BlackLotus bootkit bypasses UEFI Secure Boot on patched Windows 11
The developers of the BlackLotus UEFI bootkit have improved the malware with Secure Boot bypass capabilities that allow it to...
Read more →Category: Bleeping Computer
Chick-fil-A confirms accounts hacked in months-long “automated” attack
American fast food chain Chick-fil-A has confirmed that customers’ accounts were breached in a months-long credential stuffing attack, allowing threat...
Read more →
Chinese hackers use new custom backdoor to evade detection
The Chinese cyber espionage hacking group Mustang Panda was seen deploying a new custom backdoor named ‘MQsTTang’ in attacks starting...
Read more →
Australian woman arrested for email bombing a government office
The Australian Federal Police arrested a woman in Werrington, Sydney, for allegedly email bombing the office of a Federal Member...
Read more →
CISA releases free ‘Decider’ tool to help with MITRE ATT&CK mapping
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has released ‘Decider,’ an open-source tool that helps defenders and security analysts...
Read more →
British retail chain WH Smith says data stolen in cyberattack
British retailer WH Smith has suffered a data breach that exposed information belonging to current and former employees. The company operates...
Read more →
How to Prevent Callback Phishing Attacks on Your Organization
Hybrid phishing attacks continue to pose a clear and present danger to all organizations. How can these threats be mitigated...
Read more →
Microsoft fixes bug behind apps not installing during provisioning
Microsoft has addressed a Windows 11 22H2 known issue causing some apps not to be installed during Windows provisioning. This...
Read more →
Russia bans foreign messaging apps in government organizations
Russia’s internet watchdog agency Roskomnadzor warns that laws banning the use of many foreign private messaging applications in Russian government...
Read more →
Cisco patches critical Web UI RCE flaw in multiple IP phones
Cisco has addressed a critical security vulnerability found in the Web UI of multiple IP Phone models that unauthenticated and...
Read more →
Aruba Networks fixes six critical vulnerabilities in ArubaOS
Aruba Networks published a security advisory to inform customers about six critical-severity vulnerabilities impacting multiple versions of ArubaOS, its proprietary...
Read more →
Trezor warns of massive crypto wallet phishing campaign
An ongoing phishing campaign is pretending to be Trezor data breach notifications attempting to steal a target’s cryptocurrency wallet and...
Read more →