Chinese hackers use new data theft malware in govt attacks
New attacks attributed to China-based cyber espionage group Mustang Panda show that the threat actor switched to new strategies and malware called FDMTP and PTSOCKET…
Category: Bleeping Computer
Quad7 botnet targets more SOHO and VPN routers, media servers
The Quad7 botnet is evolving its operation by targeting additional SOHO devices with new custom malware for Zyxel VPN appliances, Ruckus wireless routers, and Axentra media servers. This…
Critical SonicWall SSLVPN bug exploited in ransomware attacks
Ransomware affiliates exploit a critical security vulnerability in SonicWall SonicOS firewall devices to breach victims’ networks. Tracked as CVE-2024-40766, this improper access control flaw affects Gen…
Highline Public Schools closes schools following cyberattack
Highline Public Schools, a K-12 district in Washington state, has shut down all schools and canceled school activities after its technology systems were compromised in…
Payment gateway data breach affects 1.7 million credit card owners
Payment gateway provider Slim CD has disclosed a data breach that compromised credit card and personal data belonging to almost 1.7 million individuals. In the…
Meta fixes easily bypassed WhatsApp ‘View Once’ privacy feature
A privacy flaw in WhatsApp, an instant messenger with over 2 billion users worldwide, is being exploited by attackers to bypass the app’s “View once”…
Progress LoadMaster vulnerable to 10/10 severity RCE flaw
Progress Software has issued an emergency fix for a maximum (10/10) severity vulnerability impacting its LoadMaster and LoadMaster Multi-Tenant (MT) Hypervisor products that allows attackers…
New RAMBO attack steals data using RAM in air-gapped computers
A novel side-channel attack dubbed “RAMBO” (Radiation of Air-gapped Memory Bus for Offense) generates electromagnetic radiation from a device’s RAM to send data from air-gapped computers.…
Sextortion scam now use your “cheating” spouse’s name as a lure
A new variant of the ongoing sextortion email scams is now targeting spouses, saying that their husband or wife is cheating on them, with links…
Transport for London staff faces systems disruptions after cyberattack
Transport for London, the city’s public transportation agency, revealed today that its staff has limited access to systems and email due to measures implemented in response…
Car rental giant Avis discloses data breach impacting customers
Image: MidjourneyAmerican car rental giant Avis notified customers that unknown attackers breached one of its business applications last month and stole some of their personal…
Microsoft Office 2024 to disable ActiveX controls by default
After Office 2024 launches in October, Microsoft will disable ActiveX controls by default in Word, Excel, PowerPoint, and Visio client apps. ActiveX is a legacy…