New Fleckpe Android malware installed 600K times on Google Play
A new Android subscription malware named 'Fleckpe' has been spotted on Google Play, the official Android app store, disguised as...
News
Cisco phone adapters vulnerable to RCE attacks, no fix available
Cisco has disclosed a vulnerability in the web-based management interface of Cisco SPA112 2-Port Phone Adapters, allowing an unauthenticated, remote...
US-CERT Vulnerability Summary for the Week of April 24, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Researchers Uncover New Exploit for PaperCut Vulnerability That Can Bypass Detection
Cybersecurity researchers have found a way to exploit a recently disclosed critical flaw in PaperCut servers in a manner that...
Researchers Discover 3 Vulnerabilities in Microsoft Azure API Management Service
Three new security flaws have been disclosed in Microsoft Azure API Management service that could be abused by malicious actors...
Why the Things You Don’t Know about the Dark Web May Be Your Biggest Cybersecurity Threat
IT and cybersecurity teams are so inundated with security notifications and alerts within their own systems, it's difficult to monitor...
Meta Takes Down Malware Campaign That Used ChatGPT as a Lure to Steal Accounts
Meta said it took steps to take down more than 1,000 malicious URLs from being shared across its services that...
Meta Uncovers Massive Social Media Cyber Espionage Operations Across South Asia
Three different threat actors leveraged hundreds of elaborate fictitious personas on Facebook and Instagram to target individuals located in South...
Brightline data breach impacts 783K pediatric mental health patients
Pediatric mental health provider Brightline is warning patients that it suffered a data breach impacting 783,606 people after a ransomware...
Google adds passkeys support for passwordless sign-in on all accounts
Google is rolling out support for passkeys for Google Accounts across all services and platforms, allowing users to sign into...
Researcher hijacks popular Packagist PHP packages to get a job
A researcher hijacked over a dozen Packagist packages—with some having been installed hundreds of millions of times over the course...
Russian hackers use WinRAR to wipe Ukraine state agency’s data
The Russian 'Sandworm' hacking group has been linked to an attack on Ukrainian state networks where WinRar was used to...
Facebook disrupts new NodeStealer information-stealing malware
Facebook discovered a new information-stealing malware distributed on Meta called 'NodeStealer,' allowing threat actors to steal browser cookies to hijack...
Police dismantles Try2Check credit card verifier used by dark web markets
The U.S. Department of Justice announced today the indictment of Russian citizen Denis Gennadievich Kulkov, suspected of running a stolen...
City of Dallas hit by Royal ransomware attack impacting IT services
The City of Dallas, Texas, has suffered a Royal ransomware attack, causing it to shut down some of its IT...
Hackers start using double DLL sideloading to evade detection
An APT hacking group known as "Dragon Breath," "Golden Eye Dog," or "APT-Q-27" is demonstrating a new trend of using...
US-CERT Vulnerability Summary for the Week of April 24, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Google Introduces Passwordless Secure Sign-In with Passkeys for Google Accounts
Almost five months after Google added support for passkeys to its Chrome browser, the tech giant has begun rolling out...
Apple and Google Join Forces to Stop Unauthorized Location-Tracking Devices
Apple and Google have teamed up to work on a draft industry-wide specification that's designed to tackle safety risks and...
Chinese Hacker Group Earth Longzhi Resurfaces with Advanced Malware Tactics
A Chinese state-sponsored hacking outfit has resurfaced with a new campaign targeting government, healthcare, technology, and manufacturing entities based in...
Apple and Google Join Forces to Stop Unauthorized Tracking Alert System
Apple and Google have teamed up to work on a draft industry-wide specification that's designed to tackle safety risks and...
Why Telecoms Struggle with SaaS Security
The telecom industry has always been a tantalizing target for cybercriminals. The combination of interconnected networks, customer data, and sensitive...
Download the eBook: What Does it Take to be a Full-Fledged Virtual CISO?
Almost half of MSP clients fell victim to a cyberattack within the last 12 months. In the SMB world, the...
Operation SpecTor: $53.4 Million Seized, 288 Vendors Arrested in Dark Web Drug Bust
An international law enforcement operation has resulted in the arrest of 288 vendors who are believed to be involved in...
