March 04, 2021
The Hacker News reported last week that celebrities had lost millions in a SIM swapping heist. U.S. authorities have arrested ten individuals accused of hijacking cell phones for high-profile Americans.
March 03, 2021
Apple plans on enhancing its privacy features with the upcoming update to iOS version 14. 5, protecting users' IP addresses even further.
March 02, 2021
The popular SHAREit Android app has been downloaded more than one billion times. In fact, it is one of the most popular apps on the Google Play store.
March 01, 2021
As reported by The Hacker News, last Thursday, Google's Project Zero discovered a new security feature that Apple put into place with its latest update to iOS 14 to patch a vulnerability in the messaging app.
February 26, 2021
The Bleeping Computer reported this week that threat actors are using Plex Media Server to execute and amplify Distributed Denial of Service or DDoS attacks across the globe.
February 24, 2021
It's bad enough that hackers are running rampant these days committing fraud, stealing millions, and exposing data, but now they are also trying to poison people.
February 23, 2021
The news surrounding the SolarWinds attack just keeps on coming in different forms. This time China is linked to a separate attack using SolarWinds vulnerabilities.
February 22, 2021
It wasn't that long ago that Spotify denied a data breach while hundreds of customers complained about their accounts being hacked.
February 19, 2021
As the United States stands at the cusp of tax season, Americans should brace themselves for even more malicious yet highly believable tax scams making the rounds now in the U.K. The U.K. files their taxes on January 31st, so most residents have already filed but many are getting these scams delivered as SMS.
February 18, 2021
Last Thursday, Google removed "The Great Suspender" from the Chrome Web Store and disabled the malware-infected extension from users' computers.
February 17, 2021
Tens of thousands of patients' data shows up on the dark web from two U.S. hospitals. Extensive patient data is exposed in this hack attack.
February 15, 2021
According to the Seattle Times yesterday, the Washington state auditor's office suffered a major data breach back in December, when hackers broke into the software the office uses for claims.
February 12, 2021
The Bleeping Computer reported on January 28 that UScellular suffered a major data breach after hackers accessed its CRM software system.
February 11, 2021
Ring doorbell is a favorite among home security enthusiasts. They will be delighted to hear that Amazon just improved the Ring doorbell by adding end-to-end encryptions to its video feeds to keep hackers out.
February 10, 2021
The bad guys keep getting better and better at what they do, and now the good guys are following suit. Intel has partnered with Cybereason to build anti-ransomware security into their 11th generation Core vPro Business Class processors.
February 09, 2021
In another big win for the good guys, Bulgaria and the U.S. teamed up to seize a dark web site used by the NetWalker gang. The group had been using this website to post data they stole in various hacking and ransomware incidents.
February 08, 2021
Europol reported last week that a joint venture between them and other law enforcement agencies (from eight nations) allowed them to take control of the Emotet botnet.
February 05, 2021
On the heels of the news that WhatsApp is drastically changing its privacy policy, opening up doors where before there were none, Signal is gaining traction as the best alternative to WhatsApp.
February 02, 2021
ADT home security service is supposed to keep you safe and keep the bad guys out. However, an ADT security technician was caught hacking customer systems to spy on women.
February 01, 2021
Amazon recently patched three vulnerabilities in the Kindle e-reader platform that would have allowed a bad actor to compromise the device, take over and even steal your money.
January 29, 2021
The SolarWinds supply chain attack is a bomb that just keeps ticking. Another variant of malware was discovered, and threat researchers have nicknamed it "Raindrop."
January 27, 2021
The Apple ecosystem (macOS, iOS, WatchOS, and iPadOS) is known to be very robust and resistant to outside threats. However, recently Apple removed a feature from Big Sur (the latest version of macOS) that allowed apps to bypass the firewall.
January 26, 2021
In December 2020, hackers invaded Livecoin cryptocurrency and took over their servers. The company was forced to shut down operations and give up the domain that was stolen.
January 22, 2021
As more information is unearthed about the SolarWinds attack, the most recent information reveals that hackers were able to bypass MFA (multi-factor authentication) to breach systems and email accounts.
January 21, 2021
Major appliance manufacturer Whirlpool announced in December that in November 2020 that they were the victim of ransomware.
January 20, 2021
The Scottish Environmental Protection Agency (SEPA) was attacked in December by the cyber gang known as Conti. Along with a ransom demand, the cybercriminals also exfiltrated and leaked data on the dark web.
