10 Nov Worok hackers hide new malware in PNGs using steganographyA threat group tracked as ‘Worok’ hides malware within PNG images to infect victims’ machines with information-stealing malware without raising alarms. […]
09 Nov Couple sentenced to prison for trying to sell nuclear warship secretsA Navy nuclear engineer and his wife were sentenced to over 19 years and more than 21 years in prison for attempting to sell nuclear warship design secrets to what they believed was a foreign power agent. […]
09 Nov New hacking group uses custom ‘Symatic’ Cobalt Strike loadersA previously unknown Chinese APT (advanced persistent threat) hacking group dubbed ‘Earth Longzhi’ targets organizations in East Asia, Southeast Asia, and Ukraine. […]
09 Nov 15,000 sites hacked for massive Google SEO poisoning campaignHackers are conducting a massive black hat search engine optimization (SEO) campaign by compromising almost 15,000 websites to redirect visitors to fake Q&A discussion forums. […]
09 Nov Medibank warns customers their data was leaked by ransomware gangAustralian health insurance giant Medibank has warned customers that the ransomware group behind last month’s breach has started to leak data stolen from its systems. […]
09 Nov Lenovo fixes flaws that can be used to disable UEFI Secure BootLenovo has fixed two high-severity vulnerabilities impacting various ThinkBook, IdeaPad, and Yoga laptop models that could allow an attacker to deactivate UEFI Secure Boot. […]
08 Nov LockBit affiliate uses Amadey Bot malware to deploy ransomwareA LockBit 3.0 ransomware affiliate is using phishing emails that install the Amadey Bot to take control of a device and encrypt devices. […]
08 Nov Malicious extension lets attackers control Google Chrome remotelyA new Chrome browser botnet named ‘Cloud9’ has been discovered in the wild using malicious extensions to steal online accounts, log keystrokes, inject ads and malicious JS code, and enlist the victim’s browser in DDoS attacks. […]
08 Nov VMware fixes three critical auth bypass bugs in remote access toolVMware has released security updates to address three critical severity vulnerabilities in the Workspace ONE Assist solution that enable remote attackers to bypass authentication and elevate privileges to admin. […]
08 Nov Microsoft: Windows 10 21H1 reaches end of service next monthMicrosoft has reminded customers today that all editions of Windows 10 21H1 (also known as the May 2021 Update) are reaching the end of service (EOS) next month. […]