The Week In Ransomware December 22nd 2023 Blackcat Hacked
Earlier this month, the BlackCat/ALPHV ransomware operation suffered a five-day disruption to their Tor data leak and negotiation sites, rumored...
News
Ubisoft Says Its Investigating Reports Of A New Security Breach
Ubisoft is investigating whether it suffered a breach after images of the company's internal software and developer tools were leaked...
Operation RusticWeb: Rust-Based Malware Targets Indian Government Entities
Indian government entities and the defense sector have been targeted by a phishing campaign that's engineered to drop Rust-based malware...
Microsoft Edge Remote Code Execution Vulnerability
A vulnerability has been identified in Microsoft Edge. A remote attacker could exploit this vulnerability to trigger remote code execution...
SMS Scams Set to Peak on Saturday in UK
UK telco EE has warned customers they could be deluged with millions of scam SMS messages on December 23 as...
Justice Secretary in Deepfake General Election Warning
The UK’s secretary of state for justice has warned of a “clear and present danger” to British democracy from deepfakes...
Crypto Drainer Steals $59m Via Google and X Ads
Security researchers have discovered a new series of “crypto drainer” malware attacks that have stolen $59m from victims so far...
Rogue WordPress Plugin Exposes E-Commerce Sites to Credit Card Theft
Threat hunters have discovered a rogue WordPress plugin that's capable of creating bogus administrator users and injecting malicious JavaScript code...
Microsoft Warns of New ‘FalseFont’ Backdoor Targeting the Defense Sector
Organizations in the Defense Industrial Base (DIB) sector are in the crosshairs of an Iranian threat actor as part of...
Decoy Microsoft Word Documents Used to Deliver Nim-Based Malware
A new phishing campaign is leveraging decoy Microsoft Word documents as bait to deliver a backdoor written in the Nim...
Microsoft Edge Remote Code Execution Vulnerability
A vulnerability has been identified in Microsoft Edge. A remote attacker could exploit this vulnerability to trigger remote code execution...
Chameleon Android Banking Trojan Variant Bypasses Biometric Authentication
Cybersecurity researchers have discovered an updated version of an Android banking malware called Chameleon that has expanded its targeting to...
Cost of a Data Breach Report 2023: Insights, Mitigators and Best Practices
John Hanley of IBM Security shares 4 key findings from the highly acclaimed annual Cost of a Data Breach Report...
Experts Detail Multi-Million Dollar Licensing Model of Predator Spyware
A new analysis of the sophisticated commercial spyware called Predator has revealed that its ability to persist between reboots is...
UAC-0099 Using WinRAR Exploit to Target Ukrainian Firms with LONEPAGE Malware
The threat actor known as UAC-0099 has been linked to continued attacks aimed at Ukraine, some of which leverage a...
Hackers Exploiting MS Excel Vulnerability to Spread Agent Tesla Malware
Attackers are weaponizing an old Microsoft Office vulnerability as part of phishing campaigns to distribute a strain of malware called...
Bidencash Darkweb Market Gives 19 Million Credit Cards For Free
The BidenCash stolen credit card marketplace is giving away 1.9 million credit cards for free via its store to promote...
Android Malware Chameleon Disables Fingerprint Unlock To Steal Pins
The Chameleon Android banking trojan has re-emerged with a new version that uses a tricky technique to take over devices...
Openai Rolls Out Imperfect Fix For Chatgpt Data Leak Flaw
OpenAI has mitigated a data exfiltration bug in ChatGPT that could potentially leak conversation details to an external URL. According...
First American Takes It Systems Offline After Cyberattack
First American Financial Corporation, the second-largest title insurance company in the United States, took some of its systems offline today...
Microsoft Deprecates Defender Application Guard For Some Edge Users
Microsoft is deprecating Defender Application Guard (including the Windows Isolated App Launcher APIs) for Edge for Business users. Microsoft Defender...
Lapsus Hacker Behind Gta 6 Leak Gets Indefinite Hospital Sentence
Lapsus$ cybercrime and extortion group member, Arion Kurtaj has been sentenced indefinitely in a 'secure hospital' by a UK judge. Kurtaj...
Microsoft Hackers Target Defense Firms With New Falsefont Malware
Microsoft says the APT33 Iranian cyber-espionage group is using recently discovered FalseFont backdoor malware to attack defense contractors worldwide. "Microsoft has...
Crypto Drainer Steals 59 Million From 63k People In Twitter Ad Push
Google and Twitter ads are promoting sites containing a cryptocurrency drainer named 'MS Drainer' that has already stolen $59 million...
