Edward Snowden has gained Russian citizenship nine years after fleeing the United States and landing in Russia. On Monday, Russian president Vladimir Putin signed a decree granting citizenship to 75 foreigners residing in the country, with Snowden among them.
Snowden, a former NSA contractor, publicly exposed the...
Read more...
Threat analysis teams from two different cybersecurity firms, Cyderes and Stairwell, have published a joint report detailing a new ransomware technique that may be the next big evolution in ransomware. Rather than encrypting data on victims’ computers, ransomware may soon corrupt the data instead, rendering it...
Read more...
Researchers at the cybersecurity firm ReasonLabs have discovered a credit card scam campaign estimated to have extracted tens of millions of dollars from tens of thousands of credit card holders. This scheme utilizes fake dating websites, a dedicated payment processor, and customer support services all created and...
Read more...
According to a threat analysis by Palo Alto Networks' Unit 42, a deceptive phishing technique called domain shadowing is on the rise. It may even be more prevalent than previously assumed by information security experts. Between April 25 and June 27 of 2022, the company found that 12,197 domains were shadowed to...
Read more...
Among the many features and devices announced at the Google I/O event in May of this year was a new feature for the Google app giving users the option to request that their personal information be removed from Google search results. The company told users at the time of the announcement that the feature would be made...
Read more...
2K, the publisher of numerous video game series, including Borderlands, Civilization, and Bioshock, has issued a notice to warn customers that an unknown actor recently gained unauthorized access to its help desk platform. The threat actor in question abused this access to distribute malware by way of the 2K Games...
Read more...
Last week, a massive security breach rocked Uber, with a teenage hacker claiming credit for the incident. Then, over the weekend, someone claiming to be this same hacker leaked Grand Theft Auto (GTA) 6 gameplay footage on the GTA forums. The developer of the GTA series, Rockstar Games, later confirmed the authenticity...
Read more...
Researchers at Aqua Security have discovered cyberattacks that appear to have been conducted by TeamTNT, a threat actor previously thought to be defunct. The researchers encountered three different attacks, each of which looks to be new. One of these attacks, which the researchers have dubbed the “Kangaroo attack,” is...
Read more...
The popular rideshare company Uber announced last evening that it was responding to a cybersecurity incident but didn’t provide any further details other than to say that the company was in contact with law enforcement. However, it didn’t take long for information regarding the incident to leak. An unknown threat...
Read more...
YouTube is being used to distribute a novel bundle of malware but probably not in the way you'd expect. The videos promote cracks and cheats for several popular games, but links in the video description expose viewers to malware downloads. The malware itself propagates these videos by taking over user accounts to...
Read more...
The Cyber Division of the US Federal Bureau of Investigation (FBI) has published a notice warning the healthcare industry of cyberattacks targeting healthcare payment processors. The attacks generally come in the form of phishing attacks that leverage employees’ publicly available Personally Identifiable Information...
Read more...
Cybersecurity researchers at Proofpoint have been keeping tabs on an Advanced Persistent Threat (APT) known as TA453 and recently found the threat actor employing a phishing technique that makes use of sock puppet email accounts. Sock puppets are alternate accounts or personas used in a deceptive manner by a single...
Read more...
The cybersecurity firm Group-IB published research today detailing how various threat actors are stealing Steam login credentials using browser windows. Specialists from the computer emegency response team at Group-IB (CERT-GIB) discovered over 150 phishing resources mimicking Steam in just the month of July. Steam...
Read more...
Research conducted by a team at the firmware security firm Binarly reveals that six vulnerabilities remain unpatched in various enterprise-grade HP laptops and desktops despite HP having developed patches for these vulnerabilities. Binarly discovered three of these vulnerabilities last year and notified HP of their...
Read more...
No matter how you pronounce it, GIFs are fun and entertaining for most people, and a mild annoyance for the rest. Unfortunately for users of Microsoft Teams, they are also a danger to their systems. A new malware known as GIFShell has surfaced, and the attack vector is Microsoft Teams.
Found by Security researcher...
Read more...
After introducing video end-to-end encryption (E2EE) for a subset of its wired doorbell and camera devices over a year ago, Ring has announced that it is now extending this capability to its wireless devices. While the company doesn’t specify in its announcement which of its battery-powered devices will support E2EE...
Read more...
Scammers and fraudsters have been targeting YouTube creators with sophisticated email campaigns. The emails pose as legitimate notices from Google which claim to be a copyright report and possible strike against the channel. These include a Google Drive link to the purported report, which actually contains a malware...
Read more...
The outdoor recreational apparel brand The North Face has reportedly been hit by a major credential stuffing attack. In a credential stuffing attack, threat actors take user login credentials exposed in unrelated data breaches and enter them into a targeted website or service. This form of cyberattack takes advantage...
Read more...
Cybersecurity researchers from Palo Alto Networks’ Unit 42 have discovered a campaign exploiting multiple vulnerabilities in D-Link routers to spread botnet malware. A botnet is a network of compromised consumer or enterprise devices controlled by a threat actor to carry out malicious tasks, such as mining...
Read more...
The international phenoms that are Minecraft and Roblox are practically ubiquitous in gaming today. The two games are available on multiple platforms including consoles, PC, and even mobile devices. Unfortunately, their significant popularity, especially amongst younger generations, makes them an excellent target for...
Read more...
Last week, Microsoft revealed a vulnerability in the TikTok Android app that threat actors potentially could have exploited to hijack TikTok user accounts with a single click. Fortunately, TikTok patched the vulnerability earlier this year before its disclosure. However, shortly after Microsoft publicly disclosed the...
Read more...
Ransomware attacks have been targeting school districts, hospitals, government organizations, businesses, and even hospitals in recent years. It's a rather nasty piece of work; it can cause loss of data, stolen data, more viruses, and even inaccessibility to systems necessary for operations. An entire town in Canada...
Read more...
