All News

NSA shares zero-trust guidance to limit adversaries on the network

The National Security Agency is sharing new guidance to help organizations limit an adversary's movement on the internal network by adopting zero-trust framework principles.
- Ionut Ilascu
- March 05, 2024
- 06:29 PM
- 0
Apple fixes two new iOS zero-days exploited in attacks on iPhones

Apple released emergency security updates to fix two iOS zero-day vulnerabilities that were exploited in attacks on iPhones.
- Lawrence Abrams
- March 05, 2024
- 04:34 PM
- 0
New WogRAT malware abuses online notepad service to store malware

A new malware dubbed 'WogRAT' targets both Windows and Linux in attacks abusing an online notepad platform named 'aNotepad' as a covert channel for storing and retrieving malicious code.
- Bill Toulas
- March 05, 2024
- 03:25 PM
- 0
Microsoft is killing off the Android apps in Windows 11 feature

Microsoft has unexpectedly announced they are ending support for the Windows Subsystem for Android next year on March 5th.
- Lawrence Abrams
- March 05, 2024
- 02:23 PM
- 4
U.S. sanctions Predator spyware operators for spying on Americans

The U.S. has imposed sanctions on two individuals and five entities linked to the development and distribution of the Predator commercial spyware used to target Americans, including government officials and journalists.
- Bill Toulas
- March 05, 2024
- 01:09 PM
- 0
Hackers abuse QEMU to covertly tunnel network traffic in cyberattacks

Malicious actors were detected abusing the open-source hypervisor platform QEMU as a tunneling tool in a cyberattack against a large company.
- Bill Toulas
- March 05, 2024
- 11:47 AM
- 0
Facebook and Instagram outage logs out users, passwords not working

Facebook and Instagram users worldwide have been logged out of the sites and are having trouble logging in, receiving errors that their passwords are incorrect.
- Mayank Parmar
- March 05, 2024
- 11:18 AM
- 4
BlackCat ransomware shuts down in exit scam, blames the "feds"

The BlackCat ransomware gang is pulling an exit scam, trying to shut down and run off with affiliates' money by pretending the FBI seized their site and infrastructure.
- Ionut Ilascu
- March 05, 2024
- 10:49 AM
- 3
Passwords are Costing Your Organization Money - How to Minimize Those Costs

Getting rid of passwords completely isn't a realistic option for most orgs, but there are things you can do to make them more secure. Learn more from Specops Software on maximizing security while mitigating costs.
- Lawrence Abrams
- March 05, 2024
- 10:02 AM
- 0
Exploit available for new critical TeamCity auth bypass bug, patch now

A critical vulnerability (CVE-2024-27198) in the TeamCity On-Premises CI/CD solution from JetBrains can let a remote unauthenticated attacker take control of the server with administrative permissions.
- Ionut Ilascu
- March 04, 2024
- 05:42 PM
- 0
ScreenConnect flaws exploited to drop new ToddlerShark malware

The North Korean APT hacking group Kimsuky is exploiting ScreenConnect flaws, particularly CVE-2024-1708 and CVE-2024-1709, to infect targets with a new malware variant dubbed ToddlerShark.
- Bill Toulas
- March 04, 2024
- 05:14 PM
- 0
Hackers steal Windows NTLM authentication hashes in phishing attacks

The hacking group known as TA577 has recently shifted tactics by using phishing emails to steal NT LAN Manager (NTLM) authentication hashes to perform account hijacks.
- Bill Toulas
- March 04, 2024
- 04:15 PM
- 2
Apple blames Spotify for $1.95 billion fine over "abusive" App store rules

The European Commission has fined Apple €1.8 billion, or approximately $1.95 million, for allegedly abusing its market dominance in music streaming app distribution to prevent developers from promoting cheaper services outside the app.
- Lawrence Abrams
- March 04, 2024
- 12:58 PM
- 0
BlackCat ransomware turns off servers amid claim they stole $22 million ransom

The ALPHV/BlackCat ransomware gang has shut down its servers amid claims that they scammed the affiliate responsible for the attack on Optum, the operator of the Change Healthcare platform, of $22 million.
- Ionut Ilascu
- March 04, 2024
- 12:44 PM
- 1
Ukraine claims it hacked Russian Ministry of Defense servers

The Main Intelligence Directorate (GUR) of Ukraine's Ministry of Defense claims that it breached the servers of the Russian Ministry of Defense (Minoborony) and stole sensitive documents.
- Bill Toulas
- March 04, 2024
- 10:41 AM
- 1
North Korea hacks two South Korean chip firms to steal engineering data

The National Intelligence Service (NIS) in South Korea warns that North Korean hackers target domestic semiconductor manufacturers in cyber espionage attacks.
- Bill Toulas
- March 04, 2024
- 09:46 AM
- 0
American Express credit cards exposed in third-party data breach

American Express is warning customers that credit cards were exposed in a third-party data breach after a merchant processor was hacked.
- Lawrence Abrams
- March 04, 2024
- 08:38 AM
- 4
Stealthy GTPDOOR Linux malware targets mobile operator networks

Security researcher HaxRob discovered a previously unknown Linux backdoor named GTPDOOR, designed for covert operations within mobile carrier networks.
- Bill Toulas
- March 03, 2024
- 10:16 AM
- 2
Microsoft: Windows 11 “invites” coming to more Windows 10 Pro PCs

Starting next month, Microsoft nag screens pushing Windows 11 will also show up on non-managed enterprise devices running Windows 10 Pro and Pro Workstation.
- Sergiu Gatlan
- March 03, 2024
- 10:11 AM
- 2
Content farm impersonates 60+ major news outlets, like BBC, CNN, CNBC

BleepingComputer has discovered a content farm operating some 60+ domains named after popular media outlets, including the BBC, CNBC, CNN, Forbes, Huffington Post, The Guardian, and Washington Post, among others. These sites build SEO for their online gambling ventures and sell "press release" slots at hefty prices.
- Ax Sharma
- March 02, 2024
- 11:31 AM
- 5