Blog

A campaign targeting poorly secured Elasticsearch databases has deleted their contents and dropped ransom notes on 450 instances, demanding a payment of $620 to give them back their indexes, totaling a demand of $279,000. […]

The duration of ransomware attacks in 2021 averaged 92.5 hours, measured from initial network access to payload deployment. In 2020, ransomware actors spent an average of 230 hours to complete their attacks and 1637.6 hours in 2019. […]

Telegram’s anonymous blogging platform, Telegraph, is being actively exploited by phishing actors who take advantage of the platform’s lax policies to set up interim landing pages that lead to the theft of account credentials. […]

There’s a trick that allows attackers to hijack a victim’s WhatsApp account and gain access to personal messages and contact list. […]

Chinese-linked threat actors are now actively exploiting a Microsoft Office zero-day vulnerability (known as ‘Follina’) to execute malicious code remotely on Windows systems. […]

​Over 3.6 million MySQL servers are publicly exposed on the Internet and responding to queries, making them an attractive target to hackers and extortionists. […]

Vodafone is piloting a new advertising ID system called TrustPid, which will work as a persistent user tracker at the mobile Internet Service Provider (ISP) level. […]

The Computer Security Incident Response Team in Italy issued an urgent alert yesterday to raise awareness about the high risk of cyberattacks against national bodies and organizations on Monday. […]