July 1, 2024 at 05:39AM Phishing emails, purportedly from a router maker’s helpdesk portal, are targeting users who submit support tickets. The emails claim to be from MetaMask and urge users to update their accounts within 24 hours to prevent loss of access. The malicious URL included in the email redirects to a suspended webpage. … Read more
June 25, 2024 at 10:18AM The FBI warns of cybercriminals masquerading as law firms and lawyers offering cryptocurrency recovery services to scam victims. They deceitfully claim collaboration with government agencies and real financial institutions to gain trust. Scammers ask for personal information, upfront fees, and taxes, resulting in victims losing over $9 million to secondary … Read more
June 25, 2024 at 09:48AM US cybersecurity agency CISA is warning high-risk chemical facilities to secure their online accounts after a breach in its Chemical Security Assessment Tool (CSAT) portal. The breach could have given unauthorized access to sensitive data on chemical facilities, such as dangerous chemicals stored and security vulnerabilities. CISA advised affected individuals … Read more
June 24, 2024 at 02:44PM The ‘Rafel RAT’ malware targets outdated Android devices to conduct ransomware attacks, with over 120 campaigns detected by researchers. It primarily affects devices running Android versions 11 and older, and it can target various brands and models. Threat actors use fake apps to spread Rafel RAT, which can execute commands … Read more
June 20, 2024 at 05:32PM RansomHub ransomware has a Linux encryptor tailored for VMware ESXi environments. Launched in February 2024, RansomHub has affected over 45 victims across 18 countries. An ESXi variant was detected in April 2024, presenting a bug that defenders can exploit. Additionally, the encryptor has specific commands and a unique encryption scheme. … Read more
June 18, 2024 at 07:35AM NHS Dumfries and Galloway’s CEO will notify residents of a recent cyberattack through personalized letters. The attack exposed patient and staff data, emphasizing the seriousness of the breach. Vulnerable individuals are a priority for analysis and will receive direct communication regarding the breach. Additionally, the letter details cybersecurity risks and … Read more
June 14, 2024 at 10:09AM The US Cybersecurity and Infrastructure Security Agency (CISA) warned about a rise in impersonation scams where malicious actors pretend to be CISA representatives and request cash or cryptocurrency transfers. Individuals are advised to deny the request, report the incident to law enforcement, and contact CISA. Experts emphasize the need for … Read more
June 12, 2024 at 02:05PM Criminals are using phone calls to deceive victims into transferring money by impersonating government employees, including those at the Cybersecurity and Infrastructure Security Agency (CISA). The agency issued a warning and emphasized that its staff would never request money or secrecy. Tips were shared to avoid falling victim, including validating … Read more
June 4, 2024 at 01:35PM Zyxel Networks released an emergency security update addressing three critical vulnerabilities in older NAS devices reaching end-of-life. The flaws enable command injection, remote code execution, privilege escalation, and information disclosure. Outpost24 security researcher Timothy Hjort discovered and reported the vulnerabilities. Zyxel released fixes despite end-of-support, urging immediate application due to … Read more
June 4, 2024 at 07:06AM Snowflake, in collaboration with CrowdStrike and Mandiant, has reported a targeted campaign against a limited number of its customers. The company recommends enabling multi-factor authentication and limiting network traffic to trusted locations to prevent unauthorized access. U.S. CISA and ACSC issued alerts, and it’s advised to look for signs of … Read more