Two suspects were arrested in Miami this week and charged with conspiracy to steal and launder over $230 million in cryptocurrency using crypto exchanges and mixing services. […]
CISA warns of actively exploited Apache HugeGraph-Server bug
The U.S. Cybersecurity and Infrastructure Agency (CISA) has added five flaws to its Known Exploited Vulnerabilities (KEV) catalog, among which is a remote code execution (RCE) flaw impacting Apache HugeGraph-Server. […]
Microsoft Edge will flag extensions causing performance issues
Microsoft is testing a new feature in the Edge browser called the “extension performance detector,” which warns you when browser extensions cause performance issues on web pages you visit. […]
Tor says it’s “still safe” amid reports of police deanonymizing users
The Tor Project is attempting to assure users that the network is still safe after a recent investigative report warned that law enforcement from Germany and other countries are working together to deanonymize users through timing attacks. […]
Ivanti warns of another critical CSA flaw exploited in attacks
Today, Ivanti warned that threat actors are exploiting another Cloud Services Appliance (CSA) vulnerability in attacks targeting a limited number of customers. […]
Wherever There’s Ransomware, There’s Service Account Compromise. Are You Protected?
Until just a couple of years ago, only a handful of IAM pros knew what service accounts are. In the last years, these silent Non-Human-Identities (NHI) accounts have become one of the most targeted and compromised attack surfaces. Assessments report that compromised service accounts play a key role in lateral movement in over 70% of ransomware attacks. However, there’s an alarming disproportion
FTC exposes massive surveillance of kids, teens by social media giants
A Federal Trade Commission (FTC) staff report has found that social media and video streaming companies have been engaging in widespread user surveillance, particularly of children and teens, with insufficient privacy protections and earning billions of dollars annually by monetizing their data. […]
Google Password Manager now automatically syncs your passkeys
Google announced that starting today, passkeys added to Google Password Manager will automatically sync between Windows, macOS, Linux, Android, and ChromeOS devices for logged-in users. […]
Police dismantles phone unlocking ring linked to 483,000 victims
A joint law enforcement operation has dismantled an international criminal network that used the iServer automated phishing-as-a-service platform to unlock the stolen or lost mobile phones of 483,000 victims worldwide. […]
Hackers Exploit Default Credentials in FOUNDATION Software to Breach Construction Firms
Threat actors have been observed targeting the construction sector by infiltrating the FOUNDATION Accounting Software, according to new findings from Huntress.
“Attackers have been observed brute-forcing the software at scale, and gaining access simply by using the product’s default credentials,” the cybersecurity company said.
Targets of the emerging threat include plumbing, HVAC (heating,
“Attackers have been observed brute-forcing the software at scale, and gaining access simply by using the product’s default credentials,” the cybersecurity company said.
Targets of the emerging threat include plumbing, HVAC (heating,