Hacker leaks millions of new 23andMe genetic data profiles
A hacker has leaked an additional 4.1 million stolen 23andMe genetic data profiles for people in Great Britain and Germany on a hacking forum. Earlier…
Category: Bleeping Computer
Google links WinRAR exploitation to Russian, Chinese state hackers
Google says that several state-backed hacking groups have joined ongoing attacks exploiting a high-severity vulnerability in WinRAR, a compression software used by over 500 million users, aiming to…
MATA malware framework exploits EDR in attacks on defense firms
An updated version of the MATA backdoor framework was spotted in attacks between August 2022 and May 2023, targeting oil and gas firms and the…
Google Play Protect adds real-time scanning to fight Android malware
Google has announced new, real-time scanning features for Google Play Protect that make it harder for malicious apps employing polymorphism to evade detection. This represents…
Single Sign On and the Cybercrime Ecosystem
It’s not just your perception, cybercrime is increasing dramatically. At Flare we’ve identified a 112% increase in data extortion ransomware attacks in 2023 compared to…
Google links WinRAR exploitation to multiple state hacking groups
Google says that several state-backed hacking groups have joined ongoing attacks exploiting a high-severity vulnerability in WinRAR, a compression software used by over 500 million users, aiming to…
Qubitstrike attacks rootkit Jupyter Linux servers to steal credentials
Hackers are scanning for internet-exposed Jupyter Notebooks to breach servers and deploy a cocktail of malware consisting of a Linux rootkit, crypto miners, and password-stealing…
Recently patched Citrix NetScaler bug exploited as zero-day since August
A critical vulnerability tracked as CVE-2023-4966 in Citrix NetScaler ADC/Gateway devices has been actively exploited as a zero-day since late August, security researchers announced. The security…
Twitter testing annual subscriptions for tweeting and retweeting
Twitter, now renamed X, is testing new $1 annual subscriptions to provide unverified accounts access to core features like tweeting and retweeting. This move is…
Microsoft disables bad spam rule flagging all sent emails as junk
Microsoft has disabled a bad anti-spam rule flooding Microsoft 365 admins’ inboxes with blind carbon copies (BCC) of outbound emails mistakenly flagged as spam. This false…
FBI warns of extortion groups targeting plastic surgery offices
The FBI warns that cybercriminals are using spoofed emails and phone numbers to target plastic surgery offices across the United States for extortion in phishing attacks…
Over 10,000 Cisco devices hacked in IOS XE zero-day attacks
Update October 17, 16:40 EDT: Added new information on breached Cisco IOS XE devices. Attackers have exploited a recently disclosed critical zero-day bug to compromise…