Hackers can take advantage of a logical flaw in WhatsApp for Android and modify or replace media files available in external storage, such as memory cards, before the intended recipient can see them.
In an FBI Flash Alert, the FBI has released the master decryption keys for the Gandcrab Ransomware versions 4, 5, 5.0.4, 5.1, and 5.2. Using these keys, any individual or organization can create and release their very own GandCrab decryptor.
An app styling itself as a more feature-rich unofficial version of Telegram was installed over 100,000 from Google Play only to provide minimum messaging services and to promote malicious websites.
The data breach monitoring service Haveibeenpwned.com has added a database dump of almost 101 million Evite users who had their information exposed when attackers gained unauthorized access to their servers.
A critical security issue found in the Ad Inserter WordPress plugin currently installed on over 200,000 websites allows authenticated attackers to remotely execute PHP code.
Malware researchers have discovered a new file-encrypting malware they dubbed DoppelPaymer that has been making victims since at least mid-June, asking hundreds of thousands of US dollars in ransom.
Another public administration in the U.S. surrenders cybercriminal demands as La Porte County, Indiana, pays $130,000 to recover data on computer systems impacted by ransomware.
Following recent reports about mass-scale attacks aimed at modifying Domain Name System records, UK's National Cyber Security Centre (NCSC) released an advisory with mitigation options for organizations to defend against this type of threat.
If you read the news, it's hard not to see that ransomware is far from dead and may be worse then ever. Emboldened by large government payouts, ransomware developers are increasingly targeting cities, the enterprise, and charities where they can create large scale damage and thus potentially large-scale ransom payments.
Microsoft is rolling out Microsoft Forms proactive phishing detection to improve the product's security by blocking phishing attacks from abusing surveys and forms created using the app.
2020 U.S. presidential campaigns are not using proper email security according to research from Californian-based email threat protection firm Agari.
A ransomware attack at New York City's Monroe College has shutdown the college's computer systems at campuses located in Manhattan, New Rochelle and St. Lucia.
Cybercriminals are using the notoriety of the DeepNude app to distribute info-stealing malware in campaigns over YouTube that promise a cracked premium version of the program for Windows, Android, and iOS.
Mozilla plans on adding a new dedicated social tracking protection component to their tracker protection system. This feature is currently under development, but is targeted for the Firefox 70 release.
Multiple Windows 10 Server versions are affected by a known issue introduced with the KB4503293, KB4503327, and KB4503286 cumulative updates, monthly rollups, and security-only updates released on June 11.
Some users of online team-based shooters, battle royale, or survival games use game hacking or cheats to give themselves an advantage over their opponents. Unfortunately, in many cases these cheats do nothing but compromise the user's own data as installing them infects a computer with password and information stealing Trojans.
A new version of the Miori botnet added protection to the login panel of its command and control server, hanging a "not welcome" message for connections likely coming from a security researcher.
Researchers found that an application available on an unsecured website included credentials that could have allowed compromising consumer-facing Uniguest kiosks used by businesses in various activity sectors.
The Buhtrap hacking group has switched its targets from Rusian financial businesses and institutions since December 2015 when it moved into cyber-espionage operations, culminating with the use of a recently patched Windows zero-day during June 2019.