Threats and Malware
January 24, 2024
Via: The RegisterFor most organizations – especially security vendors – disclosing a corporate email breach, in which executives’ internal messages and attachments were stolen, would noticeably ding their stock prices. But Microsoft apparently doesn’t operate by the laws of Wall Street. Late […]
Threats & Malware, Vulnerabilities
January 24, 2024
Via: SecureWorldOn January 9, during a period of heightened anticipation surrounding the potential approval of Bitcoin exchange-traded funds (ETFs), an unauthorized post appeared on the SEC’s X account claiming the approval had been granted. This triggered a surge in Bitcoin’s price […]
January 23, 2024
Via: The RegisterAustralia’s government has used the “significant cyber incidents” sanctions regime it introduced in 2021 for the first time, against a Russian named Aleksandr Gennadievich Ermakov whom authorities have deemed responsible for the 2022 attack on health insurer Medibank Private. The […]
January 23, 2024
Via: The RegisterA Baltimore man faces a potential maximum 20-year prison sentence after being charged for his alleged role in running an online service that sold personal data which was later used for financial fraud. Chouby Charleron is alleged to be behind […]
Threats & Malware, Virus & Malware
January 22, 2024
Via: The RegisterRansomware is used by cybercriminals to steal and encrypt critical business data before demanding payment for its restoration. It represents one of, if not the most, serious cybersecurity threat currently facing governments, public/private sector organizations and enterprises around the world. […]
January 22, 2024
Via: The RegisterConor Brian Fitzpatrick – aka “Pompourin,” a former administrator of notorious leak site BreachForums – has been sentenced to 20 years of supervised release. Fitzpatrick was arrested and charged in March 2023. Authorities accused him of running the site, which […]
January 22, 2024
Via: The RegisterAerCap, the world’s largest aircraft leasing company, has reported a ransomware infection that occurred earlier this month, but claims it hasn’t yet suffered any financial losses yet and all its systems are under control. In a US Securities and Exchange […]
January 19, 2024
Via: The RegisterVF Corporation, parent company of clothes and footwear brands including Vans and North Face, says 35.5 million customers were impacted in some way when criminals broke into their systems in December. The announcement was made in a Thursday 8-K/A filing […]
Threats & Malware, Virus & Malware
January 18, 2024
Via: The RegisterSecurity researchers have pinned a DDoS botnet that’s infected potentially millions of smart TVs and set-top boxes to an eight-year-old cybercrime syndicate called Bigpanzi. At least 170,000 bots were running daily at the campaign’s height after infecting Android-based TVs and […]
Threats & Malware, Virus & Malware
January 17, 2024
Via: The RegisterCrooks are exploiting years-old vulnerabilities to deploy Androxgh0st malware and build a cloud-credential stealing botnet, according to the FBI and the Cybersecurity and Infrastructure Security Agency (CISA). In a joint warning issued on Tuesday, the US government agencies said the […]
Threats & Malware, Virus & Malware
January 17, 2024
Via: The RegisterPublicly exposed PostgreSQL and MySQL databases with weak passwords are being autonomously wiped out by a malicious extortion bot – one that marks who pays up and who is not getting their data back. Origin unknown, the bot is routinely […]
Threats & Malware, Vulnerabilities
January 16, 2024
Via: The RegisterGitLab admins should apply the latest batch of security patches pronto given the new critical account-bypass vulnerability just disclosed. Tracked as CVE-2023-7028, the maximum-severity bug exploits a change introduced in version 16.1.0 back in May 2023 that allowed users to […]
Threats & Malware, Vulnerabilities
January 16, 2024
Via: The RegisterVMware and Atlassian today disclosed critical vulnerabilities and, while neither appear to have been exploited by miscreants yet, admins should patch now to avoid disappointment. First off, a pair of issues from Atlassian. Most serious is CVE-2023-22527, a template injection […]
Threats & Malware, Virus & Malware
January 16, 2024
Via: TechRadarHackers were pretending to be Coinbase and used well-crafted phishing pages to steal people’s cryptocurrency hauls, according to a report from cybersecurity researchers Group-IB. As per the report, between November 2022 and 2023, an unnamed group of hackers operated a […]
Threats & Malware, Virus & Malware
January 12, 2024
Via: The RegisterThe popularity of Github has made it too big to block, which is a boon to dissidents ducking government censors but a problem for internet security. GitHub says it is used by more than 100 million developers around the world. […]
January 11, 2024
Via: SecureWorldThe U.S. Securities and Exchange Commission’s (SEC) account on X (formerly Twitter) was briefly compromised on Tuesday, January 9, sending shockwaves through the cryptocurrency market and raising serious questions about the agency’s cybersecurity practices. A fake post announcing the approval […]
January 10, 2024
Via: The RegisterFidelity National Financial now says criminals got hold of data belonging to 1.3 million customers after breaking into its IT network in November. The mortgage giant, which has assets totaling $74 billion and is one of the largest providers of […]
Threats & Malware, Virus & Malware
January 9, 2024
Via: The RegisterSecurity researchers have put out an updated decryptor for the Babuk ransomware family, providing a free solution for victims of the Tortilla variant. A collaboration between Cisco Talos, Avast, and the Netherlands police led to the development of the new […]
Threats & Malware, Vulnerabilities
January 9, 2024
Via: The RegisterMicrosoft rang in the New Year with a relatively calm Patch Tuesday: Just 49 Windows security updates including fixes for two critical-rated bugs, plus four high-severity Chrome flaws in Microsoft Edge. None of the January CVEs are under active exploit, […]
Threats & Malware, Virus & Malware
January 8, 2024
Via: SecureWorldU.S. mortgage lender loanDepot has fallen victim to a cyberattack, prompting the company to take swift action by temporarily shutting down its IT systems and online payment portals. With approximately 6,000 employees and a loan servicing portfolio exceeding $140 billion, […]