SEC confirms X account was hacked in SIM swapping attack
The U.S. Securities and Exchange Commission confirmed today that its X account was hacked through a SIM-swapping attack on the cell phone number associated with the account. [...]
The U.S. Securities and Exchange Commission confirmed today that its X account was hacked through a SIM-swapping attack on the cell phone number associated with the account. [...]
Hackers are using a stealthy method to deliver to macOS users information-stealing malware through DNS records that hide malicious scripts. [...]
Security researchers looking at more than 10,000 scripts used by the Parrot traffic direction system (TDS) noticed an evolution marked by optimizations that make malicious code stealthier against security mechanisms. [...]
Apple released security updates to address this year's first zero-day vulnerability exploited in attacks that could impact iPhones, Macs, and Apple TVs. [...]
Ivanti warned admins to stop pushing new device configurations to appliances after applying mitigations because this will leave them vulnerable to ongoing attacks exploiting two zero-day vulnerabilities. [...]
Mortgage lender loanDepot says that approximately 16.6 million people had their personal information stolen in a ransomware attack disclosed earlier this month. [...]
Trezor issued an alert following a security breach on January 17, 2024, when unauthorized access was gained to their third-party support ticketing portal. [...]
Security researchers are observing exploitation attempts for the CVE-2023-22527 remote code execution flaw vulnerability that affects outdated versions of Atlassian Confluence servers. [...]
Finnish IT services and enterprise cloud hosting provider Tietoevry has suffered a ransomware attack impacting cloud hosting customers in one of its data centers in Sweden, with the attack reportedly conducted by the Akira ransomware gang. [...]
A widespread Facebook phishing campaign stating, "I can't believe he is gone. I'm gonna miss him so much," leads unsuspecting users to a website that steals your Facebook credentials. [...]
Brave Software has announced plans to deprecate the 'Strict' fingerprinting protection mode in its privacy-focused Brave Browser because it causes many sites to function incorrectly. [...]
A German court has charged a programmer investigating an IT problem with hacking and fined them €3,000 ($3,265) for what it deemed was unauthorized access to external computer systems and spying on data. [...]
Security researchers analyzing the activity of the recently emerged 3AM ransomware operation uncovered close connections with infamous groups, such as the Conti syndicate and the Royal ransomware gang. [...]
Meta seems to be falling short of effectively tackling fake Instagram profiles even when there are sufficient signs to indicate that a profile is misusing someone else's photos and identity. [...]
Microsoft disclosed Friday night that some of its corporate email accounts were breached and data stolen by the Russian state-sponsored hacking group Midnight Blizzard. [...]
Conor Brian Fitzpatrick was sentenced to 20 years of supervised release today in the Eastern District of Virginia for operating the notorious BreachForums hacking forum, known for the sale and leaking of personal data for hundreds of millions of people worldwide. [...]
Numerous Payoneer users in Argentina report waking up to find that their 2FA-protected accounts were hacked and funds stolen after receiving SMS OTP codes while they were sleeping. [...]
CISA issued this year's first emergency directive ordering Federal Civilian Executive Branch (FCEB) agencies to immediately mitigate two Ivanti Connect Secure and Ivanti Policy Secure zero-day flaws in response to widespread and active exploitation by multiple threat actors. [...]
The U.S. Federal Trade Commission (FTC) continues to target data brokers, this time in a settlement with InMarket Media, which bans the company from selling Americans' precise location data. [...]
A Chinese hacking group has been exploiting a critical vCenter Server vulnerability (CVE-2023-34048) as a zero-day since at least late 2021. [...]
VF Corporation, the company behind brands like Vans, Timberland, The North Face, Dickies, and Supreme, said that more than 35 million customers had their personal information stolen in a December ransomware attack. [...]
VMware has confirmed that a critical vCenter Server remote code execution vulnerability patched in October is now under active exploitation. [...]
Ransomware actors are again using TeamViewer to gain initial access to organization endpoints and attempt to deploy encryptors based on the leaked LockBit ransomware builder. [...]
CISA warns that a critical authentication bypass vulnerability in Ivanti's Endpoint Manager Mobile (EPMM) and MobileIron Core device management software (patched in August 2023) is now under active exploitation. [...]
Kansas State University (K-State) announced it is managing a cybersecurity incident that has disrupted certain network systems, including VPN, K-State Today emails, and video services on Canvas and Mediasite. [...]