January 15, 2021
Check Point Research reported today that a dark web vendor "Triangulum" has teamed up with another hacker to create a remote access Trojan (RAT) that can take over an Android device stealing photos, contacts, messages, and locations, from apps like Facebook, Instagram, WhatsApp, Skype, Telegram, Kik, Line, and Google Messages.
January 14, 2021
The evidence is mounting that the Russian government initiated the attack on the SolarWinds supply chain and other agencies. What is the Link?
January 13, 2021
Another in the long list of affected agencies, the U.S. federal court system admitted last week that they too had been hacked in the SolarWinds incident.
January 12, 2021
The former head of the CISO (U. S. Cybersecurity Infrastructure and Security Agency) and former Facebook security expert Alex Stamos were hired by SolarWinds to get them back on track and make sense of what happened.
January 08, 2021
Zyxel is a major player when it comes to network products. But The Hacker News reported on January 1 that a critical vulnerability had been discovered in its firmware putting users of its Firewall/VPN products at extreme risk.
January 07, 2021
WhatsApp is changing its privacy policy, and you need to know what it says. If you do not agree to share your private information with other Facebook companies, your account will be deleted.
January 06, 2021
A British judge ruled that Julian Assange cannot be extradited to the U.S. to stand trial on charges of espionage linked to his founding and use of WikiLeaks.
January 05, 2021
T-Mobile experienced a data breach in early December, and on Tuesday, they announced that some of its customers' proprietary network information (CPNI) might have been exposed.
January 04, 2021
Ticketmaster was fined $10 million after hacking into a rival company to steal information, proving not only do we have to worry about hackers but also legitimate companies who decide to dip their toes into nefarious cyber crimes.
January 01, 2021
The Hacker News reported this week that a Google bug could have allowed hackers to view and take screenshots of your private documents.
December 31, 2020
In Japan, a Kawasaki server was breached back in June, and we are now hearing that the hackers may have gained access to defense-related information in the breach.
December 30, 2020
Various data breaches have taken place across the globe in recent years, and millions of people's personal information are available online and at risk of identity theft.
December 29, 2020
Threatpost and The Hacker News have reported that Microsoft's local privilege-escalation bug (LPE) could allow hackers to take complete control of your system and it is still alive despite a fix.
December 28, 2020
Emotet reemerged after a two-month hiatus just in time for the holidays and according to Threatpost, have been targeting 100,000 victims per day.
December 25, 2020
Regardless of whether someone is responsible for securing a website or a corporate server, if even one setting is misconfigured, it could lead to a major data breach with far-reaching consequences that affect the company's customers, vendors, employees, and the company reputation.
December 24, 2020
In a joint effort, the FBI and Interpol took down servers used by Joker's Stash, a notorious marketplace famous for selling stolen credit card data on the dark web.
December 23, 2020
The SolarWinds Orion attack has such far-reaching consequences. Not only were more agencies affected than previously thought, but the data breach of the U.S. Treasury Department was also much worse than we were led to believe.
December 22, 2020
iPhone users generally believe that their phones are un-hackable. In many cases, they would be correct. However, although the iOS system is far superior in terms of keeping the bad guys out, it is not infallible.
December 21, 2020
After last week's report of the SolarWinds Orion attack, threat assessors are scrambling to determine who was affected and how to clean up the enormous post-hacking mess.
December 18, 2020
A former Cisco employee connected to Cisco's AWS servers without authorization after he no longer worked there and destroyed 456 virtual machines and deleted more than 16,000 WebEx accounts.
December 17, 2020
Threatpost and Palo Alto Networks reported that there is a new Trojan on the horizon that steals Outlook files as well as many other functions.
December 16, 2020
Last week ThreatPost reported that Facebook identified and shut down various accounts and pages used by scammers to infect users with malware and conduct fraud through phishing campaigns.
December 15, 2020
This past weekend, the U.S. Commerce Department, the Information Administration (NTIA), and U.S. Treasury admitted to an attack by a state-backed hacker group APT29, aka Cozy Bear, who attacked top cybersecurity firm FireEye last week stealing Red pen resources.
December 14, 2020
Microsoft users beware: the OS giant has recently discovered a new strain of malware dubbed Adrozek that modifies Firefox, Edge, Yandex, and Chrome browsers on Windows machines and injects ads into their search engine results.
