Business email compromise tactics used to defraud U.S. vendors
The Federal Bureau of Investigation is warning companies in the U.S. of threat actors using tactics similar to business email compromise that allow less technical…
Category: Bleeping Computer
Emotet malware distributed as fake W-9 tax forms from the IRS
A new Emotet phishing campaign is targeting U.S. taxpayers by impersonating W-9 tax forms allegedly sent by the Internal Revenue Service and companies you work…
Russia’s Rostec allegedly can de-anonymize Telegram users
Russia’s Rostec has reportedly bought a platform that allows it to uncover the identities of anonymous Telegram users, likely to be used to tamp down…
Inaudible ultrasound attack can stealthily control your phone, smart speaker
American university researchers have developed a novel attack called “Near-Ultrasound Inaudible Trojan” (NUIT) that can launch silent attacks against devices powered by voice assistants, like…
Microsoft pushes OOB security updates for Windows Snipping tool flaw
Microsoft released an emergency security update for the Windows 10 and Windows 11 Snipping tool to fix the Acropalypse privacy vulnerability. Now tracked as CVE-2023-28303,…
New Dark Power ransomware claims 10 victims in its first month
A new ransomware operation named ‘Dark Power’ has appeared, and it has already listed its first victims on a dark web data leak site, threatening…
Procter & Gamble confirms data theft via GoAnywhere zero-day
Consumer goods giant Procter & Gamble has confirmed a data breach affecting an undisclosed number of employees after its GoAnywhere MFT secure file-sharing platform was…
The Week in Ransomware – March 24th 2023
This week’s news has been dominated by the Clop ransomware gang extorting companies whose GoAnywhere services were breached using a zero-day vulnerability. Over the past…
FBI confirms access to Breached cybercrime forum database
Today, the FBI confirmed they have access to the database of the notorious BreachForums (aka Breached) hacking forum after the U.S. Justice Department also officially…
Windows, Ubuntu, and VMWare Workstation hacked on last day of Pwn2Own
On the third day of the Pwn2Own hacking contest, security researchers were awarded $185,000 after demonstrating 5 zero-day exploits targeting Windows 11, Ubuntu Desktop, and…
Microsoft shares tips on detecting Outlook zero-day exploitation
Microsoft today published a detailed guide aiming to help customers discover signs of compromise via exploitation of a recently patched Outlook zero-day vulnerability. Tracked as…
Australian police arrest four BEC actors who stole $1.7 million
The Australian Federal Police (AFP) has arrested four members of a cybercriminal syndicate that has laundered $1.7 million stolen from at least 15 victims between…