Forced Chrome extensions get removed, keep reappearing
Malwarebytes found a family of forced Chrome extensions that can't be removed because of a policy change that tells users "Your browser is managed".
In the continued saga of...
Battle-hardened Ronin bridge to Axie reopens following $600M hack
Sky Mavis, developers of the popular play-to-earn (P2E) nonfungible token (NFT) game Axie Infinity have announced that the Ronin bridge is back online three months after it was hacked...
Crypto market crash wipes out millions from North Korea’s stolen crypto funds
North Korea leads the world in crypto crime, with over 15 documented instances of cyber theft amounting to $1.59 billion in stolen funds. However, the recent crypto market turmoil...
‘Raccoon Stealer’ Scurries Back on the Scene After Hiatus
The authors of "Raccoon Stealer," one of the most prolific information stealers of 2021, have released a new and improved version of the malware just three months after shutting...
Facebook Business Pages Targeted via Chatbot in Data-Harvesting Campaign
A social-engineering campaign bent on stealing Facebook account credentials and victim phone numbers is targeting business pages via a savvy campaign that incorporates Facebook's Messenger chatbot feature.
That's according to...
New Vulnerability Database Catalogs Cloud Security Issues
Organizations traditionally have struggled to track vulnerabilities in public cloud platforms and services because of the lack of a common vulnerability enumeration (CVE) program like the one that MITRE maintains...
Ransomware Volume Nearly Doubles 2021 Totals in a Single Quarter
After a 2021 beleaguered by ransomware, attack volumes continue to balloon in 2022. In fact, a report issued Tuesday indicates that in just the first three months of this year,...
Atlassian Confluence Exploits Peak at 100K Daily
Since it was first identified on June 2, the Atlassian Confluence remote code-execution (RCE) vulnerability tracked as CVE-2022-26134 has attracted the repeated attention of threat actors. Now, after peaking...
China-Backed APT Pwns Building-Automation Systems with ProxyLogon
A previously unknown Chinese-speaking advanced persistent threat (APT) is exploiting the ProxyLogon Microsoft Exchange vulnerability to deploy the ShadowPad malware, researchers said — with the end goal of taking...
LockBit 3.0 Debuts with Ransomware Bug Bounty Program
The LockBit ransomware group just released its latest ransomware-as-a-service offering, LockBit 3.0, and along with it a first for the Dark Web: a bug-bounty program.
The bounty program offers up...
