It is incredibly clever since it matches the login page that the end-user is accustomed to seeing. It adds a Google reCAPTCHA form to boost legitimacy and get past automated scanners.

St. Luke’s said the breach happened in late May, and impacted customers billed in that same month. The vendor discovered the breach in June and informed St. Luke’s on July 6th.

A malicious campaign leveraged seemingly innocuous Android dropper apps on the Google Play Store to compromise users’ devices with banking malware. All these apps in question have been removed from the app marketplace.

The Federal Communications Commission (FCC) warned Americans of an increasing wave of SMS (Short Message Service) phishing attacks attempting to steal their personal information and money.

Details have been shared about a security vulnerability in Dahua’s Open Network Video Interface Forum (ONVIF) standard implementation, which, when exploited, can lead to seizing control of IP cameras.

A sneaky new phishing attack attempts to manipulate victims into entering their username and password by claiming their account will be deleted if they don’t – and it uses a countdown timer to pile on the pressure.

In a data breach notice on its website, OneTouchPoint lists 34 healthcare insurance carriers and healthcare services providers that have been impacted, but the number appears to be larger.

The malware uses cmd.exe to read and execute a file stored on the infected external drive, it leverages msiexec.exe for external network communication to a rogue domain used as C2 to download and install a DLL library file.

A pair of vulnerabilities in Google Cloud, DevSite, and Google Play could have allowed attackers to achieve cross-site scripting (XSS) attacks, opening the door to account hijacks.

Ransomware statistics from the second quarter of the year show that the ransoms paid to extortionists have dropped in value, a trend that continues since the last quarter of 2021.