23 Sep 2021

Unpatched Apple Zero-Day in macOS Finder Allows Code Execution

Researchers have found an unpatched zero-day in macOS Finder that could allow for remote execution. All a user needs to do is click on an email attachment and the code is executed secretly without the victim knowing. The vulnerability affects Big Sur and prior versions of macOS. MacOS Finder is

Read More
23 Sep 2021

New advanced hacking group targets governments, engineers worldwide

A new hacking group called FamousSparrow has been detected by researchers at ESET. The team stated on Thursday that the advanced persistent threat (APT) group is targeting governments and engineers in Europe, the UK, Israel, Saudi Arabia, the Americas, West Africa, Taiwan, and other regions. The APT is believed to

Read More
22 Sep 2021

Data of 106 Million Visitors to Thailand Breached

A British cybersecurity researcher uncovered his own personal data exposed online after discovering an unsecured database. The unprotected Elasticsearch database was found by Bob Diachenko, leader of security research at Comparitech, on August 22 of this year. Diachenko found 200GB of digital index records dating back a decade. The information

Read More
21 Sep 2021

Malicious Email Surge Predicted for Q4

According to new research produced by Tessian, corporate and end-users should be wary of an uptick in phishing attacks for the final quarter of 2021. Tessian found that this is when the most malicious emails are likely to be distributed after analyzing four billion messages sent between July 2020 and

Read More
21 Sep 2021

Europol Breaks Open Extensive Mafia Cybercrime Ring

International law enforcement efforts have led to the takedown of an extensive cybercrime operation run by a gang with ties to the Italian Mafia. According to Europol, the gang utilized violence and intimidation as tactics and collected $12 million in online fraud profits. The group used phishing attacks to defraud

Read More
21 Sep 2021

HackerOne expands Internet Bug Bounty project to tackle open source bugs

HackerOne will be expanding its Bug Bounty program, seeking to increase overall open source security. Open source projects are relied upon by enterprise players and SMBs alike and can represent some significant security risks as open-source components are stored and shared publicly. They range from full operating systems to education

Read More
20 Sep 2021

US Set to Sanction Cryptocurrency Firms Involved in Ransomware

The US government is announcing new measures that seek to deter cryptocurrency businesses from getting involved in laundering and facilitating ransomware payments. The Treasury may roll out the new sanctions as early as this coming week and will reportedly target cryptocurrency exchanges and traders who enable cybercrime transactions, whether it

Read More
20 Sep 2021

Payment API Vulnerabilities Exposed “Millions” of Users

According to new information uncovered by CloudSEK, millions of customers may have unknowingly exposed their personal and payment information after researchers discovered API security vulnerabilities that affect multiple different apps. CloudSEK found that of the 13,000 apps uploaded to its security search engine BeVigil for mobile applications, roughly 250 utilized

Read More
20 Sep 2021

Azure Zero-Day Flaws Highlight Lurking Supply-Chain Risk

Researchers have found a series of vulnerabilities in the Open Management Infrastructure used in Azure on Linux to demonstrate hidden security threats. Researchers have dubbed the flaws OMIGOD. The Open Management Infrastructure (OMI) is software that many don’t realize is embedded in a host of services and represents a significant

Read More
20 Sep 2021

TTEC hit with ransomware attack, hampering work for major clients

TTEC, a US-based customer experience technology giant has confirmed that they suffered from a cybersecurity incident. According to employees, the company stated that it was hit with ransomware. TTEC boasts billions in annual revenue and nearly 61,000 employees. Earlier this week, the company warned its employees not to click on

Read More