Microsoft has reported new variants of WizardUpdate, a macOS malware, that has been upgraded once again with new evasion and persistence tactics. The evasion features cover its tracks by deleting created folders, files, and other artifacts on the targeted systems. Security analysts advise not to download any software or updates from a third-party download source […]
Security researcher Jeremiah Fowler together with the Website Planet research team discovered an unsecured database belonging to Deep6.AI that contained 886,521,320 records.
The food production giant became the latest critical industry company to be hit with ransomware in recent months as cybercriminals continue to show little fear in attacking a variety of industries.
Vulnerabilities in OptinMonster, an email marketing plugin for WordPress, left more than a million websites open to exploitation, security researchers at Wordfence warned.
The perpetrators of this style scam are apparently very active, posting job listings that seem legitimate. According to Wordfence, lots of people are falling victim to this scam.
FortiGuard Labs has discovered a variant of Chaos ransomware being hidden in a file pretending to contain a list of “Minecraft Alt” accounts, likely being used to target Minecraft gamers in Japan.
Private Set Membership considers the scenario in which Google holds a database of items, and user devices need to contact Google to check whether a specific item is found in the database.
Attackers could use the new macOS vulnerability to bypass System Integrity Protection (SIP) and perform arbitrary operations, elevate privileges to root, and install rootkits on vulnerable devices.
A fraud campaign, dubbed UltimaSMS, is signing up users to premium SMS subscription services without their consent and knowledge. Promoted mostly via Instagram and TikTok, these Android apps have over 10.5 million downloads and involve at least 151 malicious apps. Stay cautious!
Researchers have disclosed details about a now-patched critical vulnerability in a time and billing system called BillQuick that was being by a new ransomware group. It can be triggered simply by using login requests with invalid characters in the username field. It’s recommended to apply the latest security patches and regularly update software.