Search Results For: attackers
Earlier this month, Microsoft discovered a vulnerability pattern in Android applications that could enable overwriting files and allow remote code execution. This issue that could be leveraged by attackers has also been seen in the wild with several applications, but organizations have seemingly been quick to...
Read more...
End-of-life hardware can be quite the problem at times, evencrashing back into Earths atmosphere at supersonic speeds for that matter. Of course, we wouldnt expect such travesties happening with the hardware you keep in your basement, or that NAS you tucked away your closet. However, older tech gear can have serious...
Read more...
Virtually all smartphone users around the globe charge their devices daily, either via a wired charger or wireless charging pad. It turn out, however, that wireless chargers can be used to do some pretty nefarious things. Researchers have recently shown that it's possible to manipulate or even destroy devices by...
Read more...
Though you may think your home network is secure, attackers may be able to sneak in through your web browser and leverage vulnerabilities to pivot to internal devices. This is especially true for Internet of Things (IoT) equipment, which is notoriously insecure, requiring regular patches or even warnings from...
Read more...
We've seen malware that wants to steal your files, money, or even your identity, but the new "Gold Pickaxe" mobile malware goes a step further. This nasty little piece of software is active on both Android and iOS, and it steals the victim's face. Security researchers warn the malware could be used to create deepfake...
Read more...
AMD Ryzen and EPYC processors are vulnerable to some serious security exploits, so you should be quick about slapping the latest system firmware into your board's BIOS. Head to your system vendor or motherboard maker's website to make sure you've got the latest firmware for your Ryzen rig or EPYC server.
AMD has...
Read more...
Earlier in the year, Apple fixed several vulnerabilities, which, when exploited, allowed Operation Triangulation spyware to make its way onto devices with zero interaction required. Since then, researchers have been uncovering all the components that made up the attack chain for the spyware campaign, and what they...
Read more...
GitHub is looking to secure the software supply chain by requiring all developers using the platform to protect their accounts with two-factor authentication (2FA). Developers will need to enable the security feature by the end of 2023. The company states that GitHub is committed to making sure that strong account...
Read more...
It must be a Thursday, because there's been another major data breach that affects millions of consumers and may force you to change passwords. The target of the latest attack was Comcast, which has confirmed that online criminals ran roughshod over its Xfinity servers for days before detection. The hack has...
Read more...
A security vulnerability found in ownCloud, a provider of open-source software solutions for organizations to host and sync files, is now being actively exploited by threat actors. The vulnerability, CVE-2023-49103, was initially disclosed by ownCloud on November 21, 2023 whereupon it was assessed as being a critical...
Read more...
Ransomware has become one of the most prevalent means by which threat actors generate revenue, creating a billion-dollar underground industry. Given this financial reality, ransomware gangs are working constantly to outsmart the authorities trying to stop them, though that has not seemed to work. Now, the Biden...
Read more...
'
Discord is a great voice, text, and video platform that allows friends, family, and communities of all types to connect in a common space. However, its been known that Discord has been used for some terrible things, such as the massive leak of intelligence from the U.S. Pentagon. Now, threat actors are leveraging...
Read more...
Threat actors and malicious hackers have been targeting gamers with malware for quite some time, as they can be easy targets who download and run strange things from the internet all the time. Such was the case with a trojanized Super Mario game earlier this year that could have stolen information, run ransomware, or...
Read more...
Mobile processor designer Arm has issued a security bulletin for developers using its Mali GPU drivers. The firm has warned that a flaw tracked as CVE-2023-4211 may be under limited, targeted exploitation. Affected devices include the Google Pixel 7, Samsung Galaxy S20 and S21, the ASUS ROG Phone 6 and many more by...
Read more...
As it turns out, hotels, and by extension, the hospitality industry, are not the most secure organizations around despite handling personal information and credit card details. This is evident in the recent MGM Hotel breach or even further back with the 2022 social engineering of Marriott. Now, an infostealer campaign...
Read more...
While Windows is nearly ubiquitous, great for convenience and it offers a familiar end-user experience, some things are more easily done on Linux. Given this odd juxtaposition of popularity versus utility, threat actors targeting Linux are finding a target-rich environment that can still fly under the radar for the...
Read more...
Cybersecurity incidents are constantly on the rise, with many threat actors launching targeted or widespread opportunistic attacks. In what effectively amounts to cyberterrorism, these acts are not limited to large companies and organizations as one might think, but extend to things like high-profile sporting events...
Read more...
This week, Apple patched three vulnerabilities that could lead to Triangulation spyware making it to your device with a zero-interaction exploit delivered through an invisible iMessage. Thus, update your devices as soon as able to patch these vulnerabilities and remain safe from the threat actors exploiting...
Read more...
With Reddit somewhat imploding on the cusp of going public, some are taking advantage of the situation. Ransomware gang BlackCat (ALPHV) has recently claimed a February attack against Reddit, claiming to have stolen 80GB of data from the social media company.
In early February of this year, hackers from the...
Read more...
A new piece of Windows malware is making the rounds, but what else is new? You never want to fall victim to a malware campaign, but this one is particularly troublesome. EvilExtractor is billed as an "all-in-one" solution for your online criminal needs. With this one tool, a threat actor can monitor keystrokes, steal...
Read more...
Cigent Technology is a data security company whose main product is the Data Defense software-as-a-service security suite. The company's about to introduce a new line of SSDs, though, and one of those is pretty interesting: the Cigent Secure SSD+, with automated anti-ransomware technology that claims to be able to...
Read more...
A newly formed ransomware gang is attempting to extort a sizable payment from MSI after claiming to have stolen a treasure trove of data, including sensitive source code. The gang, which goes by the name "Money Message," is giving MSI five days to pay a hefty $4 million ransom. If payment is not received by then, the...
Read more...
