Hackers are currently utilizing search engine optimization (SEO) tactics to direct users seeking common business forums such as invoices, receipts, or other templates to redirect them to hacker-controlled domains. According to eSentire’s Threat Response Unit, attackers are currently in possession of more than 100,000 malicious Google sites that seem legitimate

In early March, Microsoft disclosed that the Chinese state-sponsored hacking group Hafnium had successfully infected tens of thousands of Microsoft Exchange servers in a massive and extensive hacking campaign. Although Microsoft promptly released a patch to fix the vulnerability and urged users to implement the fix as soon as possible,

The Cybersecurity and Infrastructure Security Agency (CISA) has advised cybersecurity researchers to be aware of a recent phishing campaign that targets professionals within the field. The attacks were first disclosed in January and were found to be targeting researchers working on vulnerability research and development within various organizations. The individuals

Google has moved to patch more Chrome zero-days that are actively under attack as it seems as though Google’s problems with in-the-wild Chrome zero-days are multiplying rapidly. The vulnerabilities patched affect Windows, macOS, and Linux users, pertaining to CVE-2021-21206 and CVE-2021-21220. Google did not provide any other details on the

A set of nine vulnerabilities are currently exposing roughly 100 million devices worldwide, according to researchers. The vulnerabilities lie in the basic code that dictates how devices communicate with the internet. What cybersecurity researchers are questioning is how to implement changes and effective defenses that will actively combat these types

Sweden’s national sports federations was allegedly hacked by the Russian military in 2017-2018, according to a new report released on Tuesday. The data-breaching campaign also affecting some of the world’s leading sports bodies, such as FIFA and the World Anti-Doping Agency. The country called the incident a series of repeated

Cybercriminals are leveraging zero-day vulnerabilities in Microsoft Exchange servers, dropping cryptocurrency mining malware as part of a campaign that seeks to secretly steal the processing power of compromised systems. The campaign is targeted towards financial gain and is currently ongoing, according to advisories published by several US agencies, including warnings

The Netherlands is still struggling to recover after a recent ransomware attack on a key logistics supplier, resulting in empty shelves at several branches of the country’s largest supermarket chain recently. Albert Heijn is an industry giant and provides food to a large portion of the country, with 1,000 locations.

Security researchers have found an SQL file containing the personal data of 1.3 million Clubhouse users available on a hacker forum for free. The information in the file includes names, user IDs, photo URLs, number of followers, dates the accounts were created, profile information, who invited the user to the

Microsoft has warned of a new campaign utilizing legitimate website contact forms to target victims with URLs that ultimately deliver a banking Trojan. The attack campaign is delivering the IcedID banking Trojan to businesses via emails containing fake legal threats, creating a sense of urgency and luring victims into clicking