Blog - Page 400 of 938

Over 9,000 VNC servers exposed online without a password

Researchers have discovered at least 9,000 exposed VNC (virtual network computing) endpoints that can be accessed and used without authentication, allowing threat actors easy access to internal networks. […]

13 Aug

Google fined $60 million over Android location data collection

The Australian Competition and Consumer Commission (ACCC) announced that Google was fined $60 million for misleading Australian Android users regarding the collection and use of their location data for almost two years, between January 2017 and December 2018. […]

13 Aug

SOVA malware adds ransomware feature to encrypt Android devices

The SOVA Android banking trojan continues to evolve with new features, code improvements, and the addition of a new ransomware feature that encrypts files on mobile devices. […]

12 Aug

The Week in Ransomware – August 12th 2022 – Attacking the defenders

It was a very busy week for ransomware news and attacks, especially with the disclosure that Cisco was breached by a threat actor affiliated with the Yanluowang ransomware gang. […]

12 Aug

Microsoft is showing ads for Microsoft 365 in Office 2021

Microsoft is showing ads for Microsoft 365 Family subscriptions to its Office 2021 customers, offering them discounts of over $28 to get a 3-month Family plan subscription. […]

12 Aug

Chinese hackers backdoor chat app with new Linux, macOS malware

Versions of a cross-platform instant messenger application focused on the Chinese market known as ‘MiMi’ have been trojanized to deliver a new backdoor (dubbed rshell) that can be used to steal data from Linux and macOS systems. […]

12 Aug

Anonymous poop gifting site hacked, customers exposed

ShitExpress, a web service that lets you send a box of feces along with a personalized message to friends and enemies, has been breached after a “customer” spotted a vulnerability. […]

12 Aug

Microsoft blocks UEFI bootloaders enabling Windows Secure Boot bypass

Some signed third-party bootloaders for the Unified Extensible Firmware Interface (UEFI) used by Windows could allow attackers to execute unauthorized code in an early stage of the boot process, before the operating system loads. […]

12 Aug

Twilio: 125 customers affected by data breach, no passwords stolen

Cloud communications giant Twilio, the owner of the highly popular two-factor authentication (2FA) provider Authy, says that it has so far identified 125 customers who had their data accessed during a security breach discovered last week. […]

12 Aug

Palo Alto Networks: New PAN-OS DDoS flaw exploited in attacks

Palo Alto Networks has issued a security advisory warning of an actively exploited high-severity vulnerability impacting PAN-OS, the operating system used by the company’s networking hardware products. […]