Several domain names tied to Genesis Market, a bustling cybercrime store that sold access to passwords and other data stolen from millions of computers infected with...
Day: April 4, 2023
North Korea Hacking Cryptocurrency Sites with 3CX Exploit
News: Researchers at Russian cybersecurity firm Kaspersky today revealed that they identified a small number of cryptocurrency-focused firms as at least some of the victims of...
That ticking noise is your end users’ laptops
Graham Cluley Security News is sponsored this week by the folks at Kolide. Thanks to the great team there for their support! Here’s an uncomfortable fact:...
Learn how to provide your company with maximum security for $79
on April 4, 2023, 5:44 AM EDT Learn how to provide your company with maximum security for $79 This bundle’s 26 courses cover ethical hacking, certification...
15 Million Systems Are Vulnerable to CISA KEV Flaws
Using the Shodan database, IT security researchers were able to track down 15 million vulnerable systems with vulnerabilities from the US cyber security authority CISA’s Known-Exploited-Vulnerabilities-Catalog...
My Cloud Goes Down While Data Storage Giant Announces Network Breach
Western Digital announced that they discovered a network breach had affected their systems, starting March 26th. Threat actors managed to obtain unauthorized access to several of...
New Rorschach ransomware is the fastest encryptor seen so far
Following a cyberattack on a U.S.-based company, malware researchers discovered what appears to be a new ransomware strain with “technically unique features,” which they named Rorschach. Among the capabilities...
IRS-authorized eFile.com tax return software caught serving JS malware
eFile.com, an IRS-authorized e-file software service provider used by many for filing their tax returns, has been caught serving JavaScript malware. Security researchers state the malicious...
CISA warns of Zimbra bug exploited in attacks against NATO countries
The Cybersecurity and Infrastructure Security Agency (CISA) warned federal agencies to patch a Zimbra Collaboration (ZCS) cross-site scripting flaw exploited by Russian hackers to steal emails...
US seizes $112 million from cryptocurrency investment scammers
Today, the U.S. Department of Justice seized six virtual currency accounts containing over $112 million in funds stolen in cryptocurrency investment schemes. Judges in the Central...
WinRAR SFX archives can run PowerShell without being detected
Hackers are adding malicious functionality to WinRAR self-extracting archives that contain harmless decoy files, allowing them to plant backdoors without triggering the security agent on the...
Designing Tabletop Exercises That Actually Thwart Attacks
It’s Monday morning, 8 a.m. You walk into the office and, on your computer screen, you witness something you’ve only ever experienced in your nightmares. “Boom!...
DoJ Recovers $112M in Crypto Stolen With Romance Scams
Half a dozen cryptocurrency accounts, allegedly used to launder romance scam proceeds, have been seized by the Department of Justice. The DoJ said in a statement...
3CX Breach Widens as Cyberattackers Drop Second-Stage Backdoor
The threat actor — believed to be the Lazarus Group — that recently compromised 3CX’s VoIP desktop application to distribute information-stealing software to the company’s customers has also...
For Cybercrime Gangs, Professionalization Comes With ‘Corporate’ Headaches
Today’s foremost cybercrime gangs operate like large enterprises, with more than $50 million dollars in annual revenue and around 80% of operating expenses going to wage...
Data Breach Strikes Western Digital
Business operations for Western Digital, a data storage hardware provider, have been disrupted due to a recent systems breach that the company said occurred on March...
US Space Force Requests $700M for Cybersecurity Blast Off
US Space Force top brass have requested a $700 million investment in cybersecurity as part of the military branch’s overall $30 billion 2024 budget. The Russian...
UK outsourcing services provider Capita suffered a cyber incident
UK outsourcing services provider Capita confirmed that the outage suffered on Friday was caused by a cyberattack. Capita, the UK outsourcing giant, confirmed that its staff...
Western Digital took its services offline due to a security breach
Western Digital disclosed a security breach, according to the company an unauthorized party gained access to multiple systems. Western Digital has shut down several of its...
Microsoft fixed Azure AD bug that led to Bing.com results manipulation and account takeover
Microsoft addressed a misconfiguration flaw in the Azure Active Directory (AAD) identity and access management service. Microsoft has addressed a misconfiguration issue impacting the Azure Active...
Moobot botnet spreads by targeting Cacti and RealTek flaws
The Moobot botnet is actively exploiting critical vulnerabilities in Cacti, and Realtek in attacks in the wild. FortiGuard Labs researchers observed an ongoing hacking campaign targeting...
Key takeaways from ESET’s new APT Activity Report – Week in security with Tony Anscombe
As our latest APT Activity Report makes abundantly clear, the threat of cyberespionage and stealthy attacks remains very real The threat of cyberespionage and stealthy cyberattacks...
Are online surveys legit and safe? Watch out for survey scams
“Can I tell a legitimate survey apart from a fake one?” is the single most important question you need to answer for yourself before taking any...
Less is more: Conquer your digital clutter before it conquers you
Lose what you don’t use and other easy ways to limit your digital footprint and strengthen your online privacy and security In case you missed it,...
ESET APT Activity Report T3 2022
An overview of the activities of selected APT groups investigated and analyzed by ESET Research in T3 2022 31 Jan 2023 – 11:30AM An overview of...
Are you in control of your personal data? – Week in security with Tony Anscombe
Data Privacy Week is a reminder to protect your data – all year round. Here are three privacy-boosting habits you can start today. Every action we...
SwiftSlicer: New destructive wiper malware strikes Ukraine
Sandworm continues to conduct attacks against carefully chosen targets in the war-torn country ESET researchers have uncovered a new wiper attack in Ukraine that they attribute to...
Why your data is more valuable than you may realize
The data trail you leave behind whenever you’re online is bigger – and more revealing – than you may think “The lampposts are listening to me;...
Mastodon vs. Twitter: Know the differences
Looking for an alternative to Twitter and thinking about joining the folks flocking to Mastodon? Here’s how the two platforms compare to each other. From restructuring...
5 valuable skills your children can learn by playing video games
Gaming can help your children build and sharpen a range of life skills that will stand them in good stead in the future Videogames are now...