Tesla Ransomware Hacker Pleads Guilty; Swiss Hacktivist Charged for Fraud

The U.S. Department of Justice yesterday announced updates on two separate cases involving cyberattacks—a Swiss hacktivist and a Russian hacker who planned to plant malware in the Tesla company. A Swiss hacker who was involved in the intrusion of cloud-based surveillance firm Verkada and exposed...

PYSA Ransomware Pillages Education Sector, Feds Warn

The FBI has issued a warning about an uptick in cyberattacks on the education sector that are delivering the PYSA ransomware. In a “Flash” alert to the cybersecurity community issued on Tuesday, the Feds said that PYSA has been seen in attacks on schools in 12 U.S. states and in the United Kingdo...

Exchange Cyberattacks Escalate as Microsoft Rolls One-Click Fix

As dangerous attacks accelerate against Microsoft Exchange Servers in the wake of the disclosure around the ProxyLogon group of security bugs, a public proof-of-concept PoC whirlwind has started up. It’s all leading to a feeding frenzy of cyber-activity. The good news, however, is that Microsoft...

Use This One-Click Mitigation Tool from Microsoft to Prevent Exchange Attacks

Microsoft on Monday released a one-click mitigation software that applies all the necessary countermeasures to secure vulnerable environments against the ongoing widespread ProxyLogon Exchange Server cyberattacks. Called Exchange On-premises Mitigation Tool EOMT, the PowerShell-based script serve...

Mobile Adware Booms, Online Banks Become Prime Target for Attacks

Hackers painted a bullseye on the backs of online financial institutions in 2020 as the pandemic shuttered local branch offices and forced customers online. Over the past 12 months, incidents of adware nearly tripled. And, overall in 2020 researchers saw a slight drop in the number of mobile...

Amazon Dismisses Claims Alexa 'Skills' Can Bypass Security Vetting Process

Researchers warn Amazon’s voice assistant Alexa is vulnerable to malicious third-party “skills” – voice assistant capabilities developed by third parties – that could leave smart-speaker owners vulnerable to a wide range of cyberattacks. The security-threat claim is roundly dismissed by Amazon...

Cyberattacks Launch Against Vietnamese Human-Rights Activists

Human-rights activists are being targeted by cyberattacks as part of a wider effort by the Vietnamese state to censor anyone speaking out against the government, Amnesty International’s Security Lab alleges. Ocean Lotus, a well-known threat actor dating back to 2013, is behind the spyware campaig...

North Korean hackers charged with $1.3 billion of cyberheists

The US Department of Justice recently unsealed indictments detailing North Koreas involvement in several global cyberattack campaigns against institutions in the financial and entertainment sectors, and money laundering schemes in certain US states. The first unsealed indictment is for hacking...

The Coronavirus Pandemic Is Widening the Cybersecurity Skills Gap

While there are undoubtedly many major challenges within the world of cybersecurity, one of the principal roadblocks to the implementation of effective data security is the lack of skilled cybersecurity practitioners. In a November 2019 report, the International Information System Security...

U.S. Charges 3 North Korean Hackers Over $1.3 Billion Cryptocurrency Heist

The U.S. Department of Justice DoJ on Wednesday indicted three suspected North Korean hackers for allegedly conspiring to steal and extort over $1.3 billion in cash and cryptocurrencies from financial institutions and businesses. The three defendants — Jon Chang Hyok, 31; Kim Il, 27; and Park Jin...

U.S. Accuses DPRK Hackers of Stealing Millions

The U.S. Department of Justice has indicted three North Korean computer programmers for their alleged participation in widespread, destructive cyberattacks as part of the advanced persistent threat APT known as Lazarus Group. The indictment broadens the scope of crimes that the DoJ has linked to...

mHealth Apps Expose Millions to Cyberattacks

Some 23 million mobile health mHealth application users are exposed to application programming interface API attacks that could expose sensitive information, according to researchers. Generally speaking, APIs are an intermediary between applications that defines how they can talk to one another a...

Hackers try to poison Florida City’s drinking water

The FBI, the Secret Service, and the Pinellas County Sheriffs Office are currently investigating an attempted poisoning of a city by an individual or group of hackers that occurred Friday last week. If it hadnt been caught in time, at least 15,000 people could have been affected. In a Monday pres...

New and Improved Report Abuse Portal and API!

The Report Abuse CERT Portal and Report Abuse API have played a significant role in MSRC’s response to suspected cyberattacks, privacy issues, and abuse originating from Microsoft Online Services. With the contributions from our wonderful community of reporters, we continue to gain insightful...

New and Improved Report Abuse Portal and API!

The Report Abuse CERT Portal and Report Abuse API have played a significant role in MSRC’s response to suspected cyberattacks, privacy issues, and abuse originating from Microsoft Online Services. With the contributions from our wonderful community of reporters, we continue to gain insightful...

New and Improved Report Abuse Portal and API!

The Report Abuse CERT Portal and Report Abuse API have played a significant role in MSRC’s response to suspected cyberattacks, privacy issues, and abuse originating from Microsoft Online Services. With the contributions from our wonderful community of reporters, we continue to gain insightful...

5 cases when ethical hackers saved companies from devastating hacks

By Habiba Rashid Ethical hackers are the good guys in the cybersecurity industry - Here are 5 instances where these hackers have rescued companies from cyberattacks. This is a post from HackRead.com Read the original post: 5 cases when ethical hackers saved companies from devastating hacks...

ZINC attacks against security researchers

In recent months, Microsoft has detected cyberattacks targeting security researchers by an actor we track as ZINC. The campaign originally came to our attention after Microsoft Defender for Endpoint detected an attack in progress. Observed targeting includes pen testers, private offensive securit...

ZINC attacks against security researchers

In recent months, Microsoft has detected cyberattacks targeting security researchers by an actor we track as ZINC. The campaign originally came to our attention after Microsoft Defender for Endpoint detected an attack in progress. Observed targeting includes pen testers, private offensive securit...

Importance of Application Security and Customer Data Protection to a Startup

When you are a startup, there are umpteen things that demand your attention. You must give your hundred percent probably even more! to work effectively and efficiently with the limited resources. Understandably, the application security importance may be pushed at the bottom of your things-to-do...