June 23, 2021
Threatpost reports that X-rated phishing campaigns have increased by 974 percent. These explicit emails are a form of social engineering BEC attack designed to shock users into clicking a link.
June 22, 2021
Threat researchers have discovered dozens of Google PPC ads that link to malicious websites laced with Redline, Taurus, Tesla, and Amadey malware (info stealers).
June 21, 2021
Recently, GitHub made a change to its policies to prevent malicious hackers from exploiting code through updates or versioning.
June 18, 2021
President Joe Biden has taken a hard line against Russia in terms of cybersecurity sanctions. However, as these organized crime groups use U.S. security tools against us, it severely limits his retaliation options.
June 17, 2021
For 18 long months, the FBI and other global law enforcement agencies worked tirelessly on a lengthy sting operation using a fake encrypted communications platform used by cybercriminals to plan their heists.
June 16, 2021
It's no news to anyone that data breaches have flooded the dark web with millions of user credentials. However, last Wednesday, NordLocker, a security products company, posted on their blog that a hacker group accidentally exposed 26 million stolen passwords while trying to sell them.
June 15, 2021
The Bleeping Computer reported on June 12 that both Audi and Volkswagen experienced a serious data breach exposing unsecured customer information online.
June 11, 2021
It appears that the Solar Winds attackers are not done with us yet. A report from Data Breach Today on May 28 confirms that Microsoft has discovered yet another attack from the same group.
June 11, 2021
Yesterday (May 24), the BleepingComputer reported that audio equipment giant Bose recently disclosed a data breach following a ransomware attack that occurred in March.
June 10, 2021
U.S. insurance giant CNA Financial recently paid hackers $40 million to release their systems from ransomware. The cyberattack occurred in late March.
June 10, 2021
The world runs on reviews nowadays. Before anyone buys a product, they read reviews, consult social media, and look for other online sources of information.
June 09, 2021
The Hacker News reported on June 2 that a Russian-language forum on the dark web has been running a contest for the past month asking hackers to submit ideas for "unorthodox" cryptocurrency attacks.
June 09, 2021
In a perfect example of irony, cybersecurity insurance company AXA decides to stop covering ransomware payments and is hit with a ransomware attack a week later.
June 08, 2021
On June 8, Amazon will roll out its new feature called Sidewalk that shares internet access with your neighbors. Users of devices like Echo, Ring Video Doorbells, Ring Floodlight Cameras, and Ring Spotlight Cameras have the option of opting out if they do not want this.
June 08, 2021
The Covid pandemic has affected the entire world in various ways. Hackers have repeatedly used it as a foothold to gain access to networks and devices by exploiting fears, spreading misinformation, and duping innocent victims.
June 07, 2021
On the heels of the Colonial Pipeline ransomware attack that halted operations and caused a temporary fuel shortage, the White House is quickly responding to another attack on the JBS meat processing plant.
June 04, 2021
Identity theft is on the rise, and one tactic criminals use to get personal information is through fake job ads. KrebsonSecurity reported last week about a recent scam duping more than 100 victims on LinkedIn before it was discovered, and the fraudulent ads removed.
June 03, 2021
The problem of ransomware does not just affect the U.S. A New Zealand hospital was hit last week, having to cancel surgeries and turn away patients.
June 02, 2021
The Colonial Pipeline attack was a wake-up call for consumers and government agencies who realize that our country's infrastructure is at extreme risk of takedown at any moment.
June 01, 2021
On May 20, the Federal Bureau of Investigations (FBI) issued a flash warning that the Conti ransomware gang is a serious and persistent threat to medical and emergency services with the potential to disrupt care and treatment.
June 01, 2021
In just nine short months, the ransomware gang dubbed DarkSide has netted more than $90 million from victims worldwide. Experts are calling this group one of the most profitable cybercriminal groups in history.
May 27, 2021
Microsoft has been under fire lately for dozens of new zero-day flaws that have come to light under threat assessor scrutiny.
May 26, 2021
The dark web is known as the place to go if you want the ultimate in privacy and security. According to Hacker News, a new study revealed that an unknown hacker controlled 27% of the Tor network exit capacity in February 2021.
May 25, 2021
On Wednesday, President Biden signed into law an executive order outlining a comprehensive plan to boost security across public and private sectors regarding cybersecurity.
May 24, 2021
Threat experts warn Android users of a new strain of malware designed to steal user credentials, passwords and take complete control of Android devices for financial fraud.
