Hackers had been lurking undetected, and the FBI confirms they've breached systems critical to national security.
Hackers RSS
The main Internet Archive website is back online after hackers breached the site earlier this month and stole personal information from its servers
Meta announced late on Friday that it had blocked some WhatsApp accounts that it says were being used by Iran-based malicious state actors
An ongoing phishing campaign targets Donald Trump supporters. It uses fake donation websites; however, the fact that it only accepts payments in crypto means its impact is limited.
Google discovered and fixed a security vulnerability in its Workspace account creation process that allowed hackers to bypass email verification and create unauthorized accounts for any domain.
Cybercriminals are exploiting the recent faulty CrowdStrike update outage using a fake Microsoft recovery manual Word document to deliver a stealer malware which is now tracked as Daolpu.
While CrowdStrike and Microsoft provided fixes, cybercriminals exploited the situation by spreading malware disguised as a hotfix and launching phishing campaigns targeting CrowdStrike customers.
The company cooperates with the authorities to investigate the massive security breach. Data was stolen from a third-party cloud platform, and at least one person was already apprehended.
_medium.jpg)
Microsoft has confirmed that it has informed more of its customers that emails they sent to Microsoft's corporate employees were accessed by Russia-based hackers earlier this year.
A fraudulent scheme benefiting the North Korean government used laptop farms and stolen identities to trick hundreds of US companies into unknowingly paying millions to North Korean remote IT workers.
Charlie Bell, Microsoft's Executive Vice President for Security, has written a blog post announcing that the company is now "making security our top priority" above all other features.
A new report claims that after a series of high-profile security breaches at Microsoft, the company is now concentrating on making improvements to its security features and services.
Microsoft has announced that a Russian hacker group has been exploiting an old Windows Print Spooler issue for as long as four years in order to "steal credentials in compromised networks."
File upload logic in GitHub's comments allows hackers to host malware on the service and abuse trusted developers and companies, such as Microsoft, to create legitimate-looking URLs.
The ongoing malware campaign targeting gamers steals credentials to various online services. Activision Blizzard is reportedly investigating and trying to help those with affected accounts.
The US DOJ has unsealed indictments against seven Chinese hackers involved with the APT31 hacking group. The group has targeted US and UK politicians as well as businesses and critics of China.
An international task force has nabbed two actors involved with the LockBit ransomware that has been causing a major headache for companies around the world since 2019. Infrastructure was seized too.
Losing patients' medical records due to a ransomware attack is a nightmare for hospitals. But the pressure to pay the ransom is even higher when hackers threaten to attack the patients too.
In a report posted this week, Microsoft stated that a Chinese hacker group was able to get a Microsoft account (MSA) consumer key because a consumer signing system crash in April 2021 exposed the key.
WinRAR, a popular file archiver tool for Windows used by millions of people worldwide, has reportedly been found to have a vulnerability that allows hackers to steal funds from traders.
TSMC has said that it wasn't greatly affected by LockBit malware that hit one of its suppliers. Despite this, hackers have demanded a $70 million ransom, or it will leak info it claims to have.
Millions of driver's license numbers and more info from the states of Louisiana and Oregon have been reportedly exposed in this cyberattack that used a flaw in the MOVEit file transfer software.
It's not yet clear which US government agencies were hit as part of this cyberattack, nor if they had any files taken as a result. A known hacker group called CL0P is a suspect in some of the attacks.
The new BIOS firmware for Gigabyte's motherboards should help fix an issue that was revealed last week that would have allowed hackers to install malicious software on the affected boards.
A cybersecurity firm has discovered that a large number of motherboards made by Gigabyte have a previously undisclosed firmware backdoor that could be used by hackers to install malicious software.
Users of AT&T email accounts are facing a wave of hacks by bad actors who are seeking to steal cryptocurrency, by utilising API issues in the service to take control of email addresses.
After the flaws were discovered by a security research team, they reported the issues to Microsoft. The company has since released patches and fixes that have closed this serious issue.
Google's Threat Analysis Group (TAG) has been running tests on a rather simple but effective tool that can download complete inboxes of popular services including Google, Yahoo, and Microsoft Outlook.
A prominent member of the Lapsus$ hacking group has supposedly been identified as a 16-year-old boy; seven of the group's members have also been arrested by the City of London Police.
_medium.jpg)
Samsung has confirmed a massive data breach that led to its source code and internal data belonging to partners being stolen. It has assured the public that their personal data is safe.
Meta has said that it hopes to make Facebook Protect available to highly targeted users in 50 countries by the end of the year. Facebook Protect adds extra security layers such as 2FA.
Information security is becoming more important and more valuable all the time. Security breaches can be costly, so security leadership is a high-stakes game. Discover more with this free eBook.
Microsoft has published its annual Digital Defense Report, highlighting that nation-state actors from Russia pose the biggest threat to foreign governments, such as the United States.
Binance has been ordered by the UK High Court of Justice to identify hackers who stole $2.6 million from Fetch.ai. Once found, the court said Binance has to freeze the account of those responsible.
Microsoft has issued an advisory about a cyberattack from a Chinese group targeting SolarWinds' products. A hotfix has been released but organizations are still advised to review guidance.
Microsoft is expanding its identity and access management protections available in AccountGuard to high-risk customers in 31 democracies at no extra cost. It contains features like MFA and SSO.
Microsoft has formed a coalition with Google and WhatsApp, among others, to file an amicus brief against NSO Group, claiming that immunity should not be granted to the Israeli technology firm.
In a stint that lasted for 30 minutes, hackers swapped out the 'Coalitions' tab of President Trump's campaign website, threatening to release sensitive information in exchange for cryptocurrency.
Nokia has released the latest edition of its Threat Intelligence Report. The document reveals that cyberattacks on IoT devices are increasing at an alarming rate due to poor security.
Due to the cyber attack, operations had been suspended at plants in Ohio, Turkey, and India. The company, whose Japanese operations remain unaffected, is working to fix its systems.
