Google suffers data breach in ongoing Salesforce data theft attacks
Google is the latest company to suffer a data breach in an ongoing wave of Salesforce CRM data theft attacks conducted by the ShinyHunters extortion…
Category: Bleeping Computer
MFA matters… But it isn’t enough on its own
Unprotected usernames and passwords offer little defense against account takeover attacks. Multi-factor authentication (MFA) has quite rightly become the de facto standard for strengthening access…
National Bank of Canada online systems down due to ‘technical issue’
National Bank of Canada (Banque Nationale du Canada), the sixth largest commercial bank of Canada is currently experiencing a widespread service outage affecting its online banking…
ReVault flaws let hackers bypass Windows login on Dell laptops
ControlVault3 firmware vulnerabilities impacting over 100 Dell laptop models can allow attackers to bypass Windows login and install malware that persists across system reinstalls. Dell ControlVault is…
WhatsApp adds new security feature to protect against scams
WhatsApp is introducing a new security feature that will help users spot potential scams when they are being added to a group chat by someone…
Trend Micro warns of Apex One zero-day exploited in attacks
Trend Micro has warned customers to immediately secure their systems against an actively exploited remote code execution vulnerability in its Apex One endpoint security platform.…
Microsoft pays record $17 million in bounties over the last 12 months
Microsoft paid a record $17 million this year to 344 security researchers across 59 countries through its bug bounty program. Between July 2024 and June…
Pandora confirms data breach amid ongoing Salesforce data theft attacks
Danish jewelry giant Pandora has disclosed a data breach after its customer information was stolen in the ongoing Salesforce data theft attacks. Pandora is one…
PBS confirms data breach after employee info leaked on Discord servers
PBS has suffered a data breach exposing the corporate contact information of its employees and those of its affiliates, BleepingComputer has learned. Earlier this month,…
CTM360 spots Malicious ‘FraudOnTok’ Campaign Targeting TikTok Shop users
CTM360 has discovered a new global malware campaign dubbed “FraudOnTok” that spreads the SparkKitty spyware through fake TikTok shops to steal cryptocurrency wallets and drain…
Adobe issues emergency fixes for AEM Forms zero-days after PoCs released
Adobe released emergency updates for two zero-day flaws in Adobe Experience Manager (AEM) Forms on JEE after a PoC exploit chain was disclosed that can be…
Cisco discloses data breach impacting Cisco.com user accounts
Cisco has disclosed that cybercriminals stole the basic profile information of users registered on Cisco.com following a voice phishing (vishing) attack that targeted a company…