Bill Toulas
Author Bio
Bill Toulas is a tech writer and infosec news reporter with over a decade of experience working on various online publications, covering open-source, Linux, malware, data breach incidents, and hacks.
-
Malicious AI models on Hugging Face backdoor users’ machines
At least 100 instances of malicious AI ML models were found on the Hugging Face platform, some of which can execute code on the victim's machine, giving attackers a persistent backdoor.
- February 28, 2024
- 05:12 PM
-
1
-
Rhysida ransomware wants $3.6 million for children’s stolen data
The Rhysida ransomware gang has claimed the cyberattack on Lurie Children's Hospital in Chicago at the start of the month.
- February 28, 2024
- 03:37 PM
-
0
-
Lazarus hackers exploited Windows zero-day to gain Kernel privileges
North Korean threat actors known as the Lazarus Group exploited a flaw in the Windows AppLocker driver (appid.sys) as a zero-day to gain kernel-level access and turn off security tools, allowing them to bypass noisy BYOVD (Bring Your Own Vulnerable Driver) techniques.
- February 28, 2024
- 12:24 PM
-
1
-
Japan warns of malicious PyPi packages created by North Korean hackers
Japan's Computer Security Incident Response Team (JPCERT/CC) is warning that the notorious North Korean hacking group Lazarus has uploaded four malicious PyPI packages to infect developers with malware.
- February 28, 2024
- 10:04 AM
-
0
-
Savvy Seahorse gang uses DNS CNAME records to power investor scams
A threat actor named Savvy Seahorse is abusing CNAME DNS records Domain Name System to create a traffic distribution system that powers financial scam campaigns.
- February 28, 2024
- 09:00 AM
-
0
-
LabHost cybercrime service lets anyone phish Canadian bank users
The Phishing as a Service (PhaaS) platform 'LabHost' has been helping cybercriminals target North American banks, particularly financial institutes in Canada, causing a notable increase in activity.
- February 27, 2024
- 02:19 PM
-
0
-
Hessen Consumer Center says systems encrypted by ransomware
The Hessen Consumer Center in Germany has been hit with a ransomware attack, causing IT systems to shut down and temporarily disrupting its availability.
- February 27, 2024
- 11:27 AM
-
0
-
Malicious code in Tornado Cash governance proposal puts user funds at risk
Malicious JavaScript code hidden in a Tornado Cash governance proposal has been leaking deposit notes and data to a private server for almost two months.
- February 27, 2024
- 09:20 AM
-
0
-
New IDAT loader version uses steganography to push Remcos RAT
A hacking group tracked as 'UAC-0184' was observed utilizing steganographic image files to deliver the Remcos remote access trojan (RAT) onto the systems of a Ukrainian entity operating in Finland.
- February 26, 2024
- 05:57 PM
-
0
-
Hackers exploit 14-year-old CMS editor on govt, edu sites for SEO poisoning
Threat actors are exploiting a CMS editor discontinued 14 years ago to compromise education and government entities worldwide to poison search results with malicious sites or scams.
- February 26, 2024
- 02:59 PM
-
0
-
Steel giant ThyssenKrupp confirms cyberattack on automotive division
Steel giant ThyssenKrupp confirms that hackers breached systems in its Automotive division last week, forcing them to shut down IT systems as part of its response and containment effort.
- February 26, 2024
- 12:03 PM
-
0
-
Hijacked subdomains of major brands used in massive spam campaign
A massive ad fraud campaign named "SubdoMailing" is using over 8,000 legitimate internet domains and 13,000 subdomains to send up to five million emails per day to generate revenue through scams and malvertising.
- February 26, 2024
- 09:00 AM
-
0
-
PayPal files patent for new method to detect stolen cookies
PayPal has filed a patent application for a novel method that can identify when "super-cookie" is stolen, which could improve the cookie-based authentication mechanism and limit account takeover attacks.
- February 25, 2024
- 11:02 AM
-
3
-
Apple adds PQ3 quantum-resistant encryption to iMessage
Apple is adding to the iMessage instant messaging service a new post-quantum cryptographic protocol named PQ3, designed to defend encryption from quantum attacks.
- February 24, 2024
- 11:04 AM
-
5
-
Google Pay app shutting down in US, users have till June to move funds
Google is retiring the standalone Pay app in the United States. Users have until June 4 to transfer the balance to bank accounts.
- February 23, 2024
- 01:46 PM
-
7
