Google's new Cybersecurity Action Team warned that cybercriminals compromised unsecured or misconfigured Google Cloud instances to perform cryptocurrency mining.
Staff Correspondent at CPO Magazine
Alicia Hope has been a journalist for more than 5 years, reporting on technology, cyber security and data privacy news.
Security flaw exposes the firmware encryption key allowing attackers to run arbitrary code on Intel Management Engine and access TPM, BitLocker, and EPID encryption keys.
Tardigrade malware could shut down biomanufacturing facilities, exfiltrate data, deliver ransomware, and act as a backdoor for hackers to perform custom operations.
GitHub users leaked their login cookies by committing cookies.sqlite database to their public projects from their Linux home directory, exposing their accounts to potential compromise.
Researchers warn about the return of Emotet malware through TrickBot's infrastructure and a new phishing campaign through infected email attachments after a year of inactivity.
Iranian APT groups targeted critical infrastructure entities by exploiting known Microsoft Exchange Server and Fortinet vulnerabilities using malicious and legitimate tools.
The US authorities offered a $10 million reward for information to identify or locate REvil and DarkSide ransomware gang leaders, and $5 million for their affiliates preparing attacks.
Palo Alto Networks identified a Chinese cyber espionage campaign targeting 370 critical infrastructure, education, healthcare, and technology organizations through vulnerable Zoho servers.
Costco sent a data breach notification to its customers after discovering a credit card skimmer at one of its stores. Several customers complained of unauthorized transactions.
Ransomware gangs search for non-public financial information that could affect stock prices during mergers and acquisitions and threaten to publish it to coerce the victim to pay.
