Security researchers have uncovered a malicious campaign that relies on a valid code-signing certificate to disguise malicious code as legitimate executables. One of the payloads that the researchers called Blister, acts as a loader for …
Stealthy BLISTER malware slips in unnoticed on Windows systems Read More »
In recent attacks, the AvosLocker ransomware gang has started focusing on disabling endpoint security solutions that stand in their way by rebooting compromised systems into Windows Safe Mode. This tactic makes it easier to encrypt …
AvosLocker ransomware reboots in Safe Mode to bypass security tools Read More »
Popular wrestling t-shirt site Pro Wrestling Tees has disclosed a data breach incident that has resulted in the compromise of the financial details of tens of thousands of its customers. Pro Wrestling Tees is a …
Pro Wrestling Tees discloses data breach after credit cards stolen Read More »
VK is finally introducing two-factor authentication on all its services and plans to make it mandatory in February 2022 for administrators of large communities. VKontakte, or more commonly known as VK, is Russia’s most popular …
VK introduces 2FA and plans to make it mandatory in 2022 Read More »
A new Dridex malware phishing campaign is using fake employee termination emails as a lure to open a malicious Excel document, which then trolls the victim with a season’s greeting message. Dridex is a banking …
Dridex malware trolls employees with fake job termination emails Read More »
Major services across the internet are currently facing ongoing networking outages. Popular sites and apps can’t be reached These services include Amazon, AWS, Hulu, Slack, Imgur, Asana, Grindr, Scruff, HubSpot, Zendesk, among other popular sites …
Major services including Slack, AWS, Hulu, Imgur facing outages Read More »
Threat actors are conducting a highly targeted phishing campaign impersonating Pfizer to steal business and financial information from victims. Pfizer is a well-known pharmaceutical company that enjoys extensive publicity for producing one of the few …
Phishing attacks impersonate Pfizer in fake requests for quotation Read More »
A new malware named ‘DarkWatchman’ has emerged in the cybercrime underground, and it’s a lightweight and highly-capable JavaScript RAT (Remote Access Trojan) paired with a C# keylogger. According to a technical report by researchers at …
New stealthy DarkWatchman malware hides in the Windows Registry Read More »
Western Digital is urging customers to update their WD My Cloud devices to the latest available firmware to keep receiving security updates on My Cloud OS firmware reaching the end of support. On April 15, …
Western Digital warns customers to update their My Cloud devices Read More »
All set for the weekend? Not so fast. Yesterday, BleepingComputer summed up all the log4j and logback CVEs known thus far. Ever since the critical log4j zero-day saga started last week, security experts have time and time …
Upgraded to log4j 2.16? Surprise, there’s a 2.17 fixing DoS Read More »
Four affiliated online sports gear sites have disclosed a cyberattack where threat actors stole credit cards for 1,813,224 customers. While not much is known about the attack, a law firm representing the four websites stated …
Credit card info of 1.8 million people stolen from sports gear sites Read More »
Some threat actors exploiting the Apache Log4j vulnerability have switched from LDAP callback URLs to RMI or even used both in a single request for maximum chances of success. This shift is a notable development …
Log4j attackers switch to injecting Monero miners via RMI Read More »