JuicyFields operated as a classic Ponzi scheme between 2020 and July 2022, according to Europol. Promising high returns with little to no risk, the scammers simply used money from new investors to pay returns to earlier ones.

Upstream Security, an Israeli auto cybersecurity startup, said on Wednesday it received an undisclosed investment from Cisco Investments as demand grows for internet-connected vehicles and other devices.

Organizations with on-prem installations of Delinea Secret Server are urged to update them immediately, to plug a critical vulnerability that may allow attackers to bypass authentication, gain admin access and extract secrets.

This campaign’s strategic inclusion of a clipper module alongside FatalRAT hints at a targeted approach towards cryptocurrency users, amplifying data interception capabilities with the addition of a keylogger module.

CISA has issued a new emergency directive ordering U.S. federal agencies to address risks resulting from the breach of multiple Microsoft corporate email accounts by the Russian APT29 hacking group.

A proof of concept exploit was shared on the XSS hacking forum explaining that a typo in the source code for Telegram for Windows could be exploited to send Python .pyzw files that bypass security warnings when clicked.

The first, not entirely new, sub-technique involves manipulation of Transparency, Consent, and Control (TCC), a security protocol that regulates application permissions on Apple’s macOS.

While the mobile phishing campaign has yet to reach some U.S. regions, this can be explained by the fact that complaint information collected so far by IC3 indicates the scam may be moving from state to state.

The security issue could lead to the exfiltration of process memory addresses, which could help attackers bypass protection mechanisms like Address Space Layout Randomization (ASLR).

Apple has updated its documentation related to its warning system for mercenary spyware threats, now specifying that it alerts users when they may have been individually targeted by such attacks.