News Targeted

News

Articles tagged with cybersecurity

Microsoft kills off Defender 'Privacy Protection' VPN feature

Category: Microsoft|Feb 3, 2025 | Author: Admin

Microsoft announced it is killing off its Privacy Protection VPN feature in the Microsoft Defender app at the end of the month to focus on other features. [more]

Google says hackers abuse Gemini AI to empower their attacks

Category: IT|Feb 1, 2025 | Author: Admin

Multiple state-sponsored groups are experimenting with the AI-powered Gemini assistant from Google to increase productivity and to conduct research on potential infrastructure for attacks or for reconnaissance on targets. [more]

PayPal to pay $2 million settlement over 2022 data breach

Category: IT|Jan 26, 2025 | Author: Admin

New York State has announced a $2,000,000 settlement with PayPal over charges it failed to comply with the state's cybersecurity regulations, leading to a 2022 data breach. [more]

Tesla EV charger hacked twice on second day of Pwn2Own Tokyo

Category: IT|Jan 23, 2025 | Author: Admin

Security researchers hacked Tesla's Wall Connector electric vehicle charger twice on the second day of the Pwn2Own Automotive 2025 hacking contest. [more]

Cloudflare mitigated a record-breaking 5.6 Tbps DDoS attack

Category: IT|Jan 22, 2025 | Author: Admin

The largest distributed denial-of-service (DDoS) attack to date peaked at 5.6 terabits per second and came from a Mirai-based botnet with 13,000 compromised devices. [more]

Malicious PyPi package steals Discord auth tokens from devs

Category: IT|Jan 18, 2025 | Author: Admin

A malicious package named 'pycord-self' on the Python package index (PyPI) targets Discord developers to steal authentication tokens and plant a backdoor for remote control over the system. [more]

Hackers leak configs and VPN credentials for 15,000 FortiGate devices

Category: General|Jan 16, 2025 | Author: Admin

A new hacking group has leaked the configuration files, IP addresses, and VPN credentials for over 15,000 FortiGate devices for free on the dark web, exposing a great deal of sensitive technical information to other cybercriminals. [more]

Phishing texts trick Apple iMessage users into disabling protection

Category: Apple|Jan 13, 2025 | Author: Admin

Cybercriminals are exploiting a trick to turn off Apple iMessage's built-in phishing protection for a text and trick users into re-enabling disabled phishing links. [more]

Fake LDAPNightmware exploit on GitHub spreads infostealer malware

Category: IT|Jan 11, 2025 | Author: Admin

A deceptive proof-of-concept (PoC) exploit for CVE-2024-49113 (aka "LDAPNightmare") on GitHub infects users with infostealer malware that exfiltrates sensitive data to an external FTP server. [more]

Bad Tenable plugin updates take down Nessus agents worldwide

Category: IT|Jan 4, 2025 | Author: Admin

Tenable says customers must manually upgrade their software to revive Nessus vulnerability scanner agents taken offline on December 31st due to buggy differential plugin updates. [more]

Cybersecurity Firm's Chrome Extension Hijacked to Steal Users' Data

Category: IT|Jan 2, 2025 | Author: Admin

At least five Chrome extensions have been compromised in a coordinated attack, enabling a threat actor to steal sensitive user information. [more]

US considers banning TP-Link routers over cybersecurity risks

Category: IT|Dec 30, 2024 | Author: Admin

The U.S. government is considering banning TP-Link routers starting next year if ongoing investigations find that their use in cyberattacks poses a national security risk. [more]

Fortinet warns of FortiWLM bug giving hackers admin privileges

Category: IT|Dec 27, 2024 | Author: Admin

Fortinet has disclosed a critical vulnerability in Fortinet Wireless Manager (FortiWLM) that allows remote attackers to take over devices by executing unauthorized code or commands through specially crafted web requests. [more]

Ongoing phishing attack abuses Google Calendar to bypass spam filters

Category: Google|Dec 25, 2024 | Author: Admin

An ongoing phishing scam is abusing Google Calendar invites and Google Drawings pages to steal credentials while bypassing spam filters. [more]

Russian hackers use RDP proxies to steal data in MiTM attacks

Category: IT|Dec 23, 2024 | Author: Admin

The Russian hacking group tracked as APT29 (aka "Midnight Blizzard") is using a network of 193 remote desktop protocol proxy servers to perform man-in-the-middle (MiTM) attacks to steal data and credentials and to install malicious payloads. [more]

Interpol replaces dehumanizing "Pig Butchering" term with "Romance Baiting"

Category: IT|Dec 20, 2024 | Author: Admin

Interpol calls on the cybersecurity community, law enforcement, and the media to stop using the term "Pig Butchering" when referring to online relationship and investment scams, as it unnecessarily shames the victims impacted by these fraud campaigns. [more]

Hackers abuse Avast anti-rootkit driver to disable defenses

Category: IT|Nov 23, 2024 | Author: Admin

A new malicious campaign is using a legitimate but old and vulnerable Avast Anti-Rootkit driver to evade detection and take control of the target system by disabling security components. [more]

UK nuclear site Sellafield fined $440,000 for cybersecurity shortfalls

Category: IT|Oct 5, 2024 | Author: Admin

Nuclear waste processing facility Sellafield has been fined £332,500 ($440k) by the Office for Nuclear Regulation (ONR) for failing to adhere to cybersecurity standards and putting sensitive nuclear information at risk over four years, from 2019 to 2023. [more]

Google reportedly is close to buying cybersecurity company Wiz for $23 billion

Category: Google|Jul 15, 2024 | Author: Admin

Google's parent company Alphabet is reportedly in talks for an acquisition that, if it goes through, will be the company's biggest purchase ever. The Wall Street Journal, citing unnamed sources, claims that Google is in negotiations to purchase the cybersecurity company Wiz for $23... [more]