Security
Dangerous new Nnice ransomware laughs at victims by replacing file extensions with ‘.xdddd’
A new ransomware variant has appeared on various underground forums. The CYFIRMA Research and Advisory team has reported on Nnice Ransomware, which employs advanced encryption techniques and sophisticated methods for evasion and persistence.
Read more about Dangerous new Nnice ransomware laughs at victims by replacing file extensions with ‘.xdddd’
FBI and CISA alert software vendors: stop hardcoding secrets, use secure cryptography
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are urging vendors to prioritize security to reduce customer risk. The updated guidance for critical software vendors adds three bad practices and other recommendations.
Read more about FBI and CISA alert software vendors: stop hardcoding secrets, use secure cryptography
US Treasury sanctions Chinese cybersecurity firm and hacker behind US network breaches
A cybersecurity company from Sichuan and a hacker from Shanghai recently hacked multiple major US telecoms and internet service providers and compromised the network infrastructure.
Read more about US Treasury sanctions Chinese cybersecurity firm and hacker behind US network breaches
How to disable Apple Intelligence features and why you should do it
Users aren’t satisfied with the Apple Intelligence features, so here’s how to turn them off.
Read more about How to disable Apple Intelligence features and why you should do it
Hacker withdraws from Anonymous: it was overwhelming
One of the primary reasons I had to withdraw from Anonymous was the overwhelming number of CSAM links and screenshots.
Read more about Hacker withdraws from Anonymous: it was overwhelming
Supreme Court upholds law to ban TikTok this Sunday
The US Supreme Court on Friday handed down its decision to uphold a bipartisan law requiring ByteDance, the Chinese-owned parent company of TikTok, to divest from the app or cease operations in the US on Sunday, January 19th.
Read more about Supreme Court upholds law to ban TikTok this Sunday
Europol-led operation is going after criminals’ wallets
Project A.S.S.E.T. – Asset Search and Seize Enforcement Taskforce – ended on January 17th, 2025, and identified dozens of properties, over 220 bank accounts, and millions in assets.
Read more about Europol-led operation is going after criminals’ wallets
Cyber pros skeptical of Biden’s last-minute cybersecurity executive order
President Joe Biden signed a broad executive order on cybersecurity aimed at containing malicious cyber-enabled threats, such as attacks against critical infrastructure, ransomware, other intrusions, and sanction evasion. The document expands the criteria to designate individuals and entities for sanctions.
Read more about Cyber pros skeptical of Biden’s last-minute cybersecurity executive order
AT&T hack exposes agents’ call logs leaving FBI scrambling
The FBI is racing to safeguard the identities of confidential informants after their numbers were exposed in an AT&T breach last April, Bloomberg News reported on Thursday.
Read more about AT&T hack exposes agents’ call logs leaving FBI scrambling
Huge “zombie” MikroTik router botnet spreads malware and obscures Russian hackers
Cybercriminals with links to Russia are running a large-scale hacking operation, sending spoofed emails and delivering trojan malware. They’re hiding behind a smokescreen – a botnet of at least 13,000 compromised MikroTik internet routers acting as proxies.
Read more about Huge “zombie” MikroTik router botnet spreads malware and obscures Russian hackers
FTC scolds GoDaddy for neglecting basic cybersecurity
GoDaddy, a major website hosting provider, failed to secure its website hosting services for years, the Federal Trade Commission (FTC) alleged in a complaint. The company settled to implement a 'robust information security program' and will not face any monetary penalties.
Read more about FTC scolds GoDaddy for neglecting basic cybersecurity
One in ten AI prompts puts sensitive data at risk
Almost half of the sensitive data employees enter into tools like ChatGPT or Perplexity includes sensitive customer information, a new study has found.
Read more about One in ten AI prompts puts sensitive data at risk
Major leak exposes 1.5 billion Weibo, DiDi, Shanghai Communist Party, and others’ records
One of the largest data leaks involving mostly Chinese nationals includes a colossal 1.5 billion records, with full names and government ID numbers exposed.
Read more about Major leak exposes 1.5 billion Weibo, DiDi, Shanghai Communist Party, and others’ records
Cl0p ransom gang says ‘contact us’ or we'll publish data of 59 Cleo victims
In a deja-vu of the MOVEit hacks, the Cl0p ransomware gang has threatened to publish the data of 59 companies it compromised in a December breach of the Cleo file transfer platform – unless those companies start engaging in ransom negotiations by Friday.
Read more about Cl0p ransom gang says ‘contact us’ or we'll publish data of 59 Cleo victims
Hackers are stealing Google Ads accounts to publish fake ads in a perpetual cycle
Cybercriminals from Brazil and Asia are placing malicious ads on Google that impersonate the company's own Google Ads platform. Users are tricked into providing their login credentials, feeding a perpetual cycle that allows criminals to compromise and sell even more accounts.
Read more about Hackers are stealing Google Ads accounts to publish fake ads in a perpetual cycle
Room for error: European hotel chain exposes millions of guests' data
Arrival times, price paid, and contact details – over 24 million records with sensitive data were left passwordless online, putting hotel customers at risk.
Read more about Room for error: European hotel chain exposes millions of guests' data
AI email guardian hamstrung by powerful QR code and CAPTCHA combo cyberattack
La Roux duo might be bulletproof, as per their hit song, but artificial intelligence (AI) is not. At least not when it’s a sole defender of email against phishing emails.
Read more about AI email guardian hamstrung by powerful QR code and CAPTCHA combo cyberattack
US officials admit to IT bribery scheme
Government officials were among those who pleaded guilty in an ongoing bid-rigging, fraud, and bribery probe related to US government IT purchases.
Read more about US officials admit to IT bribery scheme