Search Results For: emails
A Reddit user looking download and install the free image editor GIMP has discovered a devious malware campaign using contextual Google search ads to trick unsuspecting users into installing the RedLine stealer malware. The user who uncovered and reported this campaign almost fell prey to it himself, until Windows...
Read more...
Millions of users of the Instagram photo-centric social media platform have had their accounts suspended today. Rather than any policy change on the part of Meta-owned Instagram, the suspensions appear to be the result of technical difficulties. The massive wave of suspensions coincides with the Instagram app...
Read more...
Researchers at the cybersecurity company Guardio have uncovered a campaign that has stealthily injected malware into the chromium-based browsers of over one million victims. The campaign makes use of browser extensions distributed through the Google Chrome Web Store and the Microsoft Edge Add-ons store. However, the...
Read more...
Over the weekend, a group of Iranian hackers stole a trove of files from a nuclear technology agency. However, rather than comprising astate-backed hacking group, the hackers in question identify as anti-regime hacktivists who operate under the name Black Reward. The group claims to have stolen at least 50 GB of files...
Read more...
On September 24, the cyber threat intelligence company SOCRadar notified Microsoft that one of its Azure Blob Storage servers was misconfigured and leaking customer information. Now, almost a month later, both Microsoft and SOCRadar have released blog posts warning businesses that some of their transaction data and...
Read more...
The US Department of Education is currently preparing to forgive up to $20,000 per person in federal student loan debt. While there are multiple outstanding legal challenges to the executive order that authorizes this plan, those with student loans can already apply for debt relief on the official Federal Student Aid...
Read more...
On October 10, less than a month after Australia was hit by its largest ever data breach, the Australian online retail store MyDeal was struck by a data breach. According to Woolworths Group, which recently acquired the online retailer, an unknown actor used a set of compromised employee credentials to access MyDeals...
Read more...
Researchers at the cybersecurity company Zscaler have discovered a new version of the Ducktail Infostealer in a malware campaign seeking to steal Facebook Business account credentials. Cybersecurity researchers first identified the Ducktail Infostealer in 2021, attributing the bit of malware to a Vietnamese threat...
Read more...
This week, the Northern District of California court is considering whether to let a lawsuit filed against Google continue as a class action lawsuit. The suit in question is seeking statutory damages on behalf of millions of Google Chrome users, claiming that Google misled users of Chromes Incognito mode into a false...
Read more...
Toyota, the worlds largest car company, recently discovered that an access key for one of its data servers has been publicly available on GitHub for almost five years, exposing the data on this server to potential unauthorized third party access. The data server in question stores information related to subscribers of...
Read more...
Researchers at the cybersecurity firm Trellix have been keeping tabs on a sophisticated phishing campaign, known as BazarCall, since it first drew attention in 2020. This campaign evolved over time, pioneering a social engineering technique called "callback phishing" that is now employed by many different threat...
Read more...
Yesterday evening, iPhone users may have been surprised to see multiple push notifications from Apple News containing a racist slur and other obscene language. The notifications were triggered by Fast Companys Apple News account, prompting Apple News to disable the publications news channel. As it turns out, a hacker...
Read more...
2K, the publisher of numerous video game series, including Borderlands, Civilization, and Bioshock, has issued a notice to warn customers that an unknown actor recently gained unauthorized access to its help desk platform. The threat actor in question abused this access to distribute malware by way of the 2K Games...
Read more...
The Cyber Division of the US Federal Bureau of Investigation (FBI) has published a notice warning the healthcare industry of cyberattacks targeting healthcare payment processors. The attacks generally come in the form of phishing attacks that leverage employees publicly available Personally Identifiable Information...
Read more...
Cybersecurity researchers at Proofpoint have been keeping tabs on an Advanced Persistent Threat (APT) known as TA453 and recently found the threat actor employing a phishing technique that makes use of sock puppet email accounts. Sock puppets are alternate accounts or personas used in a deceptive manner by a single...
Read more...
Scammers and fraudsters have been targeting YouTube creators with sophisticated email campaigns. The emails pose as legitimate notices from Google which claim to be a copyright report and possible strike against the channel. These include a Google Drive link to the purported report, which actually contains a...
Read more...
The James Webb Space Telescope (JWST) came online this year after more than 20 years of design and development. It's a real watershed moment for astronomy, and unfortunately, yet another way for internet ne'er-do-wells to distribute malware. Security researchers have identified a new malware campaign that has...
Read more...
Successful hacking involves more than just gaining unauthorized access to a system. Once inside, malicious actors like to cover their tracks not only to prevent getting caught, but also to maximize how much data they can extract. To this end, the Iranian-backed hacker group known as Charming Kitten has been discovered...
Read more...
Plex, a company that provides media streaming solutions, sent out emails early this morning informing users of a data breach. According to the notice, Plex launched an investigation yesterday after discovering suspicious activity on one of its databases. The investigation revealed that a third-party actor...
Read more...
It is always a good idea to secure your online accounts with a strong password and two-factor authentication, but even that might not stop a new piece of malware discovered by security firm Volexity. According to the company's threat research group, North Korea has been slurping up sensitive emails using a...
Read more...
In May of last year, Colonial Pipeline was struck by a ransomware attack, prompting the Colonial Pipeline Company to take certain systems offline in an attempt to contain the attack. As a result, all pipeline operations were temporarily halted, shutting off the flow of fuel to the eastern seaboard. Shortly thereafter...
Read more...
Smartphones are inherently personal devices. We use them to help with and document so much of our lives. While data security is always a concern, the physical act of handing our phones over to be serviced can be particularly nerve-wracking. Sometimes the technician can perform the service in front of your watchful...
Read more...