May 21, 2021
According to InfoSecurity Magazine, The Federal Trade Commission (FTC) reported that Kansas had the highest rate of identity theft in 2020 and more than three times the national average.
May 21, 2021
New tactics are used every day by hackers trying to get a foot in the door using malware to take over victims' computers. Another in an endless sea of options is using the Microsoft Build Engine (MBE) to filelessly deliver malware to targeted victims.
May 19, 2021
According to multiple sources this week, the notorious hacker gang dubbed DarkSide has decided to close up shop after their servers were seized and someone drained their cryptocurrency account.
May 18, 2021
Threat researchers had discovered that Peloton exercise products and installed API might have leaked the credentials and private data for millions of users before it was recently patched.
May 17, 2021
Top technology players like Microsoft, Amazon, Cisco, FireEye, and McAfee are joining forces with government agencies such as the Department of Justice (DOJ), Europol, and the U.K. National Crime Agency in a task force trying new ways of taking down cybercriminals.
May 14, 2021
Krebs on security reported on April 28 that Experian quietly fixed a bug in its API that exposed tens of millions of Americans' credit score to anyone who looked them up.
May 14, 2021
On Saturday, Colonial Pipeline, which delivers 45% of the East Coast's fuel, had to be shut down due to a ransomware attack.
May 13, 2021
Dell has issued a firmware update to fix a bug that went undetected since 2009, in hundreds of millions of Dell computers and laptops worldwide.
May 12, 2021
CloudSEC security intelligence created a tool called BeVigil which identified 40+ apps with more than 100 million installs that were found to be leaking AWS keys all over the place.
May 11, 2021
Along with the Covid-19 pandemic came a flurry of bad actors aimed and ready to swoop in and take control while the rest of us were looking the other way.
May 10, 2021
If you think you have heard it all when it comes to hackers finding ways to make a buck, think again. SC Magazine reported this week that the DarkSide ransomware group is offering insider stock tips to traders before they hit a major target and the stock prices fall.
May 06, 2021
Security experts recommend as part of security best practices to use a password manager. However, the last thing they expect is for that password manager to be compromised by an attack.
May 06, 2021
Info Security Group online magazine reported that Wyoming's Department of Health (WDH) accidentally exposed 25% of the state population's personally identifiable medical information through GitHub.com.
May 06, 2021
InfoSecurity Group magazine reported that First Horizon Bank experienced a data breach where more than 100 online customer accounts were accessed, and funds drained from them.
May 04, 2021
In an interesting turn of events, the ransomware gang dubbed "the Babuk group" is threatening Washington, D.C.'s Metropolitan Police Department with the release of names of private informants.
May 04, 2021
Large, popular cryptocurrency exchange EXMO was knocked offline by a massive DDoS attack on February 15. The incident prevented users from accessing accounts, and the company's website was down for more than two hours.
April 30, 2021
After the SolarWinds supply chain attack, there was a lot of speculation about those responsible. This week, the U.S. government and Biden administration formally sanctioned Russia, citing the SolarWinds attack and its involvement in disruptive tactics related to the 2020 election campaign.
April 29, 2021
Infosecurity Magazine reported this week that dating website Manhunt suffered a data breach.
What Happened?
According to a data breach notice filed on April 1 with the Washington attorney general's office, Manhunt was the subject of a data breach that occurred in February.
April 29, 2021
Homebrew users should take notice that a glaring RCE flaw in the Homebrew repository system could have allowed bad actors to use a fraudulent update to execute malicious code on the user's machine.
April 28, 2021
The REvil (Sodinokibi) hacker gang demands $50 million from Apple and Taiwanese manufacturer Quanta after stealing Apple device blueprints and threatening to leak them.
April 28, 2021
TechCrunch reported on April 19 that Geico, one of the largest auto insurance companies in the country, disclosed a data breach to the California attorney general's office, citing that hackers had been stealing customers' driver's license numbers for months.
April 27, 2021
Ukrainian national Fedir Hladyr (35) was sentenced to 10 years in federal prison for his involvement in the theft of millions of payment cards while he worked for the notorious cybercriminal gang FIN7.
April 27, 2021
Cybercriminals are using BazarLoader malware to attack Slack and BaseCamp users with social engineering tactics. Threat actors have combined it with a phone call component to increase the number of victims.
