Taiwanese PC parts maker MSI (Micro-Star International) has been listed on the extortion portal of a new ransomware gang known as “Money Message,” which claims to...
Author:
Telegram now the go-to place for selling phishing tools and services
Telegram has become the working ground for the creators of phishing bots and kits looking to market their products to a larger audience or to recruit...
New dark web market STYX focuses on financial fraud services
A new dark web marketplace called STYX launched earlier this year and appears to be on its way to becoming a thriving hub for buying and selling...
Typhon info-stealing malware devs upgrade evasion capabilities
The developers of the Typhon info-stealer announced on a dark web forum that they have updated the malware to a major version they advertise as ‘Typhon...
Hackers can open Nexx garage doors remotely, and there’s no fix
Multiple vulnerabilities discovered Nexx smart devices can be exploited to control garage doors, disable home alarms, or smart plugs. There are five security issues disclosed publicly, with...
Spain’s most dangerous and elusive hacker now in police custody
The police in Spain have arrested José Luis Huertas (aka “Alcaseca”, “Mango”, “chimichuri”), a 19-year-old regarded as the most dangerous hackers in the country. Huertas is...
HP to patch critical bug in LaserJet printers within 90 days
HP announced in a security bulletin this week that it would take up to 90 days to patch a critical-severity vulnerability that impacts the firmware of...
ALPHV ransomware exploits Veritas Backup Exec bugs for initial access
An ALPHV/BlackCat ransomware affiliate was observed exploiting three vulnerabilities impacting the Veritas Backup product for initial access to the target network. The ALPHV ransomware operation emerged in December...
New Rorschach ransomware is the fastest encryptor seen so far
Following a cyberattack on a U.S.-based company, malware researchers discovered what appears to be a new ransomware strain with “technically unique features,” which they named Rorschach. Among the capabilities...
WinRAR SFX archives can run PowerShell without being detected
Hackers are adding malicious functionality to WinRAR self-extracting archives that contain harmless decoy files, allowing them to plant backdoors without triggering the security agent on the...
Capita cyberattack disrupted access to its Microsoft Office 365 apps
British outsourcing services provider Capita announced today that a cyberattack on Friday prevented access to its internal Microsoft Office 365 applications. London-based Capita employs 50,000 specialists and offers...
Western Digital discloses network breach, My Cloud service down
Western Digital announced today that its network has been breached and an unauthorized party gained access to multiple company systems. The California-based computer drive maker and...
New Money Message ransomware demands million dollar ransoms
A new ransomware gang named ‘Money Message’ has appeared, targeting victims worldwide and demanding million-dollar ransoms not to leak data and release a decryptor. The new...
15 million public-facing services vulnerable to CISA KEV flaws
Over 15 million publicly facing services are susceptible to at least one of the 896 vulnerabilities listed in CISA’s KEV (known exploitable vulnerabilities) catalog. This massive...
Hackers exploit bug in Elementor Pro WordPress plugin with 11M installs
Hackers are actively exploiting a high-severity vulnerability in the popular Elementor Pro WordPress plugin used by over eleven million websites. Elementor Pro is a WordPress page...
Consumer lender TMX discloses data breach impacting 4.8 million people
TMX Finance and its subsidiaries TitleMax, TitleBucks, and InstaLoan have collectively disclosed a data breach that exposed the personal data of 4,822,580 customers. TitleMax is a...
Winter Vivern hackers exploit Zimbra flaw to steal NATO emails
A Russian hacking group tracked as TA473, aka ‘Winter Vivern,’ has been actively exploiting vulnerabilities in unpatched Zimbra endpoints since February 2023 to steal the emails...