A suspected Iranian state-supported threat actor is deploying a newly discovered backdoor named ‘Aclip’ that abuses the Slack API for covert communications. The threat actor’s activity started in 2019 and targeted an unnamed Asian airline …
State-sponsored hackers abuse Slack API to steal airline data Read More »
Earlier this month, the news broke that an unknown assailant used NSO Group’s Pegasus spyware tool to target the phones of nine U.S. State Department employees. This breach is only the latest in a series …
NSO Group’s Pegasus spyware: how we got here and what now Read More »
Malicious actors are deploying a previously undiscovered binary, an Internet Information Services (IIS) webserver module dubbed “Owowa,” on Microsoft Exchange Outlook Web Access servers with the goal of stealing credentials and enabling remote command execution. …
Hackers Using Malicious IIS Server Module to Steal Microsoft Exchange Credentials Read More »
In a win that elevates human rights over government spying, the European Ombudsman, Emily O’Reilly, has opened an investigation into the European Commission’s support for African countries to develop surveillance capabilities. With little regard for …
Following recent moves to use export controls to reign in surveillance companies, members of Congress are demanding that the U.S. government now also impose sanctions. PI answers to some questions and looks at the potential …
Surveillance Industry Finally Facing Scrutiny, but Will it Change Anything? Read More »
The Oregon Anesthesiology Group (OAG) said it suffered a ransomware attack in July that led to the breach of sensitive employee and patient information. The breach involves the information of 750,000 patients and 522 current …
On December 1, hours before Texas’ social media law, HB 20, was slated to go into effect, a federal court in Texas blocked it for violating the First Amendment. Like a similar law in Florida, …
Victory! Federal Court Blocks Texas’ Unconstitutional Social Media Law Read More »
Researchers have spotted a new espionage hacking campaign targeting telecommunication and IT service providers in the Middle East and Asia. The campaign has been conducted over the past six months, and there are tentative links …
Telecom operators targeted in recent espionage hacking campaign Read More »
The first public case of the Log4j Log4Shell vulnerability used to download and install ransomware has been discovered by researchers. Last Friday, a public exploit was released for a critical zero-day vulnerability named ‘Log4Shell’ in the Apache …
New ransomware now being deployed in Log4Shell attacks Read More »
The Department of Homeland Security (DHS) has launched a new bug bounty program dubbed “Hack DHS” that allows vetted cybersecurity researchers to find and report security vulnerabilities in external DHS systems. As the federal government’s …
DHS announces ‘Hack DHS’ bug bounty program for vetted researchers Read More »
Major natural gas supplier Superior Plus announced on Tuesday that it is suffering from a ransomware attack. The billion-dollar propane seller said the incident started on December 12 but did not answer questions about which …
Billion-dollar natural gas supplier Superior Plus hit with ransomware Read More »
Information is power, and if you’re an iPhone user, you can now get more information about how often your apps access your data (for example, your location or your microphone). The App Privacy Report, which …