Please turn on your JavaScript for this page to function normally.
Facebook
How Ducktail capitalizes on compromised business, ad accounts

Quite some money can be made from selling compromised business and ad accounts on social media platforms, and the Ducktail threat actor has specialized in just that. “We …

Qakbot
The removal of Qakbot from infected computers is just the first step

The Qakbot botnet has been disrupted by an international law enforcement operation that culminated last weekend, when infected computers started getting untethered from it by …

LinkedIn
LinkedIn users targeted in account hijacking campaign

LinkedIn users are being targeted in an ongoing account hijacking campaign, getting locked out of their accounts; the hacked accounts are held for ransom. Users discussing …

Microsoft 365
Microsoft 365 accounts of execs, managers hijacked through EvilProxy

A phishing campaign leveraging the EvilProxy phishing-as-a-service (PhaaS) tool has been spotted targeting Microsoft 365 user accounts of C-level executives and managers at …

omega
0mega ransomware gang changes tactics

A number of ransomware gangs have stopped using malware to encrypt targets’ files and have switched to a data theft/extortion approach to get paid; 0mega – a …

Kodi
Kodi forum breach: User data, encrypted passwords grabbed

The developers of Kodi, the widely used open-source media player app, have revealed a data breach of its user forum. What happened? The breach did not happen due to a …

ChatGPT
Fake ChatGPT for Google extension hijacks Facebook accounts

A new Chrome extension promising to augment users’ Google searches with ChatGPT also leads to hijacked Facebook accounts, Guardio Labs researchers have found. While this …

Phishing
DHL, MetaMask phishing emails target Namecheap customers

A surge of phishing emails impersonating DHL and MetaMask have started hitting inboxes of Namecheap customers last week, attempting to trick recipients into sharing personal …

CircleCI
CircleCI breach post-mortem: Attackers got in by stealing engineer’s session cookie

The attackers who pulled off the recent breach of continuous integration and continuous delivery (CI/CD) platform maker CircleCI got in by compromising an engineer’s …

thief
How an effective fraud prevention strategy can force fraudsters to invest more in their attacks

Since the early stages of the pandemic, account takeover fraud (ATO) has significantly transformed, quickly becoming one of the fastest-growing cybersecurity threats with 22% …

online shop owned
API abuses and attacks create new challenges for retailers

Imperva releases The State of Security Within eCommerce 2022 report, a 12-month analysis by Imperva Threat Research of cybersecurity threats targeting the retail industry. …

Dropbox GitHub
130 Dropbox code repos plundered after successful phishing attack

Dropbox has suffered a data breach, but users needn’t worry because the attackers did not gain access to anyone’s Dropbox account, password, or payment information. …

Don't miss

Cybersecurity news