December 11, 2020
A new report has come out that many D-Link VPN routers are at serious risk of hacking and remote control due to three major vulnerabilities.
December 10, 2020
Let this be a lesson; no one is immune to hacking. Top cybersecurity firm FireEye was hacked by a nation-state they called a "highly sophisticated threat actor," and the thieves stole Red Team penetration tools, which are the tests and resources they use to test the security of client's assets.
December 09, 2020
Forescout Technologies discovers millions of IoT devices are at risk due to a batch of serious TCP/IP flaws that could result in device takeover, denial of service attacks, or remote execution of malicious code.
December 08, 2020
Egregor ransomware is making headlines again, this time attacking Randstad, retail giant Kmart, and Vancouver's metro transit system.
December 07, 2020
With so many hackers stealing identities and filing tax returns fraudulently, the IRS has decided to open up their ID Protection PIN Program to everyone in 2021.
December 04, 2020
Threatpost reported on December 1, 2020, that Magecart hackers are using a new credit card skimming technique to fake PayPal pop-ups on retail sites.
December 03, 2020
Endemol Shine Group, an Amsterdam-based TV show production company responsible for hits like Master Chef, The Voice, and Big Brother, was the victim of a ransomware attack by a notorious hacker gang dubbed DoppelPaymer.
December 02, 2020
Sophos, a giant cybersecurity firm in the UK, recently warned customers about a possible data leak due to a misconfigured internal security system.
December 01, 2020
It's not often that the good guys get to celebrate a win, but a huge one was recently earned by Interpol, who busted a large Nigerian BEC gang as reported by DataBreach Today and The Hacker News.
November 30, 2020
With talk of a COVID vaccine just around the corner, it comes as no surprise that hackers have been targeting healthcare organizations, but as reported on November 27 by Reuters, a North Korean gang of hackers tried to take over computer systems at AstraZeneca, one of the top drugmakers promising the cure.
November 27, 2020
The Hacker News reported this week that a Facebook Messenger Bug on Android allows hackers to listen in on calls and gather information for identity theft and fraud.
November 26, 2020
A man in Florida received a 3-year prison sentence for a bank account takeover scam where he stole and laundered $9 million. The man, Igor Buzyukov, pleaded guilty in a Florida court last week.
November 25, 2020
GoDaddy domain registrar and hosting company is no stranger to hacks and interruption of service by cybercriminals. The latest attack suffered last week by digital service giant GoDaddy tricked their employees into giving out information for a few cryptocurrency companies.
November 24, 2020
Widely used Christian app Pray. com exposed 10 million people's personally identifiable information (PII) because of a misconfigured cloud storage space.
November 23, 2020
Last week President Donald Trump fired the beloved director of the Department of Homeland Security's Cybersecurity Infrastructure and Security Agency, Christopher Krebs.
November 20, 2020
There is a relatively new technique that criminals aptly nicknamed "porch pirates" are using to steal from innocent victims. They lay in wait, surveilling your porch and wait for you to get deliveries from Amazon or other retailers and then run up and snatch the boxes off your porch.
November 19, 2020
Despite the current economic climate and dealing with the pandemic, stores are bursting with eager customers trying to get their holiday shopping done early.
November 18, 2020
With Thanksgiving fast approaching and the holidays quickly on its heels, now is a time of big sales. With the pandemic, more people than ever before are shopping online and looking for the best deals.
November 17, 2020
Ticketmaster, the leading seller of sports, music, and artistic show tickets were fined #1. 7 million by the British Information Commissioner's Office over serious violations of EU's General Data Protection Regulations.
November 16, 2020
Outdoor sporting gear giant The North Face suffered a major credential stuffing attack in early October and, as Threatpost and Binary Defense reported last week.
November 13, 2020
Cybercriminals hacked more than 28,000 online shopping carts built on Magento Software. If your website runs on Magento, you should update your version immediately.
November 12, 2020
CyberNews reported this week that more than 130K explicit pictures, audio clips, and videos were leaked from a database that belongs to a private social network.
November 11, 2020
The data breach of Marriott Hotels occurred in January 2020. The large Hotel chain did not discover the breach until February 2020.
November 10, 2020
There is a lot of speculation surrounding how things will change once Joe Biden takes office as president of the United States.
