The North Korean APT37 hacking group uses a new ‘FadeStealer’ information-stealing malware containing a ‘wiretapping’ feature, allowing the threat actor to snoop and record from victims’ microphones. […] Source: BleepingComputer | Read More
Apple addressed three new zero-day vulnerabilities exploited in attacks installing Triangulation spyware on iPhones via iMessage zero-click exploits. […] Source: BleepingComputer | Read More
Multinational shipping company UPS is alerting Canadian customers that some of their personal information might have been exposed via its online package look-up tools and abused in phishing attacks. […] Source: BleepingComputer | Read More
The Federal Trade Commission (FTC) says Amazon allegedly used dark patterns to trick millions of users into enrolling in its Prime program and trapping them by making it as difficult as possible to cancel the automatically-renewing subscriptions. […] Source: BleepingComputer | Read More
Threat actors are moving from the dark web to illicit Telegram channels specializing in cybercrime. This Flare article examines why threat actors are shifting from Tor and provides guidance on monitoring Telegram channels. […] Source: BleepingComputer | Read More
The Chinese state-sponsored hacking group tracked as APT15 has been observed using a novel backdoor named ‘Graphican’ in a new campaign between late 2022 and early 2023. […] Source: BleepingComputer | Read More
A new DDoS-as-a-Service botnet called “Condi” emerged in May 2023, exploiting a vulnerability in TP-Link Archer AX21 (AX1800) Wi-Fi routers to build an army of bots to conduct attacks. […] Source: BleepingComputer | Read More
VMware updated a security advisory published two weeks ago to warn customers that a now-patched critical vulnerability allowing remote code execution is being actively exploited in attacks. […] Source: BleepingComputer | Read More
Microsoft is working to address a known issue affecting Outlook for Microsoft 365 customers, causing slow starts and freezes as if Offline Outlook Data Files (OST) are being synced right after launch. […] Source: BleepingComputer | Read More
An unknown threat actor is brute-forcing Linux SSH servers to install a wide range of malware, including the Tsunami DDoS (distributed denial of service) bot, ShellBot, log cleaners, privilege escalation tools, and an XMRig (Monero) coin miner. […] Source: BleepingComputer | Read More