Booking.com Phishers May Leave You With Reservations – Krebs on Security
A number of cybercriminal innovations are making it easier for scammers to cash in on your upcoming travel plans. This story examines a recent spear-phishing…
Author: Cybernoz
OpenAI’s new ChatGPT Search Chrome extension feels like a search hijacker
OpenAI’s new “ChatGPT search” Chrome extension feels like nothing more than a typical search hijacker, changing Chrome’s settings so your address bar searches go through ChatGPT…
New LightSpy spyware version targets iPhones
New LightSpy spyware version targets iPhones with destructive capabilities Pierluigi Paganini November 01, 2024 New LightSpy spyware targets iPhones supporting destructive features that can block…
Azure AI Vulnerabilities Allowed Bypass of Moderation Safeguards
Mindgard researchers uncovered critical vulnerabilities in Microsoft’s Azure AI Content Safety service, allowing attackers to bypass its safeguards and unleash harmful AI-generated content. A UK-based…
The Dumbest Thing in Security This Week: Russia Can’t Math
In a year marked by unprecedented disinformation and cyberattacks, at least we can all come together and laugh at Russia’s math skills. A Russian court…
Synology hurries out patches for zero-days exploited at Pwn2Own
Synology, a Taiwanese network-attached storage (NAS) appliance maker, patched two critical zero-days exploited during last week’s Pwn2Own hacking competition within days. Midnight Blue security researcher…
Email Phishing Playbook for Efficient Phishing Handling
Let’s not sugarcoat it: phishing is one of the most effective ways cybercriminals worm their way into your network. Why? Simple. As Stephanie Carruthers, a…
LottieFiles confirmed a supply chain attack on Lottie-Player
LottieFiles confirmed a supply chain attack on Lottie-Player Pierluigi Paganini November 01, 2024 LottieFiles confirmed a supply chain attack on Lottie-Player, and threat actors targeted…
LastPass warns of fake support centers trying to steal customer data
LastPass is warning about an ongoing campaign where scammers are writing reviews for its Chrome extension to promote a fake customer support phone number. However,…
EMERALDWHALE Steals 15,000+ Cloud Credentials, Stores Data in S3 Bucket
Operation EMERALDWHALE compromises over 15,000 cloud credentials, exploiting exposed Git and Laravel files. Attackers use compromised S3 buckets for storage, increasing the risks of phishing…
Medusa Ransomware attack impacts 1.8 million patients
In what could potentially be the largest data breach in the history of pathology labs in the United States, the Medusa Ransomware group has reportedly…
1,000+ web shops infected by “Phish ‘n Ships” criminals who create fake product listings for in-demand products
Researchers at the Satori Threat Intelligence and Research team have published their findings about a group of cybercriminals that infect legitimate web shops to create…