April 23, 2021
Popular social media app Clubhouse was hacked, and 1. 3 million users' data breached online on a hacker forum, yet the company denies any type of hack or breach.
April 23, 2021
In another, in a long line of tactics to infect computers and devices with malware, attackers are using legitimate website contact forms to send emails with fake business links and legal threats.
April 22, 2021
On April 6, 2021, the Cybersecurity & Infrastructure Security Agency (CISA) released a warning that cybercriminals are actively targeting known vulnerabilities in SAP applications that could allow them to take over the app, infect network systems and take complete control.
April 22, 2021
Five hundred million Facebook users' phone numbers and email addresses were recently leaked on the dark web, and news reports indicate that Facebook had years to fix the problem (before the 2019 data breach took place).
April 21, 2021
Ransomware has become the name of the game for hackers. Over the past year, we have seen a massive uptick in companies and government agencies attacked using encryption and ransom demands.
April 21, 2021
Who doesn't love Netflix? Everyone! That is what cybercriminals are counting on because they recently placed a fake Netflix app in the Google Play store for download on Android devices.
April 20, 2021
According to the Justice Department, a 28-year-old Texas man was charged this week with trying to purchase explosives from an undercover FBI agent to blow up an Amazon Web Services (AWS) data center in Virginia.
April 19, 2021
The U.S. Department of Justice gave the FBI permission to access hundreds of computers across the nation to remove damaging back door access from Microsoft Exchange Servers.
April 19, 2021
You cannot turn on the news these days without hearing about another ransomware attack. Last week, the Conti ransomware gang targeted the Broward County Public Schools and demanded a shocking $40 million ransom.
April 15, 2021
Suddenly this week, huge collections of data are being sold on the dark web from social media breaches. Another in the lineup is 500 million LinkedIn users' accounts for sale on the dark web.
April 13, 2021
Cybercriminals find new ways each day to try to commit fraud, theft and circumvent the law. In an ingenious move, hackers have targeted cybersecurity insurance firm CNA Financial for a list of well-funded targets for ransomware.
April 12, 2021
Cybercriminals just keep upping the ante to find new and interesting ways to dupe the public and infect computers and devices with malware.
April 09, 2021
It seems that data breaches from 2019 are flooding the internet with flashbacks and more damage. Last Friday, The Bleeping Computer reported that more social security numbers than previously thought were exposed in the July 2019 Capital One data breach.
April 08, 2021
An anonymous whistleblower exposes Ubiquiti's hacking incident as catastrophic and reveals that they attempted to cover it up, putting customers at risk.
April 07, 2021
Personal Touch Holding Corp. suffered a data breach affecting 753,000 patients, employees, and ex-workers due to a cloud service ransomware attack.
April 06, 2021
MobiKwik, an Indian mobile payment app suffered a major data breach earlier this year, and millions of users' personal account information were leaked on the dark web.
April 06, 2021
Facebook's many data breaches have far-reaching effects. This past week, a security researcher found more than 533 million Facebook accounts on display on the dark web for all to see.
April 05, 2021
FatFace, a UK retail clothing chain, is facing a lot of hot criticism over their handling of a recent data breach. In a notification to customers, they royally botched the situation, and everyone is talking about it.
April 02, 2021
Another in an ongoing series of hackers attacking developer resources, last week The Bleeping Computer reported that the PHP Git repository was hacked in an attempt to add a backdoor to the PHP source code.
April 01, 2021
A Russian hacker targeted Tesla car company and had planned to install malware into their network. His plan was to extort millions from the high-end car manufacturer.
March 31, 2021
Since the pandemic began, Zoom has become the go-to solution for meetings, classes, and business conferences. However, Zoom is not without its share of issues.
March 30, 2021
Last week, the Bleeping Computer reported that computer giant Acer was hit hard by a REvil ransomware attack with a hefty $50 million price tag.
March 29, 2021
Nefarious criminals are loading Xcode developer projects with malware designed to compromise the Xcode network targeting developers and researchers.
March 26, 2021
Threat researchers have recently uncovered a malicious malware called CopperStealer that has gone undetected since 2019 but has attacked major business accounts with Google, Facebook, Apple, Amazon, Instagram, other social media platforms.
March 25, 2021
Most websites are hosted on Linux servers, and unfortunately, that platform is under siege by a new threat called RedXOR malware.
