21 Oct Hackers exploit critical VMware flaw to drop ransomware, minersSecurity researchers observed malicious campaigns leveraging a critical vulnerability in VMware Workspace One Access to deliver various malware, including the RAR1Ransom tool that locks files in password-protected archives. […]
21 Oct Clearview AI gets third €20 million fine for illegal data collectionFrance’s data protection authority (CNIL) has fined Clearview AI with €20 million for illegal collection and processing of biometric data belonging to French citizens. […]
21 Oct BlackByte ransomware uses new data theft tool for double-extortionA BlackByte ransomware affiliate is using a new custom data stealing tool called ‘ExByte’ to steal data from compromised Windows devices quickly. […]
20 Oct Ursnif malware switches from bank account theft to initial accessA new version of the Ursnif malware (a.k.a. Gozi) emerged as a generic backdoor, stripped of its typical banking trojan functionality. […]
20 Oct Google sued over biometric data collection without consentTexas attorney general Ken Paxton has sued Google for allegedly collecting and using biometric data belonging to millions of Texans without proper consent. […]
20 Oct Health system data breach due to Meta Pixel hits 3 million patientsAdvocate Aurora Health (AAH), a 26-hospital healthcare system in the states of Wisconsin and Illinois, is notifying its patients of an unintentional data breach that impacts 3,000,000 individuals. […]
20 Oct OldGremlin hackers use Linux ransomware to attack Russian orgsOldGremlin, one of the few ransomware groups attacking Russian corporate networks, has expanded its toolkit with file-encrypting malware for Linux machines. […]
19 Oct Brazil arrests suspect linked to the Lapsus$ hacking groupToday, the Brazilian Federal Police arrested a Brazilian suspect in the city of Feira de Santana, Bahia, believed to be part of the Lapsus$ extortion gang. […]
19 Oct Microsoft data breach exposes customers’ contact info, emailsMicrosoft said today that some of its customers’ sensitive information was exposed by a misconfigured Microsoft server accessible over the Internet. […]
19 Oct Microsoft announces enterprise DDoS protection for SMBsMicrosoft announced today the availability of Azure DDoS IP Protection in public preview, a new and fully managed DDoS Protection pay-per-protected IP model offering tailored to small and midsize businesses (SMBs). […]