Hackers targeted employee in failed deepfake CEO call
LastPass revealed this week that threat actors targeted one of its employees in a voice phishing attack, using deepfake audio to impersonate Karim Toubba, the…
Category: Bleeping Computer
OpenTable is adding your first name to previously anonymous reviews
Restaurant reservation platform OpenTable says that all reviews on the platform will no longer be fully anonymous starting May 22nd and will now show members’…
CISA makes its “Malware Next-Gen” analysis system publicly available
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released a new version of “Malware Next-Gen,” now allowing the public to submit malware samples for…
Mercenary spyware attacks target iPhone users in 92 countries
Apple has been notifying iPhone users in 92 countries about a “mercenary spyware attack” attempting to remotely compromise their device. In a sample notification the company…
CISA orders agencies impacted by Microsoft hack to mitigate risks
CISA has issued a new emergency directive ordering U.S. federal agencies to address risks resulting from the breach of multiple Microsoft corporate email accounts by…
Optics giant Hoya hit with $10 million ransomware demand
A recent cyberattack on Hoya Corporation was conducted by the ‘Hunters International’ ransomware operation, which demanded a $10 million ransom for a file decryptor and…
Intel and Lenovo servers impacted by 6-year-old BMC flaw
An almost 6-year-old vulnerability in the Lighttpd web server used in Baseboard Management Controllers has been overlooked by many device vendors, including Intel and Lenovo.…
CISA says Sisense hack impacts critical infrastructure orgs
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is investigating the recent breach of data analytics company Sisense, an incident that also impacted critical infrastructure organizations.…
CISA investigates critical infrastructure breach after Sisense hack
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is investigating the recent breach of data analytics company Sisense, an incident that also impacted critical infrastructure organizations.…
DuckDuckGo launches a premium Privacy Pro VPN service
DuckDuckGo has launched a new paid-for 3-in-1 subscription service called ‘Privacy Pro,’ which includes a virtual private network (VPN), a personal data removal service, and…
Malicious Visual Studio projects on GitHub push Keyzetsu malware
Threat actors are abusing GitHub automation features and malicious Visual Studio projects to push a new variant of the “Keyzetsu” clipboard-hijacking malware and steal cryptocurrency payments. The…
The hidden cost of convenience
Password reuse might seem like a small problem — a bad end-user habit that can be fixed with the right training. But this small act…