Nearly 52,000 internet-exposed Tinyproxy instances are vulnerable to CVE-2023-49606, a recently disclosed critical remote code execution (RCE) flaw. […]
BetterHelp to pay $7.8 million to 800,000 in health data sharing settlement
BetterHelp has agreed to pay $7.8 million in a settlement agreement with the U.S. Federal Trade Commission (FTC) over allegations of misusing and sharing consumer health data for advertising purposes. […]
Russian Hacker Dmitry Khoroshev Unmasked as LockBit Ransomware Administrator
The U.K. National Crime Agency (NCA) has unmasked the administrator and developer of the LockBit ransomware operation, revealing it to be a 31-year-old Russian national named Dmitry Yuryevich Khoroshev.
In addition, Khoroshev has been sanctioned by the U.K. Foreign, Commonwealth and Development Office (FCD), the U.S. Department of the Treasury’s Office of Foreign Assets Control (
In addition, Khoroshev has been sanctioned by the U.K. Foreign, Commonwealth and Development Office (FCD), the U.S. Department of the Treasury’s Office of Foreign Assets Control (
LockBit ransomware admin identified, sanctioned in US, UK, Australia
The FBI, UK National Crime Agency, and Europol have unveiled sweeping indictments and sanctions against the admin of the LockBit ransomware operation, with the identity of the Russian threat actor revealed for the first time. […]
APT42 Hackers Pose as Journalists to Harvest Credentials and Access Cloud Data
The Iranian state-backed hacking outfit called APT42 is making use of enhanced social engineering schemes to infiltrate target networks and cloud environments.
Targets of the attack include Western and Middle Eastern NGOs, media organizations, academia, legal services and activists, Google Cloud subsidiary Mandiant said in a report published last week.
“APT42 was
Targets of the attack include Western and Middle Eastern NGOs, media organizations, academia, legal services and activists, Google Cloud subsidiary Mandiant said in a report published last week.
“APT42 was
China-Linked Hackers Used ROOTROT Webshell in MITRE Network Intrusion
The MITRE Corporation has offered more details into the recently disclosed cyber attack, stating that the first evidence of the intrusion now dates back to December 31, 2023.
The attack, which came to light last month, singled out MITRE’s Networked Experimentation, Research, and Virtualization Environment (NERVE) through the exploitation of two Ivanti Connect Secure zero-day
The attack, which came to light last month, singled out MITRE’s Networked Experimentation, Research, and Virtualization Environment (NERVE) through the exploitation of two Ivanti Connect Secure zero-day
New Case Study: The Malicious Comment
How safe is your comments section? Discover how a seemingly innocent ‘thank you’ comment on a product page concealed a malicious vulnerability, underscoring the necessity of robust security measures. Read the full real-life case study here.
When is a ‘Thank you’ not a ‘Thank you’? When it’s a sneaky bit of code that’s been hidden inside a ‘Thank You’
When is a ‘Thank you’ not a ‘Thank you’? When it’s a sneaky bit of code that’s been hidden inside a ‘Thank You’
Google Simplifies 2-Factor Authentication Setup (It’s More Important Than Ever)
Google on Monday announced that it’s simplifying the process of enabling two-factor authentication (2FA) for users with personal and Workspace accounts.
Also called, 2-Step Verification (2SV), it aims to add an extra layer of security to users’ accounts to prevent takeover attacks in case the passwords are stolen.
The new change entails adding a second step method, such as an
Also called, 2-Step Verification (2SV), it aims to add an extra layer of security to users’ accounts to prevent takeover attacks in case the passwords are stolen.
The new change entails adding a second step method, such as an
Russian Operator of BTC-e Crypto Exchange Pleads Guilty to Money Laundering
A Russian operator of a now-dismantled BTC-e cryptocurrency exchange has pleaded guilty to money laundering charges from 2011 to 2017.
Alexander Vinnik, 44, was charged in January 2017 and taken into custody in Greece in July 2017. He was subsequently extradited to the U.S. in August 2022. Vinnik and his co-conspirators have been accused of owning and managing
Alexander Vinnik, 44, was charged in January 2017 and taken into custody in Greece in July 2017. He was subsequently extradited to the U.S. in August 2022. Vinnik and his co-conspirators have been accused of owning and managing
Google Chrome is getting native support for YouTube-like video chapters
Google is adding a new feature to Google Chrome that allows publishers to add video chapters to videos embedded on websites, similar to how chapters work on YouTube. […]