UK criminal records office confirms cyber incident behind portal issues
The UK's Criminal Records Office (ACRO) has finally confirmed, after weeks of delaying issuing a statement, that online portal issues...
cybersecurity
Money Message ransomware gang claims MSI breach, demands $4 million
Taiwanese PC parts maker MSI (Micro-Star International) has been listed on the extortion portal of a new ransomware gang known...
Microsoft and Fortra crack down on malicious Cobalt Strike servers
Microsoft, Fortra, and the Health Information Sharing and Analysis Center (Health-ISAC) have announced a broad legal crackdown against servers hosting...
Hackers can open Nexx garage doors remotely, and there’s no fix
Multiple vulnerabilities discovered Nexx smart devices can be exploited to control garage doors, disable home alarms, or smart plugs. There are...
Biometric Authentication Isn’t Bulletproof —Here’s How to Secure It
Biometric authentication is often thought of as nearly impossible to steal or fake, a perfect addition to your cybersecurity arsenal....
Typhon info-stealing malware devs upgrade evasion capabilities
The developers of the Typhon info-stealer announced on a dark web forum that they have updated the malware to a...
New dark web market STYX focuses on financial fraud services
A new dark web marketplace called STYX launched earlier this year and appears to be on its way to becoming a...
Spain’s most dangerous and elusive hacker now in police custody
The police in Spain have arrested José Luis Huertas (aka "Alcaseca", "Mango", “chimichuri”), a 19-year-old regarded as the most dangerous...
FBI seizes stolen credentials market Genesis in Operation Cookie Monster
The domains for Genesis Market, one of the most popular marketplaces for stolen credentials of all types, were seized by...
HP to patch critical bug in LaserJet printers within 90 days
HP announced in a security bulletin this week that it would take up to 90 days to patch a critical-severity...
IRS-authorized eFile.com tax return software caught serving JS malware
eFile.com, an IRS-authorized e-file software service provider used by many for filing their tax returns, has been caught serving JavaScript...
ALPHV ransomware exploits Veritas Backup Exec bugs for initial access
An ALPHV/BlackCat ransomware affiliate was observed exploiting three vulnerabilities impacting the Veritas Backup product for initial access to the target network. The...
New Rorschach ransomware is the fastest encryptor seen so far
Following a cyberattack on a U.S.-based company, malware researchers discovered what appears to be a new ransomware strain with "technically unique features,"...
Western Digital discloses network breach, My Cloud service down
Western Digital announced today that its network has been breached and an unauthorized party gained access to multiple company systems....
Capita cyberattack disrupted access to its Microsoft Office 365 apps
British outsourcing services provider Capita announced today that a cyberattack on Friday prevented access to its internal Microsoft Office 365 applications. London-based...
Cryptocurrency companies backdoored in 3CX supply chain attack
Some of the victims affected by the 3CX supply chain attack have also had their systems backdoored with Gopuram malware,...
WinRAR SFX archives can run PowerShell without being detected
Hackers are adding malicious functionality to WinRAR self-extracting archives that contain harmless decoy files, allowing them to plant backdoors without...
US seizes $112 million from cryptocurrency investment scammers
Today, the U.S. Department of Justice seized six virtual currency accounts containing over $112 million in funds stolen in cryptocurrency...
CISA warns of Zimbra bug exploited in attacks against NATO countries
The Cybersecurity and Infrastructure Security Agency (CISA) warned federal agencies to patch a Zimbra Collaboration (ZCS) cross-site scripting flaw exploited...
New Money Message ransomware demands million dollar ransoms
A new ransomware gang named 'Money Message' has appeared, targeting victims worldwide and demanding million-dollar ransoms not to leak data...
DISH slapped with multiple lawsuits after ransomware cyber attack
Dish Network has been slapped with multiple class action lawsuits after it suffered a ransomware incident that was behind the company's multi-day...
Fake ransomware gang targets U.S. orgs with empty data leak threats
Fake extortionists are piggybacking on data breaches and ransomware incidents, threatening U.S. companies with publishing or selling allegedly stolen data...
Hackers exploit bug in Elementor Pro WordPress plugin with 11M installs
Hackers are actively exploiting a high-severity vulnerability in the popular Elementor Pro WordPress plugin used by over eleven million websites....
15 million public-facing services vulnerable to CISA KEV flaws
Over 15 million publicly facing services are susceptible to at least one of the 896 vulnerabilities listed in CISA's KEV...
