FBI warns of increasing cryptocurrency recovery scams
The FBI is warning of an increase in scammers pretending to be recovery companies that can help victims of cryptocurrency...
cybersecurity
Over 100K hacking forums accounts exposed by info-stealing malware
Researchers discovered 120,000 infected systems that contained credentials for cybercrime forums. Many of the computers belong to hackers, the researchers...
Monti ransomware targets VMware ESXi servers with new Linux locker
The Monti ransomware gang has returned, after a two-month break from publishing victims on their data leak site, using a new...
Several Flaws Found in CyberPower and Dataprobe Products
A series of security vulnerabilities have been discovered in CyberPower’s PowerPanel Enterprise Data Center Infrastructure Management (DCIM) platform and Dataprobe’s...
MaginotDNS attacks exploit weak checks for DNS cache poisoning
A team of researchers from UC Irvine and Tsinghua University has developed a new powerful cache poisoning attack named 'MaginotDNS,'...
UK gov keeps repeating its voter registration website is NOT a scam
Every year local government bodies or councils across Britain contact residents, asking them to update their voter details on the electoral register if...
Avoiding Ransomware Attacks: Your Cybersecurity Tip of the Week
I trust you’re doing well and taking proactive steps to safeguard your data and online presence. Security is crucial in...
Ford says cars with WiFi vulnerability still safe to drive
Ford is warning of a buffer overflow vulnerability in its SYNC3 infotainment system used in many Ford and Lincoln vehicles,...
Knight ransomware distributed in fake Tripadvisor complaint emails
The Knight ransomware is being distributed in an ongoing spam campaign that pretends to be TripAdvisor complaints. Knight ransomware is a recent rebrand...
Lapsus$ hackers took SIM-swapping attacks to the next level
The U.S. government released a report after analyzing simple techniques, e.g. SIM swapping, used by the Lapsus$ extortion group to...
LOLEKHosted admin arrested for aiding Netwalker ransomware gang
Update 8/11/23: Updated with information from DOJ about alleged Netwalker Ransomware involvement. Police have taken down the Lolek bulletproof hosting provider,...
US cyber safety board to analyze Microsoft Exchange hack of govt emails
The Department of Homeland Security's Cyber Safety Review Board (CSRB) has announced plans to conduct an in-depth review of cloud...
The Week in Ransomware – August 11th 2023 – Targeting Healthcare
While some ransomware operations claim not to target hospitals, one relatively new ransomware gang named Rhysida doesn't seem to care....
Industrial PLCs worldwide impacted by CODESYS V3 RCE flaws
Millions of PLC (programmable logic controllers) used in industrial environments worldwide are at risk to 15 vulnerabilities in the CODESYS...
Amazon AWS distances itself from Moq amid data collection controversy
Amazon AWS has withdrawn its association with open source project Moq after the project drew sharp criticism for its quiet...
DroxiDat-Cobalt Strike Duo Targets Power Generator Network
A new variant of the SystemBC malware, paired with Cobalt Strike beacons, has been identified in a recent cyber-attack targeting...
Gafgyt malware exploits five-years-old flaw in EoL Zyxel router
Fortinet has issued an alert warning that the Gafgyt botnet malware is actively trying to exploit a vulnerability in the...
Dell Compellent hardcoded key exposes VMware vCenter admin creds
An unfixed hardcoded encryption key flaw in Dell's Compellent Integration Tools for VMware (CITV) allows attackers to decrypt stored vCenter...
MoustachedBouncer hackers use AiTM attacks to spy on diplomats
Image: Midjourney A cyberespionage group named 'MoustachedBouncer' has been observed using adversary-in-the-middle (AitM) attacks at ISPs to hack foreign embassies...
Safeguarding Against Silent Cyber Threats: Exploring the Stealer Log Lifecycle
The first seven months of 2023 have seen a continued rapid evolution of the cybercrime ecosystem. Ransomware data exfiltration attacks,...
CISA: New Whirlpool backdoor used in Barracuda ESG hacks
Image: Midjourney The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has discovered a new backdoor malware named 'Whirlpool' used in...
EvilProxy phishing campaign targets 120,000 Microsoft 365 users
EvilProxy is becoming one of the more popular phishing platforms to target MFA-protected accounts, with researchers seeing 120,000 phishing emails...
Hackers use open source Merlin post-exploitation toolkit in attacks
Ukraine is warning of a wave of attacks targeting state organizations using 'Merlin,' an open-source post-exploitation and command and control...
Missouri warns that health info was stolen in IBM MOVEit data breach
Missouri's Department of Social Services warns that protected Medicaid healthcare information was exposed in a data breach after IBM suffered...
