16 Sep 2021

Household Names Hit with £500K Fine for Spamming Consumers

In the UK, three popular companies have been fined nearly half a million USD collectively by the UK privacy regulator after delivering hundreds of millions of marketing messages to consumers and violating certain marketing laws. We Buy Any Car was allegedly fined £200,000 by the Information Commissioner’s Office after sending

Read More
16 Sep 2021

REvil/Sodinokibi Ransomware Universal Decryptor Key Is Out

Bitdefender collaborated with law enforcement to create a key that would release data encrypted in ransomware attacks before the REvil ransomware gang disappeared from the internet on July 13. The universal decryption key will be free for victims of REvil ransomware attacks. The firm announced that it will be passing

Read More
16 Sep 2021

New Go malware Capoae targets WordPress installs, Linux systems

A new strain of malware called Capoae was publicized earlier this week by security research firm Akamai. The firm stated that the new malware is written in the Golang programming language, which is becoming increasingly popular among threat actors due to its cross-platform capabilities. The malware spreads through known vulnerabilities

Read More
15 Sep 2021

Attackers Impersonate DoT in Two-Day Phishing Scam

Threat actors allegedly impersonated the US Department of Transportation in a two-day phishing campaign, leveraging the recent $1 trillion infrastructure bill. The cyber attackers created new domains mimicking the real DoT site. The campaign combined a series of tactics, such as creating seemingly legitimate domains to evade security detections and

Read More
15 Sep 2021

Microsoft Patches Actively Exploited Windows Zero-Day Bug

In the most recent Patch Tuesday, Microsoft released fixes 66 CVEs, including an RCE bug under active attack. Three of the bugs that were patched in the update were rated critical. One of which has been under active attack for nearly two weeks. One of the other bugs included in

Read More
15 Sep 2021

DOJ fines NSA hackers who assisted UAE in attacks on dissidents

The Justice Department has announced a deal with three former US Intelligence operatives that allows them to pay a fine rather than face jail time for breaking multiple laws when conducting offensive hacking for the government of the United Arab Emirates. The deal is controversial, as it allows the three

Read More
14 Sep 2021

WooCommerce Multi Currency Bug Allows Shoppers to Change eCommerce Pricing

A new security vulnerability in the WooCommerce Multi-Currency plugin could allow any customer to change the pricing for products in online stores. WooCommerce is a popular plugin for WordPress websites whereas the Multi-Currency plugin from Envato allows e-tailers to use WooCommerce to set pricing for international shoppers. The plugin is

Read More
14 Sep 2021

Apple Releases Urgent Patch Following Discovery of Pegasus Spyware

This week, Apple released an urgent update that mitigates a critical vulnerability exploited by the Pegasus mobile software. The flaw, which is tracked as CVE-2021-30860, was first discovered by security researchers at the University of Toronto’s Citizen Lab when analyzing the iPhone of a Saudi activist who had been targeted

Read More
13 Sep 2021

Poland Extradites Alleged Botnet Operator to US

Ukrainian national Glib Oleksandr Ivanov-Tolpintsev has been extradited to the United States and is facing charges associated with decrypting the credentials of thousands of computers across the world and selling them on dark web forums. Ivanov-Tolpintsev was initially arrested in Poland on October 3, 2020, however, he will now travel

Read More
13 Sep 2021

MyRepublic Data Breach Raises Data-Protection Questions

A MyRepublic data breach has raised controversy over security for critical data being housed in third-party infrastructure, according to researchers. Almost 79,000 MyRepublic mobile subscribers have been exposed in a data breach that affected personal information such as scanned copies of Singapore’s National Registration Identity cards, names, pictures, dates of

Read More