New Ghost Calls tactic abuses Zoom and Microsoft Teams for C2 operations
A new post-exploitation command-and-control (C2) evasion method called ‘Ghost Calls’ abuses TURN servers used by conferencing apps like Zoom and...
Read more →Category: Bleeping Computer
Hacker extradited to US for stealing $3.3 million from taxpayers
Nigerian national Chukwuemeka Victor Amachukwu has been extradited from France to the U.S. to face charges of hacking, fraud, and...
Read more →
Google suffers data breach in ongoing Salesforce data theft attacks
Google is the latest company to suffer a data breach in an ongoing wave of Salesforce CRM data theft attacks...
Read more →
MFA matters… But it isn’t enough on its own
Unprotected usernames and passwords offer little defense against account takeover attacks. Multi-factor authentication (MFA) has quite rightly become the de...
Read more →
National Bank of Canada online systems down due to ‘technical issue’
National Bank of Canada (Banque Nationale du Canada), the sixth largest commercial bank of Canada is currently experiencing a widespread service...
Read more →
ReVault flaws let hackers bypass Windows login on Dell laptops
ControlVault3 firmware vulnerabilities impacting over 100 Dell laptop models can allow attackers to bypass Windows login and install malware that persists across...
Read more →
WhatsApp adds new security feature to protect against scams
WhatsApp is introducing a new security feature that will help users spot potential scams when they are being added to...
Read more →
Trend Micro warns of Apex One zero-day exploited in attacks
Trend Micro has warned customers to immediately secure their systems against an actively exploited remote code execution vulnerability in its...
Read more →
Microsoft pays record $17 million in bounties over the last 12 months
Microsoft paid a record $17 million this year to 344 security researchers across 59 countries through its bug bounty program....
Read more →
Pandora confirms data breach amid ongoing Salesforce data theft attacks
Danish jewelry giant Pandora has disclosed a data breach after its customer information was stolen in the ongoing Salesforce data...
Read more →
PBS confirms data breach after employee info leaked on Discord servers
PBS has suffered a data breach exposing the corporate contact information of its employees and those of its affiliates, BleepingComputer...
Read more →
CTM360 spots Malicious ‘FraudOnTok’ Campaign Targeting TikTok Shop users
CTM360 has discovered a new global malware campaign dubbed “FraudOnTok” that spreads the SparkKitty spyware through fake TikTok shops to...
Read more →