Android security update fixes Mali GPU flaw exploited by spyware
Google has released the monthly security update for the Android platform, adding fixes for 56 vulnerabilities, five of them with...
cybersecurity
Sextortionists are making AI nudes from your social media images
The Federal Bureau of Investigation (FBI) is warning of a rising trend of malicious actors creating deepfake content to perform...
Dissecting the Dark Web Supply Chain: Stealer Logs in Context
Stealer logs represent one of the primary threat vectors for modern companies. However, many security teams are still focused on...
New ‘PowerDrop’ PowerShell malware targets U.S. aerospace industry
A new PowerShell malware script named 'PowerDrop' has been discovered to be used in attacks targeting the U.S. aerospace defense...
Over 60,000 Android apps secretly installed adware for past six months
Over 60,000 Android apps disguised as legitimate applications have been quietly installing adware on mobile devices while remaining undetected for...
The Genesis Market Takedown – Keep Users Credentials Secure
For years, "dark" markets have contained stolen credentials for sale. One of the larger and more notorious markets was the...
Microsoft links Clop ransomware gang to MOVEit data-theft attacks
Microsoft has linked the Clop ransomware gang to recent attacks exploiting a zero-day vulnerability in the MOVEit Transfer platform to...
SpinOk Android malware found in more apps with 30 million installs
The SpinOk malware was found in a new batch of Android apps on Google Play, reportedly installed an additional 30...
KeePass v2.54 fixes bug that leaked cleartext master password
KeePass has released version 2.54, fixing the CVE-2023-32784 vulnerability that allows the extraction of the cleartext master password from the...
GIGABYTE releases new firmware to fix recently disclosed security flaws
Gigabyte B660M GAMING X DDR4 Source: GIGABYTE.com GIGABYTE has released firmware updates to fix security vulnerabilities in over 270 motherboards...
New tool scans iPhones for ‘Triangulation’ malware infection
Cybersecurity firm Kaspersky has released a tool to detect if Apple iPhones and other iOS devices are infected with a...
Clop ransomware claims responsibility for MOVEit extortion attacks
The Clop ransomware gang has told BleepingComputer they are behind the MOVEit Transfer data-theft attacks, where a zero-day vulnerability was...
CISA orders govt agencies to patch MOVEit bug used for data theft
CISA has added an actively exploited security bug in the Progress MOVEit Transfer managed file transfer (MFT) solution to its...
Atomic Wallet hacks lead to over $35 million in crypto stolen
The developers of Atomic Wallet are investigating reports of large-scale theft of cryptocurrency from users' wallets, with over $35 million...
Hackers hijack legitimate sites to host credit card stealer scripts
A new Magecart credit card stealing campaign hijacks legitimate sites to act as "makeshift" command and control (C2) servers to...
Zyxel shares tips on protecting firewalls from ongoing attacks
Zyxel has published a security advisory containing guidance on protecting firewall and VPN devices from ongoing attacks and detecting signs...
Online sellers targeted by new information-stealing malware campaign
Online sellers are targeted in a new campaign to push the Vidar information-stealing malware, allowing threat actors to steal credentials...
Windows 11 to require SMB signing to prevent NTLM relay attacks
Microsoft says SMB signing (aka security signatures) will be required by default for all connections to defend against NTLM relay...
Malicious Chrome extensions with 75M installs removed from Web Store
Google has removed from the Chrome Web Store 32 malicious extensions that could alter search results and push spam or...
Burton Snowboards discloses data breach after February attack
Leading snowboard maker Burton Snowboards confirmed notified customers of a data breach after some of their sensitive information was "potentially"...
NSA and FBI: Kimsuky hackers pose as journalists to steal intel
State-sponsored North Korean hacker group Kimsuky (a.ka. APT43) has been impersonating journalists and academics for spear-phishing campaigns to collect intelligence from think...
The Week in Ransomware – June 2nd 2023 – Whodunit?
It has been a fairly quiet week regarding ransomware, with only a few reports released and no new significant attacks....
New MOVEit Transfer zero-day mass-exploited in data theft attacks
Hackers are actively exploiting a zero-day vulnerability in the MOVEit Transfer file transfer software to steal data from organizations. MOVEit...
Russia says US hacked thousands of iPhones in iOS zero-click attacks
Russian cybersecurity firm Kaspersky says some iPhones on its network were hacked using an iOS vulnerability that installed malware via...
