Cybersecurity researchers have discovered a new malware that has the capability to create backdoors on Windows, Linux, and macOS operating systems. Therefore, hackers using the malware could achieve full access to compromised systems on a range of devices. Intezer released more information about the malware, which it has named SysJoker.

Cyberattackers have hit the city of Grass Valley in California, exfiltrating personal and financial data belonging to vendors, city employees, and their spouses. The City of Grass Valley released a data security notice acknowledging that an unknown actor was able to access some of the city’s internal systems for a

Researchers have detected a critical vulnerability in the H2 open-source Java SQL database that bears similarities to the Log4J vulnerability. However, this flaw does not pose a widespread threat. Researchers stated that the flaw opens the door for an adversary to execute remote code on vulnerable systems. H2 is attractive

On Tuesday, SentinelOne published an analysis of a new high-impact vulnerability that allows for remote code execution. The bug, which is tracked as CVE-2021-45388, has impacted millions of end-user router devices. The bug has been classified as critical by security researchers at SentinelOne, and impacts the KCodes NetUSB kernel module.

The US government has issued a new warning regarding possible targets of commercial spyware. The entity also provided guidance on how individuals can protect themselves from unwarranted surveillance. In the announcement, the US National Counterintelligence and Security Center (NCSC) stated that governments across the world are using commercial surveillance software

Attackers were able to steal data pertaining to almost 80,000 patients of Fertility Centers of Illinois (FCI) after a data breach was detected on February 1 of last year. Although the fertility centers’ security measures were able to safeguard electronic medical records, the attackers were still able to access highly

A group named Patchwork by Malwarebytes has been exposed after it accidentally infected its own development environment with a remote access Trojan (RAT). The group has been traced back to India and is also known by the names Hangover Group, Dropping Elephant, Chinastrats, and Monsoon. The group has been active

According to the FBI, a cybercrime group has been attempting to compromise devices via thumb drives. The malicious group has been mailing out USB thumb drives, hoping that recipients will fall for the trick and plug them into their devices, effectively installing ransomware on their networks. The drives reportedly contain

Arbix Finance, a seemingly securely vetted cryptocurrency firm, appears to have scammed its customers and investors out of millions after its developers made off with the deposited funds. The company was a yield farming firm previously audited by decentralized finance (DeFi) actor CertiK. CertiK tweeted earlier this week confirming the

Internet service in Kazakhstan was disabled this week after thousands took to the streets to protest a steep rise in gas prices. Although the internet was partially restored on Wednesday, Netblocks and Cloudflare reported evidence of significant disruption. The two security companies reported that they observed internet shutdowns in the