A ‘!password20231#’ password may not be as complex as you think
Modern IT system administrators know the importance of maintaining a strong password policy. In this article, we’ll explore the evolution of password policies, from basic…
Category: Bleeping Computer
New Atomic macOS info-stealing malware targets 50 crypto wallets
A new macOS information-stealing malware named ‘Atomic’ (aka ‘AMOS’) is being sold to cybercriminals via private Telegram channels for a subscription of $1,000 per month.…
Clop, LockBit ransomware gangs behind PaperCut server attacks
Microsoft has attributed recent attacks on PaperCut servers to the Clop and LockBit ransomware operations, which used the vulnerabilities to steal corporate data. Last month,…
Google will add End-to-End encryption to Google Authenticator
Google is bringing end-to-end encryption to Google Authenticator cloud backups after researchers warned users against synchronizing 2FA codes with their Google accounts. This week, Google…
Ukrainian arrested for selling data of 300M people to Russians
The Ukrainian cyber police have arrested a 36-year-old man from the city of Netishyn for selling the personal data and sensitive information of over 300…
PrestaShop fixes bug that lets any backend user delete databases
The open-source e-commerce platform PrestaShop has released a new version that addresses a critical-severity vulnerability allowing any back-office user to write, update, or delete SQL…
Cisco discloses XSS zero-day flaw in server management tool
Cisco disclosed today a zero-day vulnerability in the company’s Prime Collaboration Deployment (PCD) software that can be exploited for cross-site scripting attacks. This server management…
Tencent QQ users hacked in mysterious malware attack, says ESET
A Chinese APT hacking group known as ‘Evasive Panda’ is linked to a mysterious attack that distributed the MsgBot malware as part of an automatic update…
Microsoft removes LSA Protection from Windows settings to fix bug
Microsoft has fixed a known issue triggering Windows Security warnings that Local Security Authority (LSA) Protection is off by removing the feature’s UI from settings.…
Google disrupts the CryptBot info-stealing malware operation
Google is taking down malware infrastructure linked to the Cryptbot info stealer after suing those using it to infect Google Chrome users and steal their data. The…
Microsoft rolls out Phone Link for iOS to all Windows 11 users
Microsoft is rolling out Phone Link for iOS to all Windows 11 and iPhone users, with the rollout expected to complete by mid-May. The Phone…
Thousands of Apache Superset servers exposed to RCE attacks
Apache Superset is vulnerable to authentication bypass and remote code execution at default configurations, allowing attackers to potentially access and modify data, harvest credentials, and…