Source: www.bleepingcomputer.com – Author: Bill Toulas North Korean state-sponsored hackers are behind the VMConnect campaign that uploaded to the PyPI (Python Package Index) repository malicious packages,...
Author:
Free Key Group ransomware decryptor helps victims recover data – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Researchers took advantage of a weakness in the encryption scheme of Key Group ransomware and developed a decryption tool that...
GRU hackers attack Ukrainian military with new Android malware – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Image: Midjourney Hackers working for the Main Directorate of the General Staff of the Armed Forces of the Russian Federation,...
Classiscam fraud-as-a-service expands, now targets banks and 251 brands – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Image: Midjourney The “Classiscam” scam-as-a-service operation has broadened its reach worldwide, targeting many more brands, countries, and industries, causing more...
WordPress migration add-on flaw could lead to data breaches – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas All-in-One WP Migration, a popular data migration plugin for WordPress sites with 5 million active installations, suffers from unauthenticated access...
VMware Aria vulnerable to critical SSH authentication bypass flaw – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas VMware Aria Operations for Networks (formerly vRealize Network Insight) is vulnerable to a critical severity authentication bypass flaw that could...
Trojanized Signal and Telegram apps on Google Play delivered spyware – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Image: Midjourney Trojanized Signal and Telegram apps containing the BadBazaar spyware were uploaded onto Google Play and Samsung Galaxy Store...
DreamBus malware exploits RocketMQ flaw to infect servers – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Image: Midjourney A new version of the DreamBus botnet malware exploits a critical-severity remote code execution vulnerability in RocketMQ servers...
New Android MMRat malware uses Protobuf protocol to steal your data – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas A novel Android banking malware named MMRat utilizes a rarely used communication method, protobuf data serialization, to more efficiently steal data from...
University of Michigan shuts down network after cyberattack – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas The University of Michigan has taken all of its systems and services offline to deal with a cybersecurity incident, causing...
Genshin Impact dev will sue Kaveh Hacks users and developers – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Genshin Impact developer miHoYohas responded to an in-game hacking situation that has caused problems recently in its player community, warning...
Attacks on Citrix NetScaler systems linked to ransomware actor – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas A threat actor believed to be tied to the FIN8 hacking group exploits the CVE-2023-3519 remote code execution flaw to...
MalDoc in PDFs: Hiding malicious Word docs in PDF files – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Japan’s computer emergency response team (JPCERT) is sharing a new ‘MalDoc in PDF’ attack detected in July 2023 that bypasses...
Spain warns of LockBit Locker ransomware phishing attacks – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas The National Police of Spain is warning of an ongoing ‘LockBit Locker’ ransomware campaign targeting architecture companies in the country...
Mom’s Meals discloses data breach impacting 1.2 million people – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas PurFoods, which conducts business in the U.S. as ‘Mom’s Meals,’ is warning of a data breach after the personal information...
ICO calls on social media firms to protect user’s data from scraping – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas UK’s Information Commissioner’s Office (ICO), together with eleven data protection and privacy authorities from around the world, have published a...
Data breach at French govt agency exposes info of 10 million people – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Pôle emploi, France’s governmental unemployment registration and financial aid agency, is informing of a data breach that exposed data belonging...
ICO calls social media firms to protect people’s data from scraping – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas UK’s Information Commissioner’s Office (ICO), together with eleven data protection and privacy authorities from around the world, have published a...
Microsoft: Stealthy Flax Typhoon hackers use LOLBins to evade detection – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Microsoft has identified a new hacking group it now tracks as Flax Typhoon that argets government agencies and education, critical manufacturing,...
Kroll data breach exposes info of FTX, BlockFi, Genesis creditors – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Multiple reports on social media warn of a data breach at financial and risk advisory company Kroll that resulted in...
Ransomware hackers dwell time drops to 5 days, RDP still widely used – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Ransomware threat actors are spending less time on compromised networks before security solutions sound the alarm. In the first half of...
Jupiter X Core WordPress plugin could let hackers hijack sites – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Two vulnerabilities affecting some version of Jupiter X Core, a premium plugin for setting up WordPress and WooCommerce websites, allow...
New Whiffy Recon malware uses WiFi to triangulate your location – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Cybercriminals behind the Smoke Loader botnet are using a new piece of malware called Whiffy Recon to triangulate the location...
Hackers use public ManageEngine exploit to breach internet org – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas The North Korean state-backed hacker group tracked as Lazarus has been exploiting a critical vulnerability (CVE-2022-47966) in Zoho’s ManageEngine ServiceDesk...
Over 3,000 Openfire servers vulnerable to takover attacks – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Thousands of Openfire servers remain vulnerable to CVE-2023-32315, an actively exploited and path traversal vulnerability that allows an unauthenticated user...
Bitwarden releases free and open-source E2EE Secrets Manager – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Bitwarden, the maker of the popular open-source password manager tool, has released ‘Secrets Manager,’ an end-to-end encrypted secrets manager for...
Hosting firm says it lost all customer data after ransomware attack – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Danish hosting firms CloudNordic and AzeroCloud have suffered ransomware attacks, causing the loss of the majority of customer data and...
Akira ransomware targets Cisco VPNs to breach organizations – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas There’s mounting evidence that Akira ransomware targets Cisco VPN (virtual private network) products as an attack vector to breach corporate...
Carderbee hacking group hits Hong Kong orgs in supply chain attack – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Image: Midjourney A previously unidentified APT hacking group named ‘Carderbee’ was observed attacking organizations in Hong Kong and other regions...
TP-Link smart bulbs can let hackers steal your WiFi password – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Researchers from Italy and the UK have discovered four vulnerabilities in the TP-Link Tapo L530E smart bulb and TP-Link’s Tapo...