Oracle denies it was breached after a threat actor claimed to be selling 6 million data records allegedly stolen from the company’s Oracle Cloud federated SSO login servers […]
Author Archives: [email protected]
21
Mar
Mar
Authorities in at least two U.S. states last week independently announced arrests of Chinese nationals accused of perpetrating a novel form of tap-to-pay fraud using mobile devices. Details released by authorities so far indicate the mobile wallets being used by the scammers were created through online phishing scams, and that the accused were relying on […]
A new phishing campaign is targeting SEO professionals with malicious Semrush Google Ads that aim to steal their Google account credentials. […]
Microsoft is investigating an Exchange Online bug causing anti-spam systems to mistakenly quarantine some users’ emails. […]
Hello Windows Insiders, today we are releasing Windows 11 Insider Preview Build 22635.5097 (KB5053648) to the Beta Channel. Please note this build will only be provided to Windows Insiders in the Beta Channel who did not upgrade to receiving updates based on Windows 11, version 24H2. Changes in Beta Channel builds and updates are documented in […]
The U.S. Department of Treasury announced today that it has removed sanctions against the Tornado Cash cryptocurrency mixer, which North Korean Lazarus hackers used to launder hundreds of millions stolen in multiple crypto heists. […]
Threat hunters have uncovered a new threat actor named UAT-5918 that has been attacking critical infrastructure entities in Taiwan since at least 2023. “UAT-5918, a threat actor believed to be motivated by establishing long-term access for information theft, uses a combination of web shells and open-sourced tooling to conduct post-compromise activities to establish persistence in […]
Valve has removed a game titled ‘Sniper: Phantom’s Resolution’ from the Steam store following multiple user reports that indicated its demo installer actually infected their systems with information stealing malware. […]
Originally published by Synack. New year, new regulations. In late December 2024, the U.S. Department of Health and Human Services (HHS) issued a proposal to modify the Health Insurance Portability and Accountability Act’s (HIPAA) Security Rule, with an overarching goal of strengthening the cybersecurity programs of healthcare organizations and protecting patient data from malicious adversaries. […]
The threat actors behind the Medusa ransomware-as-a-service (RaaS) operation have been observed using a malicious driver dubbed ABYSSWORKER as part of a bring your own vulnerable driver (BYOVD) attack designed to disable anti-malware tools. Elastic Security Labs said it observed a Medusa ransomware attack that delivered the encryptor by means of a loader packed using […]