September 17, 2024 at 05:02PM The Marko Polo cybercrime gang is an escalating global financial threat, orchestrating at least 30 concurrent fraud campaigns and utilizing advanced malware to compromise tens of thousands of devices. They impersonate popular brands like Zoom and Discord to target individuals and organizations in gaming, virtual meetings, and cryptocurrency markets, employing … Read more
September 9, 2024 at 01:45PM A privacy flaw in WhatsApp’s “View once” feature allows attackers to bypass it, giving a false sense of privacy. Messages can be saved, forwarded, and shared despite being supposed to disappear after being opened once. The flaw has been exploited for at least a year, prompting WhatsApp to roll out … Read more
September 4, 2024 at 04:40PM Planned Parenthood of Montana is dealing with a cyber attack, with RansomHub claiming to have stolen data and threatening to leak it unless payment is made. The organization has engaged federal law enforcement and infosec experts to investigate and rebuild its IT systems. The situation is being taken seriously, with … Read more
August 26, 2024 at 05:57PM Microsoft will host a Windows Endpoint Security Ecosystem Summit on Sept. 10 with partners like CrowdStrike to address cyber resiliency and infrastructure improvements. The summit is a response to the recent CrowdStrike outage, aiming to prevent such events in the future by discussing system design and security practices. Microsoft will … Read more
August 23, 2024 at 08:03AM Kentucky man Jesse Kipf was sentenced to nine years in federal prison after faking his death to avoid paying child support. He hacked into state registries and manipulated official records, resulting in his registration as a deceased person in multiple government databases. Kipf also accessed private networks and attempted to … Read more
August 20, 2024 at 05:07PM American chipmaker Microchip Technology Incorporated experienced a cyberattack disrupting operations across its manufacturing facilities. This affected the company’s capacity to meet orders, prompting them to shut down systems and isolate affected areas. The incident, which was detected on August 17, 2024, is currently being evaluated with external cybersecurity experts’ assistance, … Read more
August 16, 2024 at 04:55PM Millions of individuals’ sensitive personal info, including names, Social Security numbers, addresses, and phone numbers, was stolen from Florida-based National Public Data (NPD) and leaked on the dark web. The stolen info was gathered from public records, and the breach resulted in the sale and distribution of the data. NPD … Read more
August 15, 2024 at 08:57AM Russian and Belarusian NGOs, media, and international organizations in Eastern Europe are targeted by spear-phishing campaigns linked to Russian government interests. One campaign, River of Phish, is attributed to a collective with ties to Russia’s Federal Security Service, while the second, COLDWASTREL, uses similar tactics. The attacks employ personalized social … Read more
August 5, 2024 at 02:05PM A Florida data broker, National Public Data, is accused of negligently handling billions of personal records, leading to a cyberattack and subsequent sale of the stolen data on the dark web. California resident Christopher Hofmann filed a potential class-action lawsuit, alleging his and others’ sensitive information was compromised. The lawsuit … Read more
August 2, 2024 at 12:42PM A Russia-linked threat actor, APT28, has been using a car-for-sale phishing lure to deploy the HeadLace backdoor in a campaign targeting diplomats since March 2024. The attacks involve the use of a legitimate service called webhook[.]site to deliver malicious files and are linked to previous campaigns by APT28. The tactics … Read more