FanDuels warns of data breach after customer info stolen in vendor hack
The FanDuel sportsbook and betting site is warning customers that their names and email addresses were exposed in a January 2023 MailChimp security...
cybersecurity
Google Ads invites being abused to push spam, adult sites
Google Ads invites are being abused to deliver email messages promoting spam and sex websites to users who are otherwise...
Massive ad-fraud op dismantled after hitting millions of iOS devices
A massive ad fraud operation dubbed 'Vastflux' that spoofed more than 1,700 applications from 120 publishers, mostly for iOS, has been...
GTA Online bug exploited to ban, corrupt players’ accounts
Grand Theft Auto (GTA) Online players report losing game progress, in-game money being stolen, and being banned from game servers...
Hackers now use Microsoft OneNote attachments to spread malware
Threat actors now use OneNote attachments in phishing emails that infect victims with remote access malware which can be used...
LAUSD says Vice Society ransomware gang stole contractors’ SSNs
Los Angeles Unified School District (LAUSD), the second-largest school district in the United States, says the Vice Society ransomware gang...
Critical ManageEngine RCE bug now exploited to open reverse shells
A critical remote code execution (RCE) vulnerability affecting multiple Zoho ManageEngine products is now being exploited in attacks. The first...
Over 19,000 end-of-life Cisco routers exposed to RCE attacks
Over 19,000 end-of-life Cisco VPN routers on the Internet are exposed to attacks targeting a remote command execution exploit chain....
New Boldmove Linux malware used to backdoor Fortinet devices
Suspected Chinese hackers exploited a recently disclosed FortiOS SSL-VPN vulnerability as a zero-day in December, targeting a European government and...
The Week in Ransomware – January 20th 2023 – Targeting Crypto Exchanges
There has been quite a bit of ransomware news this week, with crypto exchanges being seized for alleged money laundering...
Exploits released for two Samsung Galaxy App Store vulnerabilities
Two vulnerabilities in the Galaxy App Store, Samsung’s official repository for its devices, could enable attackers to install any app...
Roaming Mantis’ Android malware adds DNS changer to hack WiFi routers
Image: AI-generated through Midjourney The Roaming Mantis malware distribution campaign has updated its Android malware to include a DNS changer...
PayPal accounts breached in large-scale credential stuffing attack
PayPal is sending out data breach notifications to thousands of users who had their accounts accessed through credential stuffing attacks...
Ransomware profits drop 40% in 2022 as victims refuse to pay
Ransomware gangs extorted from victims about $456.8 million throughout 2022, a drop of roughly 40% from the record-breaking $765 million...
New ‘Blank Image’ attack hides phishing scripts in SVG files
An unusual phishing technique has been observed in the wild, hiding empty SVG files inside HTML attachments pretending to be...
Ransomware gang steals data from KFC, Taco Bell, and Pizza Hut brand owner
Yum! Brands, the fast food brand operator of KFC, Pizza Hut, Taco Bell, and The Habit Burger Grill fast-food restaurant...
T-Mobile hacked to steal data of 37 million accounts in API data breach
T-Mobile disclosed a new data breach after a threat actor stole the personal information of 37 million current postpaid and prepaid customer...
Exploit released for critical ManageEngine RCE bug, patch now
Proof-of-concept exploit code is now available for a remote code execution (RCE) vulnerability in multiple Zoho ManageEngine products. This pre-authentication...
New ‘Hook’ Android malware lets hackers remotely control your phone
A new Android malware named 'Hook' is being sold by cybercriminals, boasting it can remotely take over mobile devices in...
Product Security Incident Response: Key Strategies and Best Practices
Written By: Samuel Cure, CISO, AMI In today's digital landscape, it is essential to implement proactive measures to ensure the...
Ukraine links data-wiping attack on news agency to Russian hackers
The Computer Emergency Response Team of Ukraine (CERT-UA) has linked a destructive malware attack targeting the country's national news agency...
Illegal Solaris darknet market hijacked by competitor Kraken
Solaris, a large darknet marketplace focused on drugs and illegal substances, has been taken over by a smaller competitor named...
MailChimp discloses new breach after employees got hacked
Email marketing firm MailChimp suffered another breach after hackers accessed an internal customer support and account administration tool, allowing the...
Hackers push malware via Google search ads for VLC, 7-Zip, CCleaner
Hackers are setting up fake websites for popular free and open-source software to promote malicious downloads through advertisements in Google...