March 24, 2021
President Biden originally proposed a $10 billion relief package for IT and cybersecurity modernization, and with the American Rescue Plan bill that just passed, the amount was reduced to only $2 billion.
March 23, 2021
Directly after Microsoft revealed four new zero-day flaws in Microsoft Exchange, Chinese hacker groups started scrambling to find vulnerable machines, and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency warning of "active exploitation.
March 22, 2021
Microsoft has been in the news a lot lately related to flaws and in-the-wild exploited bugs in their operating system and related products.
March 19, 2021
Scammers are using a fake Google reCAPTCHA tool in a phishing campaign aimed at high-ranking employees at global organizations in an attempt to snag login credentials.
March 18, 2021
Threatpost reported last week that a major airline service provider SITA, which provides IT services and communications for about 90% of global airlines, was attacked and data breached.
March 17, 2021
Threat researchers found another bug in the Apple ecosystem, this one affecting the "Find My" feature that could have leaked historical data about user's locations.
March 16, 2021
In an odd twist of fate, last week, The Hacker News reported that an elite hacker and cybercrime forum called Maza was hacked by another cyber terrorist group.
March 15, 2021
As threat researchers continue to sift through the debris from the massive SolarWinds supply chain attack, three new strains of malware are discovered.
March 11, 2021
WordPress is one of the most popular website-building platforms, it is also the target for many malicious hacker criminals.
March 04, 2021
The Hacker News reported last week that celebrities had lost millions in a SIM swapping heist. U.S. authorities have arrested ten individuals accused of hijacking cell phones for high-profile Americans.
March 03, 2021
Apple plans on enhancing its privacy features with the upcoming update to iOS version 14. 5, protecting users' IP addresses even further.
March 02, 2021
The popular SHAREit Android app has been downloaded more than one billion times. In fact, it is one of the most popular apps on the Google Play store.
March 01, 2021
As reported by The Hacker News, last Thursday, Google's Project Zero discovered a new security feature that Apple put into place with its latest update to iOS 14 to patch a vulnerability in the messaging app.
February 26, 2021
The Bleeping Computer reported this week that threat actors are using Plex Media Server to execute and amplify Distributed Denial of Service or DDoS attacks across the globe.
February 24, 2021
It's bad enough that hackers are running rampant these days committing fraud, stealing millions, and exposing data, but now they are also trying to poison people.
February 23, 2021
The news surrounding the SolarWinds attack just keeps on coming in different forms. This time China is linked to a separate attack using SolarWinds vulnerabilities.
February 22, 2021
It wasn't that long ago that Spotify denied a data breach while hundreds of customers complained about their accounts being hacked.
February 19, 2021
As the United States stands at the cusp of tax season, Americans should brace themselves for even more malicious yet highly believable tax scams making the rounds now in the U.K. The U.K. files their taxes on January 31st, so most residents have already filed but many are getting these scams delivered as SMS.
February 18, 2021
Last Thursday, Google removed "The Great Suspender" from the Chrome Web Store and disabled the malware-infected extension from users' computers.
February 17, 2021
Tens of thousands of patients' data shows up on the dark web from two U.S. hospitals. Extensive patient data is exposed in this hack attack.
February 15, 2021
According to the Seattle Times yesterday, the Washington state auditor's office suffered a major data breach back in December, when hackers broke into the software the office uses for claims.
February 12, 2021
The Bleeping Computer reported on January 28 that UScellular suffered a major data breach after hackers accessed its CRM software system.
February 11, 2021
Ring doorbell is a favorite among home security enthusiasts. They will be delighted to hear that Amazon just improved the Ring doorbell by adding end-to-end encryptions to its video feeds to keep hackers out.
February 10, 2021
The bad guys keep getting better and better at what they do, and now the good guys are following suit. Intel has partnered with Cybereason to build anti-ransomware security into their 11th generation Core vPro Business Class processors.
February 09, 2021
In another big win for the good guys, Bulgaria and the U.S. teamed up to seize a dark web site used by the NetWalker gang. The group had been using this website to post data they stole in various hacking and ransomware incidents.
February 08, 2021
Europol reported last week that a joint venture between them and other law enforcement agencies (from eight nations) allowed them to take control of the Emotet botnet.
February 05, 2021
On the heels of the news that WhatsApp is drastically changing its privacy policy, opening up doors where before there were none, Signal is gaining traction as the best alternative to WhatsApp.
