The U.S. Treasury Department on Friday slapped a fresh round of sanctions against entities in Iran for engaging in destructive cyberattacks against critical infrastructure targets in allied NATO countries.
Plex Confirms Database Breach, Data Theft
Popular streaming media platform Plex is scrambling to reset user passwords after a database hack that included the theft of emails, usernames, and encrypted passwords.
Apple Patches New macOS, iOS Zero-Days
Apple on Wednesday rolled out emergency patches for a pair of already exploited zero-day vulnerabilities in its flagship macOS and iOS platforms.
Apple confirmed in-the-wild exploitation of the vulnerabilities in separate advisories warning about code execution flaws in fully patched iPhone, iPad and macOS devices.
Twilio Hacked After Employees Tricked Into Giving Up Login Credentials
Enterprise software vendor Twilio (NYSE: TWLO) has been hacked by a relentless threat actor who successfully tricked employees into giving up login credentials that were then used to steal third-party customer data.
Microsoft Connects USB Worm Attacks to ‘EvilCorp’ Ransomware Gang
Cybersleuths at Microsoft have found a link between the recent ‘Raspberry Robin’ USB-based worm attacks and EvilCorp, a notorious Russian ransomware operation sanctioned by the U.S. government.
Calls Mount for US Gov Clampdown on Mercenary Spyware Merchants
Cybersecurity professionals from Google’s threat hunting unit and the University of Toronto’s Citizen Lab are upping the pressure on mercenary hacking firms selling high-end surveillance spyware with fresh calls for the U.S. government to urgently clamp down on these businesses.
Microsoft Catches Austrian Company Exploiting Windows, Adobe Zero-Days
Malware hunters at Microsoft have caught an Austrian hack-for-hire company exploiting zero-day flaws in Windows and Adobe software products in “limited and targeted attacks” against European and Central American computer users.
European Lawmaker Targeted With Cytrox Predator Surveillance Spyware
A security audit by the European Parliament has unearthed attempts to plant high-end surveillance software on the phone of a Greek lawmaker and there are fresh reports linking the hack attempt to a known North Macedonia spyware vendor.
PrestaShop Confirms Zero Day Attacks Hitting eCommerce Servers
The team behind the open source PrestaShop ecommerce platform has issued a public advisory to warn of zero day SQL injection attacks hitting merchant servers and planting code capable of stealing customer payment information.
Understanding the Evolution of Cybercrime to Predict its Future
An analysis of the evolution of cybercrime from its beginnings in the 1990s to its billion-dollar presence today has one overriding theme: the development of cybercrime as a business closely mimics the evolution of legitimate business, and will continue to evolve to improve its own ROI.
