Security
Attackers exploit Windows screensaver files to install remote access tools
A new spearphishing campaign is exploiting a little-used entry point into corporate networks: Windows screensaver files – a format many users and even security controls don’t typically treat as high risk.
Read more about Attackers exploit Windows screensaver files to install remote access tools
SolarWinds Web Help Desk users under threat as vulnerability actively exploited
CISA has warned SolarWinds Web Help Desk users that a remote code execution (RCE) vulnerability, patched by the vendor last week, is being actively exploited.
Read more about SolarWinds Web Help Desk users under threat as vulnerability actively exploited
FBI unable to access seized reporter’s iPhone: it’s protected by Apple’s Lockdown Mode
The move by the Federal Bureau of Investigation to execute a search warrant at a reporter’s home was scandalous. But at least the feds aren’t able to access her iPhone, thanks to Apple’s Lockdown Mode.
Read more about FBI unable to access seized reporter’s iPhone: it’s protected by Apple’s Lockdown Mode
Massive data leak hits Harvard and UPenn: ShinyHunters dump stolen records
Extortion group ShinyHunters has released datasets allegedly containing over 1 million records from Harvard University and 1.2 million records from the University of Pennsylvania, claiming they include personal and donor data. Security researchers warn about private lives and intimate institutional strategies exposed.
Read more about Massive data leak hits Harvard and UPenn: ShinyHunters dump stolen records
Bulletproof hosting reused Windows images, masking ransomware infrastructure
New Sophos research finds bulletproof hosting providers repeatedly deploy virtual machines from the same preconfigured Windows images, creating thousands of identically named servers that cybercriminal groups continue to exploit for cover.
Read more about Bulletproof hosting reused Windows images, masking ransomware infrastructure
The new SCAM Act: will it force social media to block ad fraudsters?
US Senators Ruben Gallego and Bernie Moreno have introduced anti-scam legislation requiring social media platforms to vet their advertisers.
Read more about The new SCAM Act: will it force social media to block ad fraudsters?
Major malware adds Linux variant, thousands of hosting servers infected
More than 10,000 IP addresses were found infected with a previously unseen Linux variant of SystemBC, a powerful remote access trojan (RAT) that now mostly targets web servers across various hosting platforms. Some of the compromised servers host government websites, while others are used by hackers for ransomware attacks.
Read more about Major malware adds Linux variant, thousands of hosting servers infected
Pinterest engineers found a way to check who got fired, get kicked out themselves
The company was secretive about who gets fired from Pinterest, so workers took matters into their own hands.
Read more about Pinterest engineers found a way to check who got fired, get kicked out themselves
Millions installed these AI apps, but researchers warn of leaked user locations
Popular AI photo identification apps with 2 million downloads have exposed their users' GPS coordinates. Researchers found that attackers have already compromised the data.
Read more about Millions installed these AI apps, but researchers warn of leaked user locations
Epstein’s files expose valid passwords, Redditors hacking into accounts
Passwords from several Jeffrey Epstein accounts, including Outlook, Yahoo, Apple ID, and other services, were found in the latest Epstein files release. Reddit users claim to have accessed multiple accounts and are wreaking havoc in the Outlook inbox.
Read more about Epstein’s files expose valid passwords, Redditors hacking into accounts
One of the most extensive Android spyware campaign hits 45,000 devices
The Arsink RAT exploits legitimate Google cloud services to steal SMS messages, contacts, call logs, and audio while giving operators complete remote control of compromised devices.
Read more about One of the most extensive Android spyware campaign hits 45,000 devices
From scam parks to execution chambers: China’s hardline tactics against cross-border cyber fraud
China’s recent executions of alleged cybercriminals connected to scam centres in Myanmar underscore a widening shift in how Beijing treats cross-border fraud.
Read more about From scam parks to execution chambers: China’s hardline tactics against cross-border cyber fraud
US senator demands AT&T and Verizon CEOs testify over Salt Typhoon telecom hack
A US senator is pushing AT&T and Verizon CEOs to testify after telecom giants allegedly blocked Salt Typhoon security assessments — raising new concerns about US network safety.
Read more about US senator demands AT&T and Verizon CEOs testify over Salt Typhoon telecom hack
January’s biggest data breaches exposed
From ICE agents and Tinder for Nazis, to the cars we drive, and even the sneakers on our feet, January’s biggest data breaches touched nearly every corner of daily life – pulling consumers, corporations, and US government agencies alike into the same cybersecurity mess.
Read more about January’s biggest data breaches exposed
M&S attackers hit German insurance giant – HanseMerkur
A 3-billion-dollar German insurance giant has been allegedly breached in a ransomware attack by a Russia-aligned Dragonforce gang.
Read more about M&S attackers hit German insurance giant – HanseMerkur
SharePoint phishing campaign rages: fake invitations lead to compromised Microsoft accounts
It might seem that someone you know is sharing a file stored on SharePoint. Swiss authorities have issued an alert about a global SharePoint phishing wave, tricking users into handing their credentials to cybercriminals.
Read more about SharePoint phishing campaign rages: fake invitations lead to compromised Microsoft accounts
Former Trump CISA leader slams current state of play as “hot mess”
Donald Trump has already entered the second year of his presidency, but the Cybersecurity and Infrastructure Security Agency (CISA) still doesn’t have a permanent boss. One of the former ones has something to say about it – and it’s bad.
Read more about Former Trump CISA leader slams current state of play as “hot mess”
DDoSecrets.com is gone: domain squatter snatched the URL, the project migrates to .ORG
DDoSecrets, a major whistleblower website, successor to WikiLeaks, has moved to a new domain, ddosecrets.org. The migration was forced after the old .com domain was lost due to registrar mishaps. DDoSecrets urges users to update all links and email addresses to the .org domain immediately.
Read more about DDoSecrets.com is gone: domain squatter snatched the URL, the project migrates to .ORG
Fancy Bear’s latest dance: Microsoft Office flaw fuels cyberattacks in Ukraine and EU
To conduct cyberattacks against organizations in Ukraine and the European Union, the Russian state-sponsored hacking group Fancy Bear (APT28) has been exploiting a recently disclosed vulnerability in Microsoft Office.
Read more about Fancy Bear’s latest dance: Microsoft Office flaw fuels cyberattacks in Ukraine and EU
8.7 billion records spilled: Inside the massive Chinese data leak
The exposed Elasticsearch cluster, which contained over 160 indices, held billions of primarily Chinese records, ranging from national citizen ID numbers to various business records.
Read more about 8.7 billion records spilled: Inside the massive Chinese data leak