November 09, 2020
Everything has ramped up in 2020, especially hackers, cybercriminals, and their techniques. Threat researchers recently discovered that hackers are using Gitpaste-12 botnet to target Linux and IoT devices.
November 06, 2020
DataBreachToday reported this morning that Texas-based Rackspace, a large, respected cloud hosting provider, had been the victim of hacker exploits for an unknown period of time.
November 05, 2020
ZDNet reported yesterday that 23,000+ hacked databases were leaked on several dark web forums and Telegram channels. Threat assessors are shocked at the magnitude of this exposure, especially since Cit0Day was shut down recently. Cit0DayCit0Day.
November 04, 2020
It's very rare that you hear of a hacker group actually announcing their retirement, but as DataBreach Today reported on November 2, the Maze hacker gang is doing just that.
November 03, 2020
Last Thursday, the University of Vermont Health Network was attacked by a hacker group intent on disrupting their operations.
November 02, 2020
On October 30, Bloomberg reported that criminals posted an ad on the dark web claiming to have more than 10,000 Robinhood investment accounts for sale.
October 30, 2020
Both Hacker News and ZDNet have reported sightings of the infamous KashmirBlack botnet that is attacking and hijacking hundreds of thousands of CMS websites.
October 29, 2020
Throughout the COVID-19 pandemic, hackers have waged countless ransomware attacks—the latest was delivered via a fake COVID-19 survey, and the victim was a Canadian university.
October 28, 2020
Yesterday President Donald Trump's campaign website was seized by cryptocurrency hackers who took over the website and posted their own message alleging they have access to confidential government information.
October 27, 2020
With only a few more days left in the U.S. presidential election, hackers and thieves are stepping up their game and attacking all avenues to affect the outcome.
October 26, 2020
A new threat of ransomware called Egregor is hitting the streets hard and attacking corporate data that the hijackers then threaten to leak.
October 23, 2020
With every U.S. American on the edge of their seats awaiting the outcome of this year's presidential election, hackers and cybercriminals are wasting no time trying to manipulate the results.
October 22, 2020
Google updated its signature browser Chrome on Tuesday, October 20, to patch a whole host of severe security issues, including a zero-day vulnerability that could allow cybercriminals to hijack affected computers.
October 21, 2020
Alarmingly, DataBreaches. net reported today that for the past couple of years, the giant pharmaceutical company Pfizer leaked sensitive patient data using a vulnerable Google cloud storage bucket.
October 20, 2020
Schools across the country are under attack from identity thieves exposing student records and parents' information. Children's social security numbers are like the golden key to the city, and hackers are targeting school databases to fill their pockets.
October 19, 2020
Since February, when the pandemic began, consumers have logged more than 205,000 complaints of fraud related to coronavirus with the FTC.
October 16, 2020
In August, cybercriminals hacked into Carnival Cruise Line's system and gained access to guest, crew, and employee data for three brands: Carnival Cruise Line, Holland America Line, and Seabourn.
October 15, 2020
Cybersecurity experts are noting that cybercriminal gangs are diversifying with double-extortion ransomware tactics and using Clop as their tool of choice.
October 14, 2020
In a joint effort, Microsoft, along with government agencies and some big-name tech firms, took down the network (botnet) that served as a conduit for the notorious TrickBot, effectively thwarting cybercriminals at least for now.
October 13, 2020
A technique first used in 2018 has allowed cybercriminal gangs to bilk $22 million from Bitcoin users. ZDNet reported on Monday that by pushing a fake update to users of the Electrum Bitcoin app, thieves installed malware stealing money from hundreds of accounts.
October 12, 2020
Android users are under attack by a new type of mobile ransomware that activates and locks your screen when you get an incoming call or push the home button.MalLocker.
October 09, 2020
The FBI is urgently warning consumers that their IoT devices are vulnerable to hackers who can tap into them using malware and see and hear everything you are doing.
October 08, 2020
Last week Sonatype, security researchers, found two malicious codes buried in NPM packages on the NPM (Node Package Manager) downloads repository.
October 07, 2020
During this highly contentious presidential election, hackers are working overtime phishing for social security numbers, driver's license numbers, dates of birth, and more.
October 06, 2020
According to research firm CyberARK, most popular anti-malware programs include bugs that allow hackers to increase their privileges on the system and take control.
October 05, 2020
Blackbaud software was victim to a ransomware attack last May, and new information suggests that clients may have lost more than just basic information.