Brazil seizing Flipper Zero shipments to prevent use in crime
The Brazilian National Telecommunications Agency is seizing incoming Flipper Zero purchases due to its alleged use in criminal activity, with purchasers stating that the government…
Category: Bleeping Computer
Clop ransomware gang begins extorting GoAnywhere zero-day victims
The Clop ransomware gang has begun extorting companies whose data was stolen using a zero-day vulnerability in the Fortra GoAnywhere MFT secure file-sharing solution. In…
CISA warns of actively exploited Plex bug after LastPass breach
CISA has added an almost three-year-old high-severity remote code execution (RCE) vulnerability in the Plex Media Server to its catalog of security flaws exploited in…
Mental health provider Cerebral alerts 3.1M people of data breach
Healthcare platform Cerebral is sending data breach notices to 3.18 million people who have interacted with its websites, applications, and telehealth services. Cerebral is a…
CISA warns of critical VMware RCE flaw exploited in attacks
CISA has added a critical severity vulnerability in VMware’s Cloud Foundation to its catalog of security flaws exploited in the wild. The flaw (tracked as…
The Week in Ransomware – March 10th 2023
This week’s biggest news was the coordinated, international law enforcement operation between Europol, the FBI, the Netherlands, Germany, and Ukraine that targeted the DoppelPaymer operation.…
Microsoft OneNote to get enhanced security after recent malware abuse
Microsoft will introduce improved protection against phishing attacks pushing malware via malicious Microsoft OneNote files. In a new Microsoft 365 roadmap entry published today titled…
New GoBruteforcer malware targets phpMyAdmin, MySQL, FTP, Postgres
A newly discovered Golang-based botnet malware scans for and infects web servers running phpMyAdmin, MySQL, FTP, and Postgres services. According to researchers with Palo Alto…
Security researchers targeted with new malware via job offers on LinkedIn
A suspected North Korean hacking group is targeting security researchers and media organizations in the U.S. and Europe with fake job offers that lead to the…
Blackbaud to pay $3M for misleading ransomware attack disclosure
Cloud software provider Blackbaud has agreed to pay $3 million to settle charges brought by the Securities and Exchange Commission (SEC), alleging that it failed…
Xenomorph Android malware now steals data from 400 banks
The Xenomorph Android malware has released a new version that adds significant capabilities to conduct malicious attacks, including a new automated transfer system (ATS) framework and…
IceFire ransomware now encrypts both Linux and Windows systems
Threat actors linked to the IceFire ransomware operation now actively target Linux systems worldwide with a new dedicated encryptor. SentinelLabs security researchers found that the…