Researchers have found an unpatched zero-day in macOS Finder that could allow for remote execution. All a user needs to do is click on an email attachment and the code is executed secretly without the victim knowing. The vulnerability affects Big Sur and prior versions of macOS. MacOS Finder is

A new hacking group called FamousSparrow has been detected by researchers at ESET. The team stated on Thursday that the advanced persistent threat (APT) group is targeting governments and engineers in Europe, the UK, Israel, Saudi Arabia, the Americas, West Africa, Taiwan, and other regions. The APT is believed to

A British cybersecurity researcher uncovered his own personal data exposed online after discovering an unsecured database. The unprotected Elasticsearch database was found by Bob Diachenko, leader of security research at Comparitech, on August 22 of this year. Diachenko found 200GB of digital index records dating back a decade. The information

According to new research produced by Tessian, corporate and end-users should be wary of an uptick in phishing attacks for the final quarter of 2021. Tessian found that this is when the most malicious emails are likely to be distributed after analyzing four billion messages sent between July 2020 and

International law enforcement efforts have led to the takedown of an extensive cybercrime operation run by a gang with ties to the Italian Mafia. According to Europol, the gang utilized violence and intimidation as tactics and collected $12 million in online fraud profits. The group used phishing attacks to defraud

HackerOne will be expanding its Bug Bounty program, seeking to increase overall open source security. Open source projects are relied upon by enterprise players and SMBs alike and can represent some significant security risks as open-source components are stored and shared publicly. They range from full operating systems to education

The US government is announcing new measures that seek to deter cryptocurrency businesses from getting involved in laundering and facilitating ransomware payments. The Treasury may roll out the new sanctions as early as this coming week and will reportedly target cryptocurrency exchanges and traders who enable cybercrime transactions, whether it

According to new information uncovered by CloudSEK, millions of customers may have unknowingly exposed their personal and payment information after researchers discovered API security vulnerabilities that affect multiple different apps. CloudSEK found that of the 13,000 apps uploaded to its security search engine BeVigil for mobile applications, roughly 250 utilized

Researchers have found a series of vulnerabilities in the Open Management Infrastructure used in Azure on Linux to demonstrate hidden security threats. Researchers have dubbed the flaws OMIGOD. The Open Management Infrastructure (OMI) is software that many don’t realize is embedded in a host of services and represents a significant

TTEC, a US-based customer experience technology giant has confirmed that they suffered from a cybersecurity incident. According to employees, the company stated that it was hit with ransomware. TTEC boasts billions in annual revenue and nearly 61,000 employees. Earlier this week, the company warned its employees not to click on