Items tagged with cybersecurity

Last year saw a rise in threat actors abusing Microsoft Office macros to infect their victims’ systems with malware, prompting Microsoft to block macros embedded in documents downloaded from the internet. In response, threat actors have had to pivot to alternative malware distribution and infection methods, including... Read more...
We often report on phishing campaigns involving fraudulent customer support agents who trick victims into giving up sensitive information or installing malware on their systems. However, sometimes threat actors flip this script, instead posing as customers in need of help in order to prey on customer support agents... Read more...
The password manager KeePass is currently the subject of a debate concerning whether or not a particular design decision should be considered a security vulnerability. At the center of this debate is KeePass’ support of triggers, one of which exports users’ password databases. Threat actors could potentially leverage... Read more...
Earlier this month, a Swiss hacker who goes by the name maia arson crimew exfiltrated a copy the US government’s No Fly List from an insecure server. This list, which names individuals who are forbidden from flying anywhere within US borders, is a subset of the Terrorist Screening Database and is kept hidden from the... Read more...
In 2022, the National Security Agency, in conjunction with the U.K’s National Cyber Security Centre, reported a critical vulnerability in the Windows CryptoAPI to Microsoft. While this was patched in August of 2022 and published in October of 2022, it could still prove to be a problem as threat actors could still... Read more...
Last November, two weeks after the Biden administration held the second International Counter Ransomware Summit, the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Health and Human Services (HHS) published a joint cybersecurity advisory warning... Read more...
Yesterday, the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) published a joint cybersecurity advisory warning network defenders about phishing attacks that leverage remote monitoring and management... Read more...
TA444 is an advanced persistent threat (APT) group believed to be associated with the North Korean government. However, rather than receiving financial backing from its government, the group seems to bring in revenue for the government. Unlike most state-backed APTs, such as China’s Aoqin Dragon or Iran’s Charming... Read more...
Over the past week, Gmail users have been reporting abuse of the Google Ads platform. However, rather than conducting ad fraud or placing ads that distribute malware, the actors behind this recent activity are leveraging the Google Ads invitation system to direct traffic to various to risky websites. These sites are... Read more...
A massive ad fraud campaign has shut down after undergoing mitigation efforts organized by HUMAN, cybersecurity firm that works to distinguish human beings from bots for the purpose of disrupting cybercrime. The ad fraud campaign, dubbed “VASTFLUX” by members of HUMAN’s Satori Threat Intelligence and Research Team... Read more...
Yesterday, T-Mobile, one of the big three mobile internet service providers in the US, announced that it recently fell victim to a data breach. The company disclosed this information in both a news release and a filing with the Securities and Exchange Commission (SEC). However, the news release skips over important... Read more...
This past July, we wrote about a report published by Coverware that found that the dollar value of the median ransomware payment was on a downward trajectory beginning in Q1 2022 and continuing in Q2 of the same year. However, we weren’t sure whether this decrease in the value of individual payments would reflect in... Read more...
Among the requirements for installing Windows 11 are two security features: Trusted Platform Module (TPM) version 2.0 and Secure Boot. As we’ve documented before, it’s possible to sidestep these requirements and force a Windows 11 install or upgrade anyway. Microsoft even published a registry hack to give users this... Read more...
The Liquor Control Board of Ontario (LCBO), a government organization that sells alcoholic beverages within Ontario, Canada, has published a statement notifying customers of a cybersecurity incident affecting the retailer’s online store. According to this statement, unknown threat actors managed to compromise the... Read more...
A new report claims that a law enforcement app leaked the personal details of suspects and police officers involved in major police operations going all the way back to 2011. SweepWizard, the app in question, was developed by ODIN Intelligence to help police coordinate multi-agency raids, such as Operation Protect the... Read more...
It's no secret that cyberattacks have been on the rise lately, but a series of failures today may raise some eyebrows. The United States, Canada, and the United Kingdom have all experienced critical service disruptions today, and the root causes are still under investigation. The United Kingdom’s postal service... Read more...
Those who follow cybersecurity news will know that both security researchers and threat actors alike are frequently discovering security vulnerabilities, prompting developers to create and release patches for these vulnerabilities. While fixing security flaws is a good thing, it’s bad news when such fixes are prompted... Read more...
Cybersecurity researchers at ASEC have uncovered a threat campaign distributing remote access software under the guise of a Pokémon NFT card game. While many threat campaigns distribute Remote Access Trojans (RATs) that operate in the background to grant threat actors access to compromised systems, this particular... Read more...
Earlier this year, Google awarded a security researcher $107,500 for finding vulnerabilities in the company’s smart speakers. The researcher demonstrated that these vulnerabilities could be leveraged to link secondary accounts to Google smart home devices, then control the devices for nefarious ends, including... Read more...
This week, Lake Charles Memorial Health System (LCMHS) in Louisiana published a notice informing its patients of a cybersecurity incident that occurred back in October of this year. According to the notice, threat actors gained unauthorized access to the healthcare system’s internal network between October 20 and 21... Read more...
BIT Mining Limited has published a news release disclosing that the cryptocurrency mining pool run by its subsidiary, BTC.com, suffered a cyberattack earlier this month on December 3. In the course of the attack, threat actors stole cryptocurrency valuing approximately $3 million in total. BIT Mining has informed... Read more...
Back in August of this year, an unknown actor operating under the username “devil” posted information relating to 5.4 million Twitter users for sale on BreachForums. This data included the email addresses and phone numbers tied to users’ accounts. Now, someone with the username “Ryushi” claims to be selling a similar... Read more...
1 2 3 4 5 Next