In a recent advisory, the FBI warned US-based tech companies about a rising cybercriminal tactic involving fraudulent “emergency data requests” (EDRs), aimed at accessing sensitive user data without the typical legal protocols. The advisory, first reported by PCMag, highlights how hackers are
Latest News: Cybersecurity
Windows gamers are facing a significant cyber threat thanks to the Winos4.0 malware framework, which is spreading via malicious game-related applications. Fortinet’s recent report reveals that this advanced malware, hidden within apps like speed boosters and game optimization tools, grants
LastPass has issued a warning regarding scammers promoting a counterfeit support phone number in the reviews of its Chrome extension. These scammers aim to gain access to users’ computers and steal sensitive data. The scammers are using 5-star reviews to promote a phone number, 805-206-2892,
In a major discovery, cybersecurity firm HUMAN Security has uncovered a sophisticated phishing campaign, dubbed “Phish n' Ships”. This elaborate scheme targeted over 1,000 legitimate e-commerce websites, leading to estimated losses of tens of millions of dollars. Active since at least 2019, it has
Fog and Akira ransomware gangs are targeting SonicWall VPNs to infiltrate corporate networks, exploiting the critical CVE-2024-40766 flaw recently revealed in SonicWall’s SSL VPN system. Discovered and patched in August 2024, this flaw remains a risk as some organizations have yet to apply the
Russian-linked cyber espionage group UNC5812 has been targeting Ukrainian military conscripts with Windows and Android malware in a sophisticated campaign. Disguised as recruitment avoidance tools, the malware has been distributed via a Telegram channel named “Civil Defense” and a website
Kaspersky’s Global Research and Analysis Team (GReAT) uncovered a critical Google Chrome zero-day vulnerability, tracked as CVE-2024-4947, that was being exploited by the North Korean Lazarus hacking group. The attackers used a fake decentralized finance (DeFi) game called DeTankZone to target
APT41, a Chinese state-sponsored hacking group, has targeted the gambling and gaming industry in a sophisticated cyberattack. The attack spanned several months and saw hackers collect sensitive data from their victims’ infrastructure, including network configurations and passwords. APT41, also
An ongoing malware campaign has compromised over 6,000 WordPress sites, installing malicious plugins that push infostealing malware. The campaign, known as ClearFake, began in 2023 and tricks users into installing malware through fake browser error messages. As reported by BleepingComputer, the
Iranian hackers have been actively targeting critical infrastructure sectors worldwide. They have been breaching such networks and then selling access to other cybercriminals. A joint advisory from US, Canadian, and Australian cybersecurity agencies highlights that the hackers have focused on