Top

Tag: Featured


Threats & Malware, Virus & Malware

The FBI’s Perspective on Ransomware

January 4, 2023

Via: The Hacker News

In April 2021, Dutch supermarkets faced a food shortage. The cause wasn’t a drought or a sudden surge in the demand for avocados. Rather, the reason was a ransomware attack. In the past years, companies, universities, schools, medical facilities and […]


Cyber-crime, Phishing

This new phishing campaign is targeting security experts across the globe

January 4, 2023

Via: TechRadar

A new phishing campaign has been discovered targeting cybersecurity professionals and hacking aficionados with the idea of stealing their cryptocurrency and obtaining sensitive identity(opens in new tab) information. At the center of this attack is Flipper Zero – a portable […]


Mobile, Mobile security, Threats & Malware, Vulnerabilities

Nearly 300 Vulnerabilities Patched in Huawei’s HarmonyOS in 2022

January 3, 2023

Via: Security Week

Huawei smartphones and other devices ran Android until 2019, when the US government barred American companies from selling software and technology to the Chinese firm. Later that year, Huawei unveiled its new HarmonyOS operating system, which works on a wide […]


Threats & Malware, Virus & Malware

Raspberry Robin Worm Evolves to Attack Financial and Insurance Sectors in Europe

January 3, 2023

Via: The Hacker News

Financial and insurance sectors in Europe have been targeted by the Raspberry Robin worm, as the malware continues to evolve its post-exploitation capabilities while remaining under the radar. “What is unique about the malware is that it is heavily obfuscated […]


Cyber-crime, Identity theft

Data Breach at Louisiana Healthcare Provider Impacts 270,000 Patients

December 29, 2022

Via: Security Week

A regional community healthcare system consisting of several facilities, LCMHS identified the cyberattack on October 25 and started informing the impacted patients of the incident on December 23. In a notification on its website, LCMHS says that ‘an unauthorized third […]


Cyber warfare, Cyber-crime

North Korean government hackers found using ransomware for the first time

December 28, 2022

Via: TechRadar

North Korean state-sponsored threat actors have been observed using ransomware against companies and organizations in neighboring South Korea for the first time, police have reported. According to the South China Morning Post, the South Korean National Police Agency said threat […]


Cyber-crime, Phishing

Reported phishing attacks have quintupled

December 28, 2022

Via: Help Net Security

The third quarter of 2022, APWG observed 1,270,883 total phishing attacks — is the worst quarter for phishing that APWG has ever observed. The total for August 2022 was 430,141 phishing sites, the highest monthly total ever reported to APWG. […]


Cyber-crime, Identity theft

Hackers Steal Power Utility Customer Data

December 27, 2022

Via: DataBreach Today

A Chicago construction and engineering firm that designs power grids is telling consumers it detected “unauthorized activity” that resulted in the theft of names and Social Security numbers. According to a report by CNN, a memo distributed to members of […]


Data loss, Threats & Malware

Facebook to Pay $725 Million to settle Lawsuit Over Cambridge Analytica Data Leak

December 27, 2022

Via: The Hacker News

Meta Platforms, the parent company of Facebook, Instagram, and WhatsApp, has agreed to pay $725 million to settle a long-running class-action lawsuit filed in 2018. The legal dispute sprang up in response to revelations that the social media giant allowed […]


Application security, Security

APIs are placing your enterprise at risk

December 21, 2022

Via: Help Net Security

At a surface level, APIs help businesses to connect applications and share data with one another. This creates an easier, more seamless experience for customers and users. If you have ever used your Google account to log into multiple sites […]


Cyber warfare, Cyber-crime

Russian Hackers Targeted Petroleum Refinery in NATO Country During Ukraine War

December 20, 2022

Via: The Hacker News

The Russia-linked Gamaredon group attempted to unsuccessfully break into a large petroleum refining company within a NATO member state earlier this year amid the ongoing Russo-Ukrainian war. The attack, which took place on August 30, 2022, is just one of […]


Threats & Malware, Vulnerabilities

Microsoft Details Gatekeeper Bypass Vulnerability in Apple macOS Systems

December 20, 2022

Via: The Hacker News

Microsoft has disclosed details of a now-patched security flaw in Apple macOS that could be exploited by an attacker to get around security protections imposed to prevent the execution of malicious applications. The shortcoming, dubbed Achilles (CVE-2022-42821, CVSS score: 5.5), […]


Email security, Security

Gmail launches a big security update, but you might not get it yet

December 19, 2022

Via: TechRadar

Google has become the latest company to roll out an encryption upgrade, revealing it Gmail email service is set to get full end-to-end encryption (E2EE) support, but not all users will be able to get it. In an update on […]


Threats & Malware, Virus & Malware

New Agenda Ransomware Variant, Written in Rust, Aiming at Critical Infrastructure

December 19, 2022

Via: The Hacker News

A Rust variant of a ransomware strain known as Agenda has been observed in the wild, making it the latest malware to adopt the cross-platform programming language after BlackCat, Hive, Luna, and RansomExx. Agenda, attributed to an operator named Qilin, […]


Privacy protection, Security

Give the gift of online security this Christmas with these quick changes

December 14, 2022

Via: TechRadar

It’s the most wonderful time of the year, but that sadly doesn’t mean that cyberthreats are any less prevalent. This Christmas, hackers and scammers will be looking to capitalise on the latest threats to find an angle that may let […]


Data loss, Threats & Malware, Vulnerabilities

Twitter Responds to Recent Data Leak Reports

December 13, 2022

Via: Security Week

The social media giant revealed in August that a vulnerability patched in January was exploited to obtain user data before a fix was rolled out. The admission came following reports that the flaw had been exploited to collect data on […]


Application security, Security

Veracode acquires Crashtest Security to improve web application security

December 13, 2022

Via: Help Net Security

Veracode has acquired Crashtest Security to enhance the existing DAST capabilities available as part of Veracode’s Continuous Software Security Platform and broaden customer access globally. Web applications are fast becoming the most exploited attack vector for cyber threat actors looking […]


Threats & Malware, Virus & Malware

Users Warned of New Aerst, ScareCrow, and Vohuk Ransomware Families

December 12, 2022

Via: Security Week

Targeting Windows computers, these are typical ransomware families that encrypt victim files and demand a ransom payment in exchange for a decryption key. This new ransomware has been used in an increasing number of attacks. Aerst was seen appending to […]


Threats & Malware, Vulnerabilities

Vulnerability with public PoC affects Cisco IP phones, fix unavailable (CVE-2022-20968)

December 12, 2022

Via: Help Net Security

A high-risk stack overflow vulnerability (CVE-2022-20968) may allow attackers to DoS or possibly even execute code remotely on Cisco 7800 and 8800 Series IP phones, the company has confirmed. Cisco‘s PSIRT is also aware that proof-of-concept exploit code is available […]


Access control, Security

Bitwarden introduces new passwordless authentication feature

December 7, 2022

Via: Help Net Security

Bitwarden has unveiled a new passwordless authentication feature that makes it easier and faster for users to access their Bitwarden vaults. This latest announcement reinforces the Bitwarden commitment to help customers protect sensitive information at every point of their passwordless […]