Blog
Iranian Hackers Launches Destructive Cyberattacks on Israeli Tech and Education Sectors
Israeli higher education and tech sectors have been targeted as part of a series of destructive cyber attacks that commenced in January 2023 with an aim to deploy previously undocumented wiper malware. The intrusions, which took place as recently as October, have been...
Apple ‘Find My’ Network can be Abused to Steal Keylogged Passwords
Researchers at Positive Security demonstrated that by integrating a keylogger with a Bluetooth transmitter into a USB keyboard, passwords and other sensitive data typed on the keyboard can be relayed through the Find My network via Bluetooth.
HHS: Healthcare Data Breaches Impact 88 Million Americans This Year
In 2023 alone, there has been a 60% year-on-year increase in large breaches impacting over 88 million individuals, with hacking accounting for 77% of these breaches, according to the HHS.
Google Warns How Hackers Could Abuse Calendar Service as a Covert C2 Channel
Google is warning of multiple threat actors sharing a public proof-of-concept (PoC) exploit that leverages its Calendar service to host command-and-control (C2) infrastructure. The tool, called Google Calendar RAT (GCR), employs Google Calendar Events for C2 using a...
Apple Warns Armenians of State-Sponsored Hacking Attempts
The ongoing tensions between Armenia and Azerbaijan, particularly around the disputed Nagorno-Karabakh region, have created a backdrop for the use of Pegasus spyware, targeting various individuals including politicians, activists, and journalists.
Discord Will Switch to Temporary File Links to Block Malware Delivery
Discord has been a breeding ground for cybercriminals, with thousands of malware operations exploiting its CDN URLs to distribute and install malicious payloads on compromised systems.
Europe Clamps Down on Meta Ad Personalization
The European Data Protection Board has directed the Irish Data Protection Commissioner to restrict Meta platforms from using customer's personal data for ad personalization, citing a violation of GDPR.
U.S. Treasury Targets Russian Money Launderer in Cybercrime Crackdown
The U.S. Department of the Treasury imposed sanctions against a Russian woman for taking part in the laundering of virtual currency for the country's elites and cybercriminal crews, including the Ryuk ransomware group. Ekaterina Zhdanova, per the department, is said...
StripedFly Malware Operated Unnoticed for 5 Years, Infecting 1 Million Devices
An advanced strain of malware masquerading as a cryptocurrency miner has managed to fly the radar for over five years, infecting no less than one million devices around the world in the process. That's according to findings from Kaspersky, which has codenamed the...
Okta’s Recent Customer Support Data Breach Impacted 134 Customers
Identity and authentication management provider Okta on Friday disclosed that the recent support case management system breach affected 134 of its 18,400 customers. It further noted that the unauthorized intruder gained access to its systems from September 28 to...
FREE GUIDE