Resecurity researchers warn of a new activity of Smishing Triad, which has expanded its operations to Pakistan. Resecurity has identified a new activity of Smishing Triad, which has expanded its operations to Pakistan. The group’s latest tactic involves sending malicious…
Category: Security Affairs
An unpatched bug allows anyone to impersonate Microsoft corporate email accounts
A researcher discovered a flaw that allows attackers to impersonate Microsoft corporate email accounts and launch phishing attacks. The security researcher Vsevolod Kokorin (@Slonser) discovered a bug that allows anyone to impersonate Microsoft corporate email accounts. An attacker can trigger…
Alleged researchers stole $3 million from Kraken exchange
Alleged researchers have exploited a zero-day in Kraken crypto exchange to steal $3 million worth of cryptocurrency. Kraken Chief Security Officer Nick Percoco revealed that alleged security researchers exploited a zero-day flaw to steal $3 million worth of cryptocurrency. The…
Google Chrome 126 update addresses multiple high-severity flaws
Google released Chrome 126 update that addresses a high-severity vulnerability demonstrated at the TyphoonPWN 2024 hacking competition. Google has issued a Chrome 126 security update, addressing six vulnerabilities, including a flaw, tracked as CVE-2024-6100 which was demonstrated during the SSD…
Chip maker giant AMD investigates a data breach
AMD announced an investigation after a threat actor attempted to sell data allegedly stolen from its systems. AMD has launched an investigation after the threat actor IntelBroker announced they were selling sensitive data allegedly belonging to the company. “We are…
Cryptojacking campaign targets exposed Docker APIs
A malware campaign targets publicly exposed Docker API endpoints to deliver cryptocurrency miners and other payloads. Researchers at Datadog uncovered a new cryptojacking campaign linked to the attackers behind Spinning YARN campaign. The threat actors target publicly exposed and unsecured Docker…
VMware fixed RCE and privilege escalation bugs in vCenter Server
VMware addressed vCenter Server vulnerabilities that can allow remote code execution or privilege escalation. VMware addressed multiple vCenter Server vulnerabilities that remote attackers can exploit to achieve remote code execution or privilege escalation. vCenter Server is a centralized management platform…
Meta delays training its AI using public content shared by EU users
Meta announced it is postponing the training of its large language models using public content from adult Facebook and Instagram users in the EU. Meta announced it is delaying the training of its large language models (LLMs) using public content…
Keytronic confirms data breach after ransomware attack
Printed circuit board assembly (PCBA) manufacturer Keytronic disclosed a data breach after a ransomware attack. Keytronic has confirmed a data breach after a ransomware group leaked allegedly stolen personal information from its systems. The company did not provide any info…
The Financial Dynamics Behind Ransomware Attacks
Over the last few years, ransomware attacks have become one of the most prevalent and expensive forms of cybercrime. Initially, these attacks involved malicious software that encrypts a victim’s data, rendering it inaccessible until a ransom is paid to the…