Android malware named FjordPhantom has been discovered using virtualization to run malicious code in a container and evade...
LogoFAIL bugs in UEFI code allow planting bootkits via images
Multiple security vulnerabilities collectively named LogoFAIL affect image-parsing components in the UEFI code from various vendors. Researchers warn that they...
US govt sanctions North Korea’s Kimsuky hacking group
The Treasury Department's Office of Foreign Assets Control (OFAC) has sanctioned the North Korean-backed Kimsuky hacking group for stealing intelligence...
Get 20% off Emsisoft’s Enterprise Security EDR solution for the holidays
Emsisoft is having a holiday deal where you can get 20% off 1-year licenses of the Emsisoft Enterprise Security EDR solution through...
Capital Health Hospitals hit by cyberattack causing IT outages
Image: Famartin (CC BY-SA 4.0) Capital Health hospitals and physician offices across New Jersey are experiencing IT outages after a...
WhatsApp’s new Secret Code feature hides your locked chats
WhatsApp has introduced a new Secret Code feature that allows users to hide their locked chats by setting a custom...
Manufacturing Top Targeted Industry in Record-Breaking Cyber Extortion Surge
The year 2023 has been a record-breaking year for cyber extortion, according to Orange Cyberdefense (OCD).The cybersecurity branch of the...
