Google warns of actively exploited Pixel firmware zero-day
Google has released patches for 50 security vulnerabilities impacting its Pixel devices and warned that one of them had already been exploited in targeted attacks…
Category: Bleeping Computer
CISA warns of criminals impersonating its employees in phone calls
Image: Midjourney Today, the Cybersecurity and Infrastructure Security Agency (CISA) warned that criminals are impersonating its employees in phone calls and attempting to deceive potential…
New phishing toolkit uses PWAs to steal login credentials
A new phishing kit has been released that allows red teamers and cybercriminals to create progressive web Apps (PWAs) that display convincing corporate login forms…
Life360 says hacker tried to extort them after Tile data breach
Safety and location services company Life360 says it was the target of an extortion attempt after a threat actor breached and stole sensitive information from…
Microsoft deprecates Windows DirectAccess, recommends Always On VPN
Microsoft has announced that the DirectAccess remote access solution is now deprecated and will be removed in a future release of Windows, recommending companies migrate…
Police arrest Conti and LockBit ransomware crypter specialist
The Ukraine cyber police have arrested a 28-year-old Russian man in Kyiv for working with Conti and LockBit ransomware operations to make their malware undetectable by…
Black Basta ransomware gang linked to Windows zero-day attacks
The Black Basta ransomware operation is suspected of exploiting a Windows privilege escalation vulnerability (CVE-2024-26169) as a zero-day before a fix was made available. The…
Pure Storage confirms data breach after Snowflake account hack
Pure Storage, a leading provider of cloud storage systems and services, confirmed on Monday that attackers breached its Snowflake workspace and gained access to what…
TellYouThePass ransomware exploits recent PHP RCE flaw to breach servers
The TellYouThePass ransomware gang has been exploiting the recently patched CVE-2024-4577 remote code execution vulnerability in PHP to deliver webshells and execute the encryptor payload on…
New Warmcookie Windows backdoor pushed via fake job offers
Image: Midjourney A never-before-seen Windows malware named ‘Warmcookie’ is distributed through fake job offer phishing campaigns to breach corporate networks. According to Elastic Security Labs, which…
Chinese hackers breached 20,000 FortiGate systems worldwide
Image: Midjourney The Dutch Military Intelligence and Security Service (MIVD) warned today that the impact of a Chinese cyber-espionage campaign unveiled earlier this year is…
City of Cleveland shuts down IT systems after cyberattack
The City of Cleveland, Ohio, is currently dealing with a cyberattack that has forced it to take citizen-facing services offline, including the public offices and facilities…