New ‘Hook’ Android malware lets hackers remotely control your phone
A new Android malware named 'Hook' is being sold by cybercriminals, boasting it can remotely take over mobile devices in...
cybersecurity
Roaming Mantis’ Android malware adds DNS changer to hack WiFi routers
Image: AI-generated through Midjourney The Roaming Mantis malware distribution campaign has updated its Android malware to include a DNS changer...
Illegal Solaris darknet market hijacked by competitor Kraken
Solaris, a large darknet marketplace focused on drugs and illegal substances, has been taken over by a smaller competitor named...
MailChimp discloses new breach after employees got hacked
Email marketing firm MailChimp suffered another breach after hackers accessed an internal customer support and account administration tool, allowing the...
Hackers push malware via Google search ads for VLC, 7-Zip, CCleaner
Hackers are setting up fake websites for popular free and open-source software to promote malicious downloads through advertisements in Google...
New York man defrauded thousands using credit cards sold on dark web
A New York resident has pleaded guilty to charges of conspiracy to commit bank fraud using stolen credit cards purchased...
Bitzlato crypto exchange seized for ransomware, drugs money laundering
The U.S. Department of Justice arrested and charged Russian national Anatoly Legkodymov, the founder of the Hong Kong-registered cryptocurrency exchange...
Product Security Incident Response: Key Strategies and Best Practices
Written By: Samuel Cure, CISO, AMI In today's digital landscape, it is essential to implement proactive measures to ensure the...
Ukraine links data-wiping attack on news agency to Russian hackers
The Computer Emergency Response Team of Ukraine (CERT-UA) has linked a destructive malware attack targeting the country's national news agency...
Git patches two critical remote code execution security flaws
Git has patched two critical severity security vulnerabilities that could allow attackers to execute arbitrary code after successfully exploiting heap-based...
Hackers can use GitHub Codespaces to host and deliver malware
Researchers have demonstrated how threat actors can abuse the GitHub Codespaces' port forwarding' feature to host and distribute malware and...
Nissan North America data breach caused by vendor-exposed database
Nissan North America has begun sending data breach notifications informing customers of a breach at a third-party service provider that...
Over 4,000 Sophos Firewall devices vulnerable to RCE attacks
Over 4,000 Sophos Firewall devices exposed to Internet access are vulnerable to attacks targeting a critical remote code execution (RCE)...
MSI accidentally breaks Secure Boot for hundreds of motherboards
Over 290 MSI motherboards are reportedly affected by an insecure default UEFI Secure Boot setting settings that allows any operating...
Researchers to release PoC exploit for critical ManageEngine RCE bug, patch now
Proof-of-concept exploit code will be released later this week for a critical vulnerability allowing remote code execution (RCE) without authentication...
IT Burnout may be Putting Your Organization at Risk
The heavy responsibility of securing organizations against cyber-attacks is overwhelming and weighs heavier on security professionals, recent data shows. In...
Hackers turn to Google search ads to push info-stealing malware
Hackers are setting up fake websites for popular free and open-source software to promote malicious downloads through advertisements in Google...
Avast releases free BianLian ransomware decryptor
Security software company Avast has released a free decryptor for the BianLian ransomware strain to help victims of the malware...
Datadog rotates RPM signing key exposed in CircleCI hack
Cloud security firm Datadog says that one of its RPM GPG signing keys and its passphrase have been exposed during...
Hackers exploit Cacti critical bug to install malware, open reverse shells
More than 1,600 instances of the Cacti device monitoring tool reachable over the internet are vulnerable to a critical security...
Malicious ‘Lolip0p’ PyPi packages install info-stealing malware
A threat actor has uploaded to the PyPI (Python Package Index) repository three malicious packages that carry code to drop info-stealing...
Vice Society ransomware leaks University of Duisburg-Essen’s data
The Vice Society ransomware gang has claimed responsibility for a November 2022 cyberattack on the University of Duisburg-Essen (UDE) that...
TikTok slapped with $5.4 million fine over cookie opt-out feature
France's data protection authority (CNIL) has fined TikTok UK and TikTok Ireland €5,000,000 for making it difficult for users of...
CircleCI’s hack caused by malware stealing engineer’s 2FA-backed session
Hackers breached CircleCi in December after an engineer became infected with information-stealing malware that their 2FA-backed SSO session cookie, allowing access...
