VMware fixes critical security bugs in vRealize log analysis tool
VMware released security patches on Tuesday to address vRealize Log Insight vulnerabilities that could enable attackers to gain remote execution...
cybersecurity
Microsoft shares workaround for unresponsive Windows Start Menu
Microsoft has confirmed an issue causing the Windows Start menu to become unresponsive and some applications to no longer launch....
Hackers use Golang source code interpreter to evade detection
A Chinese-speaking hacking group tracked as ‘DragonSpark’ was observed employing Golang source code interpretation to evade detection while launching espionage...
GoTo says hackers stole customers’ backups and encryption key
GoTo (formerly LogMeIn) is warning customers that threat actors who breached its development environment in November 2022 stole encrypted backups...
FanDuels warns of data breach after customer info stolen in vendor hack
The FanDuel sportsbook and betting site is warning customers that their names and email addresses were exposed in a January 2023 MailChimp security...
Google Ads invites being abused to push spam, adult sites
Google Ads invites are being abused to deliver email messages promoting spam and sex websites to users who are otherwise...
Massive ad-fraud op dismantled after hitting millions of iOS devices
A massive ad fraud operation dubbed 'Vastflux' that spoofed more than 1,700 applications from 120 publishers, mostly for iOS, has been...
GTA Online bug exploited to ban, corrupt players’ accounts
Grand Theft Auto (GTA) Online players report losing game progress, in-game money being stolen, and being banned from game servers...
Hackers now use Microsoft OneNote attachments to spread malware
Threat actors now use OneNote attachments in phishing emails that infect victims with remote access malware which can be used...
WhatsApp fined €5.5 million by Irish DPC for GDPR violation
The Irish Data Protection Commission (DPC) has fined WhatsApp Ireland €5.5 million ($5.95m) after confirming that the messaging service violated...
Riot Games hacked, delays game patches after security breach
Riot Games, the video game developer and publisher behind League of Legends and Valorant, says it will delay game patches...
CISA warns of critical ManageEngine RCE bug exploited in attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has added a remote code execution (RCE) affecting most Zoho ManageEngine products to...
LAUSD says Vice Society ransomware gang stole contractors’ SSNs
Los Angeles Unified School District (LAUSD), the second-largest school district in the United States, says the Vice Society ransomware gang...
Critical ManageEngine RCE bug now exploited to open reverse shells
A critical remote code execution (RCE) vulnerability affecting multiple Zoho ManageEngine products is now being exploited in attacks. The first...
Over 19,000 end-of-life Cisco routers exposed to RCE attacks
Over 19,000 end-of-life Cisco VPN routers on the Internet are exposed to attacks targeting a remote command execution exploit chain....
New Boldmove Linux malware used to backdoor Fortinet devices
Suspected Chinese hackers exploited a recently disclosed FortiOS SSL-VPN vulnerability as a zero-day in December, targeting a European government and...
The Week in Ransomware – January 20th 2023 – Targeting Crypto Exchanges
There has been quite a bit of ransomware news this week, with crypto exchanges being seized for alleged money laundering...
Exploits released for two Samsung Galaxy App Store vulnerabilities
Two vulnerabilities in the Galaxy App Store, Samsung’s official repository for its devices, could enable attackers to install any app...
PayPal accounts breached in large-scale credential stuffing attack
PayPal is sending out data breach notifications to thousands of users who had their accounts accessed through credential stuffing attacks...
Ransomware profits drop 40% in 2022 as victims refuse to pay
Ransomware gangs extorted from victims about $456.8 million throughout 2022, a drop of roughly 40% from the record-breaking $765 million...
New ‘Blank Image’ attack hides phishing scripts in SVG files
An unusual phishing technique has been observed in the wild, hiding empty SVG files inside HTML attachments pretending to be...
Ransomware gang steals data from KFC, Taco Bell, and Pizza Hut brand owner
Yum! Brands, the fast food brand operator of KFC, Pizza Hut, Taco Bell, and The Habit Burger Grill fast-food restaurant...
T-Mobile hacked to steal data of 37 million accounts in API data breach
T-Mobile disclosed a new data breach after a threat actor stole the personal information of 37 million current postpaid and prepaid customer...
Exploit released for critical ManageEngine RCE bug, patch now
Proof-of-concept exploit code is now available for a remote code execution (RCE) vulnerability in multiple Zoho ManageEngine products. This pre-authentication...
