‘Trojan Source’ Bug Threatens the Security of All Code
Virtually all compilers — programs that transform human-readable source code into computer-executable machine code — are vulnerable to an insidious a... Read more
Zales.com Leaked Customer Data, Just Like Sister Firms Jared, Kay Jewelers Did in 2018
In December 2018, bling vendor Signet Jewelers fixed a weakness in their Kay Jewelers and Jared websites that exposed the order information for... Read more
FBI Raids Chinese Point-of-Sale Giant PAX Technology
U.S. federal investigators today raided the Florida offices of PAX Technology , a Chinese provider of point-of-sale devices used by millions of busi... Read more
Conti Ransom Gang Starts Selling Access to Victims
The Conti ransomware affiliate program appears to have altered its business plan recently. Organizations infected with Conti’s malware who refuse t... Read more
Missouri Governor Vows to Prosecute St. Louis Post-Dispatch for Reporting Security Vulnerability
On Wednesday, the St. Louis Post-Dispatch ran a story about how its staff discovered and reported a security vulnerability in a Missouri state educ... Read more
How Coinbase Phishers Steal One-Time Passwords
A recent phishing campaign targeting Coinbase users shows thieves are getting cleverer about phishing one-time passwords (OTPs) needed to complete... Read more
Patch Tuesday, October 2021 Edition
Microsoft today issued updates to plug more than 70 security holes in its Windows operating systems and other software, including one vulnerabili... Read more
Unified endpoint management automation software to boost endpoint security
Endpoints are constantly connected to the internet, so they offer a gateway for cyberattacks. Endpoint security is simply the process of protecting y... Read more
What Happened to Facebook, Instagram, & WhatsApp?
Facebook and its sister properties Instagram and WhatsApp are suffering from ongoing, global outages. We don’t yet know why this happened, but... Read more
Elastic Stack API Security Vulnerability Exposes Customer and System Data
The mis-implementation of Elastic Stack, a collection of open-source products that employ APIs for crucial data aggregation, search, and analytics ca... Read more
The expert assessed the prospects of cybersecurity company Group-IB after the arrest of its founder
Experts believe that the arrest of Ilya Sachkov, the founder and CEO of Group-IB, will not affect the company's work, nor will it affect the Russi... Read more
Analysts Warn of Telegram Powered Bots Stealing Bank OTPs
In the past few years, two-factor verification is one of the simplest ways for users to safeguard their accounts. It has now become a major target fo... Read more
FCC Proposal Targets SIM Swapping, Port-Out Fraud
The U.S. Federal Communications Commission (FCC) is asking for feedback on new proposed rules to crack down on SIM swapping and number port-out fr... Read more
Newly Discovered 'Tomiris’ Backdoor Linked to SolarWinds Attack Malware
Kaspersky security researchers have unearthed a new backdoor likely designed by the Nobelium advanced persistent threat (APT) behind last year's S... Read more
Ransomware Attack On Major European Bookseller
Recently a ransomware attack targeted a leading book supplier software, the attack interrupted regular functions of thousands of bookstores in Europe... Read more
RansomEXX Comes into Action Encrypting Files Using AES-CBC
In the latest Profero report - Senior Incident Responder Brenton Morris states that RansomeXX decryptors have failed to encrypt different files for t... Read more
Turkish National Charged for DDoS Attack on U.S. Company
Authorities in the United States charged a Turkish national for launching distributed denial-of-service (DDoS) assaults against a Chicago-based multi... Read more
-
Microsoft today released updates to plug at least 121 security holes in its Wi…
