Clik here to view.
FBI、暗号取引所従業員を装った詐欺師を警告
イメージミッドジャーニー米連邦捜査局(FBI)は、暗号通貨取引所の従業員を装い、疑うことを知らない被害者から資金を盗む詐欺師について警告している。 FBIは本日の公共サービスアナウンスのきっかけを明かしていないが、詐欺師がこの手口で被害者の口座にアクセスし、デジタル資産を吸い上げるという報告が急増していることが動機となっているようだ。...
View ArticleClik here to view.
Cencora confirms patient health info stolen in February attack
Pharmaceutical giant Cencora has confirmed that patients’ protected health information and personally identifiable information (PII) was exposed in a February cyberattack. Cencora, previously known as...
View ArticleClik here to view.
Sitting Ducks DNS attacks let hackers hijack over 35,000 domains
Threat actors have hijacked more than 35,000 registered domains in so-called Sitting Ducks attacks that allow claiming a domain without having access to the owner’s account at the DNS provider or...
View ArticleClik here to view.
UK takes down major ‘Russian Coms’ caller ID spoofing platform
The United Kingdom’s National Crime Agency (NCA) has shut down Russian Coms, a major caller ID spoofing platform used by hundreds of criminals to make over 1.8 million scam calls. Their targets...
View ArticleClik here to view.
Hackers abuse free TryCloudflare to deliver remote access malware
Researchers are warning of threat actors increasingly abusing the Cloudflare Tunnel service in malware campaigns that usually deliver remote access trojans (RATs). This cybercriminal activity was frst...
View ArticleClik here to view.
StackExchange abused to spread malicious PyPi packages as answers
Threat actors uploaded malicious Python packages to the PyPI repository and promoted them through the StackExchange online question and answer platform. The packages are named ‘spl-types,’ ‘raydium,’...
View ArticleClik here to view.
Twilioがデスクトップ用Authyを停止、全ユーザーを強制ログアウト
TwilioはついにAuthy for Desktopアプリケーションを終了し、ユーザーを強制的にデスクトップアプリケーションからログアウトさせた。 1月、TwilioはWindows、macOS、Linux用のAuthyデスクトップアプリが2024年3月19日に寿命を迎え、最終的には2024年8月に廃止されると発表した。...
View ArticleClik here to view.
DuckDuckGo blocked in Indonesia over porn, gambling search results
Privacy-focused search engine DuckDuckGo has been blocked in Indonesia by its government after citizens reportedly complained about pornographic and online gambling content in its search results. The...
View ArticleClik here to view.
Cryptonator seized for laundering ransom payments, stolen crypto
U.S. and German law enforcement seized the domain of the crypto wallet platform Cryptonator, used by ransomware gangs, darknet marketplaces, and other illicit services, and indicted its operator. The...
View ArticleClik here to view.
Fake AI editor ads on Facebook push password-stealing malware
Image: MidjourneyA Facebook malvertising campaign targets users searching for AI image editing tools and steals their credentials by tricking them into installing fake apps that mimic legitimate...
View ArticleClik here to view.
US sues TikTok for violating children privacy protection laws
Image: MidjourneyThe U.S. Department of Justice has filed a lawsuit against popular social media platform TikTok and its parent company, ByteDance, alleging widespread violations of children’s...
View ArticleClik here to view.
Hackers breach ISP to poison software updates with malware
A Chinese hacking group tracked as StormBamboo has compromised an undisclosed internet service provider (ISP) to poison automatic software updates with malware. Also tracked as Evasive Panda,...
View ArticleClik here to view.
Linux kernel impacted by new SLUBStick cross-cache attack
A novel Linux Kernel cross-cache attack named SLUBStick has a 99% success in converting a limited heap vulnerability into an arbitrary memory read-and-write capability, letting the researchers elevate...
View ArticleClik here to view.
Surge in Magniber ransomware attacks impact home users worldwide
A massive Magniber ransomware campaign is underway, encrypting home users’ devices worldwide and demanding thousand-dollar ransoms to receive a decryptor. Magniber launched in 2017 as a successor to...
View ArticleClik here to view.
Countdown is on: Last chance for discount registration at Mandiant’s mWISE 2024
Register today for mWISE™, the unique cybersecurity conference from Mandiant, now part of Google Cloud. Built by practitioners for practitioners, mWISE runs from September 18 – 19, 2024 in Denver,...
View ArticleClik here to view.
New LianSpy malware hides by blocking Android security feature
A previously undocumented Android malware named ‘LightSpy’ has been discovered targeting Russian users, posing on phones as an Alipay app or a system service to evade detection. Analysis shows that...
View ArticleClik here to view.
North Korean hackers exploit VPN update flaw to install malware
South Korea’s National Cyber Security Center (NCSC) warns that state-backed DPRK hackers hijacked flaws in a VPN’s software update to deploy malware and breach networks. The advisory connects this...
View ArticleClik here to view.
Keytronic reports losses of over $17 million after ransomware attack
Electronic manufacturing services provider Keytronic has revealed that it suffered losses of over $17 million due to a May ransomware attack. The American technology company started as an Original...
View ArticleClik here to view.
Windows Smart App Control, SmartScreen bypass exploited since 2018
A design flaw in Windows Smart App Control and SmartScreen that enables attackers to launch programs without triggering security warnings has been under exploitation since at least 2018. Smart App...
View ArticleClik here to view.
Crowdstrike: Delta Air Lines refused free help to resolve IT outage
The legal spars between Delta Air Lines and CrowdStrike are heating up, with the cybersecurity firm claiming that Delta’s extended IT outage was caused by poor disaster recovery plans and the airline...
View Article