North Korean hackers stole $100 million in Harmony crypto hack
The FBI has confirmed that the North Korean state-sponsored ‘Lazarus’ and APT38 hacking groups were behind the theft of $100 million worth of Ethereum stolen…
Category: Bleeping Computer
GoTo says hackers stole customers’ backups and encryption key
GoTo (formerly LogMeIn) is warning customers that threat actors who breached its development environment in November 2022 stole encrypted backups containing customer information and an…
Hackers use Golang source code interpreter to evade detection
A Chinese-speaking hacking group tracked as ‘DragonSpark’ was observed employing Golang source code interpretation to evade detection while launching espionage attacks against organizations in East…
Microsoft plans to kill malware delivery via Excel XLL add-ins
Microsoft is working on adding XLL add-in protection for Microsoft 365 customers by including automated blocking of all such files downloaded from the Internet. This…
CISA warns of critical ManageEngine RCE bug exploited in attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has added a remote code execution (RCE) affecting most Zoho ManageEngine products to its catalog of bugs known…
Apple iOS 16.3 arrives with support for hardware security keys
Apple released iOS 16.3 today with long-awaited support for hardware security keys to provide extra protection against phishing attacks and unauthorized access to your devices.…
Apple fixes actively exploited iOS zero-day on older iPhones, iPads
Apple has backported security patches addressing a remotely exploitable zero-day vulnerability to older iPhones and iPads. This bug is tracked as CVE-2022-42856, and it stems from…
Russia’s largest ISP says 2022 broke all DDoS attack records
Russia’s largest internet service provider Rostelecom says 2022 was a record year for Distributed denial of service attacks (DDoS) targeting organizations in the country. DDoS…
GTA Online bug exploited to ban, corrupt players’ accounts
Grand Theft Auto (GTA) Online players report losing game progress, in-game money being stolen, and being banned from game servers due to an alleged vulnerability…
Google Ads invites being abused to push spam, adult sites
Google Ads invites are being abused to deliver email messages promoting spam and sex websites to users who are otherwise not necessarily using Google Ads…
FanDuels warns of data breach after customer info stolen in vendor hack
The FanDuel sportsbook and betting site is warning customers that their names and email addresses were exposed in a January 2023 MailChimp security breach, urging users to remain…
FanDuel discloses data breach caused by recent MailChimp hack
The FanDuel sportsbook and betting site is warning customers that their names and email addresses were exposed in a January 2023 MailChimp security breach, urging users to remain…