ZeroDayRAT malware grants full access to Android, iOS devices
A new commercial mobile spyware platform dubbed ZeroDayRAT is being advertised to cybercriminals on Telegram as a tool that provides full remote control over compromised…
Category: Bleeping Computer
Microsoft announces new mobile-style Windows security controls
Microsoft wants to introduce smartphone-style app permission prompts in Windows 11 to request user consent before apps can access sensitive resources such as files, cameras,…
Fugitive behind $73M ‘pig butchering’ scheme gets 20 years in prison
A dual Chinese and St. Kitts and Nevis national was sentenced to 20 years in prison in absentia for his role in an international cryptocurrency…
Exchange Online flags legitimate emails as phishing
Microsoft is investigating an ongoing Exchange Online issue that mistakenly flags legitimate emails as phishing and quarantines them. The incident began on February 5 and…
Men charged in FanDuel scheme fueled by thousands of stolen identities
Two Connecticut men face federal charges for allegedly defrauding FanDuel and other online gambling sites of $3 million over several years using the stolen identities…
BeyondTrust warns of critical RCE flaw in remote support software
BeyondTrust warned customers to patch a critical security flaw in its Remote Support (RS) and Privileged Remote Access (PRA) software that could allow unauthenticated attackers…
Chinese cyberspies breach Singapore’s four largest telcos
The Chinese threat actor tracked as UNC3886 breached Singapore’s four largest telecommunication service providers, Singtel, StarHub, M1, and Simba, at least once last year. The…
How attackers build targeted wordlists
Passwords remain a persistent point of tension between usability and security. Controls designed to strengthen authentication often introduce complexity, which encourages users to rely on…
Hackers breach SmarterTools network using flaw in its own software
SmarterTools confirmed last week that the Warlock ransomware gang breached its network after compromising an email system, but it did not impact business applications or…
Hackers exploit SolarWinds WHD flaws to deploy DFIR tool in attacks
Hackers are exploiting SolarWinds Web Help Desk (WHD) vulnerabilities to deploy legitimate tools for malicious purposes, such as the Zoho ManageEngine remote monitoring and management…
European Commission discloses breach that exposed staff data
The European Commission is investigating a breach after finding evidence that its mobile device management platform was hacked. The Commission said on Friday that it…
New tool blocks imposter attacks disguised as safe commands
A new open-source and cross-platform tool called Tirith can detect homoglyph attacks over command-line environments by analyzing URLs in typed commands and stopping their execution. …