Microsoft has hit back at claims from a shadowy hacktivist outfit that it managed to breach the company and obtain account access for tens of millions of customers. Anonymous Sudan, which has been linked in the past to pro-Kremlin groups like Killnet, posted the details of its alleged raid on Telegram.
At least 100,000 people could have had their data compromised by a hack of contractors at the Department of Health and Human Services, a department official said Thursday, making it the latest US government agency to be caught up in a sweeping cyberattackconnected to Russian cybercriminals.
The world's largest chip manufacturer has dismissed the LockBit 3.0 ransomware gang's hack claim and $70 million ransom demand. Taiwan Semiconductor Manufacturing Co. said the data leak took place at a third-party supplier and contains only certain initial
No less than 330,000 FortiGate firewalls are still unpatched and vulnerable to CVE-2023-27997, a critical security flaw affecting Fortinet devices that has come under active exploitation in the wild. Cybersecurity firm Bishop Fox, in a report published last week, said that out of nearly 490,000 Fortinet SSL-VPN interfaces exposed on the internet, about 69 percent remain unpatched.
CISA added eight new vulnerabilities to its catalog on Thursday, including two D-Link router and access point vulnerabilities exploited by a Mira botnet variant. The six remaining security holes impact Samsung mobile devices and they were all patched by the technology giant in 2021.
Trustwave SpiderLabs has exposed a fresh variant of info-stealer malware, named Rilide, that specifically aims at Chromium-based browsers. This strain is capable of stealing cryptocurrency assets and monitoring users' browsing actions.
"Malicious actors used malvertising to distribute a piece of malware via cloned webpages of legitimate organizations," Trend Micro researchers said in an analysis published last week. "In this case, the distribution involved a webpage of the well-known application WinSCP, an open-source Windows application for file transfer."
Researchers have pulled back the curtain on an updated version of an Apple macOS malware called RustBucket that comes with improved capabilities to establish persistence and avoid detection by security software.
Every website owner or webmaster grapples with the issue of spam on their website forms. The volume of spam can be so overwhelming that finding useful information within it becomes quite challenging. What exacerbates this issue is that spam can populate your public pages, appearing in comments and reviews.
The Chinese spy ballon captured images and video surveillance using American technology, U.S. officials reported on Thursday. The balloon, which was shot down off the coast of South Carolina earlier this year, likely didn’t transmit the information back to the Chinese government based on a preliminary investigation, although the investigation is still ongoing.
