Delivered through phishing emails, the Masslogger trojan’s latest variant is contained within a multi-volume RAR archive using the .chm file format and .r00 extensions, said Switchzilla researchers.
Tech companies and government agencies released alerts about ongoing phishing campaigns laden with malicious attachments and social engineering tactics.
Researchers have observed a newer, stealthier version of BazarBackdoor, which is written in Nim language to enhance its evasion capabilities, being increasingly distributed through spam campaigns.
CD Projekt Red, the Polish gaming firm, announced being hit by a ransomware attack affecting its network. The group responsible for the attack goes by the name of HelloKitty.
The database, which was being sold for $800, included the full names, postal codes, delivery addresses, and shop names, and 1.6 million phone records of customers from 18 countries.
McAfee disclosed the flaw (CVE-2020-25605) to Agora.io on April 20, 2020, following which the company released a new SDK on December 17, 2020, to remediate the threat posed by the vulnerability.
The school says about 200,000 people were affected by the breach. The server contained personal information for some current and former students, faculty, staff, and student applicants.
Dutch police have posted “friendly” messages on two of today’s largest hacking forums warning cyber-criminals that “hosting criminal infrastructure in the Netherlands is a lost cause.”
The first part of the database was posted on February 15 and includes 110,000 CityBee user IDs, usernames, hashed passwords, full names, as well as personal codes (national identification numbers) that belong to mostly Lithuanian CityBee users.
QNAP has addressed a critical security vulnerability in the Surveillance Station app that allows attackers to execute malicious code remotely on NAS devices running the vulnerable software.