24 Sep 2021

Large-Scale Phishing-as-a-Service Operation Exposed

Microsoft has uncovered a new large-scale phishing campaign that is targeting companies with custom campaigns and sophisticated phishing techniques. The phishing-as-a-service operation is marketed by cybercriminals as BulletProofLink. Researchers allegedly found the operation by detecting a high volume of newly created subdomains. Microsoft posted a statement via the 365 Defender

Read More
24 Sep 2021

Facebook Ordered to Release Records on Closed Myanmar Accounts

On Wednesday, a federal judge ordered that Facebook hand over records related to accounts shut down in 2018 that were linked to violence in Myanmar. According to the ruling, the accounts were linked to government-backed violence against the Muslim Rohingya minority in Myanmar. Facebook has been struggling to mitigate the

Read More
23 Sep 2021

Unpatched Apple Zero-Day in macOS Finder Allows Code Execution

Researchers have found an unpatched zero-day in macOS Finder that could allow for remote execution. All a user needs to do is click on an email attachment and the code is executed secretly without the victim knowing. The vulnerability affects Big Sur and prior versions of macOS. MacOS Finder is

Read More
23 Sep 2021

New advanced hacking group targets governments, engineers worldwide

A new hacking group called FamousSparrow has been detected by researchers at ESET. The team stated on Thursday that the advanced persistent threat (APT) group is targeting governments and engineers in Europe, the UK, Israel, Saudi Arabia, the Americas, West Africa, Taiwan, and other regions. The APT is believed to

Read More
22 Sep 2021

Data of 106 Million Visitors to Thailand Breached

A British cybersecurity researcher uncovered his own personal data exposed online after discovering an unsecured database. The unprotected Elasticsearch database was found by Bob Diachenko, leader of security research at Comparitech, on August 22 of this year. Diachenko found 200GB of digital index records dating back a decade. The information

Read More
21 Sep 2021

Malicious Email Surge Predicted for Q4

According to new research produced by Tessian, corporate and end-users should be wary of an uptick in phishing attacks for the final quarter of 2021. Tessian found that this is when the most malicious emails are likely to be distributed after analyzing four billion messages sent between July 2020 and

Read More
21 Sep 2021

Europol Breaks Open Extensive Mafia Cybercrime Ring

International law enforcement efforts have led to the takedown of an extensive cybercrime operation run by a gang with ties to the Italian Mafia. According to Europol, the gang utilized violence and intimidation as tactics and collected $12 million in online fraud profits. The group used phishing attacks to defraud

Read More
21 Sep 2021

HackerOne expands Internet Bug Bounty project to tackle open source bugs

HackerOne will be expanding its Bug Bounty program, seeking to increase overall open source security. Open source projects are relied upon by enterprise players and SMBs alike and can represent some significant security risks as open-source components are stored and shared publicly. They range from full operating systems to education

Read More
20 Sep 2021

US Set to Sanction Cryptocurrency Firms Involved in Ransomware

The US government is announcing new measures that seek to deter cryptocurrency businesses from getting involved in laundering and facilitating ransomware payments. The Treasury may roll out the new sanctions as early as this coming week and will reportedly target cryptocurrency exchanges and traders who enable cybercrime transactions, whether it

Read More
20 Sep 2021

Payment API Vulnerabilities Exposed “Millions” of Users

According to new information uncovered by CloudSEK, millions of customers may have unknowingly exposed their personal and payment information after researchers discovered API security vulnerabilities that affect multiple different apps. CloudSEK found that of the 13,000 apps uploaded to its security search engine BeVigil for mobile applications, roughly 250 utilized

Read More