Microsoft has uncovered a new large-scale phishing campaign that is targeting companies with custom campaigns and sophisticated phishing techniques. The phishing-as-a-service operation is marketed by cybercriminals as BulletProofLink. Researchers allegedly found the operation by detecting a high volume of newly created subdomains. Microsoft posted a statement via the 365 Defender

On Wednesday, a federal judge ordered that Facebook hand over records related to accounts shut down in 2018 that were linked to violence in Myanmar. According to the ruling, the accounts were linked to government-backed violence against the Muslim Rohingya minority in Myanmar. Facebook has been struggling to mitigate the

Researchers have found an unpatched zero-day in macOS Finder that could allow for remote execution. All a user needs to do is click on an email attachment and the code is executed secretly without the victim knowing. The vulnerability affects Big Sur and prior versions of macOS. MacOS Finder is

A new hacking group called FamousSparrow has been detected by researchers at ESET. The team stated on Thursday that the advanced persistent threat (APT) group is targeting governments and engineers in Europe, the UK, Israel, Saudi Arabia, the Americas, West Africa, Taiwan, and other regions. The APT is believed to

A British cybersecurity researcher uncovered his own personal data exposed online after discovering an unsecured database. The unprotected Elasticsearch database was found by Bob Diachenko, leader of security research at Comparitech, on August 22 of this year. Diachenko found 200GB of digital index records dating back a decade. The information

According to new research produced by Tessian, corporate and end-users should be wary of an uptick in phishing attacks for the final quarter of 2021. Tessian found that this is when the most malicious emails are likely to be distributed after analyzing four billion messages sent between July 2020 and

International law enforcement efforts have led to the takedown of an extensive cybercrime operation run by a gang with ties to the Italian Mafia. According to Europol, the gang utilized violence and intimidation as tactics and collected $12 million in online fraud profits. The group used phishing attacks to defraud

HackerOne will be expanding its Bug Bounty program, seeking to increase overall open source security. Open source projects are relied upon by enterprise players and SMBs alike and can represent some significant security risks as open-source components are stored and shared publicly. They range from full operating systems to education

The US government is announcing new measures that seek to deter cryptocurrency businesses from getting involved in laundering and facilitating ransomware payments. The Treasury may roll out the new sanctions as early as this coming week and will reportedly target cryptocurrency exchanges and traders who enable cybercrime transactions, whether it

According to new information uncovered by CloudSEK, millions of customers may have unknowingly exposed their personal and payment information after researchers discovered API security vulnerabilities that affect multiple different apps. CloudSEK found that of the 13,000 apps uploaded to its security search engine BeVigil for mobile applications, roughly 250 utilized