December 2, 2022 Zimperium, a mobile security firm, is warning of an Android trojan masquerading as reading and education apps that may have stolen Facebook credentials from at least 300,000 users across 71 countries, primarily in Vietnam, since more...
December 2, 2022 The cybercriminals behind the Medibank ransomware attack appear to have published the rest of the data stolen from the Australian health insurance giant on the dark web, which appears to contain all of the data more...
December 2, 2022 Lookout researchers discovered approximately 300 mobile loan applications on Google Play and the Apple App Store that exhibit predatory behavior such as exfiltrating excessive user data from mobile devices and harassing borrowers for repayment after more...
December 1, 2022 Information that hackers got from an August hack of password management provider LastPass was used to compromise the company again, its CEO has acknowledged. “We have determined that an unauthorized party, using information obtained in more...
December 1, 2022 The ability of victims of data theft in Ontario to sue organizations for failing to protect their information under a fledgling privacy right has been almost eliminated by a ruling of the province’s appeal court. more...
December 1, 2022 Microsoft has released an out-of-band patch for an issue on Windows-based domain controllers which might cause sign-in failures or other Kerberos authentication issues. Released last month, the patch deals with CVE-2022-37966, an escalation of privilege more...
December 1, 2022 A Lilac Wolverine business email compromise (BEC) gang is launching widespread campaigns requesting gift cards. To begin, the threat actor compromises a personal email account and copies its contact list. The attackers then created a more...
December 1, 2022 Dolphin, a sophisticated backdoor discovered by ESET researchers, expands the ScarCruft APT group's arsenal with a wide range of spying capabilities, including monitoring drives and portable devices and exfiltrating files of interest, keylogging and taking more...
December 1, 2022 Akamai reported that during ongoing research on the KmsdBot, a syntax error caused the bot to stop sending commands, effectively killing the botnet, resulting in the end of the cryptomining botnet that was also used more...
December 1, 2022 LastPass, the password manager, has informed customers that unknown attacker breached its cloud storage using information stolen during a previous security incident in August 2022. The attacker also managed to access customer data stored in more...
