Recent Security News
-
Fake F5 BIG-IP zero-day warning emails push data wipers
December 20, 2023 at 04:59PM Israel National Cyber Directorate warns of phishing emails posing as F5 BIG-IP zero-day security updates, deploying data wipers for Windows and Linux. Israeli organizations targeted by pro-Palestinian and Iranian hacktivists since October. New phishing attack delivers data wipers through fake F5 update emails. Wipers communicate with a Telegram channel, posing…
-
Google fixes 8th Chrome zero-day exploited in attacks this year
December 20, 2023 at 04:44PM Google has released emergency updates to address the eighth Chrome zero-day vulnerability of the year, CVE-2023-7024, which was exploited in targeted attacks. The bug, discovered by Google’s Threat Analysis Group, affects the open-source WebRTC framework and poses a high-severity risk due to a heap buffer overflow weakness. Google aims to…
-
Cybercrooks book a stay in hotel email inboxes to trick staff into spilling credentials
December 20, 2023 at 04:33PM Cybercriminals are targeting hotel staff by sending emails that exploit their emotions and urgency to download password-stealing malware. Examples include false complaints, requests for assistance, and emotional scenarios. The ultimate goal is to steal hotel management credentials, which have been used in attacks against Booking.com customers. This has led to…
-
Defiant BlackCat Gang Stands Up New Site, Calls for Revenge Attacks
December 20, 2023 at 03:40PM BlackCat/ALPHV ransomware leaders claim they’ve restarted operations on their primary blog despite DOJ’s control. In response to law enforcement actions, they’ve lifted ban on cyberattacks against critical infrastructure. However, experts doubt their quick comeback ability. FBI seized server and data, but BlackCat set up a new site. Cybersecurity insiders warn…
-
Crypto scammers abuse X ‘feature’ to impersonate high-profile accounts
December 20, 2023 at 03:18PM Cryptocurrency scammers are exploiting a Twitter feature that allows modifying the account name in post URLs. This enables redirecting to unrelated high-profile accounts, leading to fraudulent crypto giveaway promotions and phishing attempts. Scammers have targeted crypto-related accounts like Binance and zkSync. Users can mitigate the risk with Twitter’s Quality Filter…