Search Results For: attackers

It seems like every other day there's a news story telling you to be afraid of this or that commonplace thing, right? Well relax, because this isn't one of those stories, exactly. No one's infecting your computer when you view a PNG image. However, executable code hidden in PNG images is a key part of this story. ESET are the ones who located Read more...
The Cyber Division of the US Federal Bureau of Investigation (FBI) has published a notice warning the healthcare industry of cyberattacks targeting healthcare payment processors. The attacks generally come in the form of phishing attacks that leverage employees publicly available Personally Identifiable Information... Read more...
The outdoor recreational apparel brand The North Face has reportedly been hit by a major credential stuffing attack. In a credential stuffing attack, threat actors take user login credentials exposed in unrelated data breaches and enter them into a targeted website or service. This form of cyberattack takes advantage... Read more...
Cybersecurity researchers from Palo Alto Networks Unit 42 have discovered a campaign exploiting multiple vulnerabilities in D-Link routers to spread botnet malware. A botnet is a network of compromised consumer or enterprise devices controlled by a threat actor to carry out malicious tasks, such as mining... Read more...
Successful hacking involves more than just gaining unauthorized access to a system. Once inside, malicious actors like to cover their tracks not only to prevent getting caught, but also to maximize how much data they can extract. To this end, the Iranian-backed hacker group known as Charming Kitten has been discovered... Read more...
Over the weekend, a ransomware attack hit a French hospital, forcing the facility to turn away patients. The staff of the affected hospital, the Centre Hospitalier Sud Francilien (CHSF), has had to return to using pen and paper to keep track of patients, as the main computer systems have been rendered inaccessible... Read more...
Google has released a Chrome browser update which addresses a zero-day flaw that is currently under active attack. This is the fifth time this year that Google has put Chrome users in a situation where they should act swiftly to apply a patch to a critical security flaw. If you are a Chrome user, please check that you... Read more...
Threat intelligence firm Recorded Future has published a report concerning a long-term credential theft campaign targeting humanitarian, think tank, and government organizations. A hacking group known as RedAlpha is carrying out this ongoing campaign, and is known to have been active as far back as 2015. However, it... Read more...
Cloudflare says that it was hit by the same smishing (sms phishing) attack that recently resulted in a user data breach at Twilio. However, unlike Twilio, Cloudflare managed to prevent the attack from escalating to a data breach thanks to its strong security measures. While the attackers managed to steal login... Read more...
If weve learned anything from reporting on phishing attacks, its that no company, organization, or institution is immune from becoming the victim of one. Even the US Department of Defense recently fell victim to a $23.5 million phishing scam. If anything, larger organizations simply make for larger and more attractive... Read more...
We put a lot of faith in the prospect that our information is secure. Unfortunately, this is often just not the case. It is not hard for hackers and security ne'er-do-wells to get access to peoples' accounts when they use weak passwords incorporating little more than birthdates and pet names. This is especially true... Read more...
It is always a good idea to secure your online accounts with a strong password and two-factor authentication, but even that might not stop a new piece of malware discovered by security firm Volexity. According to the company's threat research group, North Korea has been slurping up sensitive emails using a clever (but... Read more...
In May of last year, Colonial Pipeline was struck by a ransomware attack, prompting the Colonial Pipeline Company to take certain systems offline in an attempt to contain the attack. As a result, all pipeline operations were temporarily halted, shutting off the flow of fuel to the eastern seaboard. Shortly thereafter... Read more...
Ransomware can be both disruptive and costly for its victims. A recent report found that the total downtime resulting from ransomware attacks in 2021 cost schools a whopping $3.56 billion. The sudden encryption of data on computer systems critical to an organizations regular operations presents a major problem when... Read more...
WordPress is one of the most popular and thus commonly used content management systems (CMS) on the web. However, it has a particular problem with add-on, extension, and plug-in authors abandoning their projects, and subsequently leaving gaping holes in site security. A case in point has been highlighted by the... Read more...
Phishing attacks employ various methods to trick users into handing over sensitive information, such as login credentials. Over time, as users have become more suspicious and email clients, web browsers, and IT departments have implemented anti-phishing measures, scammers have had to get creative and devise more... Read more...
Earlier this year, we wrote about a vulnerability in Hondas remote keyless entry (RKE) system that hackers could exploit to lock, unlock, and start certain Honda and Acura vehicles. This particular vulnerability was the result of Honda using fixed codes in its RKE system. Many Honda and Acura key fobs send the same... Read more...
Malicious software, commonly known as malware, is one of many threats to both cybersecurity and privacy. Cybercriminals can distribute malware to achieve a number of different goals, including siphoning funds from cryptocurrency wallets, stealing login credentials, or establishing botnets. However, cybercriminals... Read more...
Ransomware is bad news not only because it can cause business-ending disruptions, as in the case of Abraham Lincoln College, but also because the actors behind ransomware attacks often exfiltrate data from compromised systems in addition to encrypting the data on said machines. Ransomware gangs tend to use this stolen... Read more...
Its a new week, and theres another proof of concept for a phishing technique. Last week, we covered a phishing technique for hijacking WhatsApp accounts, and the week before that we reported on a phishing campaign targeting Intuit QuickBooks users. This new proof of concept leverages an established phishing technique... Read more...
WhatsApp, the messaging app owned by Meta that employs the end-to-end encryption Signal Protocol, is massively popular worldwide. The app boasts more than 2 billion users, which is over a fourth of the world's population. Unsurprisingly, given the apps popularity, scammers and hackers often target WhatsApp and its... Read more...
Research from earlier this year showed that hackers can remotely unlock and start Honda and Acura vehicles by exploiting a vulnerability in the remote keyless system. However, cybercriminals targeting the automotive industry dont have to steal your car when they can steal something potentially more valuable: your... Read more...
1 2 3 4 5 Next