Prudential Financial breached in data theft cyberattack
Prudential Financial has disclosed that its network was breached last week, with the attackers stealing employee and contractor data before being blocked from compromised systems one day…
Category: Bleeping Computer
Hackers used new Windows Defender zero-day to drop DarkMe malware
Microsoft has patched today a Windows Defender SmartScreen zero-day exploited in the wild by a financially motivated threat group to deploy the DarkMe remote access…
Microsoft February 2024 Patch Tuesday fixes 2 zero-days, 74 flaws
Tag CVE ID CVE Title Severity .NET CVE-2024-21386 .NET Denial of Service Vulnerability Important .NET CVE-2024-21404 .NET Denial of Service Vulnerability Important Azure Active Directory…
Hackers steal $290 million in crypto from PlayDapp gaming platform
Hackers are believed to have used a stolen private key to mint and steal over $290 million in PLA tokens, a cryptocurrency used within the…
Ransomware attack forces 21 Romanian hospitals to go offline
At least 21 hospitals in Romania were knocked offline after a ransomware attack took down their healthcare management system. The Hipocrate Information System (HIS) used by…
Microsoft tests Windows 11 ‘Super Resolution’ AI-upscaling for gamers
Microsoft is testing a new “Automatic Super Resolution” AI-assisted upscaling feature that increases the video and image quality of supported games while also making them…
Bank of America warns customers of data breach after vendor hack
Bank of America is warning customers of a data breach exposing their personal information after one of its service providers was hacked last year. Customer…
FBI seizes Warzone RAT infrastructure, arrests malware vendor
The FBI dismantled the Warzone RAT malware operation, seizing infrastructure and arresting two individuals associated with the cybercrime operation. Daniel Meli, 27, a resident of…
FCC orders telecom carriers to report PII data breaches within 30 days
Starting March 13th, telecommunications companies must report data breaches impacting customers’ personally identifiable information within 30 days, as required by FCC’s updated data breach reporting…
Ongoing Microsoft Azure account hijacking campaign targets executives
A phishing campaign detected in late November 2023 has compromised hundreds of user accounts in dozens of Microsoft Azure environments, including those of senior executives.…
Roundcube email server bug now exploited in attacks
CISA warns that a Roundcube email server vulnerability patched in September is now actively exploited in cross-site scripting (XSS) attacks. The security flaw (CVE-2023-43770) is…
Hackers exploit Ivanti SSRF flaw to deploy new DSLog backdoor
Hackers are exploiting a server-side request forgery (SSRF) vulnerability in Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy the new DSLog backdoor on…