Updated malware implants and a new backdoor named Okrum connected with the Ke3chang threat group operating from China have been found by ESET researchers while monitoring their operations between 2015 and 2019.
The frequency of business email compromise (BEC) scams has increased year over year and so did the value of attempted thefts, reaching a monthly average of more than $300 million.
Twitter has a problem with validating the cards with extra content attached to a tweet that has been abused in the past and can still be used to direct users to malicious websites.
The Drupal CMS team has released a security update to address a critical severity access bypass vulnerability in the CMS' core component that could allow attackers to take control of impacted sites.
Financial data, personally identifiable information (PII), and real-time location of millions of Chinese users was leaked by an open Elastic cluster hosted on infrastructure owned by Aliyun Computing Co (also known as Alibaba Cloud).
Stalkerware for mobile is easy to get by these days and you don't have to look further than Android's official store. While Google is quick to boot such apps when reported, some linger on adding thousands of installations.
New DNS security measures for all .gov domains will be implemented by the U.S. government starting today to help mitigate risks associated with future DNS hijacking incidents.
A new Linux malware masquerading as a Gnome shell extension and designed to spy on unsuspecting Linux desktop users was discovered by Intezer Labs' researchers in early July.
This deal is for a 3 course bundle with 30 hours of training that introduces you to artificial intelligence and robotic process automation. One of the courses will also teach you how to use Python for data science projects.
A group behind the recent outbreaks of malicious advertisements being displayed through Windows 10 apps and Microsoft games has been identified as being based out of Hong Kong. This group is behind millions of advertisements that redirect users to scams, malware, and adware bundles.
Some versions of WinRAR file compression tool and Winbox software for managing MikroTik users have been tampered with to install malware serving an advanced threat actor. This campaign may have started in the second half of 2018 and continues today.
Starting in Firefox 70, Mozilla aims to have the browser report when any of your saved logins were found in data breaches. This will be done through their partnership with the Have I Been Pwned data breach site.
Tesla paid a large bug bounty for a cross-site scripting (XSS) vulnerability in one of its backend apps that allowed gleaning vital statistics about a vehicle.
Microsoft has just released new cumulative updates for Windows 10 April 2018 Update (version 1803) and Windows 10 Fall Creators Update (version 1709) with multiple fixes and improvements.
A phishing attack using a novel technique to steal credentials from American Express customers was recently found in an email inbox protected using Microsoft's Office 365 Advanced Threat Protection (ATP) by Cofense Phishing Defense Center researchers.
Microsoft has released new versions of PowerShell Core to fix a vulnerability that allows a local attacker to bypass Windows Defender Application Control (WDAC) enforcements. This could allow the attacker to execute untrusted programs even with WDAC enabled.
Twitter has started rolling out its new design and user interface to users all over the world. Unfortunately, whether its because they don't like change or the new interface requires more clicks to perform various functions, people are not happy with the new look.
Microsoft says that Windows 10 version 1803 devices reaching the end of 18 months of service will start receiving the Windows 10 May 2019 Update as part of an effort to keep them well serviced and in a secure state.
Cheating in online games sucks as it not only hurts the developers who try and create a fair and balanced game, but the gamers who are frustrated by constantly getting sniped by aimbots. To battle this, Respawn is doing something clever; matching the spammers and cheaters against each other so they don't bother the rest of us.
A new pay what you want deal is available for 9 courses and over 60 hours of training in ethical hacking, penetration testing, Kali Linux, rootkits, and more. This deal has a combined value of $1,668, but with the Pay What You Want bundles, you are able to get all of the courses by beating the average price.