Growing Concern Over Role of Hacktivism in Israel-Hamas Conflict
Hacktivists have claimed to hit Israeli websites through DDoS and defacement attacks following the outbreak of conflict between Israel and...
cybersecurity
Ubuntu discovers ‘hate speech’ in release 23.10 — how to upgrade?
Ubuntu, the most popular Linux distribution, has pulled its Desktop release 23.10 after its Ukrainian translations were discovered to contain...
AI algorithm detects MitM attacks on unmanned military vehicles
Professors at the University of South Australia and Charles Sturt University have developed an algorithm to detect and intercept man-in-the-middle...
DarkGate malware spreads through compromised Skype accounts
Between July and September, DarkGate malware attacks have used compromised Skype accounts to infect targets through messages containing VBA loader...
The Week in Ransomware – October 13th 2023 – Increasing Attacks
Ransomware gangs continue to pummel the enterprise, with attacks causing disruption in business operations and resulting in data breaches if...
23andMe hit with lawsuits after hacker leaks stolen genetics data
Genetic testing provider 23andMe faces multiple class action lawsuits in the U.S. following a large-scale data breach that is believed...
Microsoft plans to kill off NTLM authentication in Windows 11
Microsoft announced earlier this week that the NTLM authentication protocol will be killed off in Windows 11 in the future. NTLM (short for...
CISA shares vulnerabilities, misconfigs used by ransomware gangs
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has unveiled additional details regarding misconfigurations and security vulnerabilities exploited by ransomware...
Hackers use Binance Smart Chain contracts to store malicious scripts
Cybercriminals are employing a novel code distribution technique dubbed 'EtherHiding,' which abuses Binance's Smart Chain (BSC) contracts to hide malicious...
New Phishing Campaign Uses LinkedIn Smart Links in Blanket Attack
Email security provider Cofense has discovered a new phishing campaign comprising over 800 emails and using LinkedIn Smart Links.The campaign...
UK Regulator Fines Equifax £11m for 2017 Data Breach
The UK’s financial regulator has fined Equifax Ltd. over £11m ($13.4m) for failing to protect UK consumer data stolen in...
ToddyCat hackers use ‘disposable’ malware to target Asian telecoms
A newly discovered campaign dubbed "Stayin' Alive" has been targeting government organizations and telecommunication service providers across Asia since 2021,...
Shadow PC warns of data breach as hacker tries to sell gamers’ info
Shadow PC, a provider of high-end cloud computing services, is warning customers of a data breach that exposed customers' private...
Hyped up curl vulnerability falls short of expectations
curl 8.4.0 has been released to patch and release details on a hyped up high-severity security vulnerability (CVE-2023-38545), easing week-long...
Malicious Solana, Kucoin packages infect NuGet devs with SeroXen RAT
Malicious NuGet packages appearing to have over 2 million downloads impersonate crypto wallets, crypto exchange, and Discord libraries to infect developers...
New Microsoft bug bounty program focuses on AI-powered Bing
Microsoft announced a new AI bounty program focused on the AI-driven Bing experience, with rewards reaching $15,000. With the AI-powered...
Apple fixes iOS Kernel zero-day vulnerability on older iPhones
Apple has published security updates for older iPhones and iPads to backport patches released one week ago, addressing two zero-day vulnerabilities...
FBI shares AvosLocker ransomware technical details, defense tips
The U.S. government has updated the list of tools AvosLocker ransomware affiliates use in attacks to include open-source utilities along...
Ransomware attacks now target unpatched WS_FTP servers
Internet-exposed WS_FTP servers unpatched against a maximum severity vulnerability are now targeted in ransomware attacks. As recently observed by Sophos...
Simpson Manufacturing shuts down IT systems after cyberattack
Simpson Manufacturing disclosed via a SEC 8-K filing a cybersecurity incident that has caused disruptions in its operations, which are...
LinkedIn Smart Links attacks return to target Microsoft accounts
Hackers are once again abusing LinkedIn Smart Links in phishing attacks to bypass protection measures and evade detection in attempts...
Generative AI Security: Preventing Microsoft Copilot Data Exposure
This article is written by Rob Sobers, Varonis. Microsoft Copilot has been called one of the most powerful productivity tools...
New WordPress backdoor creates rogue admin to hijack websites
A new malware has been posing as a legitimate caching plugin to target WordPress sites, allowing threat actors to create...
Microsoft Defender now auto-isolates compromised accounts
Microsoft Defender for Endpoint now uses automatic attack disruption to isolate compromised user accounts and block lateral movement in hands-on-keyboard...
