Free Key Group ransomware decryptor helps victims recover data
Researchers took advantage of a weakness in the encryption scheme of Key Group ransomware and developed a decryption tool that lets some victims to recover…
Category: Bleeping Computer
Classiscam fraud-as-a-service expands, now targets banks and 251 brands
Image: Midjourney The “Classiscam” scam-as-a-service operation has broadened its reach worldwide, targeting many more brands, countries, and industries, causing more significant financial damage than before.…
GRU hackers attack Ukrainian military with new Android malware
Image: Midjourney Hackers working for the Main Directorate of the General Staff of the Armed Forces of the Russian Federation, more commonly known as the…
Paramount discloses data breach following security incident
American entertainment giant Paramount Global disclosed a data breach after its systems got hacked and attackers gained access to personally identifiable information (PII). Paramount said…
Europe applauds, outrage everywhere else
Microsoft will soon allow users in the European Union, as well as from Iceland, Liechtenstein, and Norway, to once again open all links in Windows…
Apple opens 2024 applications to get ‘security research’ iPhones
Apple announced today that iOS security researchers can now apply for a Security Research Device (SRD) by the end of October. SRDs are iPhone 14 Pros with…
WordPress migration add-on flaw could lead to data breaches
All-in-One WP Migration, a popular data migration plugin for WordPress sites with 5 million active installations, suffers from unauthenticated access token manipulation that could allow…
VMware Aria vulnerable to critical SSH authentication bypass flaw
VMware Aria Operations for Networks (formerly vRealize Network Insight) is vulnerable to a critical severity authentication bypass flaw that could allow remote attackers to bypass…
Hacking campaign bruteforces Cisco VPNs to breach networks
Hackers are targeting Cisco Adaptive Security Appliance (ASA) SSL VPNs in credential stuffing and brute-force attacks that take advantage of lapses in security defenses, such…
Trojanized Signal and Telegram apps on Google Play delivered spyware
Image: Midjourney Trojanized Signal and Telegram apps containing the BadBazaar spyware were uploaded onto Google Play and Samsung Galaxy Store by a Chinese APT hacking…
DreamBus malware exploits RocketMQ flaw to infect servers
Image: Midjourney A new version of the DreamBus botnet malware exploits a critical-severity remote code execution vulnerability in RocketMQ servers to infect devices. The exploited…
How the FBI nuked Qakbot malware from infected Windows PCs
The FBI announced today the disruption of the Qakbot botnet in an international law enforcement operation that not only seized infrastructure but also uninstalled the…