Mass scanning activity targeting VMware servers with the remote code execution security bug after a Chinese researcher released proof of concept (POC) code.
Staff Correspondent at CPO Magazine
Alicia Hope has been a journalist for more than 5 years, reporting on technology, cyber security and data privacy news.
Red Canary researchers said Silver Sparrow macOS malware infecting about 40,000 Macs using both Intel and ARM chips could deliver malicious payloads at a moment's notice.
Law firm associated with Donald Trump and half of Fortune 500 companies leaked 100 GB of confidential client information in a third-party data breach linked to Clop ransomware.
Kia Motors America suffered a suspected DoppelPaymer ransomware attack that shut down internal and customer-facing systems. Hackers demanded 404 Bitcoins worth about $20 million.
Popular Android file-sharing app SHAREit with over a billion downloads has a security flaw that could leak users’ sensitive information and allow remote code execution.
F5 Credential Stuffing Report found that credential spills doubled between 2016 and 2020 while credential stuffing became the preferred attack method.
About 26 Million Fortune 1000 Employee Credentials Available on the Dark Web, Password Reuse Rampant
SpyCloud found about 26 million Fortune 1000 employee credentials circulating on the dark web. Password reuse, weak passwords, and infostealers were responsible for the leaks.
The supply chain attack method leverages commonly-used dependency managers and private or non-existent dependencies to install malicious code and backdoors in internal applications.
UK's NCSC issued an alert over the growing risk of ransomware attacks as threat actors diversified attack vectors and monetization methods, with some victims hit by repeat attacks shortly after paying a ransom.
The FTC reported that identity theft doubled during the pandemic as scammers targeted COVID-19 relief payments to individuals and government-sponsored loans for small businesses.
