All News

LastPass: Hackers targeted employee in failed deepfake CEO call

LastPass revealed this week that threat actors targeted one of its employees in a voice phishing attack, using deepfake audio to impersonate Karim Toubba, the company's Chief Executive Officer.
- Sergiu Gatlan
- April 11, 2024
- 06:00 PM
- 1
Optics giant Hoya hit with $10 million ransomware demand

A recent cyberattack on Hoya Corporation was conducted by the 'Hunters International' ransomware operation, which demanded a $10 million ransom for a file decryptor and not to release files stolen during the attack.
- Bill Toulas
- April 11, 2024
- 02:15 PM
- 0
CISA orders agencies impacted by Microsoft hack to mitigate risks

CISA has issued a new emergency directive ordering U.S. federal agencies to address risks resulting from the breach of multiple Microsoft corporate email accounts by the Russian APT29 hacking group.
- Sergiu Gatlan
- April 11, 2024
- 01:47 PM
- 0
Intel and Lenovo servers impacted by 6-year-old BMC flaw

An almost 6-year-old vulnerability in the Lighttpd web server used in Baseboard Management Controllers has been overlooked by many device vendors, including Intel and Lenovo.
- Bill Toulas
- April 11, 2024
- 12:50 PM
- 0
CISA says Sisense hack impacts critical infrastructure orgs

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is investigating the recent breach of data analytics company Sisense, an incident that also impacted critical infrastructure organizations.
- Sergiu Gatlan
- April 11, 2024
- 10:55 AM
- 0
Apple: Mercenary spyware attacks target iPhone users in 92 countries

Apple has been notifying iPhone users in 92 countries about a "mercenary spyware attack" attempting to remotely compromise their device.
- Bill Toulas
- April 11, 2024
- 10:16 AM
- 2
Sponsored Content
How to automate up to 90% of IT offboarding tasks

Employee offboarding isn't anybody's favorite task—but it's a critical IT process that needs to be executed diligently and efficiently. Learn more from Nudge Security on automating offboarding of users in a secure manner.
- Sponsored by Nudge Security
- April 11, 2024
- 10:02 AM
- 0
DuckDuckGo launches a premium Privacy Pro VPN service

DuckDuckGo has launched a new paid-for 3-in-1 subscription service called 'Privacy Pro,' which includes a virtual private network (VPN), a personal data removal service, and an identity theft restoration solution.
- Bill Toulas
- April 11, 2024
- 08:00 AM
- 4
Chrome Enterprise gets Premium security but you have to pay for it

Google has announced a new version of its browser for organizations, Chrome Enterprise Premium, which comes with extended security controls for a monthly fee per user.
- Ionut Ilascu
- April 10, 2024
- 03:52 PM
- 1
Google Workspace rolls out multi-admin approval feature for risky changes

Google is rolling out a new Workspace feature that requires multiple admins to approve high-risk setting changes to prevent unauthorized or accidental modifications that could reduce security.
- Bill Toulas
- April 10, 2024
- 03:13 PM
- 0
New Spectre v2 attack impacts Linux systems on Intel CPUs

Researchers have demonstrated the "first native Spectre v2 exploit" for a new speculative execution side-channel flaw that impacts Linux systems running on many modern Intel processors.
- Bill Toulas
- April 10, 2024
- 01:19 PM
- 2
Malicious PowerShell script pushing malware looks AI-written

A threat actor is using a PowerShell script that was likely created with the help of an artificial intelligence system such as OpenAI's ChatGPT, Google's Gemini, or Microsoft's CoPilot.
- Ionut Ilascu
- April 10, 2024
- 12:12 PM
- 0
AT&T now says data breach impacted 51 million customers

AT&T is notifying 51 million former and current customers, warning them of a data breach that exposed their personal information on a hacking forum. However, the company has still not disclosed how the data was obtained.
- Bill Toulas
- April 10, 2024
- 10:18 AM
- 1
Sponsored Content
Reusing passwords: The hidden cost of convenience

Password reuse might seem like a small problem — but it can have far-reaching consequences for an organization's cybersecurity. Learn more from Specops Software about what IT teams can do to combat the problem.
- Sponsored by Specops Software
- April 10, 2024
- 10:02 AM
- 0
Malicious Visual Studio projects on GitHub push Keyzetsu malware

Threat actors are abusing GitHub automation features and malicious Visual Studio projects to push a new variant of the "Keyzetsu" clipboard-hijacking malware and steal cryptocurrency payments.
- Bill Toulas
- April 10, 2024
- 07:00 AM
- 0
Microsoft fixes two Windows zero-days exploited in malware attacks

Microsoft has fixed two actively exploited zero-day vulnerabilities during the April 2024 Patch Tuesday, although the company failed to initially tag them as such.
- Sergiu Gatlan
- April 09, 2024
- 06:06 PM
- 0
Critical Rust flaw enables Windows command injection attacks

Threat actors can exploit a security vulnerability in the Rust standard library to target Windows systems in command injection attacks.
- Sergiu Gatlan
- April 09, 2024
- 04:20 PM
- 2
Windows 10 KB5036892 update released with 23 new fixes, changes

Microsoft has released the KB5036892 cumulative update for Windows 10 21H2 and Windows 10 22H2 with twenty-three changes and two new features.
- Lawrence Abrams
- April 09, 2024
- 02:18 PM
- 1
GHC-SCW: Ransomware gang stole health data of 533,000 people

Non-profit healthcare service provider Group Health Cooperative of South Central Wisconsin (GHC-SCW) has disclosed that a ransomware gang breached its network in January and stole documents containing the personal and medical information of over 500,000 individuals.
- Sergiu Gatlan
- April 09, 2024
- 02:02 PM
- 0
Windows 11 KB5036893 update released with 29 changes, Moment 5 features

Microsoft has released the KB5036893 cumulative update for Windows 11 23H3, which includes 29 changes and fixes and enables the Moment 5 features for every user.
- Mayank Parmar
- April 09, 2024
- 02:00 PM
- 0