Breached shutdown sparks migration to ARES data leak forums
A threat group called ARES is gaining notoriety on the cybercrime scene by selling and leaking databases stolen from corporations and...
News
US-CERT Vulnerability Summary for the Week of March 27, 2023
High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info grinnellplans -- grinnellplans A vulnerability...
Taiwanese PC Company MSI Falls Victim to Ransomware Attack
Taiwanese PC company MSI (short for Micro-Star International) officially confirmed it was the victim of a cyber attack on its...
Expert-Led Webinar: Learn Proven Strategies to Secure Your Identity Perimeter
The stakes are high when it comes to cybersecurity. No longer are we dealing with unskilled hackers trying to break...
Iran-Based Hackers Caught Carrying Out Destructive Attacks Under Ransomware Guise
The Iranian nation-state group known as MuddyWater has been observed carrying out destructive attacks on hybrid environments under the guise...
Researchers Discover Critical Remote Code Execution Flaw in vm2 Sandbox Library
The maintainers of the vm2 JavaScript sandbox module have shipped a patch to address a critical flaw that could be...
Apple Releases Updates to Address Zero-Day Flaws in iOS, iPadOS, macOS, and Safari
Apple on Friday released security updates for iOS, iPadOS, macOS, and Safari web browser to address a pair of zero-day...
CISA orders agencies to patch Backup Exec bugs used by ransomware gang
On Friday, U.S. Cybersecurity and Infrastructure Security Agency (CISA) increased by five its list of security issues that threat actors...
FBI warns of companies exploiting sextortion victims for profit
For-profit companies reportedly linked to sextortion activity are targeting victims using various deceptive tactics to pressure them into paying for...
Exploit available for critical bug in VM2 JavaScript sandbox library
Proof-of-concept exploit code has been released for a recently disclosed critical vulnerability in the popular VM2 library, a JavaScript sandbox that...
Massive Balada Injector campaign attacking WordPress sites since 2017
An estimated one million WordPress websites have been compromised during a long-lasting campaign that exploits "all known and recently discovered...
MSI confirms security breach following ransomware attack claims
Following reports of a ransomware attack, Taiwanese PC vendor MSI (short for Micro-Star International) confirmed today that its network was...
US-CERT Vulnerability Summary for the Week of March 27, 2023
High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info grinnellplans -- grinnellplans A vulnerability...
Researchers Uncover Thriving Phishing Kit Market on Telegram Channels
In yet another sign that Telegram is increasingly becoming a thriving hub for cybercrime, researchers have found that threat actors...
CISA Warns of Critical ICS Flaws in Hitachi, mySCADA, ICL, and Nexx Products
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published eight Industrial Control Systems (ICS) advisories warning of critical flaws...
Are Source Code Leaks the New Threat Software vendors Should Care About?
Less than a month ago, Twitter indirectly acknowledged that some of its source code had been leaked on the code-sharing...
FBI Cracks Down on Genesis Market: 119 Arrested in Cybercrime Operation
A joint international law enforcement operation has dismantled Genesis Market, an illegal online marketplace that specialized in the sale of...
Microsoft Takes Legal Action to Disrupt Cybercriminals’ Illegal Use of Cobalt Strike Tool
Microsoft said it teamed up with Fortra and Health Information Sharing and Analysis Center (Health-ISAC) to tackle the abuse of...
Telegram now the go-to place for selling phishing tools and services
Telegram has become the working ground for the creators of phishing bots and kits looking to market their products to...
UK criminal records office confirms cyber incident behind portal issues
The UK's Criminal Records Office (ACRO) has finally confirmed, after weeks of delaying issuing a statement, that online portal issues...
Money Message ransomware gang claims MSI breach, demands $4 million
Taiwanese PC parts maker MSI (Micro-Star International) has been listed on the extortion portal of a new ransomware gang known...
Microsoft and Fortra crack down on malicious Cobalt Strike servers
Microsoft, Fortra, and the Health Information Sharing and Analysis Center (Health-ISAC) have announced a broad legal crackdown against servers hosting...
Medusa ransomware claims attack on Open University of Cyprus
The Medusa ransomware gang has claimed a cyberattack on the Open University of Cyprus (OUC), which caused severe disruptions of...
Hackers use Rilide browser extension to bypass 2FA, steal crypto
Security researchers discovered a new malicious browser extension called Rilide, that targets Chromium-based products like Google Chrome, Brave, Opera, and...
