Global Cyber-Enforcement Op Nets $130M, Says Interpol
A wide-ranging international operation by law enforcement agencies in 30 countries aiming to prosecute online fraudsters has resulted in nearly a thousand arrests and a net of $130 million...
Cyber-Threat Group Targets Critical RCE Vulnerability in ‘Bleed You’ Campaign
The "Bleed You" campaign is trying to take advantage of a known remote code execution (RCE) vulnerability in Windows Internet Key Exchange (IKE) Protocol Extensions, and more than 1,000 systems...
$275M Fine for Meta After Facebook Data Scrape
Following the discovery of a data set of Facebook user personal data available on the Internet, the European Union's Data Protection Commission (DPC) has found Meta Platforms Ireland Ltd. (MPIL)...
Black Basta Gang Deploys Qakbot Malware in Aggressive Cyber Campaign
The Black Basta ransomware group is using Qakbot malware — also known as QBot or Pinkslipbot — to perpetrate an aggressive and widespread campaign using an .IMG file as...
For Gaming Companies, Cybersecurity Has Become a Major Value Proposition
The video game industry has been booming of late — and cybercriminals are drawn to it as an expanding threat surface, seeing players as a potentially less cautious group...
Slippery RansomExx Malware Moves to Rust, Evading VirusTotal
The APT group DefrayX appears to have launched a new version of its RansomExx malware, rewritten in the Rust programming language -- possibly to avoid detection by antivirus software.
According to...
Microsoft: Popular IoT SDKs Leave Critical Infrastructure Wide Open to Cyberattack
Microsoft this week identified a gaping attack vector for disabling industrial control systems (ICS), which is unfortunately pervasive throughout critical infrastructure networks: the Boa Web server.The computing giant has identified vulnerabilities in the server as...
Hot Ticket: ‘Aurora’ Go-Based InfoStealer Finds Favor Among Cyber-Threat Actors
A growing number of cybercriminal groups are turning to an information stealer named Aurora, which is based on the Go open source programming language, to target data from browsers,...
Ducktail Cyberattackers Add WhatsApp to Facebook Business Attack Chain
A financially motivated threat actor targeting individuals and organizations on Facebook's Ads and Business platform has resumed operations after a brief hiatus, with a new bag of tricks for...
Cybersecurity Pros Put Mastodon Flaws Under the Microscope
As Mastodon experiences explosive user growth as a replacement for Twitter, infosec experts are pointing out security holes in the social media network. From an anonymous server collecting user...
