The U.S. Federal Trade Commission (FTC) announced a $150 million fine against Twitter after discovering that the company used the phone numbers and email addresses used for multi-factor authentication ofRead More →
Researchers from Google Threat Analysis Group (TAG) report that in 2021, software development firm Cytrox sold Predator spyware to various hacking groups backed by state actors. These attacks are basedRead More →
A couple of months ago, CloudSEK researchers identified a new and unusual strain of ransomware. Dubbed GoodWill, this new variant of encryption malware appears to pursue very different targets thanRead More →
Microsoft published a report detailing its researchers’ findings on payment card stealing malware, mentioning that threat actors increasingly use malicious PHP scripts to manipulate payment systems and bypass online securityRead More →
Maintainers of Argo CD, the continuous delivery (CD) tool for Kubernetes, announced the fix of a vulnerability that would have allowed threat actors to spoof JSON Web Tokens (JWTs) andRead More →
More than half a million Chicago Public Schools (CPS) students and employees have had their sensitive information compromised due to a ransomware attack, which occurred in late 2021 but wasRead More →
Cisco announced the fixing of a zero-day vulnerability in the software of its XR IOS routers whose exploitation would have allowed unauthenticated threat actors to remotely access Redis instances runningRead More →
Dis-Chem, a pharmaceutical retail chain, recently announced that its systems were affected in a data breach incident that would have compromised the personal records of up to 3.6 million customers.Read More →
In a recent alert, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) recommends VMware users update or even delete their deployments due to the detection of critical vulnerabilities, exploited justRead More →