Microsoft is investigating an ongoing Multi-Factor Authentication (MFA) outage that is blocking customers from accessing Microsoft 365 Office apps. […]
WordPress Skimmers Evade Detection by Injecting Themselves into Database Tables
Cybersecurity researchers are warning of a new stealthy credit card skimmer campaign that targets WordPress e-commerce checkout pages by inserting malicious JavaScript code into a database table associated with the content management system (CMS).
“This credit card skimmer malware targeting WordPress websites silently injects malicious JavaScript into database entries to steal sensitive payment
“This credit card skimmer malware targeting WordPress websites silently injects malicious JavaScript into database entries to steal sensitive payment
Expired Domains Allowed Control Over 4,000 Backdoors on Compromised Systems
No less than 4,000 unique web backdoors previously deployed by various threat actors have been hijacked by taking control of abandoned and expired infrastructure for as little as $20 per domain.
Cybersecurity company watchTowr Labs said it pulled off the operation by registering over 40 domain names that the backdoors had been designed to use for command-and-control (C2). In partnership with the
Cybersecurity company watchTowr Labs said it pulled off the operation by registering over 40 domain names that the backdoors had been designed to use for command-and-control (C2). In partnership with the
Phishing texts trick Apple iMessage users into disabling protection
Cybercriminals are exploiting a trick to turn off Apple iMessage’s built-in phishing protection for a text and trick users into re-enabling disabled phishing links. […]
Pastor who saw crypto project in his “dream” indicted for fraud
A pastor at a Pasco, Washington, church has been indicted on 26 counts of fraud for allegedly operating a cryptocurrency scam that defrauded investors of millions between 2021 and 2023. […]
Scammers file first — Get your IRS Identity Protection PIN now
The IRS relaunched its Identity Protection Personal Identification Number (IP PIN) program this week and all US taxpayers are encouraged to enroll for added security against identity theft and fraudulent returns. […]
Fake LDAPNightmware exploit on GitHub spreads infostealer malware
A deceptive proof-of-concept (PoC) exploit for CVE-2024-49113 (aka “LDAPNightmare”) on GitHub infects users with infostealer malware that exfiltrates sensitive data to an external FTP server. […]
Microsoft Sues Hacking Group Exploiting Azure AI for Harmful Content Creation
Microsoft has revealed that it’s pursuing legal action against a “foreign-based threat–actor group” for operating a hacking-as-a-service infrastructure to intentionally get around the safety controls of its generative artificial intelligence (AI) services and produce offensive and harmful content.
The tech giant’s Digital Crimes Unit (DCU) said it has observed the threat actors “develop
The tech giant’s Digital Crimes Unit (DCU) said it has observed the threat actors “develop
DoJ Indicts Three Russians for Operating Crypto Mixers Used in Cybercrime Laundering
The U.S. Department of Justice (DoJ) on Friday indicted three Russian nationals for their alleged involvement in operating the cryptocurrency mixing services Blender.io and Sinbad.io.
Roman Vitalyevich Ostapenko and Alexander Evgenievich Oleynik were arrested on December 1, 2024, in coordination with the Netherlands’ Financial Intelligence and Investigative Service, Finland’s National Bureau of
Roman Vitalyevich Ostapenko and Alexander Evgenievich Oleynik were arrested on December 1, 2024, in coordination with the Netherlands’ Financial Intelligence and Investigative Service, Finland’s National Bureau of
Telefónica confirms internal ticketing system breach after data leak
Spanish telecommunications company Telefónica confirms its internal ticketing system was breached after stolen data was leaked on a hacking forum